Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.01.2018
- Ran by drpmc (21-01-2018 10:24:35)
- Running from C:\Users\drpmc\Downloads
- Windows 10 Home Version 1709 16299.192 (X64) (2018-01-21 04:14:28)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-3915525094-1709956081-2424968823-500 - Administrator - Disabled)
- DefaultAccount (S-1-5-21-3915525094-1709956081-2424968823-503 - Limited - Disabled)
- drpmc (S-1-5-21-3915525094-1709956081-2424968823-1001 - Administrator - Enabled) => C:\Users\drpmc
- Guest (S-1-5-21-3915525094-1709956081-2424968823-501 - Limited - Disabled)
- WDAGUtilityAccount (S-1-5-21-3915525094-1709956081-2424968823-504 - Limited - Disabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AV: Norton Internet Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
- AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
- AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
- AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Norton Internet Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
- FW: Norton Internet Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- 12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-abfc5b8b-1f09-4bed-add0-97007e04b003) (Version: 3.0.2.118 - WildTangent) Hidden
- abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
- abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
- Acer Audio Invert Utility (HKLM-x32\...\{11086334-4198-44C7-8C67-7B49E4AC925A}) (Version: 1.00.3002 - Acer Incorporated)
- Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3005 - Acer Incorporated)
- Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
- Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
- Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
- Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3008 - Acer Incorporated)
- Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
- AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
- Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
- Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
- Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 1.0.13.0 - Dashlane SAS)
- Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.5.2.33 - Dolby Laboratories, Inc.)
- Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.5.2.30 - Dolby Laboratories, Inc.)
- eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
- Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
- Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
- Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
- Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
- Home Makeover (HKLM-x32\...\WTA-f3f31ee5-d658-45ea-9d90-3a307a2fa4b4) (Version: 3.0.2.59 - WildTangent) Hidden
- Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
- Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
- Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4300 - Intel Corporation)
- Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
- Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
- Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
- Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
- Jewel Match 3 (HKLM-x32\...\WTA-05ef033f-3fc6-410a-8299-fef37160d456) (Version: 2.2.0.97 - WildTangent) Hidden
- Jewel Match Snowscapes (HKLM-x32\...\WTA-8ebc43e2-f1a6-4e36-a974-985be9e27776) (Version: 3.0.2.118 - WildTangent) Hidden
- Magic Academy (HKLM-x32\...\WTA-7ad3d7b6-dfc7-434d-881a-0790a6acd6b1) (Version: 2.2.0.97 - WildTangent) Hidden
- Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
- McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: - )
- Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
- Microsoft OneDrive (HKU\S-1-5-21-3915525094-1709956081-2424968823-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
- Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
- Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
- Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.11.2.7 - Symantec Corporation)
- Polar Bowler 1st Frame (HKLM-x32\...\WTA-63754197-a389-4dc3-8095-cb833fbaa6dc) (Version: 3.0.2.59 - WildTangent) Hidden
- Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.0097 - Qualcomm Atheros)
- Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
- Rory's Restaurant (HKLM-x32\...\WTA-4f5f0a40-e305-4e37-a21f-57e89c5d404c) (Version: 3.0.2.126 - WildTangent) Hidden
- Runefall (HKLM-x32\...\WTA-976cd8b2-747a-4fd0-b2c7-8db3d48b1473) (Version: 3.0.2.126 - WildTangent) Hidden
- Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
- Vegas World (HKLM-x32\...\WildTangentGDF-acer-vegasworld) (Version: 13.0.0.6 - WildTangent) Hidden
- Villagers and Heroes (HKLM-x32\...\WildTangentGDF-acer-villagersandheroes) (Version: 13.0.0.6 - WildTangent) Hidden
- WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
- WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.16 - WildTangent) Hidden
- Windows Store Gift Card Promo (HKLM-x32\...\{FF74AA30-FF56-4197-8B64-5D63F367BC02}) (Version: 1.0.0.1 - Microsoft Corporation)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
- ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
- ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
- ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-05] (Acer Incorporated)
- ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-05] (Acer Incorporated)
- ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-05] (Acer Incorporated)
- ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
- ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
- ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
- ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
- ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-27] (Foxit Software Inc.)
- ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
- ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
- ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
- ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
- ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-19] (Intel Corporation)
- ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
- ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
- ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {0278511C-007B-4EE8-9F01-B39666958857} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
- Task: {04199B6D-535F-45DA-9EEC-C4F77242CC24} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
- Task: {12DA3A8E-1B73-426F-B91E-3CF9A2D8F4F2} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\WSCStub.exe [2017-11-10] (Symantec Corporation)
- Task: {597346AE-17A2-4C9C-BD9C-59DA53D99053} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
- Task: {629DB1B0-7855-4527-A528-05A1471390C3} - System32\Tasks\WindowsStoreGiftCardPromoBackgroundTaskX86 => C:\Program Files (x86)\Windows Store Promo\wsgcpromoback.exe [2015-07-15] (Microsoft Corporation)
- Task: {6A4BB78F-1BD1-4BF8-A450-6477BBE992F5} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-13] ()
- Task: {731DE8BC-997E-4BEE-8BC4-2835DAD9943C} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2015-03-14] (Microsoft Corporation)
- Task: {879346AF-2993-4597-AF8B-9ECD3BCFAC86} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-03-20] (Acer Incorporated)
- Task: {9145BBDA-5BA3-4EA8-A14A-58D9A9544FA1} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2017-11-10] (Symantec Corporation)
- Task: {9A9343C7-FC32-4301-9B4F-6B421611B627} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
- Task: {A1E7F2F0-A78D-4827-AD21-C8593C1D3B36} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2018-01-20] (AVAST Software)
- Task: {AC7B2403-B317-49E8-97A8-82C2B3544FAC} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-10] ()
- Task: {B144931B-0702-429D-9715-A4BA0A7D6008} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-09-04] (Acer Incorporated)
- Task: {B57B10D2-CB74-4973-BFC5-F375D12B096B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-20] (Google Inc.)
- Task: {C0399E3E-80C6-47DB-8688-27127DA521F4} - System32\Tasks\Audio Invert Utility => C:\Program Files (x86)\Acer\Acer Audio Invert Utility\Launcher.exe [2014-12-29] (Acer Incorporated)
- Task: {C88E24B6-D671-403E-8914-7DCD4B055351} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
- Task: {CA59D5F5-1552-4D88-9247-0604C66BF9C5} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
- Task: {D5CF870F-C661-4C11-8B95-F54067F3A6DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-20] (Google Inc.)
- Task: {D6CADD1F-A614-4869-9E62-3D1541A047E7} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2018-01-20] (AVAST Software)
- Task: {E0616173-AD7F-4EF0-9DF8-969B96A9D52C} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-07-10] ()
- Task: {ED1AD678-37C2-40AD-8354-757FD4318DFF} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2017-10-02] (Acer)
- Task: {FC6923A0-972E-4735-A107-0FACB324C04D} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-09-04] (Acer Incorporated)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- ==================== Shortcuts & WMI ========================
- (The entries could be listed to be restored or removed.)
- ==================== Loaded Modules (Whitelisted) ==============
- 2017-09-29 05:41 - 2017-09-29 05:41 - 000184432 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll
- 2015-09-22 09:17 - 2015-09-22 09:17 - 005570064 _____ () C:\WINDOWS\system32\IntelSSTAPO\ParameterService\libxml2-2.dll
- 2016-05-19 20:37 - 2016-05-19 20:37 - 000410600 _____ () C:\WINDOWS\system32\igfxTray.exe
- 2015-09-22 20:37 - 2015-09-22 20:37 - 000176640 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
- 2015-05-19 09:11 - 2015-05-19 09:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
- 2018-01-20 20:45 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
- 2018-01-20 20:45 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
- 2018-01-20 20:32 - 2018-01-20 20:32 - 000592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
- 2017-12-13 17:33 - 2017-12-13 17:33 - 011044864 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
- 2017-12-13 17:33 - 2017-12-13 17:33 - 001804288 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
- 2018-01-20 21:10 - 2018-01-20 21:10 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
- 2018-01-20 21:10 - 2018-01-20 21:10 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
- 2018-01-20 21:10 - 2018-01-20 21:10 - 024677376 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkyWrap.dll
- 2018-01-20 21:10 - 2018-01-20 21:10 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\skypert.dll
- 2018-01-20 21:09 - 2018-01-20 21:10 - 000667648 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
- 2015-09-22 20:40 - 2015-09-22 20:40 - 000628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
- 2018-01-20 20:44 - 2018-01-03 01:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
- 2018-01-20 20:44 - 2018-01-03 01:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
- 2015-11-04 16:06 - 2015-05-13 23:10 - 000030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
- 2015-07-10 02:38 - 2015-07-10 02:38 - 004580704 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
- 2018-01-20 20:30 - 2018-01-20 20:30 - 000102088 _____ () C:\Users\drpmc\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
- 2017-09-22 15:14 - 2017-09-22 15:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
- 2017-09-22 15:17 - 2017-09-22 15:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
- 2017-09-22 15:17 - 2017-09-22 15:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
- 2017-09-22 15:16 - 2017-09-22 15:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
- 2018-01-20 20:31 - 2018-01-20 20:31 - 000015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
- 2017-03-20 14:24 - 2017-03-20 14:24 - 000013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
- 2017-03-20 14:21 - 2017-03-20 14:21 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
- 2018-01-20 20:32 - 2018-01-20 20:32 - 038907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
- 2017-10-02 14:56 - 2017-10-02 14:56 - 000202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
- 2017-10-02 14:56 - 2017-10-02 14:56 - 000119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
- 2015-08-07 01:09 - 2015-08-07 01:09 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
- ==================== Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2015-07-10 03:04 - 2015-07-10 03:02 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-3915525094-1709956081-2424968823-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\drpmc\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
- DNS Servers: 75.75.75.75 - 75.75.76.76
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [{35DB134B-8D44-4415-A141-53523DF731A8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
- FirewallRules: [{E298802C-9FD8-47F3-B013-294314EFDB2F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
- FirewallRules: [{7D2D63CC-D5DE-4936-A160-0F1C68A9AE16}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
- FirewallRules: [{AEAFCC99-AD7F-4BB8-AA5F-012EE8CEEFFC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
- FirewallRules: [{7DC4B2BF-3D2A-4C5D-AE4F-AF85CCEEC13C}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
- FirewallRules: [{3C08743C-B168-4536-987B-0323C0791260}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
- FirewallRules: [{32E40FA6-514A-4B5B-A1B0-3B3D80AC6884}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
- FirewallRules: [{E0DB4407-DACE-4D7D-8355-F125186B8FF8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{A6C68F37-DCA7-456F-9D94-AD18E4CB520E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{CE9F8695-72F2-4E9F-8D2B-E67DA109CDDF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{CCBD2237-9D7D-4CC3-A878-2FCCBD7EB6D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{32CD558C-9225-4461-B10B-09BFE9EC391B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- ==================== Restore Points =========================
- 21-01-2018 10:20:55 Windows Update
- ==================== Faulty Device Manager Devices =============
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (01/20/2018 09:53:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
- Error: (01/20/2018 09:52:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
- Error: (01/20/2018 09:52:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
- Error: (01/20/2018 09:47:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
- Error: (01/20/2018 09:47:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
- Error: (01/20/2018 09:47:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
- Error: (01/20/2018 09:47:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
- Error: (01/20/2018 09:47:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
- Error: (01/20/2018 09:47:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
- Error: (01/20/2018 09:47:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
- System errors:
- =============
- Error: (01/21/2018 10:15:37 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OC5VGU)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- and APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- to the user DESKTOP-0OC5VGU\drpmc SID (S-1-5-21-3915525094-1709956081-2424968823-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (01/21/2018 10:15:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
- and APPID
- {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
- to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (01/21/2018 10:15:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
- and APPID
- {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
- to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (01/21/2018 09:15:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- and APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (01/21/2018 09:04:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- and APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (01/21/2018 09:02:14 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OC5VGU)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- and APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- to the user DESKTOP-0OC5VGU\drpmc SID (S-1-5-21-3915525094-1709956081-2424968823-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (01/21/2018 09:00:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
- and APPID
- {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
- to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (01/21/2018 09:00:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
- and APPID
- {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
- to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (01/20/2018 09:54:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- and APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (01/20/2018 09:48:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OC5VGU)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- and APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- to the user DESKTOP-0OC5VGU\drpmc SID (S-1-5-21-3915525094-1709956081-2424968823-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- CodeIntegrity:
- ===================================
- Date: 2018-01-21 10:23:26.629
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-01-21 10:23:26.623
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-01-21 10:23:22.157
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-01-21 10:23:22.154
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-01-21 10:23:20.344
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-01-21 10:23:20.342
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-01-21 10:22:50.928
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-01-21 10:22:50.926
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-01-21 10:22:45.795
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-01-21 10:22:45.792
- Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
- Percentage of memory in use: 41%
- Total physical RAM: 8073.91 MB
- Available physical RAM: 4762.82 MB
- Total Virtual: 9993.91 MB
- Available Virtual: 6562.97 MB
- ==================== Drives ================================
- Drive c: (Acer) (Fixed) (Total:237.52 GB) (Free:205.69 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (Size: 238.5 GB) (Disk ID: BC7991E4)
- Partition: GPT.
- ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement