Logfile of HiJackThis Fork (Alpha) by Alex Dragokas v.2.6.4.24
Platform: x64 Windows 10 (Home), 10.0.15063 (ReleaseId: 1703), Service Pack: 0
Time: 13.07.2017 - 13:39
Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409)
Elevated: Yes
Ran by: Coby (group: Administrator) on DESKTOP-23KOAR1
Chrome: 59.0.3071.115
Edge: 11.0.15063.447
Internet Explorer: 11.0.15063.0
Boot mode: Normal
Running processes:
Number | Path
7 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.ex e
1 C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64. exe
1 C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
1 C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
1 C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\CONEXANT\SA3\Dell-Notebook\CxUtilSvc.exe
1 C:\Program Files\CONEXANT\SA3\Dell-Notebook\SmartAudio3.exe
1 C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent 64.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
1 C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
1 C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
1 C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
1 C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
1 C:\Program Files\Windows Defender\MSASCuiL.exe
1 C:\Program Files\Windows Defender\MsMpEng.exe
1 C:\Program Files\Windows Defender\NisSrv.exe
3 C:\Users\Coby\AppData\Local\Discord\app-0.0.297\Discord.exe
1 C:\Users\Coby\AppData\Local\Temp\Rar$EXa7892.49350 \MemCompression
1 C:\Users\Coby\Desktop\HiJackThis.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CxAudMsg64.exe
1 C:\Windows\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\IntelCpHeciSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\igfxCUIService.exe
1 C:\Windows\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\igfxEM.exe
1 C:\Windows\System32\Intel\DPTF\esif_uf.exe
1 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\ibtsiva.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
67 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\RemindersServer.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2t xyewy\ShellExperienceHost.exe
1 C:\Windows\Temp\DPTF\esif_assist_64.exe
1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_non e_9e914f9d2d85dacb\TiWorker.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
O2-32 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2-32 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKCU..\Run: [Discord] C:\Users\Coby\AppData\Local\Discord\app-0.0.297\Discord.exe
O4 - HKCU..\StartupApproved\Run: [OneDrive] (2017/07/04)C:\Users\Coby\AppData\Local\Microsoft\OneDrive\ OneDrive.exe /background
O4 - HKCU..\StartupApproved\Run: [Steam] (2017/07/10)C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU..\StartupApproved\Run: [uTorrent] (2017/06/28)C:\Users\Coby\AppData\Roaming\uTorrent\uTorrent .exe /MINIMIZED
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\Conexant\SA3\Dell-Notebook\SACpl.exe /sa3 /nv:3.0+ /uid
ell-Notebook /s /dne
O4 - HKLM..\Run: [WavesSvc] C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent 64.exe
O4 - HKLM..\StartupApproved\Run32: [DSATray] (2017/07/04)C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe
O4 - HKLM..\StartupApproved\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe
O4 - HKLM..\StartupApproved\Run: [iTunesHelper] (2017/06/28)C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4-32 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Lync Click to Call - HKLM..{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
O9 - Extra ‘Tools’ menuitem: OneNote Lin&ked Notes - HKLM..{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: Se&nd to OneNote - HKLM..{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - HKLM..{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - HKLM..{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Send to OneNote - HKLM..{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
O9-32 - Extra ‘Tools’ menuitem: Lync Click to Call - HKLM..{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9-32 - Extra ‘Tools’ menuitem: OneNote Lin&ked Notes - HKLM..{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9-32 - Extra ‘Tools’ menuitem: Se&nd to OneNote - HKLM..{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9-32 - Extra button: Lync Click to Call - HKLM..{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9-32 - Extra button: OneNote Lin&ked Notes - HKLM..{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9-32 - Extra button: Send to OneNote - HKLM..{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O17 - DHCP DNS - 1: 10.0.0.1
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O21 - ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) - {8BA85C75-763B-4103-94EB-9470F12FE0F7} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
O21 - ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
O21 - ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
O21-32 - ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) - {8BA85C75-763B-4103-94EB-9470F12FE0F7} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O21-32 - ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O21-32 - ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O22 - Task (Disabled): \Microsoft\Windows\Subscription\LicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe
O22 - Task (Disabled): \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - C:\WINDOWS\system32\usoclient.exe ScanInstallWait
O22 - Task (Ready): GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task (Ready): GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task (Ready): Opera scheduled Autoupdate 1498704936 - C:\Users\Coby\AppData\Local\Programs\Opera\launche r.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Task (Ready): USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\Wscript.exe //B //NoLogo “C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs”
O22 - Task (Ready): \Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
O22 - Task (Ready): \Intel\Intel Telemetry 2 - C:\Program Files\Intel\Telemetry 2.0\lrio.exe
O22 - Task (Ready): \Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
O22 - Task (Ready): \Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
O22 - Task (Ready): \Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
O22 - Task (Ready): \Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.e xe
O22 - Task (Ready): \Microsoft\Office\OfficeBackgroundTaskHandlerRegis tration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.e xe
O22 - Task (Ready): \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
O22 - Task (Ready): \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload
O22 - Task (Ready): \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\BrokerInfrastructure\BgTaskRegi strationMaintenanceTask - {E984D939-0E00-4DD9-AC3A-7ACA04745521} - (no file)
O22 - Task (Ready): \Microsoft\Windows\DeviceDirectoryClient\RegisterD eviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Cellula r - C:\WINDOWS\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Logon - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source LogonIdleTask
O22 - Task (Ready): \Microsoft\Windows\Maps\MapsToastTask - {9885AEF2-BD9F-41E0-B15E-B3141395E803},$(Arg0);$(Arg1);$(Arg2);$(Arg3);$(Ar g4);$(Arg5);$(Arg6);$(Arg7) - C:\WINDOWS\System32\mapstoasttask.dll
O22 - Task (Ready): \Microsoft\Windows\Subscription\EnableLicenseAcqui sition - C:\WINDOWS\system32\ClipRenew.exe -e
O22 - Task (Ready): \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
O22 - Task (Ready): \Microsoft\Windows\WwanSvc\NotificationTask - C:\WINDOWS\System32\WiFiTask.exe wwan
O22 - Task (Ready): update-S-1-5-21-4241747769-3830312107-342857224-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (Ready): update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (Ready): {C7D7ECD5-3624-4480-92F5-7F6829E8AB7D} - C:\WINDOWS\system32\pcalua.exe -a “C:\Riot Games\League of Legends\lol.launcher.exe” -d "C:\Riot Games\League of Legends"
O23 - Service R2: @oem0.inf,%ServiceDisplayName%;ESIF Upper Framework Service - (esifsvc) - C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe
O23 - Service R2: @oem17.inf,%SERVICE_NAME%;Intel Bluetooth Service - (ibtsiva) - C:\WINDOWS\system32\ibtsiva.exe
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: Conexant Audio Message Service - (CxAudMsg) - C:\WINDOWS\system32\CxAudMsg64.exe
O23 - Service R2: CxUtilSvc - C:\Program Files\Conexant\SA3\Dell-Notebook\CxUtilSvc.exe
O23 - Service R2: Energy Server Service queencreek - (ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service R2: Hi-Rez Studios Authenticate and Update Service - (HiPatchService) - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service R2: Intel(R) Driver and Support Assistant - (DSAService) - C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\igfxCUIService.exe
O23 - Service R2: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK - (SystemUsageReportSvc_QUEENCREEK) - C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service R2: Waves Audio Services - (WavesSysSvc) - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service R2: Windows Defender Antivirus Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe
O23 - Service R2: Windows Defender Security Center Service - (SecurityHealthService) - C:\WINDOWS\system32\SecurityHealthService.exe
O23 - Service R3: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\IntelCpHDCPSvc.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\IntelCpHeciSvc.exe
O23 - Service R3: Windows Defender Antivirus Network Inspection Service - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe
O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S2: User Energy Server Service queencreek - (USER_ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service S3: EasyAntiCheat - C:\WINDOWS\SysWow64\EasyAntiCheat.exe
O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service S3: iPod Service - C:\Program Files\iPod\bin\iPodService.exe
–
End of file - Time spent: 6 sec. - 36608 bytes, CRC32: FFFFFFFF. Sign: 䐢
-|x| RstHosts v2.0 - Rapport créé le 13/07/2017 à 13:33:18
-|x| Système d’exploitation : Windows 10 Home (64 bits)
-|x| Nom d’utilisateur : Coby - DESKTOP-23KOAR1 (Administrateur)
-|x|- Informations -|x|-
Emplacement : C:\WINDOWS\System32\drivers\etc\hosts
Attribut(s) : RASH
Propriétaire : Administrators - BUILTIN
Taille : 89 bytes
Date de création : 16/06/2017 - 09:13:11
Date de modification : 13/07/2017 - 13:33:13
Date de dernier accès : 13/07/2017 - 13:33:13
-|x|- Contenu du fichier -|x|-
[HEADING=1]Fichier Hosts créé par RstHosts[/HEADING]
127.0.0.1 localhost
::1 localhost
-|x|- E.O.F - C:\RstHosts.txt - 609 bytes -|x|-
[SPOILER=“Minitoolbox log.”]
MiniToolBox by Farbar Version: 17-06-2016
Ran by Coby (administrator) on 13-07-2017 at 13:35:19
Running from “C:\Users\Coby\Downloads”
Microsoft Windows 10 Home (X64)
Model: Inspiron 13-7359 Manufacturer: Dell Inc.
Boot Mode: Normal
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
“Reset IE Proxy Settings”: IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
“Reset FF Proxy Settings”: Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Intel(R) Dual Band Wireless-AC 3165 = Wi-Fi (Connected)
[HEADING=1]----------------------------------[/HEADING]
[HEADING=1]IPv4 Configuration[/HEADING]
[HEADING=1]----------------------------------[/HEADING]
pushd interface ipv4
reset
set global
set interface interface=“Local Area Connection* 1” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Wi-Fi” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Bluetooth Network Connection” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Local Area Connection* 2” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Ethernet” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
popd
[HEADING=1]End of IPv4 configuration[/HEADING]
Windows IP Configuration
Host Name . . . . . . . . . . . . : DESKTOP-23KOAR1
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Wireless LAN adapter Local Area Connection* 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : E0-94-67-34-1B-2A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 3165
Physical Address. . . . . . . . . : E0-94-67-34-1B-29
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5c94:ce0e:a1cf:7ddf%3(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.16(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, July 13, 2017 1:30:10 PM
Lease Expires . . . . . . . . . . : Friday, July 14, 2017 1:30:13 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 48272487
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-20-E5-D2-B5-E0-94-67-34-1B-29
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 11:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:aa:3b2e:d076:2118(Preferred)
Link-local IPv6 Address . . . . . : fe80::aa:3b2e:d076:2118%8(Preferred)
Default Gateway . . . . . . . . . : ::
DHCPv6 IAID . . . . . . . . . . . : 134217728
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-20-E5-D2-B5-E0-94-67-34-1B-29
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 10.0.0.1
Name: google.com
Addresses: 2607:f8b0:4007:804::200e
172.217.11.174
Pinging google.com [172.217.11.174] with 32 bytes of data:
Reply from 172.217.11.174: bytes=32 time=18ms TTL=54
Reply from 172.217.11.174: bytes=32 time=36ms TTL=54
Ping statistics for 172.217.11.174:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 18ms, Maximum = 36ms, Average = 27ms
Server: UnKnown
Address: 10.0.0.1
Name: yahoo.com
Addresses: 2001:4998:c:a06::2:4008
2001:4998:58:c02::a9
2001:4998:44:204::a7
98.138.253.109
98.139.180.149
206.190.36.45
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=76ms TTL=51
Reply from 98.138.253.109: bytes=32 time=75ms TTL=51
Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 75ms, Maximum = 76ms, Average = 75ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
[HEADING=1]Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms[/HEADING]
[HEADING=1]Interface List
7…e0 94 67 34 1b 2a …Microsoft Wi-Fi Direct Virtual Adapter
3…e0 94 67 34 1b 29 …Intel(R) Dual Band Wireless-AC 3165
1…Software Loopback Interface 1
8…00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter[/HEADING]
[HEADING=1]IPv4 Route Table[/HEADING]
[HEADING=1]Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.16 50
10.0.0.0 255.255.255.0 On-link 10.0.0.16 306
10.0.0.16 255.255.255.255 On-link 10.0.0.16 306
10.0.0.255 255.255.255.255 On-link 10.0.0.16 306
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 10.0.0.16 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 10.0.0.16 306[/HEADING]
Persistent Routes:
None
[HEADING=1]IPv6 Route Table[/HEADING]
[HEADING=1]Active Routes:
If Metric Network Destination Gateway
8 331 ::/0 On-link
1 331 ::1/128 On-link
8 331 2001::/32 On-link
8 331 2001:0:9d38:90d7:aa:3b2e:d076:2118/128
On-link
3 306 fe80::/64 On-link
8 331 fe80::/64 On-link
8 331 fe80::aa:3b2e:d076:2118/128
On-link
3 306 fe80::5c94:ce0e:a1cf:7ddf/128
On-link
1 331 ff00::/8 On-link
3 306 ff00::/8 On-link
8 331 ff00::/8 On-link[/HEADING]
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [63488] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
========================= Event log errors: ===============================
[HEADING=1]Application errors:[/HEADING]
Error: (07/13/2017 01:08:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture=“AMD64”,type=“win32” ,version=“16.0.0.0"1”.Error in manifest or policy file "UccApi,processorArchitecture=“AMD64”,type=“win32” ,version=“16.0.0.0"2” on line UccApi,processorArchitecture=“AMD64”,type=“win32”, version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture=“AMD64”,type=“win32”, version=“16.0.0.0”.
Definition is UccApi,processorArchitecture=“x86”,type=“win32”,ve rsion=“16.0.0.0”.
Please use sxstrace.exe for detailed diagnosis.
Error: (07/13/2017 01:05:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture=“AMD64”,type=“win32” ,version=“16.0.0.0"1”.Error in manifest or policy file "UccApi,processorArchitecture=“AMD64”,type=“win32” ,version=“16.0.0.0"2” on line UccApi,processorArchitecture=“AMD64”,type=“win32”, version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture=“AMD64”,type=“win32”, version=“16.0.0.0”.
Definition is UccApi,processorArchitecture=“x86”,type=“win32”,ve rsion=“16.0.0.0”.
Please use sxstrace.exe for detailed diagnosis.
Error: (07/12/2017 03:40:33 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (07/11/2017 11:09:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6672
Error: (07/11/2017 11:09:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6672
Error: (07/11/2017 11:09:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/11/2017 05:49:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4000
Error: (07/11/2017 05:49:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4000
Error: (07/11/2017 05:49:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/11/2017 04:18:19 PM) (Source: ESRV_SVC_QUEENCREEK) (User: )
Description: Error [3]: [QNR_INPUT_ERROR_UNABLE_TO_STOP_DRIVER][0x425].
Occurred: [Tue Jul 11 16:18:19 2017].
In file: [intel_sampler_input.c].
At line: [809].
[HEADING=1]System errors:[/HEADING]
Error: (07/13/2017 01:30:05 PM) (Source: Service Control Manager) (User: )
Description: The USER_ESRV_SVC_QUEENCREEK service terminated with the following error:
%%497
Error: (07/13/2017 01:30:04 PM) (Source: Service Control Manager) (User: )
Description: The CldFlt service failed to start due to the following error:
%%50 = The request is not supported.
Error: (07/13/2017 01:09:38 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.
Error: (07/13/2017 01:09:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (07/13/2017 01:07:27 PM) (Source: Service Control Manager) (User: )
Description: The Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK service terminated unexpectedly. It has done this 1 time(s).
Error: (07/13/2017 01:07:27 PM) (Source: Service Control Manager) (User: )
Description: The Intel(R) Content Protection HECI Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/13/2017 01:07:27 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (07/13/2017 01:07:27 PM) (Source: Service Control Manager) (User: )
Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/13/2017 01:07:27 PM) (Source: Service Control Manager) (User: )
Description: The Intel(R) Driver and Support Assistant service terminated unexpectedly. It has done this 1 time(s).
Error: (07/13/2017 01:07:27 PM) (Source: Service Control Manager) (User: )
Description: The Intel Bluetooth Service service terminated unexpectedly. It has done this 1 time(s).
[HEADING=1]Microsoft Office Sessions:[/HEADING]
Error: (07/13/2017 01:08:31 PM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture=“AMD64”,type=“win32”, version="16.0.0.0"UccApi,processorArchitecture=“x8 6”,type=“win32”,version="16.0.0.0"C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.ManifestC:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL1
Error: (07/13/2017 01:05:43 PM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture=“AMD64”,type=“win32”, version="16.0.0.0"UccApi,processorArchitecture=“x8 6”,type=“win32”,version="16.0.0.0"C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.ManifestC:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL1
Error: (07/12/2017 03:40:33 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (07/11/2017 11:09:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6672
Error: (07/11/2017 11:09:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6672
Error: (07/11/2017 11:09:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/11/2017 05:49:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4000
Error: (07/11/2017 05:49:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4000
Error: (07/11/2017 05:49:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/11/2017 04:18:19 PM) (Source: ESRV_SVC_QUEENCREEK)(User: )
Description: Error [3]: [QNR_INPUT_ERROR_UNABLE_TO_STOP_DRIVER][0x425].
Occurred: [Tue Jul 11 16:18:19 2017].
In file: [intel_sampler_input.c].
At line: [809].
[HEADING=1]CodeIntegrity Errors:[/HEADING]
Date: 2017-07-13 13:32:48.122
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:48.120
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:48.109
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:48.107
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:21.029
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:21.027
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:09.054
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:09.051
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:19:29.683
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:19:29.612
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
=========================== Installed Programs ============================
. . (HKLM...{89B9210B-8111-438F-B51B-7AB64F658E2C}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32...{DEAF3493-EBF3-40F2-9D8A-5BD016E9E47C}) (Version: 2.8.1.9 - Intel) Hidden
µTorrent (HKCU...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe AIR (HKLM-x32...\Adobe AIR) (Version: 26.0.0.118 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32...{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM...{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM...{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32...{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Bonjour (HKLM...{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brackets (HKLM-x32...{1E8FE8D5-B532-4320-83D8-DA83B8E7F608}) (Version: 1.10 - brackets.io)
Conexant HD Audio (HKLM...\CNXT_AUDIO_HDA) (Version: 8.65.135.91 - Conexant)
Discord (HKCU...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HiPatch (HKLM-x32...{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.4.6 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32...{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Processor Graphics (HKLM-x32...{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4678 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32...{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32...{411cfca4-41d9-44e3-9d3e-2de29d4804e4}) (Version: 2.8.1.9 - Intel)
iTunes (HKLM...{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
JetBrains PyCharm Community Edition 2017.1.4 (HKLM-x32...\PyCharm Community Edition 2017.1.4) (Version: 171.4694.38 - JetBrains s.r.o.)
League of Legends (HKLM-x32...{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Lightshot-5.4.0.10 (HKLM-x32...{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Maxx Audio Installer (x64) (HKLM...{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8627.1 - Waves Audio Ltd.) Hidden
Microsoft Office 365 ProPlus - en-us (HKLM...\O365ProPlusRetail - en-us) (Version: 16.0.8229.2073 - Microsoft Corporation)
Microsoft OneDrive (HKCU...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Minecraft (HKLM-x32...{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Office 16 Click-to-Run Extensibility Component (HKLM-x32...{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM...{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM...{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32...{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
Paladins (HKLM...\Steam App 444090) (Version: - Hi-Rez Studios)
Python 3.6.1 (32-bit) (HKCU...{1babc3bc-6a32-44f7-bf4d-60eec36c9ad1}) (Version: 3.6.1150.0 - Python Software Foundation)
Python 3.6.1 Add to Path (32-bit) (HKLM-x32...{ED8BD450-5015-4CB3-95B5-2D93F23E111B}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Core Interpreter (32-bit) (HKLM-x32...{E63E60CA-437B-4894-8395-81F2F66483B0}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Development Libraries (32-bit) (HKLM-x32...{3029D656-0C32-4AC9-84FB-A15056F356CC}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Documentation (32-bit) (HKLM-x32...{D1198C40-C6F5-4FFB-B98C-79BF1FE706C1}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Executables (32-bit) (HKLM-x32...{A7036382-80F1-4FC1-B244-D31AA50337F4}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 pip Bootstrap (32-bit) (HKLM-x32...{899F7F28-F6D3-4E5B-8FBE-F7929036172A}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Standard Library (32-bit) (HKLM-x32...{3BCCB89B-CD98-4F78-8436-78847FABFD68}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Tcl/Tk Support (32-bit) (HKLM-x32...{F6ED0771-FE83-4A1C-BE65-A06CB65B46D5}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Test Suite (32-bit) (HKLM-x32...{F44EF183-905E-48BB-998E-53FC99B36FE3}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Utility Scripts (32-bit) (HKLM-x32...{2AA7DAB3-6778-42A7-9F33-22615234540E}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32...{323AC113-C6CE-4F99-842F-4936332D055A}) (Version: 3.6.5923.0 - Python Software Foundation)
SSH Secure Shell (HKLM-x32...{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version: - )
Steam (HKLM-x32...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3126 (HKLM-x32...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Vulkan Run Time Libraries 1.0.33.0 (HKLM...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM...\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM...\VulkanRT1.0.33.0-5) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM...\VulkanRT1.0.33.0-6) (Version: 1.0.33.0 - LunarG, Inc.)
WinRAR 5.50 beta 4 (64-bit) (HKLM...\WinRAR archiver) (Version: 5.50.4 - win.rar GmbH)
========================= Devices: ================================
Name: HID-compliant touch screen
Description: HID-compliant touch screen
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:
Device ID: HID\VID_04F3&PID_228A&COL01\6&2259F4F1&0&0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.
========================= Memory info: ===================================
Percentage of memory in use: 31%
Total physical RAM: 8050.83 MB
Available physical RAM: 5521.19 MB
Total Virtual: 9330.83 MB
Available Virtual: 6629.46 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:237.92 GB) (Free:160.19 GB) NTFS
========================= Users: ========================================
User accounts for \DESKTOP-23KOAR1
Administrator Coby DefaultAccount
defaultuser0 Guest
**** End of log ****
[/SPOILER]RSTHosts
Mini Tool Box
HjackThis
autoruns
If I had to list programs I got:
Text Editors:
-Sublime → For any
-Brackets → For html and CSS
-Pycharm → For python
Games:
-League of Legends - Cancer
-Paladins - Overwatch but with ponies
-Minecraft - Dark past
-Steam - Gaben
Others:
-Python 3.6
-Intel Driver Update Utility - Look up and update drivers, turned off on start up
-Microsoft Office
-Shell Client + File Client - For shelling into college servers
-iTunes
-uTorrent
-OneDrive
-Lightshot - Screen shot tool
-Discord
-WinRar
-Google Chrome
-Conexant HD audio - audio drivers, tried generic intel driver but don’t work with this laptop.
Platform: x64 Windows 10 (Home), 10.0.15063 (ReleaseId: 1703), Service Pack: 0
Time: 13.07.2017 - 13:39
Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409)
Elevated: Yes
Ran by: Coby (group: Administrator) on DESKTOP-23KOAR1
Chrome: 59.0.3071.115
Edge: 11.0.15063.447
Internet Explorer: 11.0.15063.0
Boot mode: Normal
Running processes:
Number | Path
7 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.ex e
1 C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64. exe
1 C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
1 C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
1 C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\CONEXANT\SA3\Dell-Notebook\CxUtilSvc.exe
1 C:\Program Files\CONEXANT\SA3\Dell-Notebook\SmartAudio3.exe
1 C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent 64.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
1 C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
1 C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
1 C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
1 C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
1 C:\Program Files\Windows Defender\MSASCuiL.exe
1 C:\Program Files\Windows Defender\MsMpEng.exe
1 C:\Program Files\Windows Defender\NisSrv.exe
3 C:\Users\Coby\AppData\Local\Discord\app-0.0.297\Discord.exe
1 C:\Users\Coby\AppData\Local\Temp\Rar$EXa7892.49350 \MemCompression
1 C:\Users\Coby\Desktop\HiJackThis.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CxAudMsg64.exe
1 C:\Windows\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\IntelCpHeciSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\igfxCUIService.exe
1 C:\Windows\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\igfxEM.exe
1 C:\Windows\System32\Intel\DPTF\esif_uf.exe
1 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\ibtsiva.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
67 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\RemindersServer.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2t xyewy\ShellExperienceHost.exe
1 C:\Windows\Temp\DPTF\esif_assist_64.exe
1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_non e_9e914f9d2d85dacb\TiWorker.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
O2-32 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2-32 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKCU..\Run: [Discord] C:\Users\Coby\AppData\Local\Discord\app-0.0.297\Discord.exe
O4 - HKCU..\StartupApproved\Run: [OneDrive] (2017/07/04)C:\Users\Coby\AppData\Local\Microsoft\OneDrive\ OneDrive.exe /background
O4 - HKCU..\StartupApproved\Run: [Steam] (2017/07/10)C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU..\StartupApproved\Run: [uTorrent] (2017/06/28)C:\Users\Coby\AppData\Roaming\uTorrent\uTorrent .exe /MINIMIZED
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\Conexant\SA3\Dell-Notebook\SACpl.exe /sa3 /nv:3.0+ /uid

O4 - HKLM..\Run: [WavesSvc] C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent 64.exe
O4 - HKLM..\StartupApproved\Run32: [DSATray] (2017/07/04)C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe
O4 - HKLM..\StartupApproved\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe
O4 - HKLM..\StartupApproved\Run: [iTunesHelper] (2017/06/28)C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4-32 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Lync Click to Call - HKLM..{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
O9 - Extra ‘Tools’ menuitem: OneNote Lin&ked Notes - HKLM..{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: Se&nd to OneNote - HKLM..{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - HKLM..{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - HKLM..{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Send to OneNote - HKLM..{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
O9-32 - Extra ‘Tools’ menuitem: Lync Click to Call - HKLM..{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9-32 - Extra ‘Tools’ menuitem: OneNote Lin&ked Notes - HKLM..{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9-32 - Extra ‘Tools’ menuitem: Se&nd to OneNote - HKLM..{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9-32 - Extra button: Lync Click to Call - HKLM..{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9-32 - Extra button: OneNote Lin&ked Notes - HKLM..{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9-32 - Extra button: Send to OneNote - HKLM..{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O17 - DHCP DNS - 1: 10.0.0.1
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O21 - ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) - {8BA85C75-763B-4103-94EB-9470F12FE0F7} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
O21 - ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
O21 - ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
O21-32 - ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) - {8BA85C75-763B-4103-94EB-9470F12FE0F7} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O21-32 - ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O21-32 - ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O22 - Task (Disabled): \Microsoft\Windows\Subscription\LicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe
O22 - Task (Disabled): \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - C:\WINDOWS\system32\usoclient.exe ScanInstallWait
O22 - Task (Ready): GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task (Ready): GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task (Ready): Opera scheduled Autoupdate 1498704936 - C:\Users\Coby\AppData\Local\Programs\Opera\launche r.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Task (Ready): USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\Wscript.exe //B //NoLogo “C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs”
O22 - Task (Ready): \Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
O22 - Task (Ready): \Intel\Intel Telemetry 2 - C:\Program Files\Intel\Telemetry 2.0\lrio.exe
O22 - Task (Ready): \Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
O22 - Task (Ready): \Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
O22 - Task (Ready): \Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
O22 - Task (Ready): \Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.e xe
O22 - Task (Ready): \Microsoft\Office\OfficeBackgroundTaskHandlerRegis tration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.e xe
O22 - Task (Ready): \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
O22 - Task (Ready): \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload
O22 - Task (Ready): \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\BrokerInfrastructure\BgTaskRegi strationMaintenanceTask - {E984D939-0E00-4DD9-AC3A-7ACA04745521} - (no file)
O22 - Task (Ready): \Microsoft\Windows\DeviceDirectoryClient\RegisterD eviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Cellula r - C:\WINDOWS\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Logon - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source LogonIdleTask
O22 - Task (Ready): \Microsoft\Windows\Maps\MapsToastTask - {9885AEF2-BD9F-41E0-B15E-B3141395E803},$(Arg0);$(Arg1);$(Arg2);$(Arg3);$(Ar g4);$(Arg5);$(Arg6);$(Arg7) - C:\WINDOWS\System32\mapstoasttask.dll
O22 - Task (Ready): \Microsoft\Windows\Subscription\EnableLicenseAcqui sition - C:\WINDOWS\system32\ClipRenew.exe -e
O22 - Task (Ready): \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
O22 - Task (Ready): \Microsoft\Windows\WwanSvc\NotificationTask - C:\WINDOWS\System32\WiFiTask.exe wwan
O22 - Task (Ready): update-S-1-5-21-4241747769-3830312107-342857224-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (Ready): update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task (Ready): {C7D7ECD5-3624-4480-92F5-7F6829E8AB7D} - C:\WINDOWS\system32\pcalua.exe -a “C:\Riot Games\League of Legends\lol.launcher.exe” -d "C:\Riot Games\League of Legends"
O23 - Service R2: @oem0.inf,%ServiceDisplayName%;ESIF Upper Framework Service - (esifsvc) - C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe
O23 - Service R2: @oem17.inf,%SERVICE_NAME%;Intel Bluetooth Service - (ibtsiva) - C:\WINDOWS\system32\ibtsiva.exe
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: Conexant Audio Message Service - (CxAudMsg) - C:\WINDOWS\system32\CxAudMsg64.exe
O23 - Service R2: CxUtilSvc - C:\Program Files\Conexant\SA3\Dell-Notebook\CxUtilSvc.exe
O23 - Service R2: Energy Server Service queencreek - (ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service R2: Hi-Rez Studios Authenticate and Update Service - (HiPatchService) - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service R2: Intel(R) Driver and Support Assistant - (DSAService) - C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\igfxCUIService.exe
O23 - Service R2: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK - (SystemUsageReportSvc_QUEENCREEK) - C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service R2: Waves Audio Services - (WavesSysSvc) - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service R2: Windows Defender Antivirus Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe
O23 - Service R2: Windows Defender Security Center Service - (SecurityHealthService) - C:\WINDOWS\system32\SecurityHealthService.exe
O23 - Service R3: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\IntelCpHDCPSvc.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\igd lh64.inf_amd64_6d1fd205efa7f979\IntelCpHeciSvc.exe
O23 - Service R3: Windows Defender Antivirus Network Inspection Service - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe
O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S2: User Energy Server Service queencreek - (USER_ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service S3: EasyAntiCheat - C:\WINDOWS\SysWow64\EasyAntiCheat.exe
O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service S3: iPod Service - C:\Program Files\iPod\bin\iPodService.exe
–
End of file - Time spent: 6 sec. - 36608 bytes, CRC32: FFFFFFFF. Sign: 䐢
-|x| RstHosts v2.0 - Rapport créé le 13/07/2017 à 13:33:18
-|x| Système d’exploitation : Windows 10 Home (64 bits)
-|x| Nom d’utilisateur : Coby - DESKTOP-23KOAR1 (Administrateur)
-|x|- Informations -|x|-
Emplacement : C:\WINDOWS\System32\drivers\etc\hosts
Attribut(s) : RASH
Propriétaire : Administrators - BUILTIN
Taille : 89 bytes
Date de création : 16/06/2017 - 09:13:11
Date de modification : 13/07/2017 - 13:33:13
Date de dernier accès : 13/07/2017 - 13:33:13
-|x|- Contenu du fichier -|x|-
[HEADING=1]Fichier Hosts créé par RstHosts[/HEADING]
127.0.0.1 localhost
::1 localhost
-|x|- E.O.F - C:\RstHosts.txt - 609 bytes -|x|-
[SPOILER=“Minitoolbox log.”]
MiniToolBox by Farbar Version: 17-06-2016
Ran by Coby (administrator) on 13-07-2017 at 13:35:19
Running from “C:\Users\Coby\Downloads”
Microsoft Windows 10 Home (X64)
Model: Inspiron 13-7359 Manufacturer: Dell Inc.
Boot Mode: Normal
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
“Reset IE Proxy Settings”: IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
“Reset FF Proxy Settings”: Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Intel(R) Dual Band Wireless-AC 3165 = Wi-Fi (Connected)
[HEADING=1]----------------------------------[/HEADING]
[HEADING=1]IPv4 Configuration[/HEADING]
[HEADING=1]----------------------------------[/HEADING]
pushd interface ipv4
reset
set global
set interface interface=“Local Area Connection* 1” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Wi-Fi” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Bluetooth Network Connection” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Local Area Connection* 2” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Ethernet” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
popd
[HEADING=1]End of IPv4 configuration[/HEADING]
Windows IP Configuration
Host Name . . . . . . . . . . . . : DESKTOP-23KOAR1
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Wireless LAN adapter Local Area Connection* 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : E0-94-67-34-1B-2A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 3165
Physical Address. . . . . . . . . : E0-94-67-34-1B-29
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5c94:ce0e:a1cf:7ddf%3(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.16(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, July 13, 2017 1:30:10 PM
Lease Expires . . . . . . . . . . : Friday, July 14, 2017 1:30:13 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 48272487
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-20-E5-D2-B5-E0-94-67-34-1B-29
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 11:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:aa:3b2e:d076:2118(Preferred)
Link-local IPv6 Address . . . . . : fe80::aa:3b2e:d076:2118%8(Preferred)
Default Gateway . . . . . . . . . : ::
DHCPv6 IAID . . . . . . . . . . . : 134217728
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-20-E5-D2-B5-E0-94-67-34-1B-29
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 10.0.0.1
Name: google.com
Addresses: 2607:f8b0:4007:804::200e
172.217.11.174
Pinging google.com [172.217.11.174] with 32 bytes of data:
Reply from 172.217.11.174: bytes=32 time=18ms TTL=54
Reply from 172.217.11.174: bytes=32 time=36ms TTL=54
Ping statistics for 172.217.11.174:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 18ms, Maximum = 36ms, Average = 27ms
Server: UnKnown
Address: 10.0.0.1
Name: yahoo.com
Addresses: 2001:4998:c:a06::2:4008
2001:4998:58:c02::a9
2001:4998:44:204::a7
98.138.253.109
98.139.180.149
206.190.36.45
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=76ms TTL=51
Reply from 98.138.253.109: bytes=32 time=75ms TTL=51
Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 75ms, Maximum = 76ms, Average = 75ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
[HEADING=1]Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms[/HEADING]
[HEADING=1]Interface List
7…e0 94 67 34 1b 2a …Microsoft Wi-Fi Direct Virtual Adapter
3…e0 94 67 34 1b 29 …Intel(R) Dual Band Wireless-AC 3165
1…Software Loopback Interface 1
8…00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter[/HEADING]
[HEADING=1]IPv4 Route Table[/HEADING]
[HEADING=1]Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.16 50
10.0.0.0 255.255.255.0 On-link 10.0.0.16 306
10.0.0.16 255.255.255.255 On-link 10.0.0.16 306
10.0.0.255 255.255.255.255 On-link 10.0.0.16 306
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 10.0.0.16 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 10.0.0.16 306[/HEADING]
Persistent Routes:
None
[HEADING=1]IPv6 Route Table[/HEADING]
[HEADING=1]Active Routes:
If Metric Network Destination Gateway
8 331 ::/0 On-link
1 331 ::1/128 On-link
8 331 2001::/32 On-link
8 331 2001:0:9d38:90d7:aa:3b2e:d076:2118/128
On-link
3 306 fe80::/64 On-link
8 331 fe80::/64 On-link
8 331 fe80::aa:3b2e:d076:2118/128
On-link
3 306 fe80::5c94:ce0e:a1cf:7ddf/128
On-link
1 331 ff00::/8 On-link
3 306 ff00::/8 On-link
8 331 ff00::/8 On-link[/HEADING]
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [63488] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
========================= Event log errors: ===============================
[HEADING=1]Application errors:[/HEADING]
Error: (07/13/2017 01:08:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture=“AMD64”,type=“win32” ,version=“16.0.0.0"1”.Error in manifest or policy file "UccApi,processorArchitecture=“AMD64”,type=“win32” ,version=“16.0.0.0"2” on line UccApi,processorArchitecture=“AMD64”,type=“win32”, version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture=“AMD64”,type=“win32”, version=“16.0.0.0”.
Definition is UccApi,processorArchitecture=“x86”,type=“win32”,ve rsion=“16.0.0.0”.
Please use sxstrace.exe for detailed diagnosis.
Error: (07/13/2017 01:05:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture=“AMD64”,type=“win32” ,version=“16.0.0.0"1”.Error in manifest or policy file "UccApi,processorArchitecture=“AMD64”,type=“win32” ,version=“16.0.0.0"2” on line UccApi,processorArchitecture=“AMD64”,type=“win32”, version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture=“AMD64”,type=“win32”, version=“16.0.0.0”.
Definition is UccApi,processorArchitecture=“x86”,type=“win32”,ve rsion=“16.0.0.0”.
Please use sxstrace.exe for detailed diagnosis.
Error: (07/12/2017 03:40:33 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (07/11/2017 11:09:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6672
Error: (07/11/2017 11:09:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6672
Error: (07/11/2017 11:09:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/11/2017 05:49:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4000
Error: (07/11/2017 05:49:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4000
Error: (07/11/2017 05:49:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/11/2017 04:18:19 PM) (Source: ESRV_SVC_QUEENCREEK) (User: )
Description: Error [3]: [QNR_INPUT_ERROR_UNABLE_TO_STOP_DRIVER][0x425].
Occurred: [Tue Jul 11 16:18:19 2017].
In file: [intel_sampler_input.c].
At line: [809].
[HEADING=1]System errors:[/HEADING]
Error: (07/13/2017 01:30:05 PM) (Source: Service Control Manager) (User: )
Description: The USER_ESRV_SVC_QUEENCREEK service terminated with the following error:
%%497
Error: (07/13/2017 01:30:04 PM) (Source: Service Control Manager) (User: )
Description: The CldFlt service failed to start due to the following error:
%%50 = The request is not supported.
Error: (07/13/2017 01:09:38 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.
Error: (07/13/2017 01:09:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (07/13/2017 01:07:27 PM) (Source: Service Control Manager) (User: )
Description: The Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK service terminated unexpectedly. It has done this 1 time(s).
Error: (07/13/2017 01:07:27 PM) (Source: Service Control Manager) (User: )
Description: The Intel(R) Content Protection HECI Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/13/2017 01:07:27 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (07/13/2017 01:07:27 PM) (Source: Service Control Manager) (User: )
Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/13/2017 01:07:27 PM) (Source: Service Control Manager) (User: )
Description: The Intel(R) Driver and Support Assistant service terminated unexpectedly. It has done this 1 time(s).
Error: (07/13/2017 01:07:27 PM) (Source: Service Control Manager) (User: )
Description: The Intel Bluetooth Service service terminated unexpectedly. It has done this 1 time(s).
[HEADING=1]Microsoft Office Sessions:[/HEADING]
Error: (07/13/2017 01:08:31 PM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture=“AMD64”,type=“win32”, version="16.0.0.0"UccApi,processorArchitecture=“x8 6”,type=“win32”,version="16.0.0.0"C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.ManifestC:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL1
Error: (07/13/2017 01:05:43 PM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture=“AMD64”,type=“win32”, version="16.0.0.0"UccApi,processorArchitecture=“x8 6”,type=“win32”,version="16.0.0.0"C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.ManifestC:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL1
Error: (07/12/2017 03:40:33 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (07/11/2017 11:09:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6672
Error: (07/11/2017 11:09:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6672
Error: (07/11/2017 11:09:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/11/2017 05:49:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4000
Error: (07/11/2017 05:49:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4000
Error: (07/11/2017 05:49:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/11/2017 04:18:19 PM) (Source: ESRV_SVC_QUEENCREEK)(User: )
Description: Error [3]: [QNR_INPUT_ERROR_UNABLE_TO_STOP_DRIVER][0x425].
Occurred: [Tue Jul 11 16:18:19 2017].
In file: [intel_sampler_input.c].
At line: [809].
[HEADING=1]CodeIntegrity Errors:[/HEADING]
Date: 2017-07-13 13:32:48.122
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:48.120
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:48.109
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:48.107
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:21.029
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:21.027
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:09.054
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:32:09.051
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:19:29.683
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:19:29.612
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
=========================== Installed Programs ============================
. . (HKLM...{89B9210B-8111-438F-B51B-7AB64F658E2C}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32...{DEAF3493-EBF3-40F2-9D8A-5BD016E9E47C}) (Version: 2.8.1.9 - Intel) Hidden
µTorrent (HKCU...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe AIR (HKLM-x32...\Adobe AIR) (Version: 26.0.0.118 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32...{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM...{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM...{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32...{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Bonjour (HKLM...{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brackets (HKLM-x32...{1E8FE8D5-B532-4320-83D8-DA83B8E7F608}) (Version: 1.10 - brackets.io)
Conexant HD Audio (HKLM...\CNXT_AUDIO_HDA) (Version: 8.65.135.91 - Conexant)
Discord (HKCU...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HiPatch (HKLM-x32...{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.4.6 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32...{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Processor Graphics (HKLM-x32...{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4678 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32...{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32...{411cfca4-41d9-44e3-9d3e-2de29d4804e4}) (Version: 2.8.1.9 - Intel)
iTunes (HKLM...{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
JetBrains PyCharm Community Edition 2017.1.4 (HKLM-x32...\PyCharm Community Edition 2017.1.4) (Version: 171.4694.38 - JetBrains s.r.o.)
League of Legends (HKLM-x32...{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Lightshot-5.4.0.10 (HKLM-x32...{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Maxx Audio Installer (x64) (HKLM...{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8627.1 - Waves Audio Ltd.) Hidden
Microsoft Office 365 ProPlus - en-us (HKLM...\O365ProPlusRetail - en-us) (Version: 16.0.8229.2073 - Microsoft Corporation)
Microsoft OneDrive (HKCU...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Minecraft (HKLM-x32...{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Office 16 Click-to-Run Extensibility Component (HKLM-x32...{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM...{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM...{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32...{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
Paladins (HKLM...\Steam App 444090) (Version: - Hi-Rez Studios)
Python 3.6.1 (32-bit) (HKCU...{1babc3bc-6a32-44f7-bf4d-60eec36c9ad1}) (Version: 3.6.1150.0 - Python Software Foundation)
Python 3.6.1 Add to Path (32-bit) (HKLM-x32...{ED8BD450-5015-4CB3-95B5-2D93F23E111B}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Core Interpreter (32-bit) (HKLM-x32...{E63E60CA-437B-4894-8395-81F2F66483B0}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Development Libraries (32-bit) (HKLM-x32...{3029D656-0C32-4AC9-84FB-A15056F356CC}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Documentation (32-bit) (HKLM-x32...{D1198C40-C6F5-4FFB-B98C-79BF1FE706C1}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Executables (32-bit) (HKLM-x32...{A7036382-80F1-4FC1-B244-D31AA50337F4}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 pip Bootstrap (32-bit) (HKLM-x32...{899F7F28-F6D3-4E5B-8FBE-F7929036172A}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Standard Library (32-bit) (HKLM-x32...{3BCCB89B-CD98-4F78-8436-78847FABFD68}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Tcl/Tk Support (32-bit) (HKLM-x32...{F6ED0771-FE83-4A1C-BE65-A06CB65B46D5}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Test Suite (32-bit) (HKLM-x32...{F44EF183-905E-48BB-998E-53FC99B36FE3}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Utility Scripts (32-bit) (HKLM-x32...{2AA7DAB3-6778-42A7-9F33-22615234540E}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32...{323AC113-C6CE-4F99-842F-4936332D055A}) (Version: 3.6.5923.0 - Python Software Foundation)
SSH Secure Shell (HKLM-x32...{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version: - )
Steam (HKLM-x32...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3126 (HKLM-x32...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Vulkan Run Time Libraries 1.0.33.0 (HKLM...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM...\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM...\VulkanRT1.0.33.0-5) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM...\VulkanRT1.0.33.0-6) (Version: 1.0.33.0 - LunarG, Inc.)
WinRAR 5.50 beta 4 (64-bit) (HKLM...\WinRAR archiver) (Version: 5.50.4 - win.rar GmbH)
========================= Devices: ================================
Name: HID-compliant touch screen
Description: HID-compliant touch screen
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:
Device ID: HID\VID_04F3&PID_228A&COL01\6&2259F4F1&0&0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.
========================= Memory info: ===================================
Percentage of memory in use: 31%
Total physical RAM: 8050.83 MB
Available physical RAM: 5521.19 MB
Total Virtual: 9330.83 MB
Available Virtual: 6629.46 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:237.92 GB) (Free:160.19 GB) NTFS
========================= Users: ========================================
User accounts for \DESKTOP-23KOAR1
Administrator Coby DefaultAccount
defaultuser0 Guest
**** End of log ****
[/SPOILER]RSTHosts
Mini Tool Box
HjackThis
autoruns
If I had to list programs I got:
Text Editors:
-Sublime → For any
-Brackets → For html and CSS
-Pycharm → For python
Games:
-League of Legends - Cancer
-Paladins - Overwatch but with ponies
-Minecraft - Dark past
-Steam - Gaben
Others:
-Python 3.6
-Intel Driver Update Utility - Look up and update drivers, turned off on start up
-Microsoft Office
-Shell Client + File Client - For shelling into college servers
-iTunes
-uTorrent
-OneDrive
-Lightshot - Screen shot tool
-Discord
-WinRar
-Google Chrome
-Conexant HD audio - audio drivers, tried generic intel driver but don’t work with this laptop.
Comment