Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

RSA 4096 infected..Pls help !

Started by isababy117 , May 11 2016 06:17 AM

  • Please log in to reply

#1
isababy117
Posted 11 May 2016 - 06:17 AM

isababy117

    New Member

  • Member
  • Pip
  • 1 posts

Hi, my computer got RSA 4096. Pls help!!!

and i already downloaded the FRST and here the log!

Thank you so much!!!!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
Ran by owner (administrator) on GOODLUCK (11-05-2016 19:28:23)
Running from C:\Users\owner\Downloads
Loaded Profiles: owner &  (Available Profiles: owner)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\SmarTone Mobile Broadband\SmarTone Mobile Broadband.exe
() C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\ouc.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe
(Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\N360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\N360.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM-x32\...\Run: [KPhoneTray] => "C:\Program Files (x86)\kingsoft\shoujizhushou\kphonetray.exe" -autorun
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: E - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {0104af15-eaa8-11e5-8259-681729b85619} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {84756be2-eaa7-11e5-8258-806e6f6e6963} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {ac47bbee-f0f2-11e5-8260-681729b85619} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {ae7184ad-eaa6-11e5-8257-681729b8561d} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {cebb296e-f5aa-11e5-8264-681729b8561d} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {f1af881d-0cf4-11e6-826d-001e101f6a09} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {f261b4df-f43a-11e5-8262-681729b85619} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: E - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0104af15-eaa8-11e5-8259-681729b85619} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {84756be2-eaa7-11e5-8258-806e6f6e6963} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ac47bbee-f0f2-11e5-8260-681729b85619} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ae7184ad-eaa6-11e5-8257-681729b8561d} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cebb296e-f5aa-11e5-8264-681729b8561d} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f1af881d-0cf4-11e6-826d-001e101f6a09} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f261b4df-f43a-11e5-8262-681729b85619} - "E:\AutoRun.exe"
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-04-01]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-04-01]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-04-01]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DCE50746AE3B.lnk [2016-05-11]
ShortcutTarget: DCE50746AE3B.lnk -> C:\ProgramData\3F2E2F42AD34.html ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{2429C53E-2D04-4F69-9D16-91A68C2031B8}: [NameServer] 203.78.42.100 203.78.42.101
Tcpip\..\Interfaces\{B91FC718-7B19-482F-8337-AEAE4EE51E92}: [NameServer] 203.78.32.242 203.78.32.243
Tcpip\..\Interfaces\{CFF148D6-0B7C-4068-8CC8-C8A8B0A9EA68}: [NameServer] 203.78.42.100 203.78.42.101
Tcpip\..\Interfaces\{DB051901-FFEF-46BA-8C0E-C8F0710B9B94}: [NameServer] 203.78.42.100 203.78.42.101
Tcpip\..\Interfaces\{EB14C064-1C3B-4BF9-8550-2A8DCBB62856}: [DhcpNameServer] 192.168.176.251 192.168.176.252 192.168.176.253 192.168.176.254
Tcpip\..\Interfaces\{F39B7DAF-1F7E-4777-A94E-211BFD48CF23}: [DhcpNameServer] 192.168.8.1

Internet Explorer:
==================
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2013-08-07] (Yahoo! Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2013-08-07] (Yahoo! Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)

FireFox:
========
FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\4iyfc0jp.default
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF user.js: detected! => C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\4iyfc0jp.default\user.js [2016-03-15]
FF Extension: Yahoo! Toolbar - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\4iyfc0jp.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2016-03-15] [not signed]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.6.0.142\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.6.0.142\coFFAddon [2016-04-16]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.6.0.142\coFFAddon

Chrome:
=======
CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-11]
CHR Extension: (Google Docs) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-11]
CHR Extension: (Google Drive) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-11]
CHR Extension: (YouTube) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-11]
CHR Extension: (Norton Security Toolbar) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-05-11]
CHR Extension: (Google Sheets) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-11]
CHR Extension: (Google Docs Offline) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-11]
CHR Extension: (Norton Identity Safe) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-05-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-11]
CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-11]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\Exts\Chrome.crx [2016-04-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\Exts\Chrome.crx [2016-04-16]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
S2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [125168 2014-10-03] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2016-03-15] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2940704 2015-12-29] (IObit)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\N360.exe [289080 2016-02-26] (Symantec Corporation)
S2 SmarTone Mobile Broadband. RunOuc; C:\Program Files (x86)\SmarTone Mobile Broadband\UpdateDog\ouc.exe [656976 2013-08-20] ()
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1063200 2015-12-29] (IObit)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-03] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
S2 kphonesvc; "C:\Program Files (x86)\kingsoft\shoujizhushou\kphonesvc.exe" -svc [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.6.0.142\Definitions\BASHDefs\20160502.001\BHDrvx64.sys [1766640 2016-04-14] (Symantec Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-14] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1448248 2016-03-15] (Motorola Solutions, Inc.)
R3 ccSet_N360; C:\Windows\system32\drivers\N360x64\1606000.08E\ccSetx64.sys [173808 2016-02-24] (Symantec Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-04] (Symantec Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-15] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-03-15] (REALiX™)
R3 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.6.0.142\Definitions\IPSDefs\20160508.001\IDSvia64.sys [767224 2016-04-15] (Symantec Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2016-03-15] ()
R0 kavbootc; C:\Windows\System32\drivers\kavbootc64.sys [31848 2016-03-15] (Kingsoft Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-11] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185600 2016-03-15] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.6.0.142\Definitions\VirusDefs\20160510.024\ENG64.SYS [138488 2016-02-04] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.6.0.142\Definitions\VirusDefs\20160510.024\EX64.SYS [2148080 2016-02-04] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew01.sys [3354384 2016-03-15] (Intel Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-03-15] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\system32\drivers\N360x64\1606000.08E\SRTSP64.SYS [928504 2016-02-24] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\N360x64\1606000.08E\SRTSPX64.SYS [50936 2016-02-24] (Symantec Corporation)
R3 SymEFASI; C:\Windows\system32\drivers\N360x64\1606000.08E\SYMEFASI64.SYS [1621232 2016-02-24] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1606000.08E\SymELAM.sys [24192 2016-02-24] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2016-04-16] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\N360x64\1606000.08E\Ironx64.SYS [295664 2016-02-24] (Symantec Corporation)
R3 SymNetS; C:\Windows\system32\drivers\N360x64\1606000.08E\SYMNETS.SYS [577768 2016-02-24] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVCx32: dg597 -> no filepath.

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-11 19:18 - 2016-05-11 19:23 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-11 19:17 - 2016-05-11 19:17 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-11 19:17 - 2016-05-11 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-11 19:17 - 2016-05-11 19:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-11 19:17 - 2016-05-11 19:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-11 19:17 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-11 19:17 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-11 19:17 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-11 19:15 - 2016-05-11 19:16 - 22851472 _____ (Malwarebytes ) C:\Users\owner\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-11 19:14 - 2016-05-11 19:28 - 00018611 _____ C:\Users\owner\Downloads\FRST.txt
2016-05-11 19:14 - 2016-05-11 19:15 - 00028059 _____ C:\Users\owner\Downloads\Addition.txt
2016-05-11 19:12 - 2016-05-11 19:28 - 00000000 ____D C:\FRST
2016-05-11 19:11 - 2016-05-11 19:11 - 02381312 _____ (Farbar) C:\Users\owner\Downloads\FRST64.exe
2016-05-11 18:56 - 2016-05-11 19:23 - 00000622 _____ C:\Windows\ntbtlog.txt
2016-05-11 18:50 - 2016-05-11 18:51 - 00000000 ____D C:\NPE
2016-05-11 18:47 - 2016-05-11 18:58 - 00000000 ____D C:\Users\owner\AppData\Local\NPE
2016-05-11 18:43 - 2016-05-11 18:43 - 00011776 ___SH C:\Users\owner\Downloads\Thumbs.db
2016-05-11 02:47 - 2016-05-11 02:47 - 00000015 _____ C:\Users\owner\Desktop\sub.txt
2016-05-11 02:30 - 2016-05-11 02:30 - 00000088 _____ C:\Users\owner\Desktop\trynow.txt
2016-05-11 01:02 - 2016-05-11 01:02 - 01348854 ____T C:\ProgramData\3F2E2F42AD34.bmp
2016-05-11 01:02 - 2016-05-11 01:02 - 00014193 _____ C:\ProgramData\3F2E2F42AD34.html
2016-05-11 01:02 - 2016-05-11 01:02 - 00001758 _____ C:\Users\owner\Desktop\3F2E2F42AD34.txt
2016-05-11 01:01 - 2016-05-11 01:01 - 01348854 ____T C:\Users\owner\Downloads\3F2E2F42AD34.bmp
2016-05-11 01:01 - 2016-05-11 01:01 - 00014193 _____ C:\Users\owner\Downloads\3F2E2F42AD34.html
2016-05-11 01:01 - 2016-05-11 01:01 - 00001758 _____ C:\Users\owner\Downloads\3F2E2F42AD34.txt
2016-05-10 15:51 - 2016-05-10 15:51 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2016-05-10 05:52 - 2016-05-10 05:52 - 00039716 ____R C:\Users\owner\Desktop\linki.jpg.crypt
2016-05-07 22:20 - 2016-05-07 22:20 - 00237141 ____R C:\Users\owner\Downloads\search.htm.crypt
2016-05-07 19:24 - 2016-05-11 01:03 - 00000000 ____D C:\Users\owner\Desktop\limki_files
2016-05-07 19:24 - 2016-05-07 19:24 - 00017578 ____R C:\Users\owner\Desktop\limki.htm.crypt
2016-05-07 16:12 - 2016-05-08 20:29 - 00101750 ____R C:\Users\owner\Desktop\cpa's yanki.txt.crypt
2016-05-07 05:55 - 2016-05-07 05:55 - 02272686 ____R C:\Users\owner\Downloads\PeerReviewOption.com Emails.pdf.crypt
2016-05-06 09:48 - 2016-05-11 01:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-06 05:35 - 2016-05-06 05:35 - 00003826 ____R C:\Users\owner\Desktop\index22.png.crypt
2016-05-06 05:26 - 2016-05-06 05:26 - 00148511 ____R C:\Users\owner\Desktop\nz.txt.crypt
2016-05-06 05:18 - 2016-05-06 05:18 - 00029658 ____R C:\Users\owner\Desktop\ca.txt.crypt
2016-05-05 18:42 - 2016-05-05 18:42 - 00041267 ____R C:\Users\owner\Desktop\dhlpdf.pdf.crypt
2016-05-05 02:22 - 2016-05-05 02:22 - 00000000 ____D C:\Users\owner\AppData\Local\Wickr, LLC
2016-05-05 02:20 - 2016-05-05 02:20 - 00002025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Wickr Me.lnk
2016-05-05 02:20 - 2016-05-05 02:20 - 00002019 _____ C:\Users\Public\Desktop\Wickr Me.lnk
2016-05-05 02:20 - 2016-05-05 02:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wickr Me
2016-05-05 02:20 - 2016-05-05 02:20 - 00000000 ____D C:\Program Files (x86)\Wickr Inc
2016-05-05 02:09 - 2016-05-05 02:11 - 83206404 ____R C:\Users\owner\Downloads\WickrMe-2.6.0.msi.crypt
2016-05-04 19:19 - 2016-05-04 19:20 - 00057837 ____R C:\Users\owner\Desktop\sho.jpg.crypt
2016-05-03 21:03 - 2016-05-03 21:03 - 00022664 ____R C:\Users\owner\Desktop\uc.png.crypt
2016-05-03 20:53 - 2016-05-03 20:53 - 00002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-03 20:53 - 2016-05-03 20:53 - 00002275 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-03 20:51 - 2016-05-11 19:02 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-03 20:51 - 2016-05-11 18:51 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-29 18:12 - 2016-04-29 18:12 - 00987728 _____ (Google Inc.) C:\Users\owner\Downloads\ChromeSetup(1).exe
2016-04-29 16:33 - 2016-04-29 16:33 - 00987728 _____ (Google Inc.) C:\Users\owner\Downloads\ChromeSetup.exe
2016-04-28 00:20 - 2016-04-28 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-04-26 03:29 - 2016-04-26 03:29 - 00113344 ____R C:\Users\owner\Desktop\medical.txt.crypt
2016-04-25 11:49 - 2016-04-25 11:49 - 00328136 _____ C:\Windows\Minidump\042516-36140-01.dmp
2016-04-19 02:50 - 2016-04-19 02:50 - 00011643 ____R C:\Users\owner\Desktop\mailer.php-854[1].png.crypt
2016-04-16 21:17 - 2016-04-16 21:17 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2016-04-16 21:11 - 2016-04-16 21:11 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2016-04-16 21:11 - 2016-04-16 21:11 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2016-04-16 21:11 - 2016-04-16 21:11 - 00003208 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2016-04-16 21:11 - 2016-04-16 21:11 - 00002340 _____ C:\Users\Public\Desktop\Norton 360.LNK
2016-04-16 21:11 - 2016-04-16 21:11 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-04-16 21:09 - 2016-04-16 21:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2016-04-16 21:09 - 2016-04-16 21:09 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2016-04-16 21:09 - 2016-04-16 21:09 - 00000000 ____D C:\Program Files (x86)\Norton 360
2016-04-16 21:04 - 2016-04-16 21:04 - 00000000 ____D C:\ProgramData\PCSettings
2016-04-16 20:54 - 2016-04-16 20:54 - 01089416 _____ (Symantec Corporation) C:\Users\owner\Downloads\NortonN360Downloader.exe
2016-04-16 18:19 - 2016-04-16 18:19 - 00326792 _____ C:\Windows\Minidump\041616-52687-01.dmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-11 19:28 - 2016-03-15 21:05 - 00000000 ____D C:\Users\owner\AppData\Roaming\Skype
2016-05-11 19:22 - 2016-03-15 01:35 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3427232999-790683421-1222420029-1001
2016-05-11 18:58 - 2014-11-21 16:44 - 00818732 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-11 18:58 - 2013-08-22 21:36 - 00000000 ____D C:\Windows\Inf
2016-05-11 18:51 - 2016-03-15 02:19 - 00000000 __SHD C:\Users\owner\IntelGraphicsProfiles
2016-05-11 18:51 - 2016-03-15 01:35 - 00000000 ____D C:\ProgramData\ProductData
2016-05-11 18:50 - 2013-08-22 22:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-11 14:50 - 2016-03-15 01:32 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{947B59A8-C853-4327-907B-470D661878E7}
2016-05-11 12:15 - 2016-03-17 19:48 - 00000000 ____D C:\Users\owner\AppData\Roaming\.purple
2016-05-11 05:21 - 2016-03-15 22:31 - 00002248 ____H C:\Users\owner\Documents\Default.rdp
2016-05-11 04:57 - 2016-03-15 01:33 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 04:57 - 2016-03-15 01:33 - 00003660 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 04:38 - 2016-03-15 20:55 - 00103936 ___SH C:\Users\owner\Desktop\Thumbs.db
2016-05-11 03:40 - 2016-03-18 10:13 - 00000000 ____D C:\Program Files (x86)\pidgin-otr
2016-05-11 01:13 - 2016-03-15 20:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-11 01:12 - 2016-03-15 01:30 - 00000000 ____D C:\Users\owner
2016-05-11 01:12 - 2013-08-22 21:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-05-11 01:11 - 2013-08-22 21:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-05-11 01:00 - 2016-03-15 20:13 - 00000000 ____D C:\Program Files (x86)\SmarTone Mobile Broadband
2016-05-10 18:50 - 2016-03-15 20:45 - 00000466 ____H C:\Windows\Tasks\Norton Security Scan for owner.job
2016-05-03 20:53 - 2016-03-15 01:33 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-28 17:45 - 2013-08-22 23:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-28 17:45 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-25 18:59 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\system32\NDF
2016-04-25 11:49 - 2016-03-15 02:05 - 00000000 ____D C:\Windows\Minidump
2016-04-25 11:49 - 2016-03-15 02:04 - 1232873207 _____ C:\Windows\MEMORY.DMP
2016-04-16 21:35 - 2016-03-15 20:45 - 00000000 ____D C:\ProgramData\Norton
2016-04-16 21:12 - 2016-03-17 00:03 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-04-16 21:12 - 2016-03-17 00:02 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-16 21:11 - 2013-08-22 23:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-04-16 21:08 - 2016-03-15 20:55 - 00001313 _____ C:\Users\owner\Desktop\Norton Installation Files.lnk
2016-04-16 21:08 - 2016-03-15 20:44 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-04-16 21:07 - 2016-03-15 01:57 - 00000000 ____D C:\Program Files (x86)\Avira
2016-04-16 21:04 - 2016-03-15 20:44 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-04-16 20:55 - 2016-03-15 20:55 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-04-16 20:17 - 2016-03-15 02:27 - 00000000 ____D C:\Users\owner\AppData\Local\ElevatedDiagnostics
2016-04-14 10:37 - 2016-03-17 00:47 - 00000000 ____D C:\Users\owner\AppData\Roaming\TeamViewer

==================== Files in the root of some directories =======

2016-03-15 03:07 - 2016-03-15 03:07 - 0000021 _____ () C:\Users\owner\AppData\Roaming\fixcfg.ini
2016-05-11 01:02 - 2016-05-11 01:02 - 1348854 ____T () C:\ProgramData\3F2E2F42AD34.bmp
2016-05-11 01:02 - 2016-05-11 01:02 - 0014193 _____ () C:\ProgramData\3F2E2F42AD34.html

Some files in TEMP:
====================
C:\Users\owner\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-08 04:05

==================== End of FRST.txt ============================

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-05-2016
Ran by owner (2016-05-11 19:28:48)
Running from C:\Users\owner\Downloads
Windows 8.1 (X64) (2016-03-14 17:29:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3427232999-790683421-1222420029-500 - Administrator - Disabled)
Guest (S-1-5-21-3427232999-790683421-1222420029-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3427232999-790683421-1222420029-1003 - Limited - Enabled)
owner (S-1-5-21-3427232999-790683421-1222420029-1001 - Administrator - Enabled) => C:\Users\owner

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4338 - Intel Corporation)
Intel® Wireless Bluetooth®(patch version 17.1.1440.2) (HKLM\...\{302600C1-6BDF-4FD1-1409-148929CC1385}) (Version: 17.1.1409.0486 - Intel Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Norton 360 (HKLM-x32\...\N360) (Version: 22.6.0.142 - Symantec Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.3.1.3 - Symantec Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{D5C24D81-1089-4E44-9D3D-AA0054889236}) (Version: 4.12.9782 - Apache Software Foundation)
OpenOffice 4.1.2 Language Pack (English) (HKLM-x32\...\{1698FEC4-9BDE-475C-8029-C78FF3C7EDAE}) (Version: 4.12.9782 - Apache Software Foundation)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.12 - )
pidgin-otr 4.0.2 (HKLM-x32\...\pidgin-otr) (Version: 4.0.2 - Cypherpunks CA)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SmarTone Mobile Broadband (HKLM-x32\...\SmarTone Mobile Broadband) (Version: 23.009.17.01.1156 - Huawei Technologies Co.,Ltd)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 3.0.0.1 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
Wickr Me (HKLM-x32\...\{7668652D-F198-4E7B-8FF4-5E2DC13D9AD7}) (Version: 2.6.0.4 - Wickr Inc.)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3427232999-790683421-1222420029-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {16AC8DD2-31BA-4466-890A-65399BCD3B87} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\SymErr.exe [2016-02-11] (Symantec Corporation)
Task: {43548DB9-E96E-4712-8DB9-E8CAD72AC9C7} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\WSCStub.exe [2016-02-26] (Symantec Corporation)
Task: {5A7A070B-D5D8-4A99-96D3-56EEB66797B9} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\SymErr.exe [2016-02-11] (Symantec Corporation)
Task: {5B4F232F-9825-4980-8213-B09E6897D419} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-03] (Google Inc.)
Task: {5BB760B6-14CF-4244-AE56-EADB03DABD71} - System32\Tasks\Norton Security Scan for owner => C:\Program Files (x86)\Norton Security Scan\Engine\4.3.1.3\Nss.exe [2015-10-16] (Symantec Corporation)
Task: {D20A06F3-B42D-4CD4-823A-330885D6B864} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2016-02-26] (Symantec Corporation)
Task: {E77181F3-9333-417C-9240-9159FE278B23} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-03] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for owner.job => C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-02-06 14:10 - 2013-02-06 14:10 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-03-15 20:13 - 2013-08-20 19:23 - 00515072 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\SmarTone Mobile Broadband.exe
2016-03-15 20:22 - 2013-08-20 11:03 - 00656976 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\ouc.exe
2016-03-15 03:05 - 2015-12-29 11:30 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-03-15 20:13 - 2013-08-20 19:12 - 00529920 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\core.dll
2016-03-15 20:13 - 2013-08-20 19:12 - 00288768 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\sdk.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00011362 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\mingwm10.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00043008 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\libgcc_s_dw2-1.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 02417152 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\QtCore4.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 09562624 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\QtGui4.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00407552 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\Proxy.DLL
2016-03-15 20:13 - 2013-08-20 19:08 - 00628224 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\Common.dll
2016-03-15 20:13 - 2013-08-20 19:08 - 00158208 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\Trace.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00583168 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\PluginContainer.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00646144 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\AtCodec.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00729088 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DeviceSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00195584 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\XCodec.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00253952 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NetSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00166912 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\OSDialup.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00155136 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DataServicePlugin.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00177152 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\CallSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00672768 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\AddrBookSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00220160 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\SmsSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00142336 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\USSDSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00157184 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\STKSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00155648 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\GpsSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00731136 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DeviceAppPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00065536 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\OSPowerMgr.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00155648 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\Win7Support.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 01124352 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\AddrBookPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00704000 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\SmsAppPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00187392 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\CallAppPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00569344 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\CallLogSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00158720 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NetConnectSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00236032 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DialUpPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00102400 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\OSAdapt.dll
2016-03-15 20:13 - 2013-08-20 19:12 - 00851968 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\WLANPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00207360 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\WiFiMan.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00201216 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NDISPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00131584 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\OSNDIS.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 01114112 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NDISAPI.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00702464 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NetInfoSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:12 - 00062976 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\OSCall.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00224256 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\tdpcvoice.dll
2016-03-15 20:13 - 2013-08-20 19:15 - 00581120 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DeviceMgrUIPlugin.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00398336 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\QtXml4.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00168960 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\ATR2SMgr.dll
2016-03-15 20:13 - 2013-08-20 19:16 - 00270848 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\XFramePlugin.dll
2016-03-15 20:13 - 2013-08-20 19:16 - 00323584 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\StatusBarMgrPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:17 - 00391168 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NetConnectPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:13 - 00593408 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DialupUIPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:14 - 00097792 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NotifyServicePlugin.dll
2016-03-15 20:13 - 2013-08-20 19:16 - 00118784 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\LayoutPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:23 - 00119296 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\ConnectMgrUIPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:17 - 00332288 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\MenuMgrPlugin.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 01148416 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\QtNetwork4.dll
2016-03-15 20:13 - 2013-08-20 19:18 - 00303104 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DiagnosisPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:18 - 00492544 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NetInfoUIExPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:14 - 00855040 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\SMSUIPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:15 - 00819712 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\AddrBookUIPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:17 - 00219136 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\ToolBarMgrPlugin.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00691200 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\LiveUpdateInterface.DLL
2016-03-15 20:13 - 2013-08-20 11:03 - 00082944 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\plugins\imageformats\qgif4.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00081920 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\plugins\imageformats\qico4.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00192000 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\plugins\imageformats\qjpeg4.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00350720 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\plugins\imageformats\qmng4.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00370176 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\plugins\imageformats\qtiff4.dll
2016-03-15 20:22 - 2013-08-20 11:03 - 00011362 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\mingwm10.dll
2016-03-15 20:22 - 2013-08-20 11:03 - 00043008 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\libgcc_s_dw2-1.dll
2016-03-15 20:22 - 2013-08-20 11:03 - 02417152 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\QtCore4.dll
2016-03-15 20:22 - 2013-08-20 11:03 - 01148416 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\QtNetwork4.dll
2016-03-15 20:22 - 2013-08-20 11:03 - 00839680 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\QueryStrategy.dll
2016-03-15 20:22 - 2013-08-20 11:03 - 00398336 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\QtXml4.dll
2016-03-15 03:05 - 2015-12-29 11:30 - 00355616 _____ () C:\Program Files (x86)\IObit\Classic Start\madExcept_.bpl
2016-03-15 03:05 - 2015-12-29 11:29 - 00190240 _____ () C:\Program Files (x86)\IObit\Classic Start\madBasic_.bpl
2016-03-15 03:05 - 2015-12-29 11:30 - 00057632 _____ () C:\Program Files (x86)\IObit\Classic Start\madDisAsm_.bpl
2016-03-15 03:05 - 2015-12-29 11:30 - 00275576 _____ () C:\Program Files (x86)\IObit\Classic Start\sqlite3.dll
2016-03-15 03:05 - 2015-12-29 11:30 - 00059680 _____ () C:\Program Files (x86)\IObit\Classic Start\parseAuto.dll
2016-03-15 03:05 - 2015-12-29 11:30 - 00625440 _____ () C:\Program Files (x86)\IObit\Classic Start\ProductStatistics.dll
2016-03-15 03:05 - 2015-12-29 11:31 - 00047904 _____ () C:\Program Files (x86)\IObit\Classic Start\winkey.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2016-03-15 20:42 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3427232999-790683421-1222420029-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 203.78.42.100 - 203.78.42.101
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CBA8D59B-846B-41E5-983C-137E0E7899A4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{43AF5EC4-6C5B-490B-B01A-83AC6F5CB13C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{8DB69F6B-1E5B-45DD-92D7-FADC3ECEE480}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{A23CF8B7-3BFD-4B15-9FCC-14782A88F490}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{E1FA109B-963F-4E57-9A25-63BDAE4D876A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{8B491FB4-F2F4-4580-99CF-F79EBAA35B1B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{F554CCA4-C397-4EF8-A708-AC9BE24A45C5}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\122\tencentdl.exe
FirewallRules: [{4394E844-5086-47B4-B288-02E78FA94FEE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ECAF87FB-1D32-464C-94E6-F2908DB6D1D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D5BB2AB2-A9AE-47A7-B886-C0EF38CC3488}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{F2BFADC9-A0D9-4619-AE36-491E2B475953}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{601C11A2-6D44-4278-8301-98D1B9D175E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0C377243-AF76-4C40-97BA-3BF6FD9BA787}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C83C77A6-B18D-4D6F-9427-DB8BF0F16BBB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{57809DC5-A6B1-4CD0-BAAC-A1FB60371873}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{CDAB8F3D-A06E-41A5-8735-7F81ED7A771C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{808C79D4-6501-471B-BFFE-1F5C5A7A5A27}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{844FC86C-31CA-446F-94B8-703416465D40}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

23-04-2016 06:41:49 Scheduled Checkpoint
02-05-2016 06:20:46 Scheduled Checkpoint
05-05-2016 02:18:48 Installed Wickr Me

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/11/2016 06:26:21 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.

Context: Windows Application

Details:
    The parameter is incorrect.  (HRESULT : 0x80070057) (0x80070057)

Error: (05/11/2016 07:22:26 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.

Context: Windows Application

Details:
    The parameter is incorrect.  (HRESULT : 0x80070057) (0x80070057)

Error: (05/11/2016 12:45:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17416, time stamp: 0x5452eed9
Faulting module name: ntdll.dll, version: 6.3.9600.17415, time stamp: 0x54504b0d
Exception code: 0xc0000374
Fault offset: 0x000e5be4
Faulting process id: 0x2c180
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (05/07/2016 04:59:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17416, time stamp: 0x5452eed9
Faulting module name: MSHTML.dll, version: 11.0.9600.17416, time stamp: 0x545304c5
Exception code: 0xc0000005
Fault offset: 0x004fa65c
Faulting process id: 0x29570
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (05/07/2016 01:30:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17415, time stamp: 0x545036ce
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0x00000004
Fault offset: 0x0000000000008b9c
Faulting process id: 0xd12c
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5

Error: (04/28/2016 04:25:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: goodluck)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2147024809 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/27/2016 05:00:07 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.

Context: Windows Application

Details:
    The parameter is incorrect.  (HRESULT : 0x80070057) (0x80070057)

Error: (04/25/2016 05:50:10 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.

Context: Windows Application

Details:
    The parameter is incorrect.  (HRESULT : 0x80070057) (0x80070057)

Error: (04/18/2016 10:50:07 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.

Context: Windows Application

Details:
    The parameter is incorrect.  (HRESULT : 0x80070057) (0x80070057)

Error: (04/16/2016 09:11:30 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.

Context: Windows Application

Details:
    The parameter is incorrect.  (HRESULT : 0x80070057) (0x80070057)


System errors:
=============
Error: (05/11/2016 06:50:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SmarTone Mobile Broadband. OUC service failed to start due to the following error:
%%1053

Error: (05/11/2016 06:50:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SmarTone Mobile Broadband. OUC service to connect.

Error: (05/11/2016 06:50:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The shoujizhushou service service failed to start due to the following error:
%%2

Error: (05/11/2016 06:49:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The NPEService service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (05/11/2016 12:25:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SmarTone Mobile Broadband. OUC service failed to start due to the following error:
%%1053

Error: (05/11/2016 12:25:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SmarTone Mobile Broadband. OUC service to connect.

Error: (05/11/2016 12:25:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The shoujizhushou service service failed to start due to the following error:
%%2

Error: (05/11/2016 03:41:56 AM) (Source: DCOM) (EventID: 10010) (User: goodluck)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/11/2016 03:41:25 AM) (Source: DCOM) (EventID: 10010) (User: goodluck)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/11/2016 01:21:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SmarTone Mobile Broadband. OUC service failed to start due to the following error:
%%1053


==================== Memory info ===========================

Processor: Intel® Core™ i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 29%
Total physical RAM: 7964.15 MB
Available physical RAM: 5580.15 MB
Total Virtual: 16156.15 MB
Available Virtual: 13840.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:442.71 GB) (Free:405.17 GB) NTFS
Drive d: () (Fixed) (Total:488.28 GB) (Free:488.12 GB) NTFS
Drive e: (Mobile Broadband) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 86A08E8A)

Partition: GPT.

==================== End of Addition.txt ============================


Edited by isababy117, 11 May 2016 - 06:18 AM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP