Hi, my computer got RSA 4096. Pls help!!!
and i already downloaded the FRST and here the log!
Thank you so much!!!!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
Ran by owner (administrator) on GOODLUCK (11-05-2016 19:28:23)
Running from C:\Users\owner\Downloads
Loaded Profiles: owner & (Available Profiles: owner)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\SmarTone Mobile Broadband\SmarTone Mobile Broadband.exe
() C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\ouc.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe
(Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\N360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\N360.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM-x32\...\Run: [KPhoneTray] => "C:\Program Files (x86)\kingsoft\shoujizhushou\kphonetray.exe" -autorun
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: E - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {0104af15-eaa8-11e5-8259-681729b85619} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {84756be2-eaa7-11e5-8258-806e6f6e6963} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {ac47bbee-f0f2-11e5-8260-681729b85619} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {ae7184ad-eaa6-11e5-8257-681729b8561d} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {cebb296e-f5aa-11e5-8264-681729b8561d} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {f1af881d-0cf4-11e6-826d-001e101f6a09} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\...\MountPoints2: {f261b4df-f43a-11e5-8262-681729b85619} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: E - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0104af15-eaa8-11e5-8259-681729b85619} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {84756be2-eaa7-11e5-8258-806e6f6e6963} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ac47bbee-f0f2-11e5-8260-681729b85619} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ae7184ad-eaa6-11e5-8257-681729b8561d} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cebb296e-f5aa-11e5-8264-681729b8561d} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f1af881d-0cf4-11e6-826d-001e101f6a09} - "E:\AutoRun.exe"
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f261b4df-f43a-11e5-8262-681729b85619} - "E:\AutoRun.exe"
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-04-01]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-04-01]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-04-01]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DCE50746AE3B.lnk [2016-05-11]
ShortcutTarget: DCE50746AE3B.lnk -> C:\ProgramData\3F2E2F42AD34.html ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{2429C53E-2D04-4F69-9D16-91A68C2031B8}: [NameServer] 203.78.42.100 203.78.42.101
Tcpip\..\Interfaces\{B91FC718-7B19-482F-8337-AEAE4EE51E92}: [NameServer] 203.78.32.242 203.78.32.243
Tcpip\..\Interfaces\{CFF148D6-0B7C-4068-8CC8-C8A8B0A9EA68}: [NameServer] 203.78.42.100 203.78.42.101
Tcpip\..\Interfaces\{DB051901-FFEF-46BA-8C0E-C8F0710B9B94}: [NameServer] 203.78.42.100 203.78.42.101
Tcpip\..\Interfaces\{EB14C064-1C3B-4BF9-8550-2A8DCBB62856}: [DhcpNameServer] 192.168.176.251 192.168.176.252 192.168.176.253 192.168.176.254
Tcpip\..\Interfaces\{F39B7DAF-1F7E-4777-A94E-211BFD48CF23}: [DhcpNameServer] 192.168.8.1
Internet Explorer:
==================
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2013-08-07] (Yahoo! Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2013-08-07] (Yahoo! Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
FireFox:
========
FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\4iyfc0jp.default
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF user.js: detected! => C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\4iyfc0jp.default\user.js [2016-03-15]
FF Extension: Yahoo! Toolbar - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\4iyfc0jp.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2016-03-15] [not signed]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.6.0.142\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.6.0.142\coFFAddon [2016-04-16]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.6.0.142\coFFAddon
Chrome:
=======
CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-11]
CHR Extension: (Google Docs) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-11]
CHR Extension: (Google Drive) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-11]
CHR Extension: (YouTube) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-11]
CHR Extension: (Norton Security Toolbar) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-05-11]
CHR Extension: (Google Sheets) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-11]
CHR Extension: (Google Docs Offline) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-11]
CHR Extension: (Norton Identity Safe) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-05-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-11]
CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-11]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\Exts\Chrome.crx [2016-04-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\Exts\Chrome.crx [2016-04-16]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
S2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [125168 2014-10-03] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2016-03-15] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2940704 2015-12-29] (IObit)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\N360.exe [289080 2016-02-26] (Symantec Corporation)
S2 SmarTone Mobile Broadband. RunOuc; C:\Program Files (x86)\SmarTone Mobile Broadband\UpdateDog\ouc.exe [656976 2013-08-20] ()
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1063200 2015-12-29] (IObit)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-03] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
S2 kphonesvc; "C:\Program Files (x86)\kingsoft\shoujizhushou\kphonesvc.exe" -svc [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.6.0.142\Definitions\BASHDefs\20160502.001\BHDrvx64.sys [1766640 2016-04-14] (Symantec Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-14] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1448248 2016-03-15] (Motorola Solutions, Inc.)
R3 ccSet_N360; C:\Windows\system32\drivers\N360x64\1606000.08E\ccSetx64.sys [173808 2016-02-24] (Symantec Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-04] (Symantec Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-15] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-03-15] (REALiX)
R3 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.6.0.142\Definitions\IPSDefs\20160508.001\IDSvia64.sys [767224 2016-04-15] (Symantec Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2016-03-15] ()
R0 kavbootc; C:\Windows\System32\drivers\kavbootc64.sys [31848 2016-03-15] (Kingsoft Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-11] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185600 2016-03-15] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.6.0.142\Definitions\VirusDefs\20160510.024\ENG64.SYS [138488 2016-02-04] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.6.0.142\Definitions\VirusDefs\20160510.024\EX64.SYS [2148080 2016-02-04] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew01.sys [3354384 2016-03-15] (Intel Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-03-15] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\system32\drivers\N360x64\1606000.08E\SRTSP64.SYS [928504 2016-02-24] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\N360x64\1606000.08E\SRTSPX64.SYS [50936 2016-02-24] (Symantec Corporation)
R3 SymEFASI; C:\Windows\system32\drivers\N360x64\1606000.08E\SYMEFASI64.SYS [1621232 2016-02-24] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1606000.08E\SymELAM.sys [24192 2016-02-24] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2016-04-16] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\N360x64\1606000.08E\Ironx64.SYS [295664 2016-02-24] (Symantec Corporation)
R3 SymNetS; C:\Windows\system32\drivers\N360x64\1606000.08E\SYMNETS.SYS [577768 2016-02-24] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVCx32: dg597 -> no filepath.
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-11 19:18 - 2016-05-11 19:23 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-11 19:17 - 2016-05-11 19:17 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-11 19:17 - 2016-05-11 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-11 19:17 - 2016-05-11 19:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-11 19:17 - 2016-05-11 19:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-11 19:17 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-11 19:17 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-11 19:17 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-11 19:15 - 2016-05-11 19:16 - 22851472 _____ (Malwarebytes ) C:\Users\owner\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-11 19:14 - 2016-05-11 19:28 - 00018611 _____ C:\Users\owner\Downloads\FRST.txt
2016-05-11 19:14 - 2016-05-11 19:15 - 00028059 _____ C:\Users\owner\Downloads\Addition.txt
2016-05-11 19:12 - 2016-05-11 19:28 - 00000000 ____D C:\FRST
2016-05-11 19:11 - 2016-05-11 19:11 - 02381312 _____ (Farbar) C:\Users\owner\Downloads\FRST64.exe
2016-05-11 18:56 - 2016-05-11 19:23 - 00000622 _____ C:\Windows\ntbtlog.txt
2016-05-11 18:50 - 2016-05-11 18:51 - 00000000 ____D C:\NPE
2016-05-11 18:47 - 2016-05-11 18:58 - 00000000 ____D C:\Users\owner\AppData\Local\NPE
2016-05-11 18:43 - 2016-05-11 18:43 - 00011776 ___SH C:\Users\owner\Downloads\Thumbs.db
2016-05-11 02:47 - 2016-05-11 02:47 - 00000015 _____ C:\Users\owner\Desktop\sub.txt
2016-05-11 02:30 - 2016-05-11 02:30 - 00000088 _____ C:\Users\owner\Desktop\trynow.txt
2016-05-11 01:02 - 2016-05-11 01:02 - 01348854 ____T C:\ProgramData\3F2E2F42AD34.bmp
2016-05-11 01:02 - 2016-05-11 01:02 - 00014193 _____ C:\ProgramData\3F2E2F42AD34.html
2016-05-11 01:02 - 2016-05-11 01:02 - 00001758 _____ C:\Users\owner\Desktop\3F2E2F42AD34.txt
2016-05-11 01:01 - 2016-05-11 01:01 - 01348854 ____T C:\Users\owner\Downloads\3F2E2F42AD34.bmp
2016-05-11 01:01 - 2016-05-11 01:01 - 00014193 _____ C:\Users\owner\Downloads\3F2E2F42AD34.html
2016-05-11 01:01 - 2016-05-11 01:01 - 00001758 _____ C:\Users\owner\Downloads\3F2E2F42AD34.txt
2016-05-10 15:51 - 2016-05-10 15:51 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2016-05-10 05:52 - 2016-05-10 05:52 - 00039716 ____R C:\Users\owner\Desktop\linki.jpg.crypt
2016-05-07 22:20 - 2016-05-07 22:20 - 00237141 ____R C:\Users\owner\Downloads\search.htm.crypt
2016-05-07 19:24 - 2016-05-11 01:03 - 00000000 ____D C:\Users\owner\Desktop\limki_files
2016-05-07 19:24 - 2016-05-07 19:24 - 00017578 ____R C:\Users\owner\Desktop\limki.htm.crypt
2016-05-07 16:12 - 2016-05-08 20:29 - 00101750 ____R C:\Users\owner\Desktop\cpa's yanki.txt.crypt
2016-05-07 05:55 - 2016-05-07 05:55 - 02272686 ____R C:\Users\owner\Downloads\PeerReviewOption.com Emails.pdf.crypt
2016-05-06 09:48 - 2016-05-11 01:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-06 05:35 - 2016-05-06 05:35 - 00003826 ____R C:\Users\owner\Desktop\index22.png.crypt
2016-05-06 05:26 - 2016-05-06 05:26 - 00148511 ____R C:\Users\owner\Desktop\nz.txt.crypt
2016-05-06 05:18 - 2016-05-06 05:18 - 00029658 ____R C:\Users\owner\Desktop\ca.txt.crypt
2016-05-05 18:42 - 2016-05-05 18:42 - 00041267 ____R C:\Users\owner\Desktop\dhlpdf.pdf.crypt
2016-05-05 02:22 - 2016-05-05 02:22 - 00000000 ____D C:\Users\owner\AppData\Local\Wickr, LLC
2016-05-05 02:20 - 2016-05-05 02:20 - 00002025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Wickr Me.lnk
2016-05-05 02:20 - 2016-05-05 02:20 - 00002019 _____ C:\Users\Public\Desktop\Wickr Me.lnk
2016-05-05 02:20 - 2016-05-05 02:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wickr Me
2016-05-05 02:20 - 2016-05-05 02:20 - 00000000 ____D C:\Program Files (x86)\Wickr Inc
2016-05-05 02:09 - 2016-05-05 02:11 - 83206404 ____R C:\Users\owner\Downloads\WickrMe-2.6.0.msi.crypt
2016-05-04 19:19 - 2016-05-04 19:20 - 00057837 ____R C:\Users\owner\Desktop\sho.jpg.crypt
2016-05-03 21:03 - 2016-05-03 21:03 - 00022664 ____R C:\Users\owner\Desktop\uc.png.crypt
2016-05-03 20:53 - 2016-05-03 20:53 - 00002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-03 20:53 - 2016-05-03 20:53 - 00002275 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-03 20:51 - 2016-05-11 19:02 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-03 20:51 - 2016-05-11 18:51 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-29 18:12 - 2016-04-29 18:12 - 00987728 _____ (Google Inc.) C:\Users\owner\Downloads\ChromeSetup(1).exe
2016-04-29 16:33 - 2016-04-29 16:33 - 00987728 _____ (Google Inc.) C:\Users\owner\Downloads\ChromeSetup.exe
2016-04-28 00:20 - 2016-04-28 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-04-26 03:29 - 2016-04-26 03:29 - 00113344 ____R C:\Users\owner\Desktop\medical.txt.crypt
2016-04-25 11:49 - 2016-04-25 11:49 - 00328136 _____ C:\Windows\Minidump\042516-36140-01.dmp
2016-04-19 02:50 - 2016-04-19 02:50 - 00011643 ____R C:\Users\owner\Desktop\mailer.php-854[1].png.crypt
2016-04-16 21:17 - 2016-04-16 21:17 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2016-04-16 21:11 - 2016-04-16 21:11 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2016-04-16 21:11 - 2016-04-16 21:11 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2016-04-16 21:11 - 2016-04-16 21:11 - 00003208 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2016-04-16 21:11 - 2016-04-16 21:11 - 00002340 _____ C:\Users\Public\Desktop\Norton 360.LNK
2016-04-16 21:11 - 2016-04-16 21:11 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-04-16 21:09 - 2016-04-16 21:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2016-04-16 21:09 - 2016-04-16 21:09 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2016-04-16 21:09 - 2016-04-16 21:09 - 00000000 ____D C:\Program Files (x86)\Norton 360
2016-04-16 21:04 - 2016-04-16 21:04 - 00000000 ____D C:\ProgramData\PCSettings
2016-04-16 20:54 - 2016-04-16 20:54 - 01089416 _____ (Symantec Corporation) C:\Users\owner\Downloads\NortonN360Downloader.exe
2016-04-16 18:19 - 2016-04-16 18:19 - 00326792 _____ C:\Windows\Minidump\041616-52687-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-11 19:28 - 2016-03-15 21:05 - 00000000 ____D C:\Users\owner\AppData\Roaming\Skype
2016-05-11 19:22 - 2016-03-15 01:35 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3427232999-790683421-1222420029-1001
2016-05-11 18:58 - 2014-11-21 16:44 - 00818732 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-11 18:58 - 2013-08-22 21:36 - 00000000 ____D C:\Windows\Inf
2016-05-11 18:51 - 2016-03-15 02:19 - 00000000 __SHD C:\Users\owner\IntelGraphicsProfiles
2016-05-11 18:51 - 2016-03-15 01:35 - 00000000 ____D C:\ProgramData\ProductData
2016-05-11 18:50 - 2013-08-22 22:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-11 14:50 - 2016-03-15 01:32 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{947B59A8-C853-4327-907B-470D661878E7}
2016-05-11 12:15 - 2016-03-17 19:48 - 00000000 ____D C:\Users\owner\AppData\Roaming\.purple
2016-05-11 05:21 - 2016-03-15 22:31 - 00002248 ____H C:\Users\owner\Documents\Default.rdp
2016-05-11 04:57 - 2016-03-15 01:33 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 04:57 - 2016-03-15 01:33 - 00003660 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 04:38 - 2016-03-15 20:55 - 00103936 ___SH C:\Users\owner\Desktop\Thumbs.db
2016-05-11 03:40 - 2016-03-18 10:13 - 00000000 ____D C:\Program Files (x86)\pidgin-otr
2016-05-11 01:13 - 2016-03-15 20:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-11 01:12 - 2016-03-15 01:30 - 00000000 ____D C:\Users\owner
2016-05-11 01:12 - 2013-08-22 21:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-05-11 01:11 - 2013-08-22 21:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-05-11 01:00 - 2016-03-15 20:13 - 00000000 ____D C:\Program Files (x86)\SmarTone Mobile Broadband
2016-05-10 18:50 - 2016-03-15 20:45 - 00000466 ____H C:\Windows\Tasks\Norton Security Scan for owner.job
2016-05-03 20:53 - 2016-03-15 01:33 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-28 17:45 - 2013-08-22 23:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-28 17:45 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-25 18:59 - 2013-08-22 23:36 - 00000000 ____D C:\Windows\system32\NDF
2016-04-25 11:49 - 2016-03-15 02:05 - 00000000 ____D C:\Windows\Minidump
2016-04-25 11:49 - 2016-03-15 02:04 - 1232873207 _____ C:\Windows\MEMORY.DMP
2016-04-16 21:35 - 2016-03-15 20:45 - 00000000 ____D C:\ProgramData\Norton
2016-04-16 21:12 - 2016-03-17 00:03 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-04-16 21:12 - 2016-03-17 00:02 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-16 21:11 - 2013-08-22 23:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-04-16 21:08 - 2016-03-15 20:55 - 00001313 _____ C:\Users\owner\Desktop\Norton Installation Files.lnk
2016-04-16 21:08 - 2016-03-15 20:44 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-04-16 21:07 - 2016-03-15 01:57 - 00000000 ____D C:\Program Files (x86)\Avira
2016-04-16 21:04 - 2016-03-15 20:44 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-04-16 20:55 - 2016-03-15 20:55 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-04-16 20:17 - 2016-03-15 02:27 - 00000000 ____D C:\Users\owner\AppData\Local\ElevatedDiagnostics
2016-04-14 10:37 - 2016-03-17 00:47 - 00000000 ____D C:\Users\owner\AppData\Roaming\TeamViewer
==================== Files in the root of some directories =======
2016-03-15 03:07 - 2016-03-15 03:07 - 0000021 _____ () C:\Users\owner\AppData\Roaming\fixcfg.ini
2016-05-11 01:02 - 2016-05-11 01:02 - 1348854 ____T () C:\ProgramData\3F2E2F42AD34.bmp
2016-05-11 01:02 - 2016-05-11 01:02 - 0014193 _____ () C:\ProgramData\3F2E2F42AD34.html
Some files in TEMP:
====================
C:\Users\owner\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-08 04:05
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-05-2016
Ran by owner (2016-05-11 19:28:48)
Running from C:\Users\owner\Downloads
Windows 8.1 (X64) (2016-03-14 17:29:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3427232999-790683421-1222420029-500 - Administrator - Disabled)
Guest (S-1-5-21-3427232999-790683421-1222420029-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3427232999-790683421-1222420029-1003 - Limited - Enabled)
owner (S-1-5-21-3427232999-790683421-1222420029-1001 - Administrator - Enabled) => C:\Users\owner
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4338 - Intel Corporation)
Intel® Wireless Bluetooth®(patch version 17.1.1440.2) (HKLM\...\{302600C1-6BDF-4FD1-1409-148929CC1385}) (Version: 17.1.1409.0486 - Intel Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Norton 360 (HKLM-x32\...\N360) (Version: 22.6.0.142 - Symantec Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.3.1.3 - Symantec Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{D5C24D81-1089-4E44-9D3D-AA0054889236}) (Version: 4.12.9782 - Apache Software Foundation)
OpenOffice 4.1.2 Language Pack (English) (HKLM-x32\...\{1698FEC4-9BDE-475C-8029-C78FF3C7EDAE}) (Version: 4.12.9782 - Apache Software Foundation)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.12 - )
pidgin-otr 4.0.2 (HKLM-x32\...\pidgin-otr) (Version: 4.0.2 - Cypherpunks CA)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SmarTone Mobile Broadband (HKLM-x32\...\SmarTone Mobile Broadband) (Version: 23.009.17.01.1156 - Huawei Technologies Co.,Ltd)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 3.0.0.1 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
Wickr Me (HKLM-x32\...\{7668652D-F198-4E7B-8FF4-5E2DC13D9AD7}) (Version: 2.6.0.4 - Wickr Inc.)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3427232999-790683421-1222420029-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {16AC8DD2-31BA-4466-890A-65399BCD3B87} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\SymErr.exe [2016-02-11] (Symantec Corporation)
Task: {43548DB9-E96E-4712-8DB9-E8CAD72AC9C7} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\WSCStub.exe [2016-02-26] (Symantec Corporation)
Task: {5A7A070B-D5D8-4A99-96D3-56EEB66797B9} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\SymErr.exe [2016-02-11] (Symantec Corporation)
Task: {5B4F232F-9825-4980-8213-B09E6897D419} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-03] (Google Inc.)
Task: {5BB760B6-14CF-4244-AE56-EADB03DABD71} - System32\Tasks\Norton Security Scan for owner => C:\Program Files (x86)\Norton Security Scan\Engine\4.3.1.3\Nss.exe [2015-10-16] (Symantec Corporation)
Task: {D20A06F3-B42D-4CD4-823A-330885D6B864} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2016-02-26] (Symantec Corporation)
Task: {E77181F3-9333-417C-9240-9159FE278B23} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-03] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for owner.job => C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2013-02-06 14:10 - 2013-02-06 14:10 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-03-15 20:13 - 2013-08-20 19:23 - 00515072 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\SmarTone Mobile Broadband.exe
2016-03-15 20:22 - 2013-08-20 11:03 - 00656976 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\ouc.exe
2016-03-15 03:05 - 2015-12-29 11:30 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-03-15 20:13 - 2013-08-20 19:12 - 00529920 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\core.dll
2016-03-15 20:13 - 2013-08-20 19:12 - 00288768 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\sdk.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00011362 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\mingwm10.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00043008 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\libgcc_s_dw2-1.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 02417152 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\QtCore4.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 09562624 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\QtGui4.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00407552 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\Proxy.DLL
2016-03-15 20:13 - 2013-08-20 19:08 - 00628224 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\Common.dll
2016-03-15 20:13 - 2013-08-20 19:08 - 00158208 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\Trace.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00583168 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\PluginContainer.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00646144 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\AtCodec.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00729088 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DeviceSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00195584 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\XCodec.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00253952 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NetSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00166912 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\OSDialup.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00155136 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DataServicePlugin.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00177152 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\CallSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00672768 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\AddrBookSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00220160 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\SmsSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00142336 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\USSDSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00157184 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\STKSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00155648 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\GpsSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00731136 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DeviceAppPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00065536 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\OSPowerMgr.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00155648 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\Win7Support.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 01124352 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\AddrBookPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00704000 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\SmsAppPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00187392 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\CallAppPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00569344 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\CallLogSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00158720 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NetConnectSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00236032 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DialUpPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00102400 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\OSAdapt.dll
2016-03-15 20:13 - 2013-08-20 19:12 - 00851968 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\WLANPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00207360 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\WiFiMan.dll
2016-03-15 20:13 - 2013-08-20 19:10 - 00201216 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NDISPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:09 - 00131584 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\OSNDIS.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 01114112 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NDISAPI.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00702464 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NetInfoSrvPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:12 - 00062976 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\OSCall.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00224256 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\tdpcvoice.dll
2016-03-15 20:13 - 2013-08-20 19:15 - 00581120 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DeviceMgrUIPlugin.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00398336 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\QtXml4.dll
2016-03-15 20:13 - 2013-08-20 19:11 - 00168960 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\ATR2SMgr.dll
2016-03-15 20:13 - 2013-08-20 19:16 - 00270848 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\XFramePlugin.dll
2016-03-15 20:13 - 2013-08-20 19:16 - 00323584 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\StatusBarMgrPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:17 - 00391168 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NetConnectPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:13 - 00593408 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DialupUIPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:14 - 00097792 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NotifyServicePlugin.dll
2016-03-15 20:13 - 2013-08-20 19:16 - 00118784 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\LayoutPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:23 - 00119296 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\ConnectMgrUIPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:17 - 00332288 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\MenuMgrPlugin.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 01148416 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\QtNetwork4.dll
2016-03-15 20:13 - 2013-08-20 19:18 - 00303104 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\DiagnosisPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:18 - 00492544 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\NetInfoUIExPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:14 - 00855040 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\SMSUIPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:15 - 00819712 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\AddrBookUIPlugin.dll
2016-03-15 20:13 - 2013-08-20 19:17 - 00219136 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\ToolBarMgrPlugin.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00691200 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\LiveUpdateInterface.DLL
2016-03-15 20:13 - 2013-08-20 11:03 - 00082944 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\plugins\imageformats\qgif4.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00081920 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\plugins\imageformats\qico4.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00192000 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\plugins\imageformats\qjpeg4.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00350720 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\plugins\imageformats\qmng4.dll
2016-03-15 20:13 - 2013-08-20 11:03 - 00370176 _____ () C:\Program Files (x86)\SmarTone Mobile Broadband\plugins\imageformats\qtiff4.dll
2016-03-15 20:22 - 2013-08-20 11:03 - 00011362 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\mingwm10.dll
2016-03-15 20:22 - 2013-08-20 11:03 - 00043008 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\libgcc_s_dw2-1.dll
2016-03-15 20:22 - 2013-08-20 11:03 - 02417152 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\QtCore4.dll
2016-03-15 20:22 - 2013-08-20 11:03 - 01148416 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\QtNetwork4.dll
2016-03-15 20:22 - 2013-08-20 11:03 - 00839680 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\QueryStrategy.dll
2016-03-15 20:22 - 2013-08-20 11:03 - 00398336 _____ () C:\ProgramData\SmarTone Mobile Broadband\OnlineUpdate\QtXml4.dll
2016-03-15 03:05 - 2015-12-29 11:30 - 00355616 _____ () C:\Program Files (x86)\IObit\Classic Start\madExcept_.bpl
2016-03-15 03:05 - 2015-12-29 11:29 - 00190240 _____ () C:\Program Files (x86)\IObit\Classic Start\madBasic_.bpl
2016-03-15 03:05 - 2015-12-29 11:30 - 00057632 _____ () C:\Program Files (x86)\IObit\Classic Start\madDisAsm_.bpl
2016-03-15 03:05 - 2015-12-29 11:30 - 00275576 _____ () C:\Program Files (x86)\IObit\Classic Start\sqlite3.dll
2016-03-15 03:05 - 2015-12-29 11:30 - 00059680 _____ () C:\Program Files (x86)\IObit\Classic Start\parseAuto.dll
2016-03-15 03:05 - 2015-12-29 11:30 - 00625440 _____ () C:\Program Files (x86)\IObit\Classic Start\ProductStatistics.dll
2016-03-15 03:05 - 2015-12-29 11:31 - 00047904 _____ () C:\Program Files (x86)\IObit\Classic Start\winkey.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2016-03-15 20:42 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3427232999-790683421-1222420029-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3427232999-790683421-1222420029-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 203.78.42.100 - 203.78.42.101
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CBA8D59B-846B-41E5-983C-137E0E7899A4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{43AF5EC4-6C5B-490B-B01A-83AC6F5CB13C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{8DB69F6B-1E5B-45DD-92D7-FADC3ECEE480}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{A23CF8B7-3BFD-4B15-9FCC-14782A88F490}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{E1FA109B-963F-4E57-9A25-63BDAE4D876A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{8B491FB4-F2F4-4580-99CF-F79EBAA35B1B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{F554CCA4-C397-4EF8-A708-AC9BE24A45C5}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\122\tencentdl.exe
FirewallRules: [{4394E844-5086-47B4-B288-02E78FA94FEE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ECAF87FB-1D32-464C-94E6-F2908DB6D1D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D5BB2AB2-A9AE-47A7-B886-C0EF38CC3488}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{F2BFADC9-A0D9-4619-AE36-491E2B475953}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{601C11A2-6D44-4278-8301-98D1B9D175E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0C377243-AF76-4C40-97BA-3BF6FD9BA787}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C83C77A6-B18D-4D6F-9427-DB8BF0F16BBB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{57809DC5-A6B1-4CD0-BAAC-A1FB60371873}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{CDAB8F3D-A06E-41A5-8735-7F81ED7A771C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{808C79D4-6501-471B-BFFE-1F5C5A7A5A27}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{844FC86C-31CA-446F-94B8-703416465D40}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
23-04-2016 06:41:49 Scheduled Checkpoint
02-05-2016 06:20:46 Scheduled Checkpoint
05-05-2016 02:18:48 Installed Wickr Me
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/11/2016 06:26:21 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.
Context: Windows Application
Details:
The parameter is incorrect. (HRESULT : 0x80070057) (0x80070057)
Error: (05/11/2016 07:22:26 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.
Context: Windows Application
Details:
The parameter is incorrect. (HRESULT : 0x80070057) (0x80070057)
Error: (05/11/2016 12:45:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17416, time stamp: 0x5452eed9
Faulting module name: ntdll.dll, version: 6.3.9600.17415, time stamp: 0x54504b0d
Exception code: 0xc0000374
Fault offset: 0x000e5be4
Faulting process id: 0x2c180
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
Error: (05/07/2016 04:59:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17416, time stamp: 0x5452eed9
Faulting module name: MSHTML.dll, version: 11.0.9600.17416, time stamp: 0x545304c5
Exception code: 0xc0000005
Fault offset: 0x004fa65c
Faulting process id: 0x29570
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
Error: (05/07/2016 01:30:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17415, time stamp: 0x545036ce
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0x00000004
Fault offset: 0x0000000000008b9c
Faulting process id: 0xd12c
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5
Error: (04/28/2016 04:25:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: goodluck)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2147024809 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/27/2016 05:00:07 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.
Context: Windows Application
Details:
The parameter is incorrect. (HRESULT : 0x80070057) (0x80070057)
Error: (04/25/2016 05:50:10 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.
Context: Windows Application
Details:
The parameter is incorrect. (HRESULT : 0x80070057) (0x80070057)
Error: (04/18/2016 10:50:07 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.
Context: Windows Application
Details:
The parameter is incorrect. (HRESULT : 0x80070057) (0x80070057)
Error: (04/16/2016 09:11:30 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.
Context: Windows Application
Details:
The parameter is incorrect. (HRESULT : 0x80070057) (0x80070057)
System errors:
=============
Error: (05/11/2016 06:50:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SmarTone Mobile Broadband. OUC service failed to start due to the following error:
%%1053
Error: (05/11/2016 06:50:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SmarTone Mobile Broadband. OUC service to connect.
Error: (05/11/2016 06:50:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The shoujizhushou service service failed to start due to the following error:
%%2
Error: (05/11/2016 06:49:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The NPEService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (05/11/2016 12:25:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SmarTone Mobile Broadband. OUC service failed to start due to the following error:
%%1053
Error: (05/11/2016 12:25:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SmarTone Mobile Broadband. OUC service to connect.
Error: (05/11/2016 12:25:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The shoujizhushou service service failed to start due to the following error:
%%2
Error: (05/11/2016 03:41:56 AM) (Source: DCOM) (EventID: 10010) (User: goodluck)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/11/2016 03:41:25 AM) (Source: DCOM) (EventID: 10010) (User: goodluck)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/11/2016 01:21:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SmarTone Mobile Broadband. OUC service failed to start due to the following error:
%%1053
==================== Memory info ===========================
Processor: Intel® Core i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 29%
Total physical RAM: 7964.15 MB
Available physical RAM: 5580.15 MB
Total Virtual: 16156.15 MB
Available Virtual: 13840.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:442.71 GB) (Free:405.17 GB) NTFS
Drive d: () (Fixed) (Total:488.28 GB) (Free:488.12 GB) NTFS
Drive e: (Mobile Broadband) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 86A08E8A)
Partition: GPT.
==================== End of Addition.txt ============================
Edited by isababy117, 11 May 2016 - 06:18 AM.