Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017 Ran by Stan (01-09-2017 09:33:56) Running from C:\Users\Stan\Desktop Windows 10 Home Version 1607 (X64) (2016-09-25 08:41:13) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1994669242-2013567981-213703524-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1994669242-2013567981-213703524-503 - Limited - Disabled) Guest (S-1-5-21-1994669242-2013567981-213703524-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1994669242-2013567981-213703524-1003 - Limited - Enabled) kathy (S-1-5-21-1994669242-2013567981-213703524-1001 - Limited - Enabled) => C:\Users\kathy Stan (S-1-5-21-1994669242-2013567981-213703524-1000 - Administrator - Enabled) => C:\Users\Stan ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1994669242-2013567981-213703524-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) Accelerometer (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 1.06.08.20 - STMicroelectronics) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) ANT Drivers Installer x64 (HKLM\...\{1B6B17C2-176C-433C-93F3-640D12825426}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.) Citrix Receiver 4.6 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.6.0.12010 - Citrix Systems, Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell) Dell System Detect (HKU\S-1-5-21-1994669242-2013567981-213703524-1000\...\58d94f3ce2c27db0) (Version: 7.11.0.6 - Dell) Easy Photo Scan (HKLM-x32\...\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}) (Version: 1.00.0010 - Seiko Epson Corporation) Elevated Installer (HKLM-x32\...\{BA007E03-72AE-4D2D-8A73-FA4B935D4015}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation) Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.81.0000 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation) Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION) Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 2.00.00 - Seiko Epson Corporation) Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - Seiko Epson Corporation) Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.44.00 - Seiko Epson Corporation) Epson Printer Connection Checker (HKLM-x32\...\{83475ED4-8CCD-4F42-B877-7E2CC2BBD97B}) (Version: 2.0.0.0 - Seiko Epson Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION) EPSON XP-830 Series Printer Uninstall (HKLM\...\EPSON XP-830 Series) (Version: - Seiko Epson Corporation) Epson XP-830 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-830 User’s Guide_is1) (Version: 1.0 - ) EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation) Garmin Express (HKLM-x32\...\{2f694ffe-66ec-4674-a32d-ec690281ca57}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{BCEE507D-8D49-40FF-B437-70E3B9C2D51C}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (HKLM-x32\...\{198E262D-8C4F-4131-91C7-1F81FB8688F1}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Hotspot Shield 6.3.1 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925B157BAFD}) (Version: 6.3.1.10202 - AnchorFree Inc.) Hidden Hotspot Shield 6.3.1 (HKLM-x32\...\HotspotShield) (Version: 6.3.1 - AnchorFree Inc.) Hidden IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6267.0 - IDT) Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.6000 - Broadcom Corporation) Malwarebytes version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft) Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1994669242-2013567981-213703524-1000\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla) O2Micro Flash Memory Card Windows Driver (HKLM\...\{1B63EC30-5A9F-449D-BBCA-8DA4214FBFA9}) (Version: 2.0.26.D - O2Micro International LTD.) Hidden O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{1B63EC30-5A9F-449D-BBCA-8DA4214FBFA9}) (Version: 2.0.26.D - O2Micro International LTD.) Online Plug-in (HKLM-x32\...\{9E362141-4BE9-47C3-BD36-638B77AC87AA}) (Version: 14.6.0.12010 - Citrix Systems, Inc.) Hidden Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.3.3 - Dell Inc.) Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek) Self-service Plug-in (HKLM-x32\...\{27B93352-3746-4329-9D16-CE20A1E400C5}) (Version: 4.6.0.14932 - Citrix Systems, Inc.) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Snagit 12 (HKLM-x32\...\{979028FC-2DBF-4BB4-A9EC-4627A9D63D50}) (Version: 12.2.2 - TechSmith Corporation) Hidden Snagit 12 (HKLM-x32\...\{e8720e7e-08a2-4a30-9bce-70aa27c2a3dc}) (Version: 12.2.2.2107 - TechSmith Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.55 - Synaptics Incorporated) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4011046) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DED3C7C7-564E-4FF5-9A2F-53CB356ECD74}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4011046) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DED3C7C7-564E-4FF5-9A2F-53CB356ECD74}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4011046) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{DED3C7C7-564E-4FF5-9A2F-53CB356ECD74}) (Version: - Microsoft) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation) Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 12\DLLx64\SnagitShellExt64.dll [2014-10-28] (TechSmith Corporation) ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 12\DLLx64\SnagitShellExt64.dll [2014-10-28] (TechSmith Corporation) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Intel Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {06B81007-480C-4E56-B6E6-4CF8592410FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {09C1EEDC-D957-4145-88D4-00137BB537A9} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0E3B0504-2A4B-4B39-87A6-7550873CD832} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0E7A4D01-9344-4DD2-B338-8696F00F1835} - System32\Tasks\EPSON XP-830 Series Update {00254383-9403-4020-83CA-16582BAC058A} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPKE.EXE [2013-11-21] (SEIKO EPSON CORPORATION) Task: {113FA465-F0A3-49FB-88DA-64F927C27A91} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {14E51CBD-E473-4D9A-AE67-B0C01234DF58} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {2037A03C-E743-4883-8845-CE31F65EEAB2} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {236C2129-4819-490C-A229-E0F71B6D53D8} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {24777767-AC63-4EA3-8ACE-5BEEDC3E099A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2BCE74C3-E42D-49A5-BACA-09DEF66B6005} - System32\Tasks\EPSON XP-830 Series Update {4F6A5D25-4EEC-4C72-8151-EC45EC022CCD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPKE.EXE [2013-11-21] (SEIKO EPSON CORPORATION) Task: {41B21B39-6420-4A38-8D34-3626B1B8C434} - System32\Tasks\{7A857FBF-DE63-4386-B525-2E45F7C4FAC0} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Stan\Downloads\R235168.exe -d C:\WINDOWS\system32 Task: {45165C8A-0BF8-46CE-93B7-63A8C9365FFC} - System32\Tasks\{A100EB20-C8A8-42F5-BE0C-C77707A7EA3D} => C:\WINDOWS\system32\pcalua.exe -a "E:\Personal\Dell Studio 1749\R235168.exe" -d "E:\Personal\Dell Studio 1749" Task: {4AE5C64E-95B2-4420-9029-E0F4AE74F33F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {5250172C-AB05-49A9-BEC0-C5417DF90B1F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {52CB438E-F0B9-4A68-829E-0F59B128A5E2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {533FA086-AA73-44C8-8224-668845EB6B58} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\kathy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {553227EF-4FE0-47A4-A9B6-E424F20F78A8} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {60B48A5D-FE22-4D1E-90D4-2BBA7297DD05} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {67289267-8DBA-4CB9-92D3-C39603AE6A12} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2016-09-13] (PC-Doctor, Inc.) Task: {6F311376-9BFD-4076-AFCA-05249850F57A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {774903EB-B729-425B-B4B9-C15BCBDEF2EB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {7F51CEDD-813C-4553-AC11-7B83EEB53428} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {82D1B376-9C1F-4B0A-8294-782E8E00D9FC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {8A28E6BF-6E0C-4B36-B58C-45ED5D44B1AA} - System32\Tasks\3122510b077b7a88dc0aa9e90a509f53 => powershell.exe -NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -File "C:\WINDOWS\3122510b077b7a88dc0aa9e90a509f53.ps1" <==== ATTENTION Task: {90C55B42-AF28-4204-939E-8C6F55AA2D38} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {935B591F-877E-4974-9C97-DF0C37DF1C02} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {96F7FB0A-7571-40D0-8E5F-00B66B23ABAA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {977B35B1-EC31-4941-B363-5128CFA1AE8B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {9AF6217F-EB60-4F78-8B8A-4C1AF67918E7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9D143767-6B4F-4C18-92D9-81D992E09B7F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {9EE336D4-8B98-4290-B449-3E603FD20F6A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-05-18] () Task: {AFD81D26-DF89-40AC-8176-B2B9445FEA30} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {B00824B9-1AB2-4D7B-8999-BD18D3337CD8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B2183645-1238-4592-994E-8B41CDA952E0} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {B2AF1A9E-E49F-4044-8D63-66A42337EB81} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {C0E03FEE-47F7-47E3-83C3-48A4232E42DF} - System32\Tasks\4a1d1d45010ab18618da9871b38c5999 => sc start 4a1d1d45010ab18618da9871b38c5999 <==== ATTENTION Task: {D21E93F0-D3F0-4E50-A17F-06E7BF371481} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D4A42530-8DAA-4ABB-AE1D-EEF7E1BBB97C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DFF30EBF-6067-47CF-98F2-096BD0EEFE79} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2014-07-31] (TechSmith Corporation) Task: {E74247A1-D236-47C0-A6C9-A4759975C41D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {EAFAE475-39E9-4BA9-AC83-AD6209AC17DC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {EC025FD4-743D-4E45-8ED0-3F84A5DCF2E9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {EDB65FB6-DA27-4075-9B9F-01DD74630000} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F526DAC7-132A-48C1-A469-46BB5794CD29} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {F6FEDEF8-CA1E-4976-8418-AC835388F9D7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {FB8DD3B3-419A-47B2-8826-069584A53929} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {FD5E8222-3D9E-4C82-8041-468BD6D0F17E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-09] (Adobe Systems Incorporated) Task: {FF6FDB11-59E3-499B-B8F0-E96B719020F4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\EPSON XP-830 Series Update {00254383-9403-4020-83CA-16582BAC058A}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPKE.EXE:/EXE:{00254383-9403-4020-83CA-16582BAC058A} /F:UpdateWORKGROUP\STAN-PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON XP-830 Series Update {4F6A5D25-4EEC-4C72-8151-EC45EC022CCD}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPKE.EXE:/EXE:{4F6A5D25-4EEC-4C72-8151-EC45EC022CCD} /F:UpdateWORKGROUP\STAN-PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 07:42 - 2016-07-16 07:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-07-11 23:30 - 2017-06-21 03:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2013-02-26 18:46 - 2013-02-26 18:46 - 000049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll 2017-02-23 08:29 - 2017-02-23 08:29 - 008909512 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2017-08-30 21:10 - 2017-08-30 21:10 - 002768896 ____N () C:\WINDOWS\SYSTEM32\MSYSSNF.EXE 2016-09-25 07:57 - 2016-09-25 07:57 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-14 17:26 - 2017-03-04 02:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-08-22 14:50 - 2017-08-22 14:50 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-08-22 14:50 - 2017-08-22 14:50 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-08-22 14:50 - 2017-08-22 14:50 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-08-22 14:50 - 2017-08-22 14:50 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll 2017-07-31 22:13 - 2017-07-31 22:13 - 000429568 ____N () C:\WINDOWS\SYSTEM32\RAVCPDKZ.EXE 2012-11-26 23:54 - 2012-11-26 23:54 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2017-03-14 17:26 - 2017-03-04 02:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-14 17:26 - 2017-03-04 02:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-14 17:26 - 2017-03-04 02:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-08-09 13:37 - 2017-03-04 02:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-08-09 13:37 - 2017-08-01 14:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-08-09 13:37 - 2017-08-01 14:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-08-30 21:14 - 2017-08-11 16:18 - 000966504 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000339816 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000266088 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000139112 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000360304 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000040808 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000495472 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000081768 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000114536 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000073576 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000089960 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000978792 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000298864 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000348016 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000126832 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000175976 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll 2017-08-30 21:14 - 2017-08-11 16:18 - 000724848 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll 2017-08-30 21:14 - 2015-05-21 14:32 - 002403504 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000114536 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000266096 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll 2017-08-30 21:14 - 2017-08-11 16:16 - 000188272 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll 2017-02-14 09:42 - 2017-02-14 09:42 - 000326144 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll 2017-05-18 10:56 - 2017-05-18 10:56 - 000073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll 2017-02-23 08:29 - 2017-02-23 08:29 - 008909512 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-10-28 10:38 - 2014-10-28 10:38 - 002099200 _____ () C:\Program Files (x86)\TechSmith\Snagit 12\opencv_core249.dll 2014-10-28 10:38 - 2014-10-28 10:38 - 000050688 _____ () C:\Program Files (x86)\TechSmith\Snagit 12\ScrollingCapture.dll 2014-10-28 10:38 - 2014-10-28 10:38 - 001914368 _____ () C:\Program Files (x86)\TechSmith\Snagit 12\opencv_imgproc249.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2016-04-28 18:42 - 000001025 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1994669242-2013567981-213703524-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 82.163.142.8 - 95.211.158.136 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{A6AA483D-876D-42E1-B18E-40447AFFA8DA}] => (Allow) LPort=8298 FirewallRules: [{ED093AB4-30E6-4766-8586-A35478A92EC9}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\amtlib.dll FirewallRules: [{C17720B2-0DDE-47F8-B1FA-424BFAC2B3B4}] => (Allow) C:\Users\Stan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BA42E0C9-F501-4C53-831D-7B12269EE962}] => (Allow) C:\Users\Stan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{955C7B27-E851-465A-BEB8-9F4671321BDE}] => (Allow) C:\Users\Stan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8B046675-92CF-4420-AE4C-E899283D49D7}] => (Allow) C:\Users\Stan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CB806293-6E5E-4BAE-A850-C28D2CCD08D6}] => (Allow) C:\Users\Stan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{04A89E38-2BE7-4C0B-9D5C-37BA8A2427B6}] => (Allow) C:\Users\Stan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{175D1F64-B1E7-4CFE-9E23-F23C4D72A0DF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{A23354D5-B260-49D1-B684-452EA3EDFCAC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{7BB7582B-1951-4E1E-99B1-EF66CD1A6D9F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{3D397F1F-6D30-45D6-99DA-02408E72895B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{85E99BF0-884D-4EFA-8677-BDDCB1DDDCDC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D52148CD-EEC1-4360-A393-C72367240BA5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D9797F53-343D-4122-AA7C-41FBC58FA41E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{B5500CA8-7E82-44F0-83C4-885A6528D508}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{F98D63B1-3C8E-47E2-9CA3-357091797A02}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{71B20267-89C6-4F15-B0B5-A4477CAF9621}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{12A7CF7A-5A5A-422A-93CF-6C1FD98B6B90}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe FirewallRules: [UDP Query User{7AF1FFFE-7224-4723-8D6A-CFE2D9331F22}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe FirewallRules: [{B3AC6205-0C13-4382-AEBF-DCEB0E472ABF}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{3049E3E3-296A-4ABE-9CE2-6B06DC6FDF5A}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{6BADF547-7532-49AB-806C-9AC691261879}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{5D3970F8-1202-4CC9-9BEC-104E174D8501}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{CD821602-8802-4283-AEF4-C2D6DB1D2CBB}] => (Allow) D:\Network\EpsonNetSetup\ENEASYAPP.EXE FirewallRules: [{6884F468-0013-4D74-B06C-7B2A7C346C77}] => (Allow) D:\Network\EpsonNetSetup\ENEASYAPP.EXE FirewallRules: [TCP Query User{1847747A-D351-4A0D-99D1-6A7A46042AE6}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{4704BB94-1B88-41B0-ACFB-608255FA3654}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{A3E79153-8861-4ED8-B7C2-EFD638513CA8}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{37E4F27C-081C-4B8D-B38B-0EAE7670BB41}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [TCP Query User{12C7297A-B1DD-4679-8395-4A13AE399CCB}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [UDP Query User{2BAFD59E-2D50-4014-BC30-5E7E84DB8614}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [TCP Query User{403731C8-48DD-497B-9CD6-D41736532469}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [UDP Query User{5EFB526F-EC53-4425-B3D4-B880067ED013}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [{466E6AFC-D3C6-4920-844F-894418D2FEF8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= Name: Generic Bluetooth Adapter Description: Generic Bluetooth Adapter Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: GenericAdapter Service: BTHUSB Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== Error: (09/01/2017 08:16:49 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (08/31/2017 09:33:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: STAN-PC) Description: Package Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen was terminated because it took too long to suspend. Error: (08/31/2017 08:36:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: STAN-PC) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/31/2017 08:36:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: STAN-PC) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/31/2017 08:12:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: STAN-PC) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/31/2017 08:12:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: STAN-PC) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/31/2017 05:30:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: tywzcsbbfsq4.exe, version: 1.2.1.3, time stamp: 0x59a7521b Faulting module name: KERNELBASE.dll, version: 10.0.14393.1532, time stamp: 0x5965ac8c Exception code: 0xe0434352 Fault offset: 0x0000000000033c58 Faulting process id: 0x63c Faulting application start time: 0x01d322a04d2c9b85 Faulting application path: C:\Program Files (x86)\tYwZcsBbfSQ4\tywzcsbbfsq4.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 188a34fa-ae04-4a91-918e-588d04988c77 Faulting package full name: Faulting package-relative application ID: Error: (08/31/2017 05:30:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: tywzcsbbfsq4.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.IOException at MS.Internal.AppModel.ResourcePart.GetStreamCore(System.IO.FileMode, System.IO.FileAccess) at System.IO.Packaging.PackagePart.GetStream(System.IO.FileMode, System.IO.FileAccess) at System.IO.Packaging.PackWebResponse+CachedResponse.GetResponseStream() at System.IO.Packaging.PackWebResponse.get_ContentType() at System.Windows.Media.Imaging.BitmapDecoder.SetupDecoderFromUriOrStream(System.Uri, System.IO.Stream, System.Windows.Media.Imaging.BitmapCacheOption, System.Guid ByRef, Boolean ByRef, System.IO.Stream ByRef, System.IO.UnmanagedMemoryStream ByRef, Microsoft.Win32.SafeHandles.SafeFileHandle ByRef) at System.Windows.Media.Imaging.BitmapDecoder.CreateFromUriOrStream(System.Uri, System.Uri, System.IO.Stream, System.Windows.Media.Imaging.BitmapCreateOptions, System.Windows.Media.Imaging.BitmapCacheOption, System.Net.Cache.RequestCachePolicy, Boolean) at System.Windows.Media.Imaging.BitmapFrame.CreateFromUriOrStream(System.Uri, System.Uri, System.IO.Stream, System.Windows.Media.Imaging.BitmapCreateOptions, System.Windows.Media.Imaging.BitmapCacheOption, System.Net.Cache.RequestCachePolicy) at System.Windows.Media.ImageSourceConverter.ConvertFrom(System.ComponentModel.ITypeDescriptorContext, System.Globalization.CultureInfo, System.Object) at MS.Internal.Xaml.Runtime.ClrObjectRuntime.CreateObjectWithTypeConverter(MS.Internal.Xaml.ServiceProviderContext, System.Xaml.Schema.XamlValueConverter`1, System.Object) at System.Xaml.XamlObjectWriter.Logic_CreateFromValue(MS.Internal.Xaml.Context.ObjectWriterContext, System.Xaml.Schema.XamlValueConverter`1, System.Object, System.Xaml.XamlMember, System.String, MS.Internal.Xaml.Runtime.IAddLineInfo) Exception Info: System.Windows.Markup.XamlParseException at System.Windows.Markup.XamlReader.RewrapException(System.Exception, System.Xaml.IXamlLineInfo, System.Uri) at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri) at System.Windows.ResourceDictionary.CreateObject(System.Windows.Baml2006.KeyRecord) at System.Windows.ResourceDictionary.OnGettingValue(System.Object, System.Object ByRef, Boolean ByRef) at System.Windows.ResourceDictionary.OnGettingValuePrivate(System.Object, System.Object ByRef, Boolean ByRef) at System.Windows.ResourceDictionary.GetValueWithoutLock(System.Object, Boolean ByRef) at System.Windows.ResourceDictionary.GetValue(System.Object, Boolean ByRef) at System.Windows.ResourceDictionary.GetValueWithoutLock(System.Object, Boolean ByRef) at System.Windows.ResourceDictionary.GetValue(System.Object, Boolean ByRef) at System.Windows.ResourceDictionary.get_Item(System.Object) at loopback.App.OnStartup(System.Windows.StartupEventArgs) at System.Windows.Application.<.ctor>b__1_0(System.Object) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) at System.Windows.Threading.DispatcherOperation.InvokeImpl() at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) at System.Windows.Threading.DispatcherOperation.Invoke() at System.Windows.Threading.Dispatcher.ProcessQueue() at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) at System.Windows.Application.RunDispatcher(System.Object) at System.Windows.Application.RunInternal(System.Windows.Window) at loopback.App.Main() at loopback.EntryPoint.Main() Error: (08/31/2017 04:04:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: taskmgr.exe, version: 1.0.0.1, time stamp: 0x578999cf Faulting module name: taskmgr.exe, version: 1.0.0.1, time stamp: 0x578999cf Exception code: 0xc0000005 Fault offset: 0x0000000000025076 Faulting process id: 0x157c Faulting application start time: 0x01d3229460f5f10a Faulting application path: C:\WINDOWS\system32\taskmgr.exe Faulting module path: C:\WINDOWS\system32\taskmgr.exe Report Id: e69b91de-2d87-4df5-83ef-2528ecdaf520 Faulting package full name: Faulting package-relative application ID: Error: (08/31/2017 04:00:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: tywzcsbbfsq4.exe, version: 1.2.1.3, time stamp: 0x59a7521b Faulting module name: KERNELBASE.dll, version: 10.0.14393.1532, time stamp: 0x5965ac8c Exception code: 0xe0434352 Fault offset: 0x0000000000033c58 Faulting process id: 0x21d8 Faulting application start time: 0x01d32293ba5e0434 Faulting application path: C:\Program Files (x86)\tYwZcsBbfSQ4\tywzcsbbfsq4.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 073cfd39-d53a-4bda-91e6-9931e43277ec Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (09/01/2017 08:56:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Defender Service service failed to start due to the following error: The requested resource is in use. Error: (09/01/2017 08:17:03 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB2267602 (Definition 1.251.374.0). Error: (09/01/2017 08:16:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Defender Service service failed to start due to the following error: The requested resource is in use. Error: (09/01/2017 08:13:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Defender Service service failed to start due to the following error: The requested resource is in use. Error: (09/01/2017 08:12:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Management Service service failed to start due to the following error: The system cannot find the file specified. Error: (09/01/2017 08:12:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The 4a1d1d45010ab18618da9871b38c5999 service failed to start due to the following error: The requested resource is in use. Error: (09/01/2017 08:11:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The -- service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (09/01/2017 08:11:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the -- service to connect. Error: (09/01/2017 08:10:57 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (09/01/2017 08:10:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The 4a1d1d45010ab18618da9871b38c5999 service failed to start due to the following error: The system cannot find the file specified. CodeIntegrity: =================================== Date: 2017-08-29 18:00:53.152 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-17 16:36:22.927 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-11 07:06:16.346 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-28 17:00:41.462 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-22 09:15:17.696 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-17 16:03:55.254 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-16 11:51:12.529 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-16 08:11:09.914 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-13 19:43:03.079 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-12 09:01:10.252 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz Percentage of memory in use: 32% Total physical RAM: 7860.54 MB Available physical RAM: 5271.65 MB Total Virtual: 15796.54 MB Available Virtual: 13040.21 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:223.23 GB) (Free:134.42 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (Bitdefender) (CDROM) (Total:0.65 GB) (Free:0 GB) CDFS Drive g: (LEXAR) (Removable) (Total:29.86 GB) (Free:29.28 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 87905DEC) Partition 1: (Active) - (Size=223.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=346 MB) - (Type=27) ======================================================== Disk: 1 (Size: 29.9 GB) (Disk ID: 12343B56) Partition 1: (Active) - (Size=29.9 GB) - (Type=0C) ==================== End of Addition.txt ============================