Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015 Ran by juz at 2015-01-14 19:34:01 Running from C:\Users\juz\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.33 - ASUS) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS Backtracker (HKLM-x32\...\{C15C060C-ED1C-49EB-83B3-F7C0FD1CD661}) (Version: 3.0.6 - ASUS) Asus FaceID (HKLM-x32\...\{C4071085-DDF0-403F-90F9-27582FC22C9B}) (Version: 7.6.9.4 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.7 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.10 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5712.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.5712.52 - CyberLink Corp.) Hidden AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0033 - ASUS) BitTorrent (HKU\S-1-5-21-1528918704-3446041805-2680001631-1001\...\BitTorrent) (Version: 7.9.2.36804 - BitTorrent Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform) Common Desktop Agent (Version: 1.62.0 - OEM) Hidden EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version: - ) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1407.2) (HKLM\...\{302600C1-6BDF-4FD1-1401-148929CC1385}) (Version: 17.0.1401.0428 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{eff1d9d1-41fa-49ef-a986-082bfe49c293}) (Version: 16.8.0 - Intel Corporation) iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) NVIDIA Graphics Driver 332.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.85 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7173 - Realtek Semiconductor Corp.) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.30.00(24/5/2013) - Samsung Electronics Co., Ltd.) Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.40.03 - Samsung Electronics Co., Ltd.) Samsung M262x 282x Series (HKLM-x32\...\Samsung M262x 282x Series) (Version: 1.19 (10/7/2013) - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Syncios version 4.0.1 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.0.1 - Anvsoft, Inc.) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden View User's Guide (HKLM-x32\...\View User Guide) (Version: 3.60.30 - ) VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.10.25 - WildTangent) Windows Driver Package - ASUS (ATP) Mouse (01/07/2014 1.0.0.197) (HKLM\...\2BEE838DC3D664A0CAB23AEA0332BB3877ED0685) (Version: 01/07/2014 1.0.0.197 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) 搜狗拼音输入法 7.4正式版 (HKLM-x32\...\Sogou Input) (Version: 7.4.0.4019 - Sogou.com) 有道词典 (HKU\S-1-5-21-1528918704-3446041805-2680001631-1001\...\有道词典) (Version: 6.1 - 网易公司) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1528918704-3446041805-2680001631-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 19-12-2014 16:25:38 Windows Update 11-01-2015 15:50:00 Restore Point Created by FRST ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 23:25 - 2013-08-22 23:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0196B731-8965-4A2F-875A-0D3C96EC7A3A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {0D792D5D-7306-4749-9E23-9286724DC675} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2015-01-14] () Task: {14C353AF-D42E-4887-830F-9AFCC65605B1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-27] (Piriform Ltd) Task: {227AFEB0-3F05-4FBA-8EB4-7C7720CEEBE7} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-08] (ASUS) Task: {2E0AD6E9-EAC5-48EA-BBE8-FB947138A1E2} - System32\Tasks\ASUS Vivokey => C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe [2014-02-05] (ASUSTek Computer Inc.) Task: {36348FD1-2900-45D3-8D8C-FEDE04DB2409} - System32\Tasks\{70EF4C8E-BA63-4C98-BC85-2CDC702ADDAB} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=7.0.0.100&LastError=-9 Task: {5472E2AF-96F4-4559-ABE6-4969843E10AF} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2013-11-28] () Task: {597E568E-2158-48D6-90AF-FF5D1DA1FD1E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-20] (Realtek Semiconductor) Task: {5E23BBAA-4D58-494C-B86E-76CC928B4377} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-23] (Google Inc.) Task: {68340DDA-B1BB-420A-8C95-11DD8F157193} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-30] (ASUSTek Computer Inc.) Task: {70C6AD50-58D4-4DD6-AD6E-F2CB193052E7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {790232AB-31E1-45E9-9DC0-69DD14932C1A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-23] (Google Inc.) Task: {7C25F497-68F8-4CB7-B3D4-0928352B31D0} - System32\Tasks\{2F5DE8CB-C3B3-4621-B9CA-ED9D5493DF4B} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=7.0.0.100&LastError=-9 Task: {7C7A1BEC-030B-4A4D-B6F0-0D80E03056BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-14] (Microsoft Corporation) Task: {80313494-8077-49BF-B453-003EAC4E8876} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-30] (ASUS) Task: {82D560BB-BB8E-43C1-B046-A04482475266} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe Task: {9193E8FC-6932-4F8C-8116-491BEAAAA257} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2015-01-14] () Task: {9379913C-5956-4159-8EC0-4478EBEE294A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {9381423E-94F7-4B40-A4B5-11EAB1510D21} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1528918704-3446041805-2680001631-1001Core => C:\Users\juz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-19] (Facebook Inc.) Task: {9797244D-05FD-489A-8795-F0E77DAE927C} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-02-11] (Realtek Semiconductor) Task: {9B5A670F-547D-4406-8E89-C8624B86842F} - System32\Tasks\{9E2B87A7-FAAA-4ADC-BD41-7ABE4BB99868} => pcalua.exe -a C:\Users\juz\AppData\Roaming\mxnitro\1.0.0.800\Uninstall.exe Task: {AEB5A420-29DB-4F1E-AC7B-16C5ABEF8736} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-15] (ASUSTek Computer Inc.) Task: {B074643C-D123-40F1-8236-377737ED1EFF} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2013-08-30] () Task: {B4F75879-9556-4D01-820D-75885494C19C} - System32\Tasks\{7706025F-1D49-4715-A083-8949B5F4040F} => pcalua.exe -a C:\Users\juz\AppData\Local\Youdao\Dict\Application\uninst.exe Task: {BFE9C682-9B73-419A-8324-2591A1503ACE} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-05] () Task: {C1000CE7-5100-4BB9-9098-49E688FB199A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1528918704-3446041805-2680001631-1001UA => C:\Users\juz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-19] (Facebook Inc.) Task: {CF1D8D2D-1B3C-4115-A23F-E49CA85EE9F7} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-08] (ASUSTeK Computer Inc.) Task: {EB6C20B9-72BD-46A0-AE8A-9ADCB63B0ECC} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-02-14] (AsusTek) Task: {FB515DF3-7976-423A-B934-0E5F957BB95D} - System32\Tasks\SogouImeMgr => C:\Program Files (x86)\SogouInput\SogouExe\SogouExe.exe [2014-10-20] (Sogou.com Inc.) Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1528918704-3446041805-2680001631-1001Core.job => C:\Users\juz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1528918704-3446041805-2680001631-1001UA.job => C:\Users\juz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-05-18 11:42 - 2014-03-14 05:26 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-07-26 22:36 - 2012-11-15 02:48 - 00034304 _____ () C:\Windows\System32\ssk4mlm.dll 2014-05-18 12:01 - 2013-08-27 09:29 - 00755728 _____ () C:\Windows\SYSTEM32\sqlite3.dll 2014-12-27 00:00 - 2014-07-08 20:42 - 00048568 _____ () C:\Users\juz\AppData\Local\Youdao\Dict\Application\6.3.66.1117\WordStrokeHelper64.dll 2013-08-30 09:01 - 2013-08-30 09:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2014-03-27 12:32 - 2014-03-18 13:10 - 00080312 _____ () C:\Windows\system32\igfxexps.dll 2012-03-09 11:58 - 2012-03-09 11:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2012-03-09 11:58 - 2012-03-09 11:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll 2014-07-04 19:25 - 2014-03-27 13:22 - 00734720 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe 2014-12-27 00:00 - 2014-12-27 00:00 - 02507704 _____ () C:\Users\juz\AppData\Local\Youdao\Dict\Application\6.3.66.1117\YoudaoDictHelper.exe 2014-12-27 00:00 - 2014-09-12 03:20 - 02479544 _____ () C:\Users\juz\AppData\Local\Youdao\Dict\Application\6.3.66.1117\TextExtractorImpl64.dll 2014-12-27 00:00 - 2014-07-08 20:42 - 00192952 _____ () C:\Users\juz\AppData\Local\Youdao\Dict\Application\6.3.66.1117\YoudaoWSH.exe 2013-09-05 02:17 - 2013-09-05 02:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 17:23 - 2010-10-20 17:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2012-03-08 12:27 - 2012-03-08 12:27 - 00016384 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ACVsWin.dll 2014-04-23 18:05 - 2014-04-23 18:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-04-23 18:04 - 2014-04-23 18:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-10-09 13:41 - 2013-10-09 13:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-12-27 00:00 - 2014-07-08 20:42 - 00042936 _____ () C:\Users\juz\AppData\Local\Youdao\Dict\Application\6.3.66.1117\WordStrokeHelper32.dll 2013-09-10 11:23 - 2013-09-10 11:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2014-12-27 00:00 - 2014-07-08 20:42 - 00095936 _____ () C:\Users\juz\AppData\Local\Youdao\Dict\Application\6.3.66.1117\CrashRpt.dll 2014-12-27 00:00 - 2014-11-30 01:51 - 34902968 _____ () C:\Users\juz\AppData\Local\Youdao\Dict\Application\6.3.66.1117\libcef.dll 2014-12-27 00:00 - 2014-11-30 01:51 - 04881848 _____ () C:\Users\juz\AppData\Local\Youdao\Dict\Application\6.3.66.1117\v8.dll 2014-12-27 00:00 - 2014-11-30 01:51 - 00183736 _____ () C:\Users\juz\AppData\Local\Youdao\Dict\Application\6.3.66.1117\uv.dll 2014-12-27 00:00 - 2014-09-12 03:20 - 01873336 _____ () C:\Users\juz\AppData\Local\Youdao\Dict\Application\6.3.66.1117\TextExtractorImpl32.dll 2014-07-08 20:42 - 2014-07-08 20:42 - 01577912 _____ () C:\Users\juz\AppData\Local\Youdao\Dict\Application\Stable\Acrobat2Dict.dll 2014-07-04 19:24 - 2014-04-29 19:11 - 01341440 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll 2014-07-04 19:24 - 2013-03-01 12:30 - 00059904 _____ () C:\Program Files (x86)\Syncios\zlib.dll 2014-07-04 19:24 - 2013-03-01 12:30 - 00526848 _____ () C:\Program Files (x86)\Syncios\sqlite3.dll 2014-07-04 19:25 - 2014-04-29 19:11 - 00067072 _____ () C:\Program Files (x86)\Syncios\zlib1.dll 2014-07-04 19:25 - 2014-01-06 13:24 - 00671744 _____ () C:\Program Files (x86)\Syncios\hashab.dll 2014-04-23 18:04 - 2014-04-23 18:04 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2014-12-27 00:00 - 2014-11-30 01:51 - 01605048 _____ () C:\Users\juz\AppData\Local\Youdao\Dict\Application\6.3.66.1117\ffmpegsumo.dll 2014-05-18 11:36 - 2013-10-24 06:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\juz\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-1528918704-3446041805-2680001631-500 - Administrator - Disabled) Guest (S-1-5-21-1528918704-3446041805-2680001631-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1528918704-3446041805-2680001631-1003 - Limited - Enabled) juz (S-1-5-21-1528918704-3446041805-2680001631-1001 - Administrator - Enabled) => C:\Users\juz ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/14/2015 07:28:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Explorer.EXE version 6.3.9600.17284 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: dbc Start Time: 01d02fdc13249f84 Termination Time: 0 Application Path: C:\Windows\Explorer.EXE Report Id: a170bc50-9bcf-11e4-828e-ac7ba1d16f8b Faulting package full name: Faulting package-relative application ID: Error: (01/14/2015 03:46:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1343 Error: (01/14/2015 03:46:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1343 Error: (01/14/2015 03:46:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/14/2015 02:59:32 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3829 Error: (01/14/2015 02:59:32 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3829 Error: (01/14/2015 02:59:32 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/14/2015 11:14:58 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2266 Error: (01/14/2015 11:14:58 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2266 Error: (01/14/2015 11:14:58 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (01/14/2015 07:23:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error: (01/14/2015 07:23:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error: (01/14/2015 07:22:40 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: %%1056 Error: (01/14/2015 07:22:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error: (01/14/2015 07:22:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (01/14/2015 07:22:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s). Error: (01/14/2015 07:22:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Bonjour Service service terminated unexpectedly. It has done this 1 time(s). Error: (01/14/2015 07:22:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The NVIDIA Network Service service terminated unexpectedly. It has done this 1 time(s). Error: (01/14/2015 07:22:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s). Error: (01/14/2015 07:22:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The GamesAppIntegrationService service terminated unexpectedly. It has done this 1 time(s). Microsoft Office Sessions: ========================= Error: (01/14/2015 07:28:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Explorer.EXE6.3.9600.17284dbc01d02fdc13249f840C:\Windows\Explorer.EXEa170bc50-9bcf-11e4-828e-ac7ba1d16f8b Error: (01/14/2015 03:46:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1343 Error: (01/14/2015 03:46:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1343 Error: (01/14/2015 03:46:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/14/2015 02:59:32 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3829 Error: (01/14/2015 02:59:32 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3829 Error: (01/14/2015 02:59:32 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/14/2015 11:14:58 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2266 Error: (01/14/2015 11:14:58 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2266 Error: (01/14/2015 11:14:58 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second CodeIntegrity Errors: =================================== Date: 2015-01-11 16:45:35.064 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-11 16:45:34.720 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-16 13:23:54.328 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-16 13:23:53.978 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-05 17:51:08.565 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-05 17:51:08.081 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-28 11:36:09.380 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-28 11:36:08.944 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-23 14:35:44.672 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-23 14:35:44.406 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz Percentage of memory in use: 42% Total physical RAM: 3979.28 MB Available physical RAM: 2284.32 MB Total Pagefile: 8331.28 MB Available Pagefile: 6479.66 MB Total Virtual: 131072 MB Available Virtual: 131071.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:83.78 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (Data) (Fixed) (Total:258.34 GB) (Free:258.22 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: FAE7D78D) Partition: GPT Partition Type. ==================== End Of Log ============================