API tools faq
paste
Advertisement
Guest User

Addition

a guest
Jan 7th, 2016
480
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 27.85 KB | None | 0 0
raw download clone embed print report
  1. Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-01-2015
  2. Ran by Gabi (2016-01-08 00:03:25)
  3. Running from C:\Users\Gabi\Desktop
  4. Windows 10 Home (X64) (2015-12-29 09:54:36)
  5. Boot Mode: Normal
  6. ==========================================================
  7.  
  8.  
  9. ==================== Accounts: =============================
  10.  
  11. Administrator (S-1-5-21-1923878773-809089656-4278709338-500 - Administrator - Disabled)
  12. DefaultAccount (S-1-5-21-1923878773-809089656-4278709338-503 - Limited - Disabled)
  13. Gabi (S-1-5-21-1923878773-809089656-4278709338-1001 - Administrator - Enabled) => C:\Users\Gabi
  14. Guest (S-1-5-21-1923878773-809089656-4278709338-501 - Limited - Disabled)
  15.  
  16. ==================== Security Center ========================
  17.  
  18. (If an entry is included in the fixlist, it will be removed.)
  19.  
  20. AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  21. AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
  22. AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  23. AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
  24.  
  25. ==================== Installed Programs ======================
  26.  
  27. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  28.  
  29. Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
  30. Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
  31. Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.2 - AVAST Software)
  32. Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden
  33. Barn Yarn Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
  34. Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
  35. CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
  36. Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
  37. Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
  38. Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
  39. Coyote The Outlander (x32 Version: 3.0.2.59 - WildTangent) Hidden
  40. CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6713 - CyberLink Corp.)
  41. CyberLink PhotoDirector (Version: 5.0.5.6713 - CyberLink Corp.) Hidden
  42. CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.5418 - CyberLink Corp.)
  43. CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4.4301 - CyberLink Corp.)
  44. CyberLink PowerDirector 12 (Version: 12.0.4.4301 - CyberLink Corp.) Hidden
  45. CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.1.4301 - CyberLink Corp.)
  46. Delicious: Emily's Wonder Wedding Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
  47. DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
  48. Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
  49. Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
  50. Entwined: The Perfect Murder (x32 Version: 3.0.2.59 - WildTangent) Hidden
  51. Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
  52. Family Vacation 2: Road Trip (x32 Version: 3.0.2.59 - WildTangent) Hidden
  53. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
  54. Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
  55. Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
  56. Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden
  57. HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
  58. HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8293.5264 - Hewlett-Packard)
  59. HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
  60. HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.0.30.219 - Hewlett-Packard Company)
  61. HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
  62. HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
  63. HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
  64. IGT Slots: Paradise Garden (x32 Version: 3.0.2.59 - WildTangent) Hidden
  65. Imperial Island: Birth of an Empire (x32 Version: 3.0.2.59 - WildTangent) Hidden
  66. Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
  67. Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.150 - Intel Corporation)
  68. Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
  69. Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
  70. Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
  71. Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden
  72. Living Legends: Frozen Beauty Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
  73. Lost Lands: Dark Overlord Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
  74. Lost Souls: Timeless Fables Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
  75. Magic Heroes: Save Our Park (x32 Version: 3.0.2.59 - WildTangent) Hidden
  76. Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
  77. Manor Memoirs Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
  78. Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
  79. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
  80. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
  81. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
  82. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
  83. Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
  84. Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
  85. Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
  86. Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
  87. Mystery Expedition: Prisoners of Ice (x32 Version: 3.0.2.59 - WildTangent) Hidden
  88. Plagiarii (x32 Version: 3.0.2.59 - WildTangent) Hidden
  89. Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
  90. Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
  91. Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
  92. Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
  93. REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.59 - REALTEK Semiconductor Corp.)
  94. Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
  95. Rush Hour! Gas Station (x32 Version: 3.0.2.59 - WildTangent) Hidden
  96. Sky High Farm (x32 Version: 3.0.2.59 - WildTangent) Hidden
  97. swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
  98. Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
  99. WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
  100. WPS Office (9.1.0.5113) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5113 - Kingsoft Corp.)
  101.  
  102. ==================== Custom CLSID (Whitelisted): ==========================
  103.  
  104. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  105.  
  106. CustomCLSID: HKU\S-1-5-21-1923878773-809089656-4278709338-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Gabi\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation)
  107.  
  108. ==================== Scheduled Tasks (Whitelisted) =============
  109.  
  110. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  111.  
  112. Task: {044C3081-A91A-46E6-A40A-D1BB676A1EF0} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-06-19] ()
  113. Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
  114. Task: {2207D3EF-D6D7-4778-8A88-F4C6AA0394E3} - \WebBarLaunchTask -> No File <==== ATTENTION
  115. Task: {44027A59-232F-49FF-A0A6-E06FDD693470} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-11-23] (Microsoft Corporation)
  116. Task: {4CD61BF0-7046-454A-B0B6-D6A35017D2FB} - \ProfessionalCleaningSoftware_Start -> No File <==== ATTENTION
  117. Task: {65D2EF39-0C33-4444-B12D-6784DAC3134A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
  118. Task: {74A080AB-4455-4C53-A40C-997B6BA5662B} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe [2015-09-07] (Zhuhai Kingsoft Office Software Co.,Ltd)
  119. Task: {76252F4D-6CF5-4C2A-A300-F6F4B6CDE45D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard)
  120. Task: {84B01E23-13E7-4EF2-9D36-EB5CD4EBE187} - \WebBarUpdateTask -> No File <==== ATTENTION
  121. Task: {8518713B-F1E1-4B71-B7BD-D440B4C0AC72} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2015-12-29] (AVAST Software)
  122. Task: {96F04552-73AB-487B-B57B-CEF0E3A25664} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
  123. Task: {B4F05A1D-F9E1-4E47-9DF8-86A26629BAFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-25] (Google Inc.)
  124. Task: {C4046990-F6D5-498B-BC54-5EFC09C9AC21} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2015-12-29] (AVAST Software)
  125. Task: {D0C86A51-251F-4889-B0AF-0729F3813C0D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2015-07-11] (Hewlett-Packard Company)
  126. Task: {D965D8DE-8321-491A-AD49-6934E84C8690} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
  127. Task: {E7BF30D3-ABFD-4AC7-8DAB-7F2B7DE78508} - \ProfessionalCleaningSoftware_Popup -> No File <==== ATTENTION
  128. Task: {EA747DE2-F2DA-4F65-88CD-7D23CF6589AA} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
  129. Task: {ED239949-361C-4B58-AE98-3CEEB67A518F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
  130. Task: {F05F2A21-FB63-4BCA-B6FE-3E000AC6EBBD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-01-07] (AVAST Software)
  131. Task: {F6742B08-D509-404D-A660-323751D1E5AA} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe [2015-09-07] (Zhuhai Kingsoft Office Software Co.,Ltd)
  132. Task: {F693221E-F863-42DF-A2C5-D0837F62046A} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [2015-07-01] (CyberLink Corp.)
  133. Task: {FA6366D1-4C22-4E71-A090-D9F4ADD30963} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-25] (Google Inc.)
  134.  
  135. (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
  136.  
  137. Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  138. Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  139. Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe
  140. Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe
  141.  
  142. ==================== Shortcuts =============================
  143.  
  144. (The entries could be listed to be restored or removed.)
  145.  
  146. ShortcutWithArgument: C:\Users\Gabi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonShopping.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.amazon.com/gp/bit/amazonbookmark.html?tag=hp2-desktop-us-20&partner=HP
  147. ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square
  148.  
  149. ==================== Loaded Modules (Whitelisted) ==============
  150.  
  151. 2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
  152. 2015-09-07 18:32 - 2014-04-14 20:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
  153. 2015-12-29 05:05 - 2015-12-29 05:04 - 00452456 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
  154. 2015-12-29 07:05 - 2015-12-29 07:05 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
  155. 2015-12-29 07:05 - 2015-12-29 07:05 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
  156. 2015-10-30 04:09 - 2015-10-30 04:09 - 00044032 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
  157. 2015-12-29 07:05 - 2015-12-29 07:05 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
  158. 2015-12-29 07:05 - 2015-12-29 07:05 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
  159. 2015-12-29 07:05 - 2015-12-29 07:05 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
  160. 2015-12-29 07:05 - 2015-12-29 07:05 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
  161. 2015-12-29 07:05 - 2015-12-29 07:05 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
  162. 2015-12-29 07:05 - 2015-12-29 07:05 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
  163. 2015-02-26 12:12 - 2015-02-26 12:12 - 00330240 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
  164. 2016-01-07 17:10 - 2016-01-07 17:10 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
  165. 2016-01-07 17:10 - 2016-01-07 17:10 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
  166. 2016-01-07 17:13 - 2016-01-07 17:13 - 02809344 _____ () C:\Program Files\AVAST Software\Avast\defs\16010701\algo.dll
  167. 2016-01-07 17:10 - 2016-01-07 17:10 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
  168. 2015-10-30 04:09 - 2015-10-30 04:09 - 00151040 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
  169. 2015-10-30 04:09 - 2015-10-30 04:09 - 18818048 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkyWrap.dll
  170. 2016-01-07 17:10 - 2016-01-07 17:10 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
  171. 2015-09-07 18:07 - 2015-04-29 19:04 - 38561984 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
  172.  
  173. ==================== Alternate Data Streams (Whitelisted) =========
  174.  
  175. (If an entry is included in the fixlist, only the ADS will be removed.)
  176.  
  177.  
  178. ==================== Safe Mode (Whitelisted) ===================
  179.  
  180. (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
  181.  
  182.  
  183. ==================== EXE Association (Whitelisted) ===============
  184.  
  185. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  186.  
  187.  
  188. ==================== Internet Explorer trusted/restricted ===============
  189.  
  190. (If an entry is included in the fixlist, it will be removed from the registry.)
  191.  
  192.  
  193. ==================== Hosts content: ===============================
  194.  
  195. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  196.  
  197. 2015-07-10 06:04 - 2015-07-10 06:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
  198.  
  199.  
  200. ==================== Other Areas ============================
  201.  
  202. (Currently there is no automatic fix for this section.)
  203.  
  204. HKU\S-1-5-21-1923878773-809089656-4278709338-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
  205. DNS Servers: 75.75.76.76 - 75.75.75.75
  206. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  207. Windows Firewall is enabled.
  208.  
  209. ==================== MSCONFIG/TASK MANAGER disabled items ==
  210.  
  211. (Currently there is no automatic fix for this section.)
  212.  
  213. HKLM\...\StartupApproved\Run32: => "gmsd_us_004010187"
  214.  
  215. ==================== FirewallRules (Whitelisted) ===============
  216.  
  217. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  218.  
  219. FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
  220. FirewallRules: [{2A961448-D460-4A75-832F-C00F0B9569DD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  221. FirewallRules: [{68939BAC-9AF0-4870-9017-D5D658B51F0D}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
  222. FirewallRules: [{2837B0E8-B33D-4B10-A16D-8FB9305EE2DC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
  223. FirewallRules: [{A158D357-8751-4365-88F8-697FE6DEDFD7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
  224. FirewallRules: [{B2FA1C2B-36FA-4084-BACC-A7421E893675}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
  225. FirewallRules: [{986D8E4A-E0B0-4E9B-ACD4-CB0BF3BABB40}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
  226. FirewallRules: [{10CE30BB-7366-4140-88C5-75DF49217025}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
  227. FirewallRules: [{A85F843A-74C6-4B98-91E9-61B6320D952D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
  228. FirewallRules: [{3A2F5179-CCA2-4F5F-B386-776B318F9B2B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
  229. FirewallRules: [{2DF945A7-FC01-41F4-8D44-5A76CA38B892}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
  230. FirewallRules: [{54F90672-22A7-43AA-9051-175B5E87FDB6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
  231. FirewallRules: [{B729F43D-C7B5-4E85-9036-F0EF7035E23E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
  232.  
  233. ==================== Restore Points =========================
  234.  
  235. 06-01-2016 18:22:12 Windows Modules Installer
  236.  
  237. ==================== Faulty Device Manager Devices =============
  238.  
  239.  
  240. ==================== Event log errors: =========================
  241.  
  242. Application errors:
  243. ==================
  244. Error: (01/07/2016 11:57:34 PM) (Source: DPTF) (EventID: 256) (User: )
  245. Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
  246.  
  247. DPTF Build Version: 8.1.10600.150
  248. DPTF Build Date: Jun 26 2015 11:46:12
  249. Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
  250. Executing Function: DptfEvent
  251. Message: Received unexpected event
  252. Framework Event: DptfResume [3]
  253.  
  254. Error: (01/07/2016 10:08:12 PM) (Source: Perflib) (EventID: 1008) (User: )
  255. Description: BITSC:\Windows\System32\bitsperf.dll8
  256.  
  257. Error: (01/07/2016 10:04:01 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
  258. Description: The index cannot be initialized.
  259.  
  260. Details:
  261. The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
  262.  
  263. Error: (01/07/2016 10:04:01 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
  264. Description: The application cannot be initialized.
  265.  
  266. Context: Windows Application
  267.  
  268. Details:
  269. The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
  270.  
  271. Error: (01/07/2016 10:04:01 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
  272. Description: The gatherer object cannot be initialized.
  273.  
  274. Context: Windows Application, SystemIndex Catalog
  275.  
  276. Details:
  277. The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
  278.  
  279. Error: (01/07/2016 10:04:01 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
  280. Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
  281.  
  282. Context: Windows Application, SystemIndex Catalog
  283.  
  284. Details:
  285. The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
  286.  
  287. Error: (01/07/2016 10:04:01 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
  288. Description: The plug-in manager <Search.TripoliIndexer> cannot be initialized.
  289.  
  290. Context: Windows Application
  291.  
  292. Details:
  293. (HRESULT : 0x8e5e0210) (0x8e5e0210)
  294.  
  295. Error: (01/07/2016 10:04:01 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
  296. Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
  297.  
  298. Details:
  299. The content index catalog is corrupt. 0xc0041801 (0xc0041801)
  300.  
  301. Error: (01/07/2016 10:03:44 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
  302. Description: The search service has detected corrupted data files in the index {id=4810 - base\appmodel\search\search\ytrip\common\util\jetutil.cpp (203)}. The service will attempt to automatically correct this problem by rebuilding the index.
  303.  
  304. Details:
  305. 0x8e5e0210 (0x8e5e0210)
  306.  
  307. Error: (01/07/2016 10:03:44 PM) (Source: ESENT) (EventID: 455) (User: )
  308. Description: SearchIndexer (4624) Windows: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb0000D.log.
  309.  
  310.  
  311. System errors:
  312. =============
  313. Error: (01/07/2016 11:21:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  314. Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
  315.  
  316. Error: (01/07/2016 10:04:05 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-10BKCDB)
  317. Description: 1053WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
  318.  
  319. Error: (01/07/2016 10:04:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
  320. Description: The Windows Search service failed to start due to the following error:
  321. %%1053
  322.  
  323. Error: (01/07/2016 10:04:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
  324. Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
  325.  
  326. Error: (01/07/2016 10:04:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
  327. Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
  328.  
  329. Error: (01/07/2016 10:04:01 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
  330. Description: The Windows Search service terminated with the following service-specific error:
  331. %%2147749126
  332.  
  333. Error: (01/07/2016 10:02:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
  334. Description: The Kingsoft_WPS_UpdateService service failed to start due to the following error:
  335. %%1053
  336.  
  337. Error: (01/07/2016 10:02:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
  338. Description: A timeout was reached (30000 milliseconds) while waiting for the Kingsoft_WPS_UpdateService service to connect.
  339.  
  340. Error: (01/07/2016 10:01:53 PM) (Source: EventLog) (EventID: 6008) (User: )
  341. Description: The previous system shutdown at 6:27:10 PM on ‎1/‎7/‎2016 was unexpected.
  342.  
  343. Error: (01/07/2016 06:26:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
  344. Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_3a543c service to connect.
  345.  
  346.  
  347. CodeIntegrity:
  348. ===================================
  349. Date: 2016-01-07 22:06:06.590
  350. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  351.  
  352. Date: 2016-01-07 16:10:52.101
  353. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  354.  
  355. Date: 2016-01-06 18:25:19.459
  356. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  357.  
  358. Date: 2015-12-29 04:41:23.689
  359. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  360.  
  361. Date: 2015-12-29 04:40:57.300
  362. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  363.  
  364. Date: 2015-12-29 04:17:07.438
  365. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  366.  
  367.  
  368. ==================== Memory info ===========================
  369.  
  370. Processor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
  371. Percentage of memory in use: 44%
  372. Total physical RAM: 3953.27 MB
  373. Available physical RAM: 2208.86 MB
  374. Total Virtual: 5361.27 MB
  375. Available Virtual: 3556.41 MB
  376.  
  377. ==================== Drives ================================
  378.  
  379. Drive c: (Windows) (Fixed) (Total:909.99 GB) (Free:847.27 GB) NTFS
  380. Drive d: (RECOVERY) (Fixed) (Total:20.32 GB) (Free:2.33 GB) NTFS ==>[system with boot components (obtained from drive)]
  381.  
  382. ==================== MBR & Partition Table ==================
  383.  
  384. ========================================================
  385. Disk: 0 (Size: 931.5 GB) (Disk ID: 491AFB52)
  386.  
  387. Partition: GPT.
  388.  
  389. ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!