Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

New laptop [Solved]

Started by dustypink , Sep 30 2014 07:20 AM

  • This topic is locked This topic is locked

#16
dustypink
Posted 24 October 2014 - 01:21 PM

dustypink

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 432 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2014
Ran by dustypink at 2014-10-24 19:23:20
Running from C:\Users\dustypink\AppData\Local\Microsoft\Windows\INetCache\IE\P72G5AJ7
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
DTS Sound (HKLM-x32\...\{2C7A5AF4-1793-4B5A-89C0-021FB198EDE8}) (Version: 1.01.3900 - DTS, Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intel® Trusted Execution Engine (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel® Trusted Execution Engine Driver (Version: 1.0.0.1050 - Intel Corporation) Hidden
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7090 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.01.6402 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.1.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.04.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.18 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\{2DB90351-FBAA-472B-9F12-6E1EBBB354DE}) (Version: v2.1.0.15 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.10.1.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.0.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.29.107 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

08-10-2014 18:12:51 Scheduled Checkpoint
16-10-2014 22:23:24 Windows Update
20-10-2014 15:09:28 Windows Update
23-10-2014 18:30:21 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {31A2AEE9-C8F8-43CD-8FA2-A33408821211} - System32\Tasks\TOSHIBA\TecoResident => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-10-15] (TOSHIBA Corporation)
Task: {32FA04D1-BE80-4618-BF62-D0C614DFAC29} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3860E03C-CC3B-4B33-B29D-DBF5ED5CF07D} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {39F14DAC-D76B-47CD-8F61-633FF48C3355} - System32\Tasks\TOSHIBA\HotKeysCmds => C:\Windows\system32\hkcmd.exe [2013-11-22] (Intel Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4348E71F-FB9B-4DE4-92BE-304F82DB02EC} - System32\Tasks\TOSHIBA\Persistence => C:\Windows\system32\igfxpers.exe [2013-11-22] (Intel Corporation)
Task: {453EF7DC-65F9-43AC-89AF-4FC29458F24F} - System32\Tasks\TOSHIBA\TCrdMain => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-10-08] (TOSHIBA Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5A9C9905-21B5-44C6-8EEA-C093933BFF02} - System32\Tasks\TOSHIBA\TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-13] (TOSHIBA Corporation)
Task: {62592AEE-03D9-45E5-9C0F-EA14668DF995} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7C68FF22-D8D2-4D09-87E1-3E0DB5A75BF8} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8813E86A-3E29-4029-A0BE-D035438E375A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8E34FCF1-D21B-4ABB-AC91-E2A603C145DC} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {90031724-65DB-43D1-A6F0-0BF5B65750AF} - System32\Tasks\TOSHIBA\IgfxTray => C:\Windows\system32\igfxtray.exe [2013-11-22] (Intel Corporation)
Task: {9235572E-17FE-4840-AA84-BF0D5C23E05C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated)
Task: {97DFE2D9-207A-4A4B-8137-BB74888D9FAC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-20] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AFC36395-7E79-4C2E-B2F2-9B7DA46C8480} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {B97CF63A-2F85-47FE-B698-976C7F326446} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24] (Realtek Semiconductor)
Task: {C19D1126-20CA-4B76-BD58-99C64A6D5BB9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D3D3530A-76F9-421E-B135-F7B309FEC887} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-18] (Toshiba Europe GmbH)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E171A611-D917-4CAD-A094-E539352C1D46} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EEDF72A7-73C3-4256-86AE-F1C623D97F5F} - System32\Tasks\TOSHIBA\TSVU => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23] (TOSHIBA)
Task: {FA4C4029-49E4-4A8A-912B-DA55C43A6446} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {FC1BE677-9598-439B-919C-A170EC3D1DA3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2013-11-06 15:26 - 2013-11-06 15:26 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-08-22 08:19 - 2013-08-22 07:54 - 00050176 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2013-08-22 08:19 - 2013-08-22 07:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2013-08-22 08:19 - 2013-08-22 07:54 - 00030208 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2014-09-30 13:58 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-30 13:58 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-30 13:58 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-30 13:58 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-30 13:58 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3633593147-2618078388-3133234350-500 - Administrator - Disabled)
dustypink (S-1-5-21-3633593147-2618078388-3133234350-1001 - Administrator - Enabled) => C:\Users\dustypink
Guest (S-1-5-21-3633593147-2618078388-3133234350-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3633593147-2618078388-3133234350-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/24/2014 07:20:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9980

Start Time: 01cfefaab48abb46

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 5ff2718a-5baa-11e4-8268-28e347e6e14b

Faulting package full name:

Faulting package-relative application ID:

Error: (10/23/2014 05:29:27 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/21/2014 06:59:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3d88

Start Time: 01cfed153e4fa1f9

Termination Time: 80

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: fc465919-594b-11e4-8268-28e347e6e14b

Faulting package full name:

Faulting package-relative application ID:

Error: (10/21/2014 11:50:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 824

Start Time: 01cfec79c4e40822

Termination Time: 140

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 195c5b1b-5910-11e4-8268-28e347e6e14b

Faulting package full name:

Faulting package-relative application ID:

Error: (10/20/2014 00:34:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/19/2014 10:02:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17278 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 32b8

Start Time: 01cfe97e3725ef08

Termination Time: 312

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 4487cd6c-57d3-11e4-8267-28e347e6e14b

Faulting package full name:

Faulting package-relative application ID:

Error: (10/19/2014 01:11:11 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/17/2014 00:52:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17278 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 57e0

Start Time: 01cfe9e5241e73a8

Termination Time: 375

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: fc35f7e6-55f3-11e4-8267-28e347e6e14b

Faulting package full name:

Faulting package-relative application ID:

Error: (10/16/2014 08:13:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17278 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1fa0

Start Time: 01cfe706b7b682ec

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 609077f1-5568-11e4-8267-28e347e6e14b

Faulting package full name:

Faulting package-relative application ID:

Error: (10/15/2014 06:30:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

System errors:
=============
Error: (10/24/2014 02:53:53 PM) (Source: DCOM) (EventID: 10010) (User: lasvegas)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (10/24/2014 02:53:23 PM) (Source: DCOM) (EventID: 10010) (User: lasvegas)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (10/24/2014 01:53:02 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/23/2014 07:30:59 PM) (Source: DCOM) (EventID: 10010) (User: lasvegas)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (10/23/2014 07:30:26 PM) (Source: DCOM) (EventID: 10010) (User: lasvegas)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (10/23/2014 07:13:38 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/23/2014 05:52:26 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/23/2014 05:43:49 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/22/2014 09:53:06 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/22/2014 09:41:34 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Microsoft Office Sessions:
=========================
Error: (10/24/2014 07:20:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17344998001cfefaab48abb460C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE5ff2718a-5baa-11e4-8268-28e347e6e14b

Error: (10/23/2014 05:29:27 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/21/2014 06:59:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.173443d8801cfed153e4fa1f980C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEfc465919-594b-11e4-8268-28e347e6e14b

Error: (10/21/2014 11:50:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1734482401cfec79c4e40822140C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE195c5b1b-5910-11e4-8268-28e347e6e14b

Error: (10/20/2014 00:34:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/19/2014 10:02:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1727832b801cfe97e3725ef08312C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE4487cd6c-57d3-11e4-8267-28e347e6e14b

Error: (10/19/2014 01:11:11 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/17/2014 00:52:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1727857e001cfe9e5241e73a8375C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEfc35f7e6-55f3-11e4-8267-28e347e6e14b

Error: (10/16/2014 08:13:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.172781fa001cfe706b7b682ec0C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE609077f1-5568-11e4-8267-28e347e6e14b

Error: (10/15/2014 06:30:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

==================== Memory info ===========================

Processor: Intel® Pentium® CPU N3520 @ 2.16GHz
Percentage of memory in use: 70%
Total physical RAM: 3979.19 MB
Available physical RAM: 1170.75 MB
Total Pagefile: 5518.59 MB
Available Pagefile: 1536.9 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB

==================== Drives ================================

Drive c: (TI31262300B) (Fixed) (Total:454.75 GB) (Free:425.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================


  • 0

Advertisements

#17
dustypink
Posted 24 October 2014 - 01:22 PM

dustypink

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 432 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2014
Ran by dustypink at 2014-10-24 19:23:20
Running from C:\Users\dustypink\AppData\Local\Microsoft\Windows\INetCache\IE\P72G5AJ7
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
DTS Sound (HKLM-x32\...\{2C7A5AF4-1793-4B5A-89C0-021FB198EDE8}) (Version: 1.01.3900 - DTS, Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intel® Trusted Execution Engine (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel® Trusted Execution Engine Driver (Version: 1.0.0.1050 - Intel Corporation) Hidden
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7090 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.01.6402 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.1.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.04.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.18 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\{2DB90351-FBAA-472B-9F12-6E1EBBB354DE}) (Version: v2.1.0.15 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.10.1.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.0.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.29.107 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

08-10-2014 18:12:51 Scheduled Checkpoint
16-10-2014 22:23:24 Windows Update
20-10-2014 15:09:28 Windows Update
23-10-2014 18:30:21 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {31A2AEE9-C8F8-43CD-8FA2-A33408821211} - System32\Tasks\TOSHIBA\TecoResident => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-10-15] (TOSHIBA Corporation)
Task: {32FA04D1-BE80-4618-BF62-D0C614DFAC29} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3860E03C-CC3B-4B33-B29D-DBF5ED5CF07D} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {39F14DAC-D76B-47CD-8F61-633FF48C3355} - System32\Tasks\TOSHIBA\HotKeysCmds => C:\Windows\system32\hkcmd.exe [2013-11-22] (Intel Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4348E71F-FB9B-4DE4-92BE-304F82DB02EC} - System32\Tasks\TOSHIBA\Persistence => C:\Windows\system32\igfxpers.exe [2013-11-22] (Intel Corporation)
Task: {453EF7DC-65F9-43AC-89AF-4FC29458F24F} - System32\Tasks\TOSHIBA\TCrdMain => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-10-08] (TOSHIBA Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5A9C9905-21B5-44C6-8EEA-C093933BFF02} - System32\Tasks\TOSHIBA\TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-13] (TOSHIBA Corporation)
Task: {62592AEE-03D9-45E5-9C0F-EA14668DF995} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7C68FF22-D8D2-4D09-87E1-3E0DB5A75BF8} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8813E86A-3E29-4029-A0BE-D035438E375A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8E34FCF1-D21B-4ABB-AC91-E2A603C145DC} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {90031724-65DB-43D1-A6F0-0BF5B65750AF} - System32\Tasks\TOSHIBA\IgfxTray => C:\Windows\system32\igfxtray.exe [2013-11-22] (Intel Corporation)
Task: {9235572E-17FE-4840-AA84-BF0D5C23E05C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated)
Task: {97DFE2D9-207A-4A4B-8137-BB74888D9FAC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-20] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AFC36395-7E79-4C2E-B2F2-9B7DA46C8480} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {B97CF63A-2F85-47FE-B698-976C7F326446} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24] (Realtek Semiconductor)
Task: {C19D1126-20CA-4B76-BD58-99C64A6D5BB9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D3D3530A-76F9-421E-B135-F7B309FEC887} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-18] (Toshiba Europe GmbH)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E171A611-D917-4CAD-A094-E539352C1D46} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EEDF72A7-73C3-4256-86AE-F1C623D97F5F} - System32\Tasks\TOSHIBA\TSVU => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23] (TOSHIBA)
Task: {FA4C4029-49E4-4A8A-912B-DA55C43A6446} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {FC1BE677-9598-439B-919C-A170EC3D1DA3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2013-11-06 15:26 - 2013-11-06 15:26 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-08-22 08:19 - 2013-08-22 07:54 - 00050176 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2013-08-22 08:19 - 2013-08-22 07:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2013-08-22 08:19 - 2013-08-22 07:54 - 00030208 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2014-09-30 13:58 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-30 13:58 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-30 13:58 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-30 13:58 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-30 13:58 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3633593147-2618078388-3133234350-500 - Administrator - Disabled)
dustypink (S-1-5-21-3633593147-2618078388-3133234350-1001 - Administrator - Enabled) => C:\Users\dustypink
Guest (S-1-5-21-3633593147-2618078388-3133234350-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3633593147-2618078388-3133234350-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/24/2014 07:20:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9980

Start Time: 01cfefaab48abb46

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 5ff2718a-5baa-11e4-8268-28e347e6e14b

Faulting package full name:

Faulting package-relative application ID:

Error: (10/23/2014 05:29:27 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/21/2014 06:59:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3d88

Start Time: 01cfed153e4fa1f9

Termination Time: 80

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: fc465919-594b-11e4-8268-28e347e6e14b

Faulting package full name:

Faulting package-relative application ID:

Error: (10/21/2014 11:50:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 824

Start Time: 01cfec79c4e40822

Termination Time: 140

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 195c5b1b-5910-11e4-8268-28e347e6e14b

Faulting package full name:

Faulting package-relative application ID:

Error: (10/20/2014 00:34:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/19/2014 10:02:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17278 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 32b8

Start Time: 01cfe97e3725ef08

Termination Time: 312

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 4487cd6c-57d3-11e4-8267-28e347e6e14b

Faulting package full name:

Faulting package-relative application ID:

Error: (10/19/2014 01:11:11 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/17/2014 00:52:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17278 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 57e0

Start Time: 01cfe9e5241e73a8

Termination Time: 375

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: fc35f7e6-55f3-11e4-8267-28e347e6e14b

Faulting package full name:

Faulting package-relative application ID:

Error: (10/16/2014 08:13:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17278 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1fa0

Start Time: 01cfe706b7b682ec

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 609077f1-5568-11e4-8267-28e347e6e14b

Faulting package full name:

Faulting package-relative application ID:

Error: (10/15/2014 06:30:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

System errors:
=============
Error: (10/24/2014 02:53:53 PM) (Source: DCOM) (EventID: 10010) (User: lasvegas)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (10/24/2014 02:53:23 PM) (Source: DCOM) (EventID: 10010) (User: lasvegas)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (10/24/2014 01:53:02 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/23/2014 07:30:59 PM) (Source: DCOM) (EventID: 10010) (User: lasvegas)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (10/23/2014 07:30:26 PM) (Source: DCOM) (EventID: 10010) (User: lasvegas)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (10/23/2014 07:13:38 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/23/2014 05:52:26 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/23/2014 05:43:49 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/22/2014 09:53:06 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/22/2014 09:41:34 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Microsoft Office Sessions:
=========================
Error: (10/24/2014 07:20:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17344998001cfefaab48abb460C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE5ff2718a-5baa-11e4-8268-28e347e6e14b

Error: (10/23/2014 05:29:27 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/21/2014 06:59:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.173443d8801cfed153e4fa1f980C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEfc465919-594b-11e4-8268-28e347e6e14b

Error: (10/21/2014 11:50:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1734482401cfec79c4e40822140C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE195c5b1b-5910-11e4-8268-28e347e6e14b

Error: (10/20/2014 00:34:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/19/2014 10:02:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1727832b801cfe97e3725ef08312C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE4487cd6c-57d3-11e4-8267-28e347e6e14b

Error: (10/19/2014 01:11:11 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/17/2014 00:52:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1727857e001cfe9e5241e73a8375C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEfc35f7e6-55f3-11e4-8267-28e347e6e14b

Error: (10/16/2014 08:13:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.172781fa001cfe706b7b682ec0C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE609077f1-5568-11e4-8267-28e347e6e14b

Error: (10/15/2014 06:30:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

==================== Memory info ===========================

Processor: Intel® Pentium® CPU N3520 @ 2.16GHz
Percentage of memory in use: 70%
Total physical RAM: 3979.19 MB
Available physical RAM: 1170.75 MB
Total Pagefile: 5518.59 MB
Available Pagefile: 1536.9 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB

==================== Drives ================================

Drive c: (TI31262300B) (Fixed) (Total:454.75 GB) (Free:425.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================


  • 0

#18
dustypink
Posted 24 October 2014 - 01:23 PM

dustypink

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 432 posts

I have no anti virus it ran out the free one I tried to down load stuff and some of it wont down load. Laptop takes ages to load pages sometimes


  • 0

#19
Essexboy
Posted 24 October 2014 - 01:34 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Ah I thought so.. OK to work

I need you to uninstall McAfee antivrus from the control panel
Then download and run this small programme http://download.mcaf...atches/MCPR.exe to remove all elements

Once done could you let me know if that made a difference
  • 0

#20
dustypink
Posted 24 October 2014 - 01:54 PM

dustypink

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 432 posts

I have done that shall I let you know in a few hours


  • 0

#21
dustypink
Posted 24 October 2014 - 01:55 PM

dustypink

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 432 posts

I have no anti virus have you got  link to one please


  • 0

#22
Essexboy
Posted 24 October 2014 - 02:05 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Currently windows defender is protecting you. Once we have sorted the system out I will give you some options for free antiviruses

So how is the computer behaving at the moment, what problems do you have ?

Would you like the computer display to imitate windows 7 start menus etc... ?
  • 0

#23
dustypink
Posted 24 October 2014 - 03:16 PM

dustypink

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 432 posts

its ok at the minute

 

what Is that last thing you asked? I only had this a short while I cant get to grips with the windows 8 thing so I do everything on IE I like chrome and had that on here but everything went mad when I had it so I went back to Ie


  • 0

#24
Essexboy
Posted 24 October 2014 - 03:25 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Download and install classicshell from here http://www.classicshell.net/
After the reboot you will have the old windows start menu back

If you could then let me know what problems you are experiencing
  • 0

#25
dustypink
Posted 25 October 2014 - 02:48 AM

dustypink

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 432 posts

since I got rid of macfee its much better now thanks


  • 0

Advertisements

#26
Essexboy
Posted 25 October 2014 - 04:01 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK we need now to look at some free options for an antivirus unless you would like to remain with Microsoft Security essentials
  • 0

#27
dustypink
Posted 25 October 2014 - 05:32 AM

dustypink

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 432 posts

well its running amazing now so I think I will leave it unless you think other wise


  • 0

#28
Essexboy
Posted 25 October 2014 - 06:23 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
MSES is a reasonable option if you do not use torrents or go to the dark side of the web. I will remove my tools now and then let you determine whether you need another antivirus


Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Download and run Delfix

delfix.JPG

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes.

Update and run weekly to keep your system clean


It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#29
Essexboy
Posted 30 October 2014 - 11:17 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP