Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
- Ran by Narcis at 2015-06-19 19:49:20
- Running from C:\Users\Narcis\Desktop
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-1492978049-1898015326-2695977172-500 - Administrator - Disabled)
- Guest (S-1-5-21-1492978049-1898015326-2695977172-501 - Limited - Disabled)
- HomeGroupUser$ (S-1-5-21-1492978049-1898015326-2695977172-1002 - Limited - Enabled)
- Narcis (S-1-5-21-1492978049-1898015326-2695977172-1001 - Administrator - Enabled) => C:\Users\Narcis
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
- AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
- AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
- Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
- Adobe Flash Player 10 ActiveX (HKLM-x32\...\{FFB768E4-E427-4553-BC36-A11F5E62A94D}) (Version: 10.1.53.64 - Adobe Systems Incorporated)
- ATI Catalyst Install Manager (HKLM\...\{E2D662AD-3FE3-26C5-5540-90E4974EF412}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
- Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
- bestadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== ATTENTION
- Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)
- Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
- Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
- ccc-core-static (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
- Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
- CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
- CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
- D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
- Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
- Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
- DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
- DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
- Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
- ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
- FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
- Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
- Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
- Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
- HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
- HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
- HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
- HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
- HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard)
- HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
- HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
- HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
- HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3107 - Hewlett-Packard)
- HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard)
- HP My Display (HKLM-x32\...\{1F4DDC90-5923-4E49-A4C7-F3CCC954DCA0}) (Version: 1.00.165 - Portrait Displays, Inc.)
- HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
- HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
- HP Support Assistant (HKLM-x32\...\{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}) (Version: 5.0.14.2 - Hewlett-Packard Company)
- HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
- HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
- HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.4.0 - Hewlett-Packard)
- HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
- Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
- Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
- Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
- Kobo (HKLM-x32\...\Kobo) (Version: - )
- LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.)
- LabelPrint (x32 Version: 2.5.2823 - CyberLink Corp.) Hidden
- LightningDownloader (HKLM-x32\...\{0F44DC3H-6E62-4961-A14B-95323C512F9B}_is1) (Version: 1.0 - LightningDownloader)
- LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
- Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
- Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
- Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
- Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
- Microsoft OneDrive (HKU\S-1-5-21-1492978049-1898015326-2695977172-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
- Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
- Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
- Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
- Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
- Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
- Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
- MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
- MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
- Nitro Pro 9 (HKLM\...\{BC8E7DF0-4434-4688-B615-0A3E5FACFC26}) (Version: 9.0.4.5 - Nitro)
- Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
- PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
- Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
- PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
- PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
- PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
- Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
- PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
- Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
- Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
- Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
- Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4022 - CyberLink Corp.)
- Power2Go (x32 Version: 6.1.4022 - CyberLink Corp.) Hidden
- PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.)
- PowerDirector (x32 Version: 8.0.2906 - CyberLink Corp.) Hidden
- PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 - NewspaperDirect Inc.)
- PriceMinus (HKLM-x32\...\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}) (Version: - ) <==== ATTENTION
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6146 - Realtek Semiconductor Corp.)
- Recovery Manager (x32 Version: 5.5.3025 - CyberLink Corp.) Hidden
- RegisterAppend (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{5d135e43}) (Version: - RegisterAppend) <==== ATTENTION
- SDK (x32 Version: 2.22.002 - Portrait Displays, Inc.) Hidden
- Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
- Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
- Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
- Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
- Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
- Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
- Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
- Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
- Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
- Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
- Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
- Xmarks Bookmark Sync (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
- Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.2811 - Zinio LLC)
- Zinio Reader 4 (x32 Version: 4.0.2811 - Zinio LLC) Hidden
- Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-1492978049-1898015326-2695977172-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Narcis\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
- CustomCLSID: HKU\S-1-5-21-1492978049-1898015326-2695977172-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Narcis\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
- CustomCLSID: HKU\S-1-5-21-1492978049-1898015326-2695977172-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Narcis\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
- CustomCLSID: HKU\S-1-5-21-1492978049-1898015326-2695977172-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Narcis\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
- CustomCLSID: HKU\S-1-5-21-1492978049-1898015326-2695977172-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Narcis\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328_1\amd64\FileSyncApi64.dll (Microsoft Corporation)
- ==================== Restore Points =========================
- 12-06-2015 03:00:44 Windows Update
- 15-06-2015 20:11:23 Restore Point Created by FRST
- 17-06-2015 18:14:25 Removed Norton Online Backup
- 17-06-2015 18:42:14 Windows Update
- 19-06-2015 06:19:35 PROPLUS
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2009-07-14 12:34 - 2009-06-11 07:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {0F75996F-1A2C-465A-9879-8F07787995AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-07-01] (Hewlett-Packard Company)
- Task: {182E6528-1E39-440A-952A-0038DFFA168C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
- Task: {351EBD6D-2215-46FB-8722-3CE4E37A51AD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
- Task: {67C80356-A14C-461D-B5D6-36D94DDB87B7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
- Task: {7D5A1B77-D3CD-4233-8D13-FE8E0BBD45D1} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-25] (CyberLink)
- Task: {871AF5D6-9340-4B7E-A75E-E6C73BD57DFD} - System32\Tasks\Bidaily Synchronize Task[973b] => c:\programdata\{5bc4f8c6-8193-07cf-5bc4-4f8c6819e31a}\gre-elja.epub (1).exe [2014-06-18] () <==== ATTENTION
- Task: {A08A5B32-9B90-47ED-BA1E-FAA7EB400286} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
- Task: {A37CF83B-D324-46E2-B431-4C25CEE52225} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
- Task: {BB719B86-2740-45E1-BA71-812E9AE1C3A5} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
- Task: {C9B7D966-F7A8-4668-A472-EB358DFF13F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
- Task: {CC29EFD6-897C-4AF2-9C2A-DFEF35B3C8B9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
- Task: {CE364D42-9201-4D9A-86D3-1A7986B6AD36} - System32\Tasks\HPCeeScheduleForNarcis => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
- Task: {D9A8752A-F25D-4D58-8155-B7921D1FDB09} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-07-01] (Hewlett-Packard Company)
- Task: {DB0C634E-647C-4CA7-948A-B8A5826235EC} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-06-04] (Microsoft Corporation)
- Task: {E4F1FC59-7CBE-44E4-B917-39F3AC230AB5} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-17] (Microsoft Corporation)
- Task: {E5DCBC78-C754-4115-9E3D-E979146037BE} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
- Task: {F45E0D40-0BAB-4549-8708-E4F3D47845C6} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
- Task: {FDEDA84D-37D9-4C72-96E6-51414170661B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-08] (Microsoft Corporation)
- Task: C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{5bc4f8c6-8193-07cf-5bc4-4f8c6819e31a}\gre-elja.epub (1).exe <==== ATTENTION
- Task: C:\Windows\Tasks\HPCeeScheduleForNarcis.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
- ==================== Loaded Modules (Whitelisted) ==============
- 2010-08-22 11:58 - 2010-06-24 05:09 - 00125552 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
- 2010-01-19 03:21 - 2010-01-19 03:21 - 00568888 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
- 2009-06-09 09:45 - 2009-06-09 09:45 - 00098304 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
- 2010-08-22 11:21 - 2010-08-22 11:21 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
- 2015-04-14 17:14 - 2015-04-14 17:14 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
- 2015-06-18 06:31 - 2015-06-18 06:31 - 01786880 _____ () c:\Program Files (x86)\ProcessRunner\ProcessRunner.dll
- 2015-04-14 17:14 - 2015-04-14 17:14 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
- 2015-06-01 22:56 - 2010-06-18 10:00 - 12286520 _____ () C:\Users\Narcis\AppData\Roaming\PictureMover\Bin\Core.dll
- 2009-07-14 07:03 - 2009-07-14 11:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
- 2015-06-01 22:57 - 2010-06-18 10:11 - 01699384 _____ () C:\Users\Narcis\AppData\Roaming\PictureMover\EN-US\Presentation.dll
- 2010-08-22 11:58 - 2010-05-26 02:29 - 00014856 _____ () C:\Program Files (x86)\Hewlett-Packard\HP My Display\ACPIDll.dll
- 2015-06-10 07:43 - 2015-06-06 04:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
- 2015-06-10 07:43 - 2015-06-06 04:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
- 2015-06-10 07:43 - 2015-06-06 04:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- AlternateDataStreams: C:\Windows:nlsPreferences
- ==================== Safe Mode (Whitelisted) ===================
- (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- ==================== EXE Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-1492978049-1898015326-2695977172-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Narcis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
- DNS Servers: 8.8.8.8 - 202.151.64.110
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (Currently there is no automatic fix for this section.)
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [{F6D5A59A-D70B-419C-972A-E12D1E9C4B69}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
- FirewallRules: [{725D1927-94B2-4E99-BC35-7A7EEB780E39}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
- FirewallRules: [{738BB676-1443-46AB-8847-65343A920BDF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
- FirewallRules: [{3E245060-673E-4CB6-96E7-6D6276C28508}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
- ==================== Faulty Device Manager Devices =============
- Name: Dell USB Smartcard Keyboard
- Description: Dell USB Smartcard Keyboard
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (06/19/2015 05:58:04 PM) (Source: SideBySide) (EventID: 80) (User: )
- Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
- A component version required by the application conflicts with another component version already active.
- Conflicting components are:.
- Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
- Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
- Error: (06/18/2015 10:59:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
- Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
- Process ID: bbc
- Start Time: 01d0a9c07fd3179e
- Termination Time: 6334
- Application Path: C:\Windows\Explorer.EXE
- Report Id: c677ee5d-15b9-11e5-8092-7071bc89a168
- Error: (06/15/2015 09:19:10 PM) (Source: SideBySide) (EventID: 63) (User: )
- Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
- The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
- Error: (06/15/2015 08:11:23 PM) (Source: VSS) (EventID: 8194) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
- .
- This is often caused by incorrect security settings in either the writer or requestor process.
- Operation:
- Gathering Writer Data
- Context:
- Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
- Writer Name: System Writer
- Writer Instance ID: {33b5e21c-2353-40b4-9572-1b6aa17b9ebb}
- Error: (06/13/2015 09:09:36 PM) (Source: SideBySide) (EventID: 63) (User: )
- Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
- The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
- Error: (06/11/2015 06:20:20 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Narcis-HP)
- Description: Application or service 'Windows Search' could not be shut down.
- Error: (06/11/2015 03:42:11 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: ccSvcHst.exe, version: 10.1.1.16, time stamp: 0x4daa1893
- Faulting module name: KERNEL32.DLL_unloaded, version: 0.0.0.0, time stamp: 0x556363bb
- Exception code: 0xc0000005
- Fault offset: 0x746b76f7
- Faulting process id: 0x730
- Faulting application start time: 0xccSvcHst.exe0
- Faulting application path: ccSvcHst.exe1
- Faulting module path: ccSvcHst.exe2
- Report Id: ccSvcHst.exe3
- Error: (06/11/2015 03:07:04 AM) (Source: SideBySide) (EventID: 63) (User: )
- Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
- The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
- Error: (06/10/2015 01:52:03 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
- Description: Chrome has encountered a fatal error.
- ver=43.0.2357.81;lang=;guid=7E92CB911EBB45819FED79FDD691CE66;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\054a1128-8b98-440b-9b43-b206e7b99545.dmp
- Error: (06/10/2015 08:50:04 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
- Description: Chrome has encountered a fatal error.
- ver=43.0.2357.81;lang=;guid=7E92CB911EBB45819FED79FDD691CE66;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\bf1e51b0-42c1-4a1a-9fd4-95fa54e698cc.dmp
- System errors:
- =============
- Error: (06/19/2015 06:12:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The eapihdrv service failed to start due to the following error:
- %%1275
- Error: (06/19/2015 06:12:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
- Description: \??\C:\Users\Narcis\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
- Error: (06/19/2015 06:12:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The eapihdrv service failed to start due to the following error:
- %%1275
- Error: (06/19/2015 06:12:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
- Description: \??\C:\Users\Narcis\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
- Error: (06/19/2015 06:12:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The eapihdrv service failed to start due to the following error:
- %%1275
- Error: (06/19/2015 06:12:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
- Description: \??\C:\Users\Narcis\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
- Error: (06/19/2015 05:59:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The eapihdrv service failed to start due to the following error:
- %%1275
- Error: (06/19/2015 05:59:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
- Description: \??\C:\Users\Narcis\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
- Error: (06/19/2015 05:59:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The eapihdrv service failed to start due to the following error:
- %%1275
- Error: (06/19/2015 05:59:37 PM) (Source: Application Popup) (EventID: 1060) (User: )
- Description: \??\C:\Users\Narcis\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
- Microsoft Office:
- =========================
- Error: (06/19/2015 05:58:04 PM) (Source: SideBySide) (EventID: 80) (User: )
- Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Narcis\Downloads\esetsmartinstaller_enu.exe
- Error: (06/18/2015 10:59:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
- Description: Explorer.EXE6.1.7601.17567bbc01d0a9c07fd3179e6334C:\Windows\Explorer.EXEc677ee5d-15b9-11e5-8092-7071bc89a168
- Error: (06/15/2015 09:19:10 PM) (Source: SideBySide) (EventID: 63) (User: )
- Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dllc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dll3
- Error: (06/15/2015 08:11:23 PM) (Source: VSS) (EventID: 8194) (User: )
- Description: 0x80070005, Access is denied.
- Operation:
- Gathering Writer Data
- Context:
- Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
- Writer Name: System Writer
- Writer Instance ID: {33b5e21c-2353-40b4-9572-1b6aa17b9ebb}
- Error: (06/13/2015 09:09:36 PM) (Source: SideBySide) (EventID: 63) (User: )
- Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dllc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dll3
- Error: (06/11/2015 06:20:20 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Narcis-HP)
- Description: 1SearchIndexer.exeWindows Search03026216123560
- Error: (06/11/2015 03:42:11 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: ccSvcHst.exe10.1.1.164daa1893KERNEL32.DLL_unloaded0.0.0.0556363bbc0000005746b76f773001d0a3735f22c340C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exeKERNEL32.DLL05430c94-0f98-11e5-95d4-7071bc89a168
- Error: (06/11/2015 03:07:04 AM) (Source: SideBySide) (EventID: 63) (User: )
- Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
- Error: (06/10/2015 01:52:03 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
- Description: Chrome has encountered a fatal error.
- ver=43.0.2357.81;lang=;guid=7E92CB911EBB45819FED79FDD691CE66;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\054a1128-8b98-440b-9b43-b206e7b99545.dmp
- Error: (06/10/2015 08:50:04 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
- Description: Chrome has encountered a fatal error.
- ver=43.0.2357.81;lang=;guid=7E92CB911EBB45819FED79FDD691CE66;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\bf1e51b0-42c1-4a1a-9fd4-95fa54e698cc.dmp
- ==================== Memory info ===========================
- Processor: AMD Athlon(tm) II X2 260u Processor
- Percentage of memory in use: 62%
- Total physical RAM: 2815.3 MB
- Available physical RAM: 1053.18 MB
- Total Pagefile: 5628.82 MB
- Available Pagefile: 2935.8 MB
- Total Virtual: 8192 MB
- Available Virtual: 8191.84 MB
- ==================== Drives ================================
- Drive c: (OS) (Fixed) (Total:452.7 GB) (Free:322.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]
- Drive d: (HP_RECOVERY) (Fixed) (Total:12.96 GB) (Free:1.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (Size: 465.8 GB) (Disk ID: 704524EE)
- Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=452.7 GB) - (Type=07 NTFS)
- Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
- ==================== End of log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement