Where is the secondary log "Addition.txt" I need to see that log... Logs are saved to this folder: C:\FRST\Logs
Is This What your looking for?
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2016
Ran by The Keller's (2016-06-30 12:04:55)
Running from C:\Users\The Keller's\Downloads
Windows 10 Home (X64) (2015-10-26 20:39:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3080448588-2968890734-2023774224-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3080448588-2968890734-2023774224-503 - Limited - Disabled)
Guest (S-1-5-21-3080448588-2968890734-2023774224-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3080448588-2968890734-2023774224-1002 - Limited - Enabled)
The Keller's (S-1-5-21-3080448588-2968890734-2023774224-1000 - Administrator - Enabled) => C:\Users\The Keller's
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe Reader 9.1.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.2 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 13.2.3.0 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
EA Download Manager (HKLM-x32\...\EADM) (Version: 7.1.4.31 - Electronic Arts, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version: - )
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1029 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java(TM) 6 Update 14 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
Java(TM) 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.260 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.6 - Dell Inc.)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.0 - Roxio)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.1.1002 - SUPERAntiSpyware.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UpdateAssistant (x32 Version: 1.1.0.0 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3080448588-2968890734-2023774224-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\The Keller's\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A10B86A-E0E8-463B-93FB-77EECC2C38DB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3080448588-2968890734-2023774224-1000Core => C:\Users\The Keller's\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-15] (Facebook Inc.)
Task: {0B74971E-D338-4029-93A2-A03DEFBB01A4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {0FBB1A3D-143B-4DC1-8999-50367B86946A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {15E9ED27-DB78-4BEB-9740-A6208706E5B2} - System32\Tasks\{69022E64-F08A-49A5-92B1-CC607B72B719} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-12-17] (Skype Technologies S.A.)
Task: {19AA3EDB-92DD-47B3-98BA-249DF921E1EC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {1BC8D5C2-1741-4148-BA46-C6CDC5B311B8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-24] (Microsoft Corporation)
Task: {1E607EAA-2CE3-474B-A43D-C48B52B34A48} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {286F54D4-5FF4-4617-878C-6750002CEEAF} - System32\Tasks\3026ed00 => C:\Users\THEKEL~1\AppData\Local\Temp\\setup190688832.exe <==== ATTENTION
Task: {2A32D939-5A38-4F46-B331-413F40203887} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {316B9756-AAB3-4EB2-857D-9ED22F0CFC56} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {3438268F-C2E5-460D-AB51-FFFA5C3F093C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {38F0862A-1691-428A-8B1D-2138A9AE11AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {3A4438EF-3CA9-4092-B7BF-FE87B457BC1F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3B67DA7C-EC59-4666-A4C6-8FA813179B8B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {3B912918-B8BB-4AD1-ADC4-944A0182CCEC} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {4904004A-28F3-4220-9ECA-02B6DC6B938F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {51FE6E45-92F4-4F82-8F80-B6E62A031A20} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {5202D0B8-6B4B-43FD-86DB-B62BFC4BD415} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5574FDEA-73EB-4FDB-99BD-A64CAE2C48C6} - System32\Tasks\{5A80DD58-4A12-4350-AB79-E3C51E4CF11D} => Chrome.exe hxxp://ui.skype.com/ui/0/5.9.0.123/en/go/help.faq.installer?LastError=1601
Task: {55D90D41-28BE-460C-A35F-DBD16CA11EB8} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {58D0AA0D-3610-4D07-87BA-F7C016E9A2DB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {5C72AA78-A36E-48F4-BF2D-55F26B6AF10D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6A59B8D0-15CA-416D-91B3-016C52FE0FE0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {71C35807-D374-4306-8D4F-80FF1A302E31} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {721964BD-2C06-4D03-816B-6E77450F241C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7A015314-4900-4015-B99B-6F1200011C3A} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {82C8FE89-7AF8-4F4F-90C7-EFCDF7951A36} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {865BDC54-69DB-4989-9CC6-573868BDA9F2} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {8826BCDB-4FA0-44A0-B765-AA9FCE2BE29A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {883DD0C3-2FBF-4A10-9207-72F98E06A75B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3080448588-2968890734-2023774224-1000UA => C:\Users\The Keller's\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-15] (Facebook Inc.)
Task: {92805B76-A58F-42C7-B131-7B5388333E86} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {99D9D16F-F85D-4954-8348-39999FB1477A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {A2A9C3D2-2884-45EB-BCE1-5A7089F42D4E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B198C427-2D45-490D-B715-FE29AEEF5669} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {B2351F56-FA5F-471E-9230-F77533142BDB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\Windows\UpdateAssistant\UpdateAssistant.exe [2016-06-21] (Microsoft Corporation)
Task: {B643AB6D-FB0F-4DAC-9137-2E63F60D66C0} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {B744371C-81DB-4F80-8295-45C94EA5AD11} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {BEEF7539-7758-41B0-B7BE-6D44F19D85C7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {C1DB9A0B-0000-46E6-A9CD-471DA9CF942E} - System32\Tasks\{3787C7B0-68D1-4A0A-98FD-B562EE09F8CA} => pcalua.exe -a D:\SetupAssistant.exe -d D:\
Task: {CCC210B1-EC65-4535-9301-FDADEED27698} - System32\Tasks\DDTS3SJ1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-16] (Dell Inc.)
Task: {DE576C43-A280-4A0B-9059-5FA87E6F042B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E1D26EC5-AF3E-41DD-85BD-19A4D1C8C3B6} - System32\Tasks\PCDoctorBackgroundMonitorTask-Delay => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: {E4FB54EA-5B75-45A9-B3F7-E3237D477484} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {E79D0E21-F3C6-4503-86AB-C4675435EF41} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {EF8987D2-E1E2-460A-8C2A-E9DD64487A92} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F3B10CC9-69DF-4C33-9C1E-6723EC65E128} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {FE73AA41-347D-44F6-9517-B0F21BFA483C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3080448588-2968890734-2023774224-1000Core.job => C:\Users\The Keller's\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3080448588-2968890734-2023774224-1000UA.job => C:\Users\The Keller's\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask-Delay.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\The Keller's\Desktop\Live PC Help.lnk -> hxxp://
www.thephonesupport.com/?src=dtop (No File)
==================== Loaded Modules (Whitelisted) ==============
2015-09-10 01:08 - 2015-09-10 01:08 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 01:08 - 2015-09-10 01:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2009-12-07 05:31 - 2009-07-16 21:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
2009-12-07 05:31 - 2009-07-16 21:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2016-04-19 08:51 - 2016-03-16 00:55 - 02495768 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2009-12-07 05:36 - 2011-08-18 11:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2016-04-19 08:51 - 2016-03-16 00:55 - 02495768 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-26 04:38 - 2016-05-26 04:38 - 00959168 _____ () C:\Users\The Keller's\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-11-01 17:06 - 2015-09-17 01:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-09 23:13 - 2015-07-09 23:13 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2016-01-12 18:26 - 2015-11-25 00:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 18:26 - 2015-11-25 00:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-12 18:26 - 2015-11-25 00:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-11-01 17:06 - 2015-09-17 01:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2009-06-18 23:46 - 2009-06-18 23:46 - 00494064 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2016-04-04 10:26 - 2016-04-04 10:26 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-04-04 10:26 - 2016-04-04 10:26 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-07 18:06 - 2016-03-07 18:10 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-09-10 01:08 - 2015-09-10 01:08 - 00293376 _____ () C:\WINDOWS\SYSTEM32\textinputframework.dll
2016-05-26 04:38 - 2016-05-26 04:38 - 00679624 _____ () C:\Users\The Keller's\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3080448588-2968890734-2023774224-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-21-3080448588-2968890734-2023774224-1000\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3080448588-2968890734-2023774224-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.0.1 - 205.171.2.226
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3080448588-2968890734-2023774224-1000\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3080448588-2968890734-2023774224-1000\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-3080448588-2968890734-2023774224-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3080448588-2968890734-2023774224-1000\...\StartupApproved\Run: => "Skype"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{B1B1363B-1CB2-4EB5-BC46-EF52F8F18A13}] => (Allow) C:\Users\The Keller's\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{9AE544C4-4A39-4507-B958-ED12197A8A05}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{86D0781A-4007-48DD-AED8-8A99E9C7FA30}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6FDAD21E-473D-4D3A-A9C1-96CEA2FA7B2C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D598881F-D197-40AD-B974-8AC82BB3079C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0E8A3EE9-6B59-44A6-8ACD-7AC6AA0774C9}] => (Block) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [{7B63D211-84F0-418D-BD53-D5E7A7C0AD37}] => (Block) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [UDP Query User{CB7CBD19-8EC5-4FA3-8289-EDADCB0BFE15}C:\program files (x86)\oovoo\oovoo.exe] => (Allow) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [TCP Query User{F3C99BD2-9A73-46EA-9237-5972E0E21FD2}C:\program files (x86)\oovoo\oovoo.exe] => (Allow) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [{9AB1CFDD-8487-4195-A2DB-69CF94B3EDCF}] => (Allow) LPort=37677
FirewallRules: [{1FC25DFC-7D45-4368-AE74-2CB300E2BEE5}] => (Allow) LPort=37676
FirewallRules: [{F7F3FB7B-F96E-4385-AFCC-FFA19CF95E16}] => (Allow) LPort=37676
FirewallRules: [{17259C8D-EC67-44AF-88F0-955382028227}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E4E11EBB-4CA8-4BDF-8EFA-6638DF6E5B97}] => (Allow) LPort=37675
FirewallRules: [{5A1E5EF2-E53A-4325-A032-93DBF3A8BB65}] => (Allow) LPort=37674
FirewallRules: [{221B8FA0-BF10-43E0-AEFB-0B7AF6FFB788}] => (Allow) LPort=37674
FirewallRules: [{2AF60DAC-FE4D-4A10-9174-F4ECD15AF8F2}] => (Allow) LPort=443
FirewallRules: [{5CCE3FB1-FF81-4F27-8BC9-9B417A6A05E6}] => (Allow) LPort=443
FirewallRules: [{E151BB46-C5BE-4EDB-99B0-C5FD710BCAE6}] => (Allow) LPort=37675
FirewallRules: [{3988D703-6A3B-4232-9E2F-C2001C696D34}] => (Allow) LPort=37674
FirewallRules: [{51475DBF-B7B1-48A7-8837-65C613414FB0}] => (Allow) LPort=37674
FirewallRules: [{30FCCDF2-FA0D-46BE-9E56-EB35DA8B532F}] => (Allow) LPort=443
FirewallRules: [{D63EF430-52C6-4CDD-B21C-30912B7038E0}] => (Allow) LPort=443
FirewallRules: [{A8677778-7117-4CB6-B551-087629EE825E}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{DE595209-3501-4465-9133-4EB7C7BB0976}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{372478AF-8AD9-4FB3-81EC-C41DA674460C}] => (Allow) svchost.exe
FirewallRules: [{0A7A2739-5EF2-4545-8AE4-2C99FCCBDC30}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{98B3884D-AC11-47F3-8414-4F846CCE6692}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{958AA819-6C18-4889-B436-33AD2FFAE4FF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
FirewallRules: [{44F96E36-11F2-4631-AA1B-C436D97CF138}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PowerDVD.exe
FirewallRules: [{2E4CF679-669F-4628-A687-5A67DE543C15}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/30/2016 09:27:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (06/30/2016 09:23:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sttray64.exe, version: 1.0.6217.0, time stamp: 0x4a490274
Faulting module name: sttray64.exe, version: 1.0.6217.0, time stamp: 0x4a490274
Exception code: 0xc000041d
Fault offset: 0x000000000000cae5
Faulting process id: 0x404
Faulting application start time: 0xsttray64.exe0
Faulting application path: sttray64.exe1
Faulting module path: sttray64.exe2
Report Id: sttray64.exe3
Faulting package full name: sttray64.exe4
Faulting package-relative application ID: sttray64.exe5
Error: (06/30/2016 09:22:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sttray64.exe, version: 1.0.6217.0, time stamp: 0x4a490274
Faulting module name: sttray64.exe, version: 1.0.6217.0, time stamp: 0x4a490274
Exception code: 0xc0000005
Fault offset: 0x000000000000cae5
Faulting process id: 0x404
Faulting application start time: 0xsttray64.exe0
Faulting application path: sttray64.exe1
Faulting module path: sttray64.exe2
Report Id: sttray64.exe3
Faulting package full name: sttray64.exe4
Faulting package-relative application ID: sttray64.exe5
Error: (06/26/2016 01:16:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sttray64.exe, version: 1.0.6217.0, time stamp: 0x4a490274
Faulting module name: sttray64.exe, version: 1.0.6217.0, time stamp: 0x4a490274
Exception code: 0xc000041d
Fault offset: 0x000000000000cae5
Faulting process id: 0xfa4
Faulting application start time: 0xsttray64.exe0
Faulting application path: sttray64.exe1
Faulting module path: sttray64.exe2
Report Id: sttray64.exe3
Faulting package full name: sttray64.exe4
Faulting package-relative application ID: sttray64.exe5
Error: (06/26/2016 01:16:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sttray64.exe, version: 1.0.6217.0, time stamp: 0x4a490274
Faulting module name: sttray64.exe, version: 1.0.6217.0, time stamp: 0x4a490274
Exception code: 0xc0000005
Fault offset: 0x000000000000cae5
Faulting process id: 0xfa4
Faulting application start time: 0xsttray64.exe0
Faulting application path: sttray64.exe1
Faulting module path: sttray64.exe2
Report Id: sttray64.exe3
Faulting package full name: sttray64.exe4
Faulting package-relative application ID: sttray64.exe5
Error: (06/20/2016 10:02:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sttray64.exe, version: 1.0.6217.0, time stamp: 0x4a490274
Faulting module name: sttray64.exe, version: 1.0.6217.0, time stamp: 0x4a490274
Exception code: 0xc000041d
Fault offset: 0x000000000000cae5
Faulting process id: 0x19c0
Faulting application start time: 0xsttray64.exe0
Faulting application path: sttray64.exe1
Faulting module path: sttray64.exe2
Report Id: sttray64.exe3
Faulting package full name: sttray64.exe4
Faulting package-relative application ID: sttray64.exe5
Error: (06/20/2016 10:02:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sttray64.exe, version: 1.0.6217.0, time stamp: 0x4a490274
Faulting module name: sttray64.exe, version: 1.0.6217.0, time stamp: 0x4a490274
Exception code: 0xc0000005
Fault offset: 0x000000000000cae5
Faulting process id: 0x19c0
Faulting application start time: 0xsttray64.exe0
Faulting application path: sttray64.exe1
Faulting module path: sttray64.exe2
Report Id: sttray64.exe3
Faulting package full name: sttray64.exe4
Faulting package-relative application ID: sttray64.exe5
Error: (06/17/2016 04:35:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (06/17/2016 04:35:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (06/17/2016 04:35:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (06/30/2016 11:52:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 10 for x64-based Systems (KB3106246).
Error: (06/30/2016 09:39:21 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1 = Incorrect function.
Error: (06/30/2016 09:30:38 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/30/2016 09:21:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
Error: (06/30/2016 09:20:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (06/30/2016 09:20:26 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:12:11 AM on 6/30/2016 was unexpected.
Error: (06/30/2016 09:10:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Group Policy Client service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.
Error: (06/30/2016 08:50:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Group Policy Client service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.
Error: (06/30/2016 08:45:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Group Policy Client service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.
Error: (06/30/2016 08:35:19 AM) (Source: Service Control Manager) (EventID: 7046) (User: )
Description: The following service has repeatedly stopped responding to service control requests: Windows Update
Contact the service vendor or the system administrator about whether to disable this service until the problem is identified.
You may have to restart the computer in safe mode before you can disable the service.
CodeIntegrity:
===================================
Date: 2016-06-30 11:56:57.701
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-30 11:56:57.652
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-30 11:56:57.616
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-30 11:56:57.559
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-30 11:56:57.526
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-30 11:56:57.492
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-30 11:56:57.452
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-30 11:56:57.416
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-30 11:56:57.380
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-30 11:56:57.334
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 71%
Total physical RAM: 4056.36 MB
Available physical RAM: 1154.4 MB
Total Virtual: 8152.36 MB
Available Virtual: 5118.33 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:398.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 75349890)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.1 GB) - (Type=07 NTFS)
======