Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-12-2015 Ran by Misia (2015-12-30 17:18:31) Running from C:\Users\Misia\Downloads Windows 10 Home (X64) (2015-12-11 18:27:37) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1684684229-2163700968-2161254720-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1684684229-2163700968-2161254720-503 - Limited - Disabled) Guest (S-1-5-21-1684684229-2163700968-2161254720-501 - Limited - Disabled) Misia (S-1-5-21-1684684229-2163700968-2161254720-1001 - Administrator - Enabled) => C:\Users\Misia ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Akamai NetSession Interface (HKU\S-1-5-21-1684684229-2163700968-2161254720-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS) Avast Internet Security (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) calibre 64bit (HKLM\...\{2D534835-A873-4402-BEED-813FE50BF118}) (Version: 2.30.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.60 - Conexant) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.7 - Genesys Logic) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{92DA2455-E6C9-4EFF-9AFD-07C2C3B185DA}) (Version: 4.2.41.2633 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{1c7272f2-45cf-469f-b7e9-17c6b212549c}) (Version: 16.5.3 - Intel Corporation) iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Prezi.com) Realtek USB Ethernet Controller Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 8.6.626.2013 - Realtek) SafeZone Stable 1.46.1990.139 (x32 Version: 1.46.1990.139 - Avast Software) Hidden Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-1684684229-2163700968-2161254720-1001\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB) Windows Driver Package - ASUS (ATP) Mouse (08/01/2015 10.0.0.5) (HKLM\...\B267A462F49A1ACD7A2EC5C262BA0DC7D7B23891) (Version: 08/01/2015 10.0.0.5 - ASUS) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1684684229-2163700968-2161254720-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Misia\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {0D17F813-0E69-4249-A74F-D36FB0BFBB3F} - System32\Tasks\SafeZone scheduled Autoupdate 1451317101 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2015-12-01] (Avast Software) Task: {1389AF6C-3C05-4A9E-914F-E6C602FA22F1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {3CE7036F-CFFD-4E98-A1A4-3E2C6BDF6C0F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {3E6C66D5-1A63-45B9-A11D-254617420757} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-08] (ASUS) Task: {403DD5D1-6EB8-4A45-AB59-82CD1FE16511} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-10] (Google Inc.) Task: {440232DA-89D9-412F-9D7F-DDBA8C7B58B2} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2013-08-06] () Task: {50460716-01C4-48CC-A001-DFB576257D2E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-28] (AVAST Software) Task: {52B7392B-27D6-4CBD-8FA2-AFC8ECF19738} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {64E6AF57-D36D-4691-89A2-93F397051097} - System32\Tasks\ASUS Win8Active => C:\Users\Administrator\Desktop\wtp\asus-wtp2.5.10-2\bin\Win8Active.exe Task: {667139A2-71F7-4B9F-9789-CAE15C2BDD57} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-30] (ASUSTek Computer Inc.) Task: {679F4F43-C5C4-44C7-88DF-15D6F5526030} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.) Task: {8E454B9D-F442-45AB-9AD5-430B7E7A75EE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {9605F4ED-4EE1-4B6D-928B-80865B2D1945} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {9646634C-470E-4E27-9C86-7864632EBE99} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {9BF3A9ED-F441-406F-B122-3C02CA46B7C9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd) Task: {A2C8CC61-5846-45CB-83BC-812313A55A68} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {B111024A-A338-47AF-9A9D-14AD3C30870C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {B56E1888-F970-4DC6-95FD-947FE304A475} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {BA257240-538D-471F-B884-BCFE40744F5F} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.) Task: {CD17B8E4-228B-41F6-8B41-967D2637F2B1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation) Task: {D82456A4-CDFC-479D-A376-8A5EF7C1418C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {E8B6DB55-6D53-449B-B48B-F01FCBFC82F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-10] (Google Inc.) Task: {E8F85E81-976C-44A5-BBD9-7B649F1AB4EA} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-09-23] (AsusTek) Task: {ED852C7C-E15F-4321-96CC-320A3EE15A7F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {F56EF590-1A18-4C05-8DB6-AC0E56A24884} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-11-08 01:12 - 2013-11-08 01:12 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2013-11-08 01:12 - 2013-11-08 01:12 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2013-11-08 01:12 - 2013-11-08 01:12 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2015-12-12 04:12 - 2015-12-12 04:12 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-12 04:12 - 2015-12-12 04:12 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-12-17 21:10 - 2015-12-17 21:11 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-17 21:10 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-17 21:10 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-17 21:10 - 2015-12-07 04:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-12-17 21:10 - 2015-12-07 04:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-12-17 21:10 - 2015-12-07 04:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-12-17 21:10 - 2015-12-07 04:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-17 23:35 - 2015-07-17 23:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe 2015-11-16 17:55 - 2015-11-16 17:55 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2015-12-16 21:26 - 2015-12-11 13:34 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll 2015-12-16 21:26 - 2015-12-11 13:34 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll 2015-12-28 15:10 - 2015-12-24 07:46 - 29245120 _____ () C:\Users\Misia\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll 2015-12-28 16:37 - 2015-12-28 16:37 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-12-28 16:37 - 2015-12-28 16:37 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-12-30 11:17 - 2015-12-30 11:17 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\15123000\algo.dll 2015-12-28 16:37 - 2015-12-28 16:37 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2013-10-09 04:41 - 2013-10-09 04:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2013-09-10 02:23 - 2013-09-10 02:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2015-12-17 21:10 - 2015-12-17 21:11 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2015-12-17 21:10 - 2015-12-17 21:11 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-06-10 18:53 - 2015-12-28 16:38 - 50679920 _____ () C:\Users\Misia\AppData\Roaming\Spotify\libcef.dll 2015-06-10 18:53 - 2015-12-28 16:38 - 01882224 _____ () C:\Users\Misia\AppData\Roaming\Spotify\libglesv2.dll 2015-06-10 18:53 - 2015-12-28 16:38 - 00082544 _____ () C:\Users\Misia\AppData\Roaming\Spotify\libegl.dll 2015-12-28 16:37 - 2015-12-28 16:37 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-03-21 20:37 - 2013-10-23 21:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1684684229-2163700968-2161254720-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Misia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{71d2f5da-e71c-44ff-aa55-9455a2e6a0d9}.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{44A6F381-DFB8-4313-8626-BFE22359DFC7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{9108A6B8-B86B-48BC-8894-C30EE7222FC8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{C37E8A43-F6CE-42F8-AD56-DB1B4A42F4EA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{82AD6B59-73DE-4DEC-B74C-945CB717C661}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{08C10D56-1B03-4692-8B21-2F27651F86B0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F1894AB6-C4B9-4E87-BB5F-2353E082C068}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{654F8F99-B61B-41B6-B297-C0A284FEEBB5}] => (Allow) LPort=2869 FirewallRules: [{9008E148-12F6-417D-A7B5-BE25E03979EB}] => (Allow) LPort=1900 FirewallRules: [{81D6A069-885F-4362-9374-F204E956AEA5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [TCP Query User{080AB35E-8A20-45E1-9781-F9696165EF20}C:\users\misia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\misia\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{C75A6363-3E36-4DED-ABAA-EF9D4FF3AE40}C:\users\misia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\misia\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{CF7A28A0-BBA8-454A-A9FD-F1AACB5F26F6}C:\users\misia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\misia\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{F5D0599C-69E7-419A-851A-88D19FF28FA4}C:\users\misia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\misia\appdata\local\akamai\netsession_win.exe FirewallRules: [{19345F47-CF25-42A2-AE49-C1A6A6643D7E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{1D67D3BF-586B-4990-8AB0-0EBA3CFDA7F5}] => (Allow) C:\Program Files\iTunes\iTunes.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/30/2015 05:17:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MISIA-PC) Description: Activation of app Facebook.Facebook_8xx8rvfyw5nnt!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (12/30/2015 05:04:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MISIA-PC) Description: Activation of app Facebook.Facebook_8xx8rvfyw5nnt!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (12/30/2015 05:04:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MISIA-PC) Description: Activation of app Facebook.Facebook_8xx8rvfyw5nnt!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (12/30/2015 05:02:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MISIA-PC) Description: Activation of app Facebook.Facebook_8xx8rvfyw5nnt!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (12/30/2015 04:52:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MISIA-PC) Description: Activation of app Facebook.Facebook_8xx8rvfyw5nnt!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (12/30/2015 04:52:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MISIA-PC) Description: Activation of app Facebook.Facebook_8xx8rvfyw5nnt!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (12/30/2015 04:30:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MISIA-PC) Description: Activation of app Facebook.Facebook_8xx8rvfyw5nnt!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (12/30/2015 04:19:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MISIA-PC) Description: Activation of app Facebook.Facebook_8xx8rvfyw5nnt!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (12/30/2015 04:19:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MISIA-PC) Description: Activation of app Facebook.Facebook_8xx8rvfyw5nnt!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (12/30/2015 04:14:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MISIA-PC) Description: Activation of app Facebook.Facebook_8xx8rvfyw5nnt!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (12/30/2015 05:05:50 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (12/30/2015 05:02:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_a9c2f service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (12/30/2015 05:02:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_a9c2f service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (12/30/2015 05:02:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_a9c2f service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (12/30/2015 05:02:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_a9c2f service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (12/30/2015 05:02:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (12/30/2015 03:44:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (12/30/2015 01:26:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (12/30/2015 12:22:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (12/30/2015 11:24:29 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} CodeIntegrity: =================================== Date: 2015-12-30 17:04:51.982 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-19 19:59:21.493 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-18 22:22:33.013 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-13 09:50:27.995 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-11 19:25:12.317 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-11 19:24:19.714 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-11 19:20:16.831 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. Date: 2015-12-11 19:20:16.793 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. Date: 2015-12-11 19:20:16.760 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. Date: 2015-12-11 19:20:16.752 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz Percentage of memory in use: 43% Total physical RAM: 8075.46 MB Available physical RAM: 4561.39 MB Total Virtual: 9355.46 MB Available Virtual: 5617.48 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:98.13 GB) (Free:48.11 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: B4149E1E) Partition: GPT. ==================== End of Addition.txt ============================