|
4) Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-11-2017 02
Ran by Darryl (06-11-2017 21:45:40)
Running from C:\Users\Darryl\Desktop
Microsoft Windows 7 Home Basic Service Pack 1 (X86) (2017-07-14 08:09:26)
Boot Mode: Normal
================================================== ========
==================== Accounts: =============================
Administrator (S-1-5-21-917511795-3256536166-560280740-500 - Administrator - Enabled) => C:\Users\Administrator
Darryl (S-1-5-21-917511795-3256536166-560280740-1000 - Administrator - Enabled) => C:\Users\Darryl
Guest (S-1-5-21-917511795-3256536166-560280740-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
BatteryLifeExtender (HKLM\...\{E308B555-8434-4AF8-B66F-729897C75F93}) (Version: 1.0.6 - Samsung)
Bitdefender 60-Second Virus Scanner (HKLM\...\{CCEA2053-D975-4E38-AC09-4D5E6DAC6B6F}) (Version: 1.0.3.76 - Bitdefender)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.15 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{607DA1C8-34EC-4D7A-AD83-F8E5C70736DF}) (Version: 4.0.0.4 - Samsung)
ETDWare PS/2-X86 8.0.7.0_WHQL (HKLM\...\Elantech) (Version: 8.0.7.0 - ELAN Microelectronic Corp.)
Google Chrome (HKLM\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HSPA USB Modem (HKLM\...\HSPA USB Modem) (Version: 1.0.0.1 - HSPA USB Modem)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2302 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
K-Lite Codec Pack 12.2.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 12.2.5 - KLCP)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.24.27.3 - Marvell)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.25.00.03 - Huawei Technologies Co.,Ltd)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTN Online (HKLM\...\MTN Online_is1) (Version: - TCT Mobile Limited)
OpenOffice 4.1.3 (HKLM\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
paint.net (HKLM\...\{F10AAD91-58DF-44EC-A647-810197141666}) (Version: 4.0.19 - dotPDN LLC)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6176 - Realtek Semiconductor Corp.)
RogueKiller version 12.11.17.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.17.0 - Adlice Software)
Samsung AnyWeb Print (HKLM\...\{1DF9729D-2A51-4CA1-B4CE-2B432D7ABA7C}) (Version: 1.0 - Samsung Electronics Co., Ltd.) Hidden
Samsung AnyWeb Print (HKLM\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 1.1.19.0 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.6 - Samsung)
Samsung Support Center (HKLM\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.24 - Samsung)
Samsung Universal Print Driver (HKLM\...\Samsung Universal Print Driver) (Version: 2.01.06.00:16 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (HKLM\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
Skype™ 7.39 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6200 - Broadcom Corporation)
Xvid Plus Codec Pack (HKLM\...\Xvid Plus Codec Pack) (Version: 1.00 - Xvid Plus Codec Pack)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-917511795-3256536166-560280740-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-02-11] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02626086-B4DC-4B5F-A57A-E67C95226B3B} - C:\Windows\System32\Tasks\EasySpeedUpManager => Command(1): "%programfiles%\Samsung\EasySpeedUpManager\EasySpe edUpManager2.exe" -> /s
Task: {02626086-B4DC-4B5F-A57A-E67C95226B3B} - C:\Windows\System32\Tasks\EasySpeedUpManager => Command(2): C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManage r.exe [2010-02-10] (Samsung Electronics Co., Ltd.)
Task: {03CA8E0E-C161-4313-ABF0-B7F9A0381EA1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-20] (Adobe Systems Incorporated)
Task: {0506265F-CCE6-4722-86A0-3EB2217B40C3} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-02-07] (SAMSUNG Electronics)
Task: {3276D76B-0957-4260-B5FA-981D96F9B17B} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2010-08-09] (Samsung Electronics Co., Ltd.)
Task: {4B98D1BE-12F8-4658-B596-0D4AC83403F2} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-06-21] (Bitdefender)
Task: {6B2B613C-02AF-49C9-B3CF-13C98432B417} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)
Task: {6EC0F541-9061-4D48-BC4E-B7CE6F94EFBF} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExten der.exe [2010-08-12] (Samsung Electronics. Co. Ltd.)
Task: {AE2EF44D-5E1A-445C-BE28-EE49DD6B727F} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {B30CFFD6-C26F-494D-BD5E-1B88135D6667} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.e xe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {B5CB4607-8B4C-4A45-8D4A-475764C3454F} - System32\Tasks\{429FD52C-A832-4207-8A7E-20E682FD8515} => C:\windows\system32\pcalua.exe -a G:\setup.exe -d G:\
Task: {CFCFCB43-8880-49B7-9683-4DD6AE0F8056} - System32\Tasks\advSRS5 => C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-07-27] (SEC)
Task: {DB0B9A2A-1D5A-4BFD-8EA1-703BEB197FD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-07-14] (Google Inc.)
Task: {DF6907F2-A9D6-4E5B-837A-1829D5A652CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-07-14] (Google Inc.)
Task: {E1808027-8070-4E55-99F2-128F1F02B1D1} - System32\Tasks\{CC1C8BBB-550A-4CA1-953C-5D21EA5C48EF} => "c:\program files\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.38.0.101/en/abandoninstall?source=lightinstaller&page=tsInstal l
Task: {F1E9C86E-89DF-431F-8E6D-CE7E33D9F6AC} - System32\Tasks\{E61BA67E-CE31-4A16-83FA-96992D5CDF35} => C:\windows\system32\pcalua.exe -a "C:\Program Files\revouninstaller-portable\Revouninstaller.exe" -d "C:\Program Files\revouninstaller-portable"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2011-04-06 04:32 - 2008-06-05 01:53 - 000026624 _____ () C:\windows\System32\spd__l.dll
2017-07-31 19:40 - 2015-12-15 15:02 - 000574464 _____ () C:\Program Files\MTN Online\ApplicationController.exe
2017-07-31 19:40 - 2016-02-01 11:11 - 000011362 _____ () C:\Program Files\MTN Online\mingwm10.dll
2017-07-31 19:40 - 2016-02-01 11:11 - 000043008 _____ () C:\Program Files\MTN Online\libgcc_s_dw2-1.dll
2017-07-31 19:40 - 2016-02-01 11:11 - 002537472 _____ () C:\Program Files\MTN Online\QtCore4.dll
2017-07-31 19:40 - 2015-12-15 14:58 - 001054208 _____ () C:\Program Files\MTN Online\Common.dll
2017-07-31 19:40 - 2016-02-01 11:11 - 009814016 _____ () C:\Program Files\MTN Online\QtGui4.dll
2017-07-31 19:40 - 2016-02-01 11:11 - 001140224 _____ () C:\Program Files\MTN Online\QtNetwork4.dll
2017-08-12 20:55 - 2014-02-15 08:59 - 000239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2017-10-31 19:30 - 2017-10-04 13:15 - 001924552 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-10-31 19:30 - 2017-10-04 13:15 - 001798608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-08-22 21:12 - 2013-12-06 11:01 - 000045056 _____ () C:\Program Files\HSPA USB Modem\Driver\DevMon.exe
2011-04-06 04:33 - 2010-06-08 05:15 - 000618496 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2011-04-06 04:30 - 2006-08-12 05:48 - 000049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2011-04-06 04:33 - 2010-05-07 16:22 - 001636864 _____ () C:\Program Files\Samsung\Samsung Recovery Solution 5\Resdll.dll
2017-08-22 21:12 - 2014-03-10 10:16 - 002088960 _____ () C:\Program Files\HSPA USB Modem\HSPA USB Modem.exe
2017-08-22 21:12 - 2014-01-13 11:45 - 004620288 _____ () C:\Program Files\HSPA USB Modem\lang\Common_DataCrad.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Darryl\Downloads\bitdefender_online.exe:B DU [0]
AlternateDataStreams: C:\Users\Darryl\Downloads\mb3-setup-1878.1878-3.2.2.2029.exe:BDU [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2017-10-02 09:25 - 000000035 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-917511795-3256536166-560280740-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Darryl\AppData\Roaming\Microsoft\Windows\ Themes\TranscodedWallpaper.jpg
DNS Servers: 41.50.20.61 - 41.50.20.29
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B807B4BA-1DC9-44A5-8946-253559FA7C16}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{1A7B83C8-FAA8-4462-BB18-27F84A9956A0}] => (Allow) C:\Windows\System32\SUPDSvc.exe
FirewallRules: [{A65094D5-6822-498D-A50A-62CDE3A085D2}] => (Allow) C:\Windows\System32\SUPDSvc.exe
FirewallRules: [{FB4CB921-5CB8-40F4-8A39-49E0FD3E0431}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe
FirewallRules: [{82E94864-FD48-407D-99FD-5B0C81E50127}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{A4AB4B86-2FB3-4BF0-A734-EA6096C38F36}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
21-10-2017 15:22:24 Scheduled Checkpoint
22-10-2017 13:53:22 Restore Point Created by FRST
31-10-2017 22:01:41 Scheduled Checkpoint
01-11-2017 01:39:51 Restore Point Created by FRST
04-11-2017 20:45:47 Revo Uninstaller's restore point - Bitdefender Total Security 2015
04-11-2017 20:59:47 Revo Uninstaller's restore point - Bitdefender Agent
04-11-2017 21:04:19 Revo Uninstaller's restore point - Bitdefender Agent
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/06/2017 08:21:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KSt artMem.exe.Manifest".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture=" amd64",publicKeyToken="6595b64144ccf1df",type="win 32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/06/2017 08:21:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\Samsung\Samsung Support Center\Drv\drv2x64\KStartMem.exe.Manifest".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture=" amd64",publicKeyToken="6595b64144ccf1df",type="win 32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/06/2017 08:19:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\samsung\easy display manager\RunGfxUI64.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture=" amd64",publicKeyToken="6595b64144ccf1df",type="win 32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/06/2017 08:19:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\hspa usb modem\driver\win64\DPInst.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture=" amd64",publicKeyToken="6595b64144ccf1df",type="win 32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/06/2017 07:37:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 61.0.3163.100 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: fa0
Start Time: 01d3571918dc15a4
Termination Time: 0
Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe
Report Id: ea7e9941-c317-11e7-97b8-90a4de6a0dc0
Error: (11/06/2017 09:37:53 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={E04FB62D-8A96-47D0-8904-A9FF47DB98F8}: The user WIZARDS-PC\Darryl dialed a connection named Cell-C which has failed. The error code returned on failure is 797.
Error: (11/05/2017 07:09:43 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={9A13CE5D-A95F-4CC6-B7EA-ABDAF62DB89F}: The user WIZARDS-PC\Darryl dialed a connection named Cell-C which has failed. The error code returned on failure is 0.
Error: (11/05/2017 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
Error: (11/04/2017 09:04:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary bdselfpr.
System Error:
The system cannot find the file specified.
.
Error: (11/04/2017 08:59:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary bdselfpr.
System Error:
The system cannot find the file specified.
.
System errors:
=============
Error: (11/06/2017 07:37:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {51FA2736-5DEE-11D4-98E8-006008BF430C} did not register with DCOM within the required timeout.
Error: (11/06/2017 09:37:53 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR41.
Error: (11/04/2017 09:03:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ProductAgentService service terminated unexpectedly. It has done this 1 time(s).
Error: (11/04/2017 08:48:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bitdefender Virus Shield service terminated unexpectedly. It has done this 1 time(s).
Error: (11/01/2017 01:46:00 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\windows\System32\bcmihvsrv.dll
Error: (11/01/2017 01:46:00 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\windows\System32\bcmihvsrv.dll
Error: (11/01/2017 01:45:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vsserv service.
Error: (11/01/2017 01:45:16 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\windows\System32\bcmihvsrv.dll
Error: (11/01/2017 01:41:08 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
An instance of the service is already running.
Error: (11/01/2017 01:40:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
==================== Memory info ===========================
Processor: Celeron(R) Dual-Core CPU T3500 @ 2.10GHz
Percentage of memory in use: 48%
Total physical RAM: 2008.61 MB
Available physical RAM: 1036.51 MB
Total Virtual: 2727.61 MB
Available Virtual: 1405.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:114 GB) (Free:80.49 GB) NTFS
Drive d: () (Fixed) (Total:168.77 GB) (Free:124.21 GB) NTFS
==================== MBR & Partition Table ==================
================================================== ======
Disk: 0 (Size: 298.1 GB) (Disk ID: 29AB717C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=114 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=168.8 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15.2 GB) - (Type=27)
==================== End of Addition.txt ============================
|