Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-01-2017
- Ran by zzz (14-01-2017 23:56:53)
- Running from C:\Users\zzz\Downloads
- Windows 10 Home Single Language Version 1607 (X64) (2016-09-08 14:04:14)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-1114792974-3423271786-3495566852-500 - Administrator - Disabled)
- DefaultAccount (S-1-5-21-1114792974-3423271786-3495566852-503 - Limited - Disabled)
- Guest (S-1-5-21-1114792974-3423271786-3495566852-501 - Limited - Disabled)
- zzz (S-1-5-21-1114792974-3423271786-3495566852-1002 - Administrator - Enabled) => C:\Users\zzz
- xxx (S-1-5-21-1114792974-3423271786-3495566852-1003 - Limited - Enabled) => C:\Users\xxx
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
- AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
- FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- µTorrent (HKU\S-1-5-21-1114792974-3423271786-3495566852-1002\...\uTorrent) (Version: 3.4.9.42923 - BitTorrent Inc.)
- Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
- Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
- AMD Catalyst Install Manager (HKLM\...\{A30D3EA3-B90A-DDD5-949E-6DDE67E64FE6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
- Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
- Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: - Broadcom Corporation)
- Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.850 - Broadcom Corporation)
- CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
- Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve)
- Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
- CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.)
- CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6713 - CyberLink Corp.)
- CyberLink PhotoDirector (Version: 5.0.5.6713 - CyberLink Corp.) Hidden
- CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.5418 - CyberLink Corp.)
- CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4.4301 - CyberLink Corp.)
- CyberLink PowerDirector 12 (Version: 12.0.4.4301 - CyberLink Corp.) Hidden
- CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.1.4301 - CyberLink Corp.)
- DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
- Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
- Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
- Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
- FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
- Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
- Gyazo 3.2.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
- HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
- HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8293.5264 - Hewlett-Packard)
- HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.50.9 - Hewlett-Packard Company)
- HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.5.32.203 - Hewlett-Packard Company)
- HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
- HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
- HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
- Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
- LIMBO (HKLM-x32\...\Steam App 48000) (Version: - Playdead)
- Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
- McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 14.0.6136 - McAfee, Inc.)
- MEmu (HKLM-x32\...\MEmu) (Version: 2.9.2 - Microvirt)
- Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
- Microsoft OneDrive (HKU\S-1-5-21-1114792974-3423271786-3495566852-1002\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
- Microsoft OneDrive (HKU\S-1-5-21-1114792974-3423271786-3495566852-1003\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
- Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
- Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
- OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
- PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
- PowerISO (HKLM-x32\...\PowerISO) (Version: 6.7 - Power Software Ltd)
- Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
- Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
- RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
- Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
- swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
- Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.10 - Synaptics Incorporated)
- TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
- TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
- TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.62308 - TeamViewer)
- Turbo C++ 3.2 (HKLM-x32\...\{16FEECA3-A0BF-44ED-A894-C0E7B29FAA2B}) (Version: 3.2.3.0 - Turbo C++)
- VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
- WinRAR 5.40 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.3 - win.rar GmbH)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-1114792974-3423271786-3495566852-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
- CustomCLSID: HKU\S-1-5-21-1114792974-3423271786-3495566852-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
- CustomCLSID: HKU\S-1-5-21-1114792974-3423271786-3495566852-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
- CustomCLSID: HKU\S-1-5-21-1114792974-3423271786-3495566852-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
- CustomCLSID: HKU\S-1-5-21-1114792974-3423271786-3495566852-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
- CustomCLSID: HKU\S-1-5-21-1114792974-3423271786-3495566852-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {0AC58D9B-E493-4AE2-93A7-E4EBC17692AC} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2015-11-02] (McAfee, Inc.)
- Task: {1201DCE9-DF24-49FF-B5A7-2665F3399509} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-02-17] ()
- Task: {2192BCB3-B66C-4994-B842-463323A19934} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [2015-07-01] (CyberLink Corp.)
- Task: {2A19BB24-458E-4450-9C72-4D6341167A1F} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
- Task: {3C0FDD05-A4C6-4AC3-8765-7CA1C7BE66DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
- Task: {3C561E9D-0351-4387-9EA4-3EB4117749DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
- Task: {436D8B2C-46D6-4483-85D0-9AAF00AEF543} - System32\Tasks\{14EB8421-0B8D-75C1-15C3-67687A16E174} => C:\Users\zzz\AppData\Roaming\14EB8421-0B8D-75C1-15C3-67687A16E174\UpdTask.exe [2013-04-27] ()
- Task: {5C41C5C8-0BE3-429A-9B37-CFFD2F0301A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
- Task: {658AF1FC-123F-42BD-9ADF-3213EB610E77} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
- Task: {76B06842-54C4-4B20-96F5-1F0E30C054AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
- Task: {778076C1-9ACD-425A-866C-BE335FD0C0AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
- Task: {7FD7FE38-5A47-45E1-92A4-A16EB416324F} - System32\Tasks\HPCeeScheduleForzzz => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
- Task: {9EB7DF0E-823A-46B5-8519-850A32927BEA} - System32\Tasks\McAfee\McAfee Idle Detection Task
- Task: {A4BAB3B4-CD2F-4043-BA6A-9080BBFBF5BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
- Task: {A4EA728D-A03C-4618-85A3-06E53C4A4A23} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
- Task: {C24B3A6E-8F2C-4F15-A9B9-CFC4FC5B5112} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
- Task: {C2F2841B-5778-4C77-8E21-32B14D8378D2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
- Task: {C9B34621-7239-4EFF-9DC6-61F7A8ED7736} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
- Task: {CAD16A55-4FE2-4A2E-BDC7-109BD078A8F1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
- Task: {E6D0E44F-8C06-42E2-99D2-3A5196C27ADF} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\zzz\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
- Task: {EAC2672B-27EE-4E27-9328-F26F37EA5CCC} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-02-17] ()
- Task: {FB439903-DECD-4B48-8350-8DCCB09FD901} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-06-20] ()
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
- Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
- Task: C:\WINDOWS\Tasks\HPCeeScheduleForzzz.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
- Task: C:\WINDOWS\Tasks\{14EB8421-0B8D-75C1-15C3-67687A16E174}.job =>
- ==================== Shortcuts =============================
- (The entries could be listed to be restored or removed.)
- ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "
- ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "
- ==================== Loaded Modules (Whitelisted) ==============
- 2016-07-16 17:12 - 2016-07-16 17:12 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
- 2016-12-14 21:00 - 2016-12-09 15:59 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
- 2015-08-07 11:09 - 2015-08-07 11:09 - 00127488 _____ () c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
- 2015-12-08 17:30 - 2014-04-15 08:29 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
- 2016-12-14 21:00 - 2016-12-09 15:59 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
- 2016-12-18 12:27 - 2016-12-18 12:27 - 01678560 _____ () C:\Users\zzz\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
- 2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
- 2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
- 2016-09-22 21:18 - 2016-09-07 10:26 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
- 2017-01-11 09:04 - 2016-12-21 12:39 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
- 2017-01-11 09:02 - 2016-12-21 12:24 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
- 2017-01-11 09:02 - 2016-12-21 12:18 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
- 2017-01-11 09:02 - 2016-12-21 12:18 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
- 2017-01-11 09:02 - 2016-12-21 12:18 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
- 2017-01-11 09:02 - 2016-12-21 12:23 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
- 2016-12-14 13:26 - 2016-12-14 19:49 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
- 2016-12-14 13:26 - 2016-12-14 19:49 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
- 2016-12-14 13:26 - 2016-12-14 19:49 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
- 2016-12-14 13:26 - 2016-12-14 13:33 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
- 2016-12-18 12:27 - 2016-12-18 12:27 - 01244376 _____ () C:\Users\zzz\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
- 2016-01-12 21:29 - 2016-12-08 20:43 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
- 2016-01-12 21:29 - 2016-09-01 06:32 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
- 2016-01-12 21:29 - 2016-12-20 07:55 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
- 2016-01-12 21:29 - 2016-01-27 13:19 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
- 2016-01-12 21:29 - 2016-01-27 13:19 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
- 2016-01-12 21:29 - 2016-01-27 13:19 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
- 2016-01-12 21:29 - 2016-01-27 13:19 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
- 2016-01-12 21:29 - 2016-01-27 13:19 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
- 2016-01-12 21:29 - 2016-09-01 06:32 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
- 2016-01-12 21:29 - 2016-09-01 06:32 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
- 2016-01-12 21:29 - 2016-12-20 07:55 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
- 2016-05-11 18:48 - 2016-07-05 03:47 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
- 2016-12-14 13:12 - 2016-12-05 21:51 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
- 2016-01-12 21:29 - 2016-12-20 07:55 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll
- 2016-01-12 21:29 - 2015-09-25 05:22 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
- 2016-12-17 09:58 - 2016-12-08 12:59 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
- 2016-12-17 09:58 - 2016-12-08 12:59 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- AlternateDataStreams: C:\WINDOWS\system32\Drivers\rsyuaqrx.sys:changelist [618]
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
- ==================== Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2015-07-10 16:34 - 2017-01-11 01:41 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-1114792974-3423271786-3495566852-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
- HKU\S-1-5-21-1114792974-3423271786-3495566852-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
- DNS Servers: 8.8.8.8 - 8.8.4.4
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- HKLM\...\StartupApproved\Run32: => "HPMessageService"
- HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
- HKU\S-1-5-21-1114792974-3423271786-3495566852-1002\...\StartupApproved\StartupFolder: => "VisualProtector.lnk"
- HKU\S-1-5-21-1114792974-3423271786-3495566852-1002\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
- HKU\S-1-5-21-1114792974-3423271786-3495566852-1002\...\StartupApproved\Run: => "Steam"
- HKU\S-1-5-21-1114792974-3423271786-3495566852-1002\...\StartupApproved\Run: => "CyberGhost"
- HKU\S-1-5-21-1114792974-3423271786-3495566852-1002\...\StartupApproved\Run: => "Gyazo"
- HKU\S-1-5-21-1114792974-3423271786-3495566852-1002\...\StartupApproved\Run: => "Nox"
- HKU\S-1-5-21-1114792974-3423271786-3495566852-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_A09CC0E454D52B9C7178F65D10588FED"
- HKU\S-1-5-21-1114792974-3423271786-3495566852-1002\...\StartupApproved\Run: => "Chromium"
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [vm-monitoring-nb-session] => LPort=139
- FirewallRules: [{C9E08B84-F8FA-4791-8DE9-85890442900C}] => C:\Program Files (x86)\FileFinder\FileFinder.exe
- FirewallRules: [{5683C8D8-5924-4210-BC2F-A4C8DAE7764C}] => C:\Program Files (x86)\FileFinder\FileFinder.exe
- FirewallRules: [{CC02F13C-7428-4FC4-AE66-AAFFA22F564D}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{8E093E46-5FAE-4741-B825-FA0E12D18903}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{4318841D-A633-43EF-8C9A-4277886933EA}] => C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
- FirewallRules: [{44315B7F-938F-47B2-B7AC-73ED14D2BD2A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{2B8BD94B-05E7-4A0F-B3F8-41EDCB0A2498}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{354E726C-CD10-4EAE-91C8-76AEC574FD58}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{9F187DB8-17B5-4647-AA98-E165A6A777BC}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{21B2D166-E6CE-44DE-8E86-6CE561F50310}] => C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{7A093D25-C40B-4E51-BC4F-6CE660B37506}] => C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{1BE9C519-F43B-4E61-A125-A2761C6AFE3A}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{32341F4B-E3CA-40E1-83D0-B08D0AF6FA92}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{A7E02D0F-E642-48E6-AE33-0BDD0E6A1B59}] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
- FirewallRules: [{5213CF7B-15E0-4520-941F-E49EEB20FCAC}] => C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
- FirewallRules: [{19B0EA30-C88A-4E84-81A2-7E411FB504C4}] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
- FirewallRules: [{6824C534-60B5-4336-B767-796F35172581}] => C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
- FirewallRules: [{3717684E-62D4-4391-AFFC-3E8192F7DE15}] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
- FirewallRules: [{399864C3-3AA0-443E-AC58-EC3215BB1F8C}] => C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
- FirewallRules: [{4CB89E11-061F-4D76-B9B2-E1F6A52C69EC}] => C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
- FirewallRules: [{A26E14CE-1B7F-41A1-94A2-B98BD90DBC0B}] => c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
- FirewallRules: [{F8751FB5-71F9-4964-BB95-BADC810B983C}] => C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{2FF10B49-DE00-46AE-9BDB-716AAFC0E00C}] => C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{AAE72C49-CA02-4083-9EC6-4870ED89848B}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- FirewallRules: [{A779D667-C796-4F95-BFF5-6FACD22B9CD6}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- FirewallRules: [{12083DED-5952-4E9B-865C-C33F33932ED0}] => C:\Users\zzz\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{6A7885B8-497E-4816-B00A-73B4EF46B54A}] => C:\Users\zzz\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{2F12AB5B-377A-4802-A998-B8F59B6BD40C}] => C:\Users\zzz\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{81E8C379-222D-474E-9E12-B1382E7EAB27}] => C:\Users\zzz\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{29A8151B-46AB-486E-B641-A0C8A1272DDD}] => C:\Users\zzz\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{5974111C-BCE3-4AE2-AEBA-03169D76D582}] => C:\Users\zzz\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{42CCD6D6-B87E-4687-AA49-BC90BB666611}] => C:\Program Files (x86)\Steam\steamapps\common\Limbo\limbo.exe
- FirewallRules: [{3FEF0562-A3A2-4B51-A81E-F0955834A659}] => C:\Program Files (x86)\Steam\steamapps\common\Limbo\limbo.exe
- FirewallRules: [{978C024A-8BF5-4BAC-9267-AA618906725E}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{6671EFF6-D418-4E38-9CC4-86E7CC8C3457}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{FCA95D28-4B8D-4EBF-AA17-5F7A67E3B70B}] => C:\Users\zzz\AppData\Local\Chromium\Application\chrome.exe
- FirewallRules: [{24D0FFB0-7162-43D4-9349-1F6F09381FCD}] => C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
- FirewallRules: [{93A3A88F-B30D-4EAE-8792-BBFEAEB2D623}] => C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
- FirewallRules: [{2C0A92CB-17B1-47FC-A4AF-F04235D2E97E}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [{DA82BE93-5BB2-4E2C-B5AB-998DB7BEC5B5}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [{7ED1C9E4-1537-436C-8D7B-427B922BEABB}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- ==================== Restore Points =========================
- 02-01-2017 11:46:08 Scheduled Checkpoint
- 11-01-2017 01:42:52 Removed Solid Edge V19
- ==================== Faulty Device Manager Devices =============
- Name: HP Truevision HD
- Description: USB Video Device
- Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
- Manufacturer: Microsoft
- Service: usbvideo
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (01/14/2017 11:33:21 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: AdaptiveSleepService.exe, version: 0.0.0.0, time stamp: 0x55c40c49
- Faulting module name: AdaptiveSleepService.exe, version: 0.0.0.0, time stamp: 0x55c40c49
- Exception code: 0xc0000005
- Fault offset: 0x000000000000b9f4
- Faulting process id: 0x1ab8
- Faulting application start time: 0x01d26e7f3d9a2c76
- Faulting application path: c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
- Faulting module path: c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
- Report Id: 52f25cdb-9ba2-4c40-b14a-5f8baab57f0b
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (01/14/2017 09:28:58 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe.Manifest".
- Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (01/14/2017 09:28:26 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe.Manifest".
- Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (01/14/2017 09:28:13 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
- Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-P215CEQ$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep failed:
- GetCACaps
- Method: GET(3688ms)
- Stage: GetCACaps
- The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
- Error: (01/14/2017 09:27:48 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
- Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-P215CEQ$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep failed:
- GetCACaps
- Method: GET(1328ms)
- Stage: GetCACaps
- The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
- Error: (01/14/2017 09:20:37 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: ScreenOff 2.exe, version: 2.0.0.0, time stamp: 0x56000a03
- Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x582588e6
- Exception code: 0xe0434352
- Fault offset: 0x0000000000017788
- Faulting process id: 0xab8
- Faulting application start time: 0x01d26e7df17546e3
- Faulting application path: C:\Users\zzz\Desktop\ScreenOff 2.exe
- Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
- Report Id: 077f9cfb-dbf6-4f40-ba02-1848155734ba
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (01/14/2017 09:20:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
- Description: Application: ScreenOff 2.exe
- Framework Version: v4.0.30319
- Description: The process was terminated due to an unhandled exception.
- Exception Info: System.Net.Sockets.SocketException
- at System.Net.Sockets.Socket..ctor(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType)
- at System.Net.Sockets.TcpListener..ctor(System.Net.IPAddress, Int32)
- at System.Runtime.Remoting.Channels.Tcp.TcpServerChannel.SetupChannel()
- at System.Runtime.Remoting.Channels.Tcp.TcpServerChannel..ctor(System.Collections.IDictionary, System.Runtime.Remoting.Channels.IServerChannelSinkProvider, System.Runtime.Remoting.Channels.IAuthorizeRemotingConnection)
- at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.RegisterChannel(ChannelType, Boolean)
- at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
- at ScreenOff.My.MyApplication.Main(System.String[])
- Error: (01/14/2017 09:18:52 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: ScreenOff 2.exe, version: 2.0.0.0, time stamp: 0x56000a03
- Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x582588e6
- Exception code: 0xe0434352
- Fault offset: 0x0000000000017788
- Faulting process id: 0x510
- Faulting application start time: 0x01d26e7db16c0415
- Faulting application path: C:\Users\zzz\Desktop\ScreenOff 2.exe
- Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
- Report Id: 79b784b3-5ea1-4b98-96cd-0e2f3bbf6cb9
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (01/14/2017 09:18:50 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
- Description: Application: ScreenOff 2.exe
- Framework Version: v4.0.30319
- Description: The process was terminated due to an unhandled exception.
- Exception Info: System.Net.Sockets.SocketException
- at System.Net.Sockets.Socket..ctor(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType)
- at System.Net.Sockets.TcpListener..ctor(System.Net.IPAddress, Int32)
- at System.Runtime.Remoting.Channels.Tcp.TcpServerChannel.SetupChannel()
- at System.Runtime.Remoting.Channels.Tcp.TcpServerChannel..ctor(System.Collections.IDictionary, System.Runtime.Remoting.Channels.IServerChannelSinkProvider, System.Runtime.Remoting.Channels.IAuthorizeRemotingConnection)
- at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.RegisterChannel(ChannelType, Boolean)
- at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
- at ScreenOff.My.MyApplication.Main(System.String[])
- Error: (01/14/2017 09:18:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-P215CEQ)
- Description: Activation of app Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- System errors:
- =============
- Error: (01/14/2017 11:48:04 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
- Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Device Association Service service, but this action failed with the following error:
- An instance of the service is already running.
- Error: (01/14/2017 11:47:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
- Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Network Connection Broker service, but this action failed with the following error:
- An instance of the service is already running.
- Error: (01/14/2017 11:47:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
- Error: (01/14/2017 11:47:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).
- Error: (01/14/2017 11:47:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
- Error: (01/14/2017 11:47:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
- Error: (01/14/2017 11:47:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Storage Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
- Error: (01/14/2017 11:47:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
- Error: (01/14/2017 11:47:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
- Error: (01/14/2017 11:47:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Network Connection Broker service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
- CodeIntegrity:
- ===================================
- Date: 2017-01-11 21:48:51.094
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2017-01-04 19:34:45.637
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2017-01-02 10:59:53.512
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2016-12-21 20:43:02.069
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2016-12-18 20:22:06.138
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2016-12-12 13:21:20.647
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2016-12-07 20:18:59.486
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2016-11-20 23:22:59.107
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
- Date: 2016-11-16 20:20:27.241
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-11-16 20:20:27.080
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
- ==================== Memory info ===========================
- Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics
- Percentage of memory in use: 68%
- Total physical RAM: 3529.01 MB
- Available physical RAM: 1128.39 MB
- Total Virtual: 5148.44 MB
- Available Virtual: 2061.37 MB
- ==================== Drives ================================
- Drive c: (Windows) (Fixed) (Total:910.42 GB) (Free:787 GB) NTFS
- Drive d: (RECOVERY) (Fixed) (Total:19.89 GB) (Free:2.32 GB) NTFS ==>[system with boot components (obtained from drive)]
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (Size: 931.5 GB) (Disk ID: 57220EA5)
- Partition: GPT.
- ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement