API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 21st, 2018
112
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 34.41 KB | None | 0 0
raw download clone embed print report
  1. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.01.2018
  2. Ran by drpmc (21-01-2018 10:24:35)
  3. Running from C:\Users\drpmc\Downloads
  4. Windows 10 Home Version 1709 16299.192 (X64) (2018-01-21 04:14:28)
  5. Boot Mode: Normal
  6. ==========================================================
  7.  
  8.  
  9. ==================== Accounts: =============================
  10.  
  11. Administrator (S-1-5-21-3915525094-1709956081-2424968823-500 - Administrator - Disabled)
  12. DefaultAccount (S-1-5-21-3915525094-1709956081-2424968823-503 - Limited - Disabled)
  13. drpmc (S-1-5-21-3915525094-1709956081-2424968823-1001 - Administrator - Enabled) => C:\Users\drpmc
  14. Guest (S-1-5-21-3915525094-1709956081-2424968823-501 - Limited - Disabled)
  15. WDAGUtilityAccount (S-1-5-21-3915525094-1709956081-2424968823-504 - Limited - Disabled)
  16.  
  17. ==================== Security Center ========================
  18.  
  19. (If an entry is included in the fixlist, it will be removed.)
  20.  
  21. AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  22. AV: Norton Internet Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
  23. AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
  24. AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
  25. AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  26. AS: Norton Internet Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
  27. FW: Norton Internet Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
  28.  
  29. ==================== Installed Programs ======================
  30.  
  31. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  32.  
  33. 12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-abfc5b8b-1f09-4bed-add0-97007e04b003) (Version: 3.0.2.118 - WildTangent) Hidden
  34. abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
  35. abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
  36. Acer Audio Invert Utility (HKLM-x32\...\{11086334-4198-44C7-8C67-7B49E4AC925A}) (Version: 1.00.3002 - Acer Incorporated)
  37. Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3005 - Acer Incorporated)
  38. Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
  39. Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
  40. Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
  41. Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3008 - Acer Incorporated)
  42. Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
  43. AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
  44. Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
  45. Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
  46. Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 1.0.13.0 - Dashlane SAS)
  47. Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.5.2.33 - Dolby Laboratories, Inc.)
  48. Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.5.2.30 - Dolby Laboratories, Inc.)
  49. eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
  50. Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
  51. Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
  52. Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
  53. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
  54. Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
  55. Home Makeover (HKLM-x32\...\WTA-f3f31ee5-d658-45ea-9d90-3a307a2fa4b4) (Version: 3.0.2.59 - WildTangent) Hidden
  56. Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
  57. Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
  58. Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4300 - Intel Corporation)
  59. Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
  60. Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
  61. Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
  62. Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
  63. Jewel Match 3 (HKLM-x32\...\WTA-05ef033f-3fc6-410a-8299-fef37160d456) (Version: 2.2.0.97 - WildTangent) Hidden
  64. Jewel Match Snowscapes (HKLM-x32\...\WTA-8ebc43e2-f1a6-4e36-a974-985be9e27776) (Version: 3.0.2.118 - WildTangent) Hidden
  65. Magic Academy (HKLM-x32\...\WTA-7ad3d7b6-dfc7-434d-881a-0790a6acd6b1) (Version: 2.2.0.97 - WildTangent) Hidden
  66. Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
  67. McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: - )
  68. Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
  69. Microsoft OneDrive (HKU\S-1-5-21-3915525094-1709956081-2424968823-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
  70. Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
  71. Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
  72. Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
  73. Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
  74. Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.11.2.7 - Symantec Corporation)
  75. Polar Bowler 1st Frame (HKLM-x32\...\WTA-63754197-a389-4dc3-8095-cb833fbaa6dc) (Version: 3.0.2.59 - WildTangent) Hidden
  76. Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.0097 - Qualcomm Atheros)
  77. Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
  78. Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
  79. Rory's Restaurant (HKLM-x32\...\WTA-4f5f0a40-e305-4e37-a21f-57e89c5d404c) (Version: 3.0.2.126 - WildTangent) Hidden
  80. Runefall (HKLM-x32\...\WTA-976cd8b2-747a-4fd0-b2c7-8db3d48b1473) (Version: 3.0.2.126 - WildTangent) Hidden
  81. Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
  82. Vegas World (HKLM-x32\...\WildTangentGDF-acer-vegasworld) (Version: 13.0.0.6 - WildTangent) Hidden
  83. Villagers and Heroes (HKLM-x32\...\WildTangentGDF-acer-villagersandheroes) (Version: 13.0.0.6 - WildTangent) Hidden
  84. WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
  85. WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.16 - WildTangent) Hidden
  86. Windows Store Gift Card Promo (HKLM-x32\...\{FF74AA30-FF56-4197-8B64-5D63F367BC02}) (Version: 1.0.0.1 - Microsoft Corporation)
  87.  
  88. ==================== Custom CLSID (Whitelisted): ==========================
  89.  
  90. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  91.  
  92. ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
  93. ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
  94. ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
  95. ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-05] (Acer Incorporated)
  96. ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-05] (Acer Incorporated)
  97. ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-05] (Acer Incorporated)
  98. ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
  99. ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
  100. ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
  101. ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
  102. ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-27] (Foxit Software Inc.)
  103. ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
  104. ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
  105. ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
  106. ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
  107. ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-19] (Intel Corporation)
  108. ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
  109. ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
  110. ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
  111.  
  112. ==================== Scheduled Tasks (Whitelisted) =============
  113.  
  114. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  115.  
  116. Task: {0278511C-007B-4EE8-9F01-B39666958857} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
  117. Task: {04199B6D-535F-45DA-9EEC-C4F77242CC24} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
  118. Task: {12DA3A8E-1B73-426F-B91E-3CF9A2D8F4F2} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\WSCStub.exe [2017-11-10] (Symantec Corporation)
  119. Task: {597346AE-17A2-4C9C-BD9C-59DA53D99053} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
  120. Task: {629DB1B0-7855-4527-A528-05A1471390C3} - System32\Tasks\WindowsStoreGiftCardPromoBackgroundTaskX86 => C:\Program Files (x86)\Windows Store Promo\wsgcpromoback.exe [2015-07-15] (Microsoft Corporation)
  121. Task: {6A4BB78F-1BD1-4BF8-A450-6477BBE992F5} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-13] ()
  122. Task: {731DE8BC-997E-4BEE-8BC4-2835DAD9943C} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2015-03-14] (Microsoft Corporation)
  123. Task: {879346AF-2993-4597-AF8B-9ECD3BCFAC86} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-03-20] (Acer Incorporated)
  124. Task: {9145BBDA-5BA3-4EA8-A14A-58D9A9544FA1} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2017-11-10] (Symantec Corporation)
  125. Task: {9A9343C7-FC32-4301-9B4F-6B421611B627} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files\Norton Internet Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
  126. Task: {A1E7F2F0-A78D-4827-AD21-C8593C1D3B36} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2018-01-20] (AVAST Software)
  127. Task: {AC7B2403-B317-49E8-97A8-82C2B3544FAC} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-10] ()
  128. Task: {B144931B-0702-429D-9715-A4BA0A7D6008} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-09-04] (Acer Incorporated)
  129. Task: {B57B10D2-CB74-4973-BFC5-F375D12B096B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-20] (Google Inc.)
  130. Task: {C0399E3E-80C6-47DB-8688-27127DA521F4} - System32\Tasks\Audio Invert Utility => C:\Program Files (x86)\Acer\Acer Audio Invert Utility\Launcher.exe [2014-12-29] (Acer Incorporated)
  131. Task: {C88E24B6-D671-403E-8914-7DCD4B055351} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
  132. Task: {CA59D5F5-1552-4D88-9247-0604C66BF9C5} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
  133. Task: {D5CF870F-C661-4C11-8B95-F54067F3A6DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-20] (Google Inc.)
  134. Task: {D6CADD1F-A614-4869-9E62-3D1541A047E7} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2018-01-20] (AVAST Software)
  135. Task: {E0616173-AD7F-4EF0-9DF8-969B96A9D52C} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-07-10] ()
  136. Task: {ED1AD678-37C2-40AD-8354-757FD4318DFF} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2017-10-02] (Acer)
  137. Task: {FC6923A0-972E-4735-A107-0FACB324C04D} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-09-04] (Acer Incorporated)
  138.  
  139. (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
  140.  
  141.  
  142. ==================== Shortcuts & WMI ========================
  143.  
  144. (The entries could be listed to be restored or removed.)
  145.  
  146.  
  147. ==================== Loaded Modules (Whitelisted) ==============
  148.  
  149. 2017-09-29 05:41 - 2017-09-29 05:41 - 000184432 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll
  150. 2015-09-22 09:17 - 2015-09-22 09:17 - 005570064 _____ () C:\WINDOWS\system32\IntelSSTAPO\ParameterService\libxml2-2.dll
  151. 2016-05-19 20:37 - 2016-05-19 20:37 - 000410600 _____ () C:\WINDOWS\system32\igfxTray.exe
  152. 2015-09-22 20:37 - 2015-09-22 20:37 - 000176640 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
  153. 2015-05-19 09:11 - 2015-05-19 09:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
  154. 2018-01-20 20:45 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
  155. 2018-01-20 20:45 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
  156. 2018-01-20 20:32 - 2018-01-20 20:32 - 000592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
  157. 2017-12-13 17:33 - 2017-12-13 17:33 - 011044864 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
  158. 2017-12-13 17:33 - 2017-12-13 17:33 - 001804288 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
  159. 2018-01-20 21:10 - 2018-01-20 21:10 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
  160. 2018-01-20 21:10 - 2018-01-20 21:10 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
  161. 2018-01-20 21:10 - 2018-01-20 21:10 - 024677376 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkyWrap.dll
  162. 2018-01-20 21:10 - 2018-01-20 21:10 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\skypert.dll
  163. 2018-01-20 21:09 - 2018-01-20 21:10 - 000667648 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
  164. 2015-09-22 20:40 - 2015-09-22 20:40 - 000628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
  165. 2018-01-20 20:44 - 2018-01-03 01:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
  166. 2018-01-20 20:44 - 2018-01-03 01:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
  167. 2015-11-04 16:06 - 2015-05-13 23:10 - 000030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
  168. 2015-07-10 02:38 - 2015-07-10 02:38 - 004580704 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
  169. 2018-01-20 20:30 - 2018-01-20 20:30 - 000102088 _____ () C:\Users\drpmc\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
  170. 2017-09-22 15:14 - 2017-09-22 15:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
  171. 2017-09-22 15:17 - 2017-09-22 15:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
  172. 2017-09-22 15:17 - 2017-09-22 15:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
  173. 2017-09-22 15:16 - 2017-09-22 15:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
  174. 2018-01-20 20:31 - 2018-01-20 20:31 - 000015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
  175. 2017-03-20 14:24 - 2017-03-20 14:24 - 000013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
  176. 2017-03-20 14:21 - 2017-03-20 14:21 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
  177. 2018-01-20 20:32 - 2018-01-20 20:32 - 038907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
  178. 2017-10-02 14:56 - 2017-10-02 14:56 - 000202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
  179. 2017-10-02 14:56 - 2017-10-02 14:56 - 000119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
  180. 2015-08-07 01:09 - 2015-08-07 01:09 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
  181.  
  182. ==================== Alternate Data Streams (Whitelisted) =========
  183.  
  184. ==================== Safe Mode (Whitelisted) ===================
  185.  
  186. (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
  187.  
  188. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
  189. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
  190. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
  191. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
  192.  
  193. ==================== Association (Whitelisted) ===============
  194.  
  195. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  196.  
  197.  
  198. ==================== Internet Explorer trusted/restricted ===============
  199.  
  200. (If an entry is included in the fixlist, it will be removed from the registry.)
  201.  
  202.  
  203. ==================== Hosts content: ===============================
  204.  
  205. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  206.  
  207. 2015-07-10 03:04 - 2015-07-10 03:02 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
  208.  
  209.  
  210. ==================== Other Areas ============================
  211.  
  212. (Currently there is no automatic fix for this section.)
  213.  
  214. HKU\S-1-5-21-3915525094-1709956081-2424968823-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\drpmc\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
  215. DNS Servers: 75.75.75.75 - 75.75.76.76
  216. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  217. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
  218. Windows Firewall is enabled.
  219.  
  220. ==================== MSCONFIG/TASK MANAGER disabled items ==
  221.  
  222.  
  223. ==================== FirewallRules (Whitelisted) ===============
  224.  
  225. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  226.  
  227. FirewallRules: [{35DB134B-8D44-4415-A141-53523DF731A8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
  228. FirewallRules: [{E298802C-9FD8-47F3-B013-294314EFDB2F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
  229. FirewallRules: [{7D2D63CC-D5DE-4936-A160-0F1C68A9AE16}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
  230. FirewallRules: [{AEAFCC99-AD7F-4BB8-AA5F-012EE8CEEFFC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
  231. FirewallRules: [{7DC4B2BF-3D2A-4C5D-AE4F-AF85CCEEC13C}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
  232. FirewallRules: [{3C08743C-B168-4536-987B-0323C0791260}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
  233. FirewallRules: [{32E40FA6-514A-4B5B-A1B0-3B3D80AC6884}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
  234. FirewallRules: [{E0DB4407-DACE-4D7D-8355-F125186B8FF8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  235. FirewallRules: [{A6C68F37-DCA7-456F-9D94-AD18E4CB520E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  236. FirewallRules: [{CE9F8695-72F2-4E9F-8D2B-E67DA109CDDF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
  237. FirewallRules: [{CCBD2237-9D7D-4CC3-A878-2FCCBD7EB6D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
  238. FirewallRules: [{32CD558C-9225-4461-B10B-09BFE9EC391B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  239.  
  240. ==================== Restore Points =========================
  241.  
  242. 21-01-2018 10:20:55 Windows Update
  243.  
  244. ==================== Faulty Device Manager Devices =============
  245.  
  246.  
  247. ==================== Event log errors: =========================
  248.  
  249. Application errors:
  250. ==================
  251. Error: (01/20/2018 09:53:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
  252. Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
  253.  
  254. Error: (01/20/2018 09:52:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
  255. Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
  256.  
  257. Error: (01/20/2018 09:52:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
  258. Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
  259.  
  260. Error: (01/20/2018 09:47:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
  261. Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
  262.  
  263. Error: (01/20/2018 09:47:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
  264. Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
  265.  
  266. Error: (01/20/2018 09:47:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
  267. Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
  268.  
  269. Error: (01/20/2018 09:47:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
  270. Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
  271.  
  272. Error: (01/20/2018 09:47:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
  273. Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
  274.  
  275. Error: (01/20/2018 09:47:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
  276. Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
  277.  
  278. Error: (01/20/2018 09:47:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
  279. Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
  280.  
  281.  
  282. System errors:
  283. =============
  284. Error: (01/21/2018 10:15:37 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OC5VGU)
  285. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  286. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  287. and APPID
  288. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  289. to the user DESKTOP-0OC5VGU\drpmc SID (S-1-5-21-3915525094-1709956081-2424968823-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  290.  
  291. Error: (01/21/2018 10:15:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  292. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  293. {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
  294. and APPID
  295. {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
  296. to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  297.  
  298. Error: (01/21/2018 10:15:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  299. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  300. {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
  301. and APPID
  302. {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
  303. to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  304.  
  305. Error: (01/21/2018 09:15:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  306. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  307. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  308. and APPID
  309. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  310. to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  311.  
  312. Error: (01/21/2018 09:04:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  313. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  314. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  315. and APPID
  316. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  317. to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  318.  
  319. Error: (01/21/2018 09:02:14 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OC5VGU)
  320. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  321. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  322. and APPID
  323. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  324. to the user DESKTOP-0OC5VGU\drpmc SID (S-1-5-21-3915525094-1709956081-2424968823-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  325.  
  326. Error: (01/21/2018 09:00:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  327. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  328. {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
  329. and APPID
  330. {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
  331. to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  332.  
  333. Error: (01/21/2018 09:00:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  334. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  335. {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
  336. and APPID
  337. {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
  338. to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  339.  
  340. Error: (01/20/2018 09:54:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  341. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  342. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  343. and APPID
  344. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  345. to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  346.  
  347. Error: (01/20/2018 09:48:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0OC5VGU)
  348. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  349. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  350. and APPID
  351. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  352. to the user DESKTOP-0OC5VGU\drpmc SID (S-1-5-21-3915525094-1709956081-2424968823-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  353.  
  354.  
  355. CodeIntegrity:
  356. ===================================
  357. Date: 2018-01-21 10:23:26.629
  358. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  359.  
  360. Date: 2018-01-21 10:23:26.623
  361. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  362.  
  363. Date: 2018-01-21 10:23:22.157
  364. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  365.  
  366. Date: 2018-01-21 10:23:22.154
  367. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  368.  
  369. Date: 2018-01-21 10:23:20.344
  370. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  371.  
  372. Date: 2018-01-21 10:23:20.342
  373. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  374.  
  375. Date: 2018-01-21 10:22:50.928
  376. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  377.  
  378. Date: 2018-01-21 10:22:50.926
  379. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  380.  
  381. Date: 2018-01-21 10:22:45.795
  382. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  383.  
  384. Date: 2018-01-21 10:22:45.792
  385. Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  386.  
  387.  
  388. ==================== Memory info ===========================
  389.  
  390. Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
  391. Percentage of memory in use: 41%
  392. Total physical RAM: 8073.91 MB
  393. Available physical RAM: 4762.82 MB
  394. Total Virtual: 9993.91 MB
  395. Available Virtual: 6562.97 MB
  396.  
  397. ==================== Drives ================================
  398.  
  399. Drive c: (Acer) (Fixed) (Total:237.52 GB) (Free:205.69 GB) NTFS
  400.  
  401. ==================== MBR & Partition Table ==================
  402.  
  403. ========================================================
  404. Disk: 0 (Size: 238.5 GB) (Disk ID: BC7991E4)
  405.  
  406. Partition: GPT.
  407.  
  408. ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!