Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
- Ran by rterr (2016-03-11 21:37:35)
- Running from C:\Users\rterr\Desktop
- Windows 10 Home Version 1511 (X64) (2015-12-31 09:54:45)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-3355830756-1789120713-3534354194-500 - Administrator - Disabled)
- DefaultAccount (S-1-5-21-3355830756-1789120713-3534354194-503 - Limited - Disabled)
- Guest (S-1-5-21-3355830756-1789120713-3534354194-501 - Limited - Disabled)
- rterr (S-1-5-21-3355830756-1789120713-3534354194-1001 - Administrator - Enabled) => C:\Users\rterr
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Norton Security Suite (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
- AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
- FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
- Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
- Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
- Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
- Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
- CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6713 - CyberLink Corp.)
- CyberLink PhotoDirector (Version: 5.0.5.6713 - CyberLink Corp.) Hidden
- CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.5418 - CyberLink Corp.)
- CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4.4301 - CyberLink Corp.)
- CyberLink PowerDirector 12 (Version: 12.0.4.4301 - CyberLink Corp.) Hidden
- CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.1.4301 - CyberLink Corp.)
- DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
- Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
- Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.80.0000 - Seiko Epson Corporation)
- Epson Event Manager (HKLM-x32\...\{4B22C430-7EA8-4534-8358-376FD900B953}) (Version: 3.10.0042 - Seiko Epson Corporation)
- EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
- EPSON XP-620 Series Printer Uninstall (HKLM\...\EPSON XP-620 Series) (Version: - SEIKO EPSON Corporation)
- EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
- Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
- HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
- HP CoolSense (HKLM-x32\...\{1504CF6F-8139-497F-86FC-46174B67CF7F}) (Version: 2.20.51 - Hewlett-Packard Company)
- HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
- HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8293.5264 - Hewlett-Packard)
- HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.1.40.3 - Hewlett-Packard Company)
- HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.0.30.219 - Hewlett-Packard Company)
- HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
- HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
- HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
- Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
- Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.150 - Intel Corporation)
- Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
- Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
- Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
- Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
- Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
- Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
- Mozilla Firefox 43.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 en-US)) (Version: 43.0.3 - Mozilla)
- Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3 - Mozilla)
- Norton Bootable Recovery Tool Wizard (HKLM-x32\...\NBRTWizard) (Version: 7.1.0.26 - Symantec Corporation)
- Norton Security Suite (HKLM-x32\...\N360) (Version: 22.5.5.15 - Symantec Corporation)
- Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.91 - Realtek Semiconductor Corp.)
- Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
- REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.58 - REALTEK Semiconductor Corp.)
- Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
- swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
- Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.97 - Synaptics Incorporated)
- TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
- Windows Driver Package - Intel Corporation (iagpioe) System (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation)
- Windows Driver Package - Intel Corporation (iai2ce) System (05/21/2015 604.10120.2654.367) (HKLM\...\B37036F6A0766DAC3E418F6CAE67005C5F3A8C40) (Version: 05/21/2015 604.10120.2654.367 - Intel Corporation)
- Windows Driver Package - Intel Corporation (iauarte) System (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-3355830756-1789120713-3534354194-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\rterr\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {0394074A-0BE4-4FF5-BD8C-1FFBDC7C3740} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-02-18] (Hewlett-Packard)
- Task: {0EA32F0D-ED74-4706-AAA4-DFF3741DD48E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
- Task: {19F147AC-0FD5-43F3-B35D-1B2EA4101298} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\WSCStub.exe [2015-11-20] (Symantec Corporation)
- Task: {40DCD0B5-B7B5-4B01-B2E1-6A85A747E7E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-01] (Google Inc.)
- Task: {445086B7-F26D-4274-BADB-01C617BDA6F8} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
- Task: {4503105F-5F95-4D40-BEE9-569F6C1BBBE0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11] (Adobe Systems Incorporated)
- Task: {61D18409-8E76-4D99-A8DC-2B8D6C5AA370} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-02-22] (HP Inc.)
- Task: {651AEF5D-1695-4409-B784-D882856C61E3} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
- Task: {7374DE4F-EFE3-4863-AB55-9D0164DD817F} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
- Task: {8055E3FB-DA14-4B84-A5F6-D57AC220D642} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2015-05-21] (Hewlett-Packard Development Company, L.P.)
- Task: {913A90AE-FF1C-4D96-817A-AAEAF5E61E68} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
- Task: {A55480B6-EB51-41C3-8A48-39A12371AEF5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
- Task: {ADF8C82F-8019-4809-B993-7D7839C33211} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-01-20] (Hewlett-Packard)
- Task: {C03A8436-0E92-4281-9AC4-D93B3AABAE67} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-01] (Google Inc.)
- Task: {C33C0931-4B59-4728-A30C-67A5F5516076} - System32\Tasks\EPSON XP-620 Series Update {84C35374-C9C2-4A8E-A2B6-978A0FE0BAE0} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
- Task: {CC3810EC-555D-4DCA-91C8-7D88FDF2B7D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-02-22] (HP Inc.)
- Task: {D6F41F13-9A96-40F7-A9B5-DD7814FC442B} - System32\Tasks\EPSON XP-620 Series Update {B41EEF45-B943-4F4B-9F17-AC392E782F81} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
- Task: {DE1AFF8D-597B-4D6C-A9F0-7BD8B92BFD04} - System32\Tasks\HPCeeScheduleForrterr => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
- Task: {F2FE2716-987E-435F-B768-6412003543D2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
- Task: {F65C93FF-33F9-4C43-9F6B-48C234AC9E70} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- Task: C:\WINDOWS\Tasks\EPSON XP-620 Series Update {84C35374-C9C2-4A8E-A2B6-978A0FE0BAE0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE:/EXE:{84C35374-C9C2-4A8E-A2B6-978A0FE0BAE0} /F:UpdateWORKGROUP\DESKTOP-QUADA1U$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
- Task: C:\WINDOWS\Tasks\EPSON XP-620 Series Update {B41EEF45-B943-4F4B-9F17-AC392E782F81}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE:/EXE:{B41EEF45-B943-4F4B-9F17-AC392E782F81} /F:UpdateWORKGROUP\DESKTOP-QUADA1U$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
- Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\WINDOWS\Tasks\HPCeeScheduleForrterr.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
- ==================== Shortcuts =============================
- (The entries could be listed to be restored or removed.)
- ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square
- ==================== Loaded Modules (Whitelisted) ==============
- 2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
- 2015-09-09 19:27 - 2014-04-14 20:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
- 2016-03-01 16:55 - 2016-02-23 06:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
- 2016-01-12 18:36 - 2016-01-04 20:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
- 2016-03-01 16:55 - 2016-02-23 06:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
- 2015-12-31 07:12 - 2015-12-31 07:12 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
- 2016-03-01 16:55 - 2016-02-23 03:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
- 2016-01-12 18:36 - 2016-01-04 20:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
- 2016-01-12 18:36 - 2016-01-04 20:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
- 2016-01-27 18:17 - 2016-01-16 00:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
- 2016-01-27 18:17 - 2016-01-16 00:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
- 2016-01-21 21:32 - 2016-01-21 21:34 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
- 2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
- 2016-01-21 21:32 - 2016-01-21 21:34 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
- 2016-01-21 21:32 - 2016-01-21 21:34 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
- ==================== EXE Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- IE trusted site: HKU\S-1-5-21-3355830756-1789120713-3534354194-1001\...\localhost -> localhost
- IE trusted site: HKU\S-1-5-21-3355830756-1789120713-3534354194-1001\...\webcompanion.com -> hxxp://webcompanion.com
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2015-07-10 06:04 - 2015-07-10 06:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-3355830756-1789120713-3534354194-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
- DNS Servers: 75.75.75.75 - 75.75.76.76
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (Currently there is no automatic fix for this section.)
- HKLM\...\StartupApproved\Run32: => "EEventManager"
- HKU\S-1-5-21-3355830756-1789120713-3534354194-1001\...\StartupApproved\Run: => "BingSvc"
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
- FirewallRules: [{9378955C-DDD1-421F-AF78-E2C1BA3E8397}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [{E27FA7F9-5803-45A9-A2DD-FDDF5F77695D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{3218EB60-954C-4B84-A5A4-3D6B78C3631C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{26D51E54-E4D5-47AE-B53E-F4BD6563A8AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{93D3361E-4525-4522-934C-4C252F0F142D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{2BDA13C8-1541-4525-B883-A26DD69BA556}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{801FC1C9-1FA6-4D8B-9DF0-509C013CB772}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{1E393FFF-143E-4855-ADB9-7D06000A0118}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
- FirewallRules: [{1F4E817A-1391-4B85-BEBB-6F48B94FAE76}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
- FirewallRules: [{D55F1889-A76E-4038-AE8F-9AA1A8B25558}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
- FirewallRules: [{00D0F88C-8BCE-4C90-AAC7-A47BF8564D4E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
- FirewallRules: [{82EF7006-0FB4-4939-83AF-EF34E597FFA7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
- FirewallRules: [{0F8E2E1A-C38C-4957-99A9-B8C96D72AE78}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
- FirewallRules: [{D8D62E1B-D343-4728-818B-5AD5B578CF77}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
- FirewallRules: [{CBE6ED38-6618-4DB8-BB11-AAD85FF12512}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
- FirewallRules: [{28D3F775-DCA1-4269-8F7C-68784C3ACA88}] => (Allow) C:\Users\rterr\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
- FirewallRules: [{82CF7677-617A-41CA-ADBB-FB13C1D9D414}] => (Allow) C:\Users\rterr\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
- FirewallRules: [{7E54756A-F168-4098-AD35-D952AF439281}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- FirewallRules: [{82B5D8BF-24A1-4F5B-984F-CFAE1C87E334}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{471E444F-91E3-4459-8C2D-8F78512586BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{CC817AB7-D2A4-412A-8D05-6256985C0B9A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{206CF471-78FD-494E-AA38-6BB9926D17C9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- ==================== Restore Points =========================
- 24-02-2016 23:29:58 HPSF Applying updates
- 25-02-2016 18:25:08 Frontier2/25/2016
- 01-03-2016 16:57:54 Windows Update
- 01-03-2016 16:58:58 Windows Update
- 09-03-2016 18:32:11 Windows Update
- 11-03-2016 18:47:08 Restore Operation
- ==================== Faulty Device Manager Devices =============
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (03/11/2016 09:31:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-QUADA1U)
- Description: Activation of app Weather.TheWeatherChannelforHP_t3yemqpq4kp7p!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- Error: (03/11/2016 09:29:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
- Description: The program iexplore.exe version 11.0.10586.20 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
- Process ID: 57c
- Start Time: 01d17c04a8050dd7
- Termination Time: 128
- Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe
- Report Id: 3c51d6fe-e7fa-11e5-9bf1-3ca82ab7143c
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (03/11/2016 09:18:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-QUADA1U)
- Description: Activation of app Weather.TheWeatherChannelforHP_t3yemqpq4kp7p!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- Error: (03/11/2016 09:00:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-QUADA1U)
- Description: Activation of app Weather.TheWeatherChannelforHP_t3yemqpq4kp7p!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- Error: (03/11/2016 08:48:42 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc
- Faulting module name: SkyWrap.dll, version: 10.1.2123.10, time stamp: 0x569054c9
- Exception code: 0xc0000005
- Fault offset: 0x00ac6197
- Faulting process id: 0x1484
- Faulting application start time: 0xSkypeHost.exe0
- Faulting application path: SkypeHost.exe1
- Faulting module path: SkypeHost.exe2
- Report Id: SkypeHost.exe3
- Faulting package full name: SkypeHost.exe4
- Faulting package-relative application ID: SkypeHost.exe5
- Error: (03/11/2016 08:48:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-QUADA1U)
- Description: Activation of app Weather.TheWeatherChannelforHP_t3yemqpq4kp7p!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- Error: (03/11/2016 08:35:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-QUADA1U)
- Description: Activation of app Weather.TheWeatherChannelforHP_t3yemqpq4kp7p!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- Error: (03/11/2016 08:33:45 PM) (Source: DPTF) (EventID: 256) (User: )
- Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
- DPTF Build Version: 8.1.10600.150
- DPTF Build Date: Jun 26 2015 11:46:12
- Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
- Executing Function: PolicyBase::takeControlOfOsc
- Message: Failed to acquire OSC: Failure during execution of _OSC:
- DPTF Build Version: 8.1.10600.150
- DPTF Build Date: Jun 26 2015 11:46:12
- Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
- Executing Function: EsifServices::primitiveExecuteSet
- Message: Error returned from ESIF services interface function call
- Participant: NoParticipant
- Domain: NoDomain
- ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
- ESIF Instance: 255
- ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
- Policy: Passive Policy [1]
- Error: (03/11/2016 08:33:45 PM) (Source: DPTF) (EventID: 256) (User: )
- Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
- DPTF Build Version: 8.1.10600.150
- DPTF Build Date: Jun 26 2015 11:46:12
- Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
- Executing Function: PolicyBase::takeControlOfOsc
- Message: Failed to acquire OSC: Failure during execution of _OSC:
- DPTF Build Version: 8.1.10600.150
- DPTF Build Date: Jun 26 2015 11:46:12
- Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
- Executing Function: EsifServices::primitiveExecuteSet
- Message: Error returned from ESIF services interface function call
- Participant: NoParticipant
- Domain: NoDomain
- ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
- ESIF Instance: 255
- ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
- Policy: Critical Policy [0]
- Error: (03/11/2016 08:33:44 PM) (Source: DPTF) (EventID: 256) (User: )
- Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
- DPTF Build Version: 8.1.10600.150
- DPTF Build Date: Jun 26 2015 11:46:12
- Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
- Executing Function: WIPolicyCreateAll::execute
- Message: Unhandled exception caught during execution of work item
- Policy File Name: DptfPolicyActive.dll
- Framework Event: PolicyCreate [27]
- Exception Function: PolicyManager::createPolicy
- Exception Text:
- DPTF Build Version: 8.1.10600.150
- DPTF Build Date: Jun 26 2015 11:46:12
- Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
- Executing Function: EsifServices::primitiveExecuteGet
- Message: Error returned from ESIF services interface function call
- Participant: NoParticipant
- Domain: NoDomain
- ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
- ESIF Instance: 255
- ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
- System errors:
- =============
- Error: (03/11/2016 08:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The User Data Access_5f1ac service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
- Error: (03/11/2016 08:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The User Data Storage_5f1ac service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
- Error: (03/11/2016 08:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Contact Data_5f1ac service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
- Error: (03/11/2016 08:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Sync Host_5f1ac service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
- Error: (03/11/2016 08:23:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
- Error: (03/11/2016 06:48:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
- Description: The User Data Access_7797d service terminated with the following error:
- %%2147746132
- Error: (03/11/2016 06:48:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
- Description: The Sync Host_7797d service terminated with the following error:
- %%5
- Error: (03/11/2016 06:48:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The User Data Access_7797d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
- Error: (03/11/2016 06:48:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The User Data Storage_7797d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
- Error: (03/11/2016 06:48:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Contact Data_7797d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
- CodeIntegrity:
- ===================================
- Date: 2016-03-11 18:41:40.024
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-03-11 03:05:13.640
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-03-02 03:36:12.737
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-02-18 16:49:55.617
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-02-13 08:26:59.277
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-02-10 15:54:19.525
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-01-28 03:37:21.313
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-01-14 02:56:39.891
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-01-07 17:21:39.666
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-01-07 17:19:23.034
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- ==================== Memory info ===========================
- Processor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
- Percentage of memory in use: 42%
- Total physical RAM: 8049.27 MB
- Available physical RAM: 4659.8 MB
- Total Virtual: 9329.27 MB
- Available Virtual: 5121.23 MB
- ==================== Drives ================================
- Drive c: (Windows) (Fixed) (Total:908.94 GB) (Free:852.69 GB) NTFS
- Drive d: (RECOVERY) (Fixed) (Total:21.35 GB) (Free:2.48 GB) NTFS ==>[system with boot components (obtained from drive)]
- Drive f: (NBRT) (Removable) (Total:29.42 GB) (Free:28.9 GB) FAT32
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (Size: 931.5 GB) (Disk ID: C273D726)
- Partition: GPT.
- ========================================================
- Disk: 1 (MBR Code: Windows 7 or 8) (Size: 29.4 GB) (Disk ID: 00000000)
- Partition: GPT.
- ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement