Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015 Ran by chris at 2015-03-13 01:09:07 Running from C:\Users\chris\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2214 - AVAST Software) Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment) BOINC (HKLM\...\{D5F38128-79BF-4904-A3C9-D399537DAE80}) (Version: 7.4.36 - Space Sciences Laboratory, U.C. Berkeley) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Borderlands 2 (HKLM\...\Steam App 49520) (Version: - Gearbox Software) CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform) Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.1.2) (Version: 5.0.1.2 - Coupons.com Incorporated) Curse (HKLM\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse) Diablo III (HKLM\...\Diablo III) (Version: - Blizzard Entertainment) Dota 2 (HKLM\...\Steam App 570) (Version: - Valve) Dropbox (HKU\S-1-5-21-1161005709-739677458-2447788345-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.) Dungeon Defenders (HKLM\...\Steam App 65800) (Version: - Trendy Entertainment) Five Nights at Freddy's (HKLM\...\Steam App 319510) (Version: - Scott Cawthon) Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM\...\Heroes of the Storm) (Version: - Blizzard Entertainment) InfiniteCrisis_6EDD581C692E (HKLM\...\InfiniteCrisis_6EDD581C692E) (Version: - Turbine, Inc) iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.) Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (Version: 3.0.1 - Riot Games) Hidden Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve) LEGO MARVEL Super Heroes (HKLM\...\Steam App 249130) (Version: - Traveller's Tales) Magicka: Wizard Wars (HKLM\...\Steam App 202090) (Version: - Paradox North) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Marvel Puzzle Quest (HKLM\...\Steam App 234330) (Version: - Demiurge Studios) Maxthon Cloud Browser (HKLM\...\Maxthon3) (Version: 4.4.4.2000 - Maxthon International Limited) Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 36.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla) NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation) NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation) NVIDIA Miracast Virtual Audio 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.52 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) PCGen6021 (HKLM\...\PCGen6021) (Version: - ) Pidgin (HKLM\...\Pidgin) (Version: 2.10.10 - ) PlanetSide 2 (HKLM\...\Steam App 218230) (Version: - Sony Online Entertainment) Poker Night at the Inventory (HKLM\...\Steam App 31280) (Version: - Telltale Games) Raptr (HKLM\...\Raptr) (Version: - ) Razer Synapse (HKLM\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.24565 - Razer Inc.) SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden Skype™ 7.1 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-1161005709-739677458-2447788345-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB) Steam (HKLM\...\Steam) (Version: - Valve Corporation) System Requirements Lab CYRI (HKLM\...\{1110A014-1471-4B66-BFDC-E8EED120CC59}) (Version: 6.0.20.0 - Husdawg, LLC) Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.36897 - TeamViewer) Torchlight II (HKLM\...\Steam App 200710) (Version: - Runic Games) Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1001_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.) CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1004_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\boinc_master\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1004_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\boinc_master\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll No File CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1004_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\boinc_master\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll No File CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1004_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\boinc_master\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll No File CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1004_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\boinc_master\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll No File CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1004_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\boinc_master\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll No File CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1004_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\boinc_master\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll No File CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1004_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\boinc_master\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll No File CustomCLSID: HKU\S-1-5-21-1161005709-739677458-2447788345-1004_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\boinc_master\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll No File ==================== Restore Points ========================= 19-02-2015 10:04:31 Scheduled Checkpoint 28-02-2015 09:57:52 Scheduled Checkpoint 03-03-2015 05:12:28 avast! antivirus system restore point 11-03-2015 09:38:47 Scheduled Checkpoint 12-03-2015 12:53:24 Uniblue DriverScanner installation ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 02:13 - 2013-08-22 02:13 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {025F900D-1DC6-4BCD-AAF6-2494F4D66B9E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd) Task: {0A4FD721-FF9F-41CA-8ED5-1CAC4CFF1A4D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {2AF0FB8E-A6DE-4487-9928-24C1EFC1C91D} - System32\Tasks\{2E748AFE-E79B-4117-B7E8-C005A66FC2D4} => pcalua.exe -a "C:\Program Files\BubbleSound\Uninstall.exe" Task: {2BF8F794-821E-4931-AA65-15AA7D3A70B7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-03] (Avast Software s.r.o.) Task: {33795BF4-CAAA-4B6A-9ED7-2518DD8185C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-13] (Google Inc.) Task: {439BBDA7-5710-42E8-A828-1C25E837EBFB} - System32\Tasks\ObronaCleanerUacSkip => C:\Users\chris\AppData\Local\Obrona Cleaner\ObronaCleaner.exe Task: {5BAADFC0-468B-4A1E-A7F4-24582289EBE9} - \Startup Time Check No Task File <==== ATTENTION Task: {669D0308-3172-4F5A-AED0-7F9BDF428FD4} - System32\Tasks\{337CFE7E-C41E-42EF-BB25-38B032B19C7A} => pcalua.exe -a "C:\Program Files\RelevantKnowledge\rlvknlg.exe" -c -bootremove -uninst:RelevantKnowledge Task: {71B66586-663D-4747-9BBF-5D1D95A5B924} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated) Task: {86D82E91-6D13-4ED3-82BA-3BCD70CDB677} - \Run_Bobby_Browser No Task File <==== ATTENTION Task: {A3205BBF-8FC0-4917-95F2-16A68BA04EA6} - System32\Tasks\ArcadeYum => C:\Users\chris\AppData\Local\ArcadeYum\ArcadeYumVersionControl.exe Task: {B5FA27AA-5C0C-4107-93E8-777919C32A86} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon\Bin\Maxthon.exe [2015-02-11] (Maxthon International ltd.) Task: {BC5DC5CA-DB49-49CE-B61E-BD48DD307B66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-13] (Google Inc.) Task: {ED33DEAC-5322-40CF-89BC-23D18E5C8E51} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-11] (Microsoft Corporation) Task: {FFEC7CB4-B86C-406D-ABFD-9BBD1AEE31D6} - \avayvaxxvae No Task File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\ArcadeYum.job => C:\Users\chris\AppData\Local\ArcadeYum\ArcadeYumVersionControl.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-07-13 22:07 - 2015-02-05 14:27 - 00108864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2015-03-03 05:15 - 2015-03-03 05:15 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-03-03 05:15 - 2015-03-03 05:15 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-03-12 19:20 - 2015-03-12 19:20 - 02922496 _____ () C:\Program Files\AVAST Software\Avast\defs\15031204\algo.dll 2014-07-10 17:49 - 2013-04-15 11:49 - 02869248 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006SU.DLL 2014-07-10 17:49 - 2013-04-15 11:48 - 00949248 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006GC.dll 2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-10-15 13:23 - 2013-10-15 13:23 - 00190976 _____ () C:\Program Files\BOINC\zlib1.dll 2015-02-04 20:24 - 2015-02-04 20:25 - 00187072 _____ () C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe 2015-03-03 05:15 - 2015-03-03 05:15 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-02-05 05:20 - 2015-02-05 05:20 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00036878 _____ () C:\Program Files\Pidgin\libssp-0.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00671031 _____ () C:\Program Files\Pidgin\exchndl.dll 2014-11-03 15:26 - 2014-11-03 15:26 - 00904525 _____ () C:\Program Files\Pidgin\Gtk\bin\libcairo-2.dll 2014-11-03 15:26 - 2014-11-03 15:26 - 00100352 _____ () C:\Program Files\Pidgin\Gtk\bin\zlib1.dll 2014-11-03 15:26 - 2014-11-03 15:26 - 00279059 _____ () C:\Program Files\Pidgin\Gtk\bin\libfontconfig-1.dll 2014-11-03 15:26 - 2014-11-03 15:26 - 00553382 _____ () C:\Program Files\Pidgin\Gtk\bin\freetype6.dll 2014-11-03 15:26 - 2014-11-03 15:26 - 00216992 _____ () C:\Program Files\Pidgin\Gtk\bin\libpng14-14.dll 2014-10-19 16:39 - 2014-10-19 16:39 - 01274655 _____ () C:\Program Files\Pidgin\libxml2-2.dll 2014-11-03 15:26 - 2014-11-03 15:26 - 00177586 _____ () C:\Program Files\Pidgin\Gtk\bin\libexpat-1.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00475580 _____ () C:\Program Files\Pidgin\spellcheck\libgtkspell-0.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00020997 _____ () C:\Program Files\Pidgin\plugins\autoaccept.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00013253 _____ () C:\Program Files\Pidgin\plugins\buddynote.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00024924 _____ () C:\Program Files\Pidgin\plugins\convcolors.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00015702 _____ () C:\Program Files\Pidgin\plugins\extplacement.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00014147 _____ () C:\Program Files\Pidgin\plugins\gtkbuddynote.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00018882 _____ () C:\Program Files\Pidgin\plugins\history.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00012865 _____ () C:\Program Files\Pidgin\plugins\iconaway.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00019043 _____ () C:\Program Files\Pidgin\plugins\idle.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00018555 _____ () C:\Program Files\Pidgin\plugins\joinpart.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00015074 _____ () C:\Program Files\Pidgin\plugins\libaim.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00311021 _____ () C:\Program Files\Pidgin\liboscar.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00092398 _____ () C:\Program Files\Pidgin\plugins\libbonjour.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00328142 _____ () C:\Program Files\Pidgin\plugins\libgg.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00016005 _____ () C:\Program Files\Pidgin\plugins\libicq.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00107365 _____ () C:\Program Files\Pidgin\plugins\libirc.dll 2014-10-19 16:39 - 2014-10-19 16:39 - 00190464 _____ () C:\Program Files\Pidgin\libsasl.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00374169 _____ () C:\Program Files\Pidgin\plugins\libmsn.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00150598 _____ () C:\Program Files\Pidgin\plugins\libmxit.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00106670 _____ () C:\Program Files\Pidgin\plugins\libmyspace.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00123540 _____ () C:\Program Files\Pidgin\plugins\libnovell.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00116071 _____ () C:\Program Files\Pidgin\plugins\libsametime.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00152852 _____ () C:\Program Files\Pidgin\libmeanwhile-1.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00170578 _____ () C:\Program Files\Pidgin\plugins\libsilc.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 02097721 _____ () C:\Program Files\Pidgin\libsilc-1-1-2.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00818985 _____ () C:\Program Files\Pidgin\libsilcclient-1-1-3.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00055880 _____ () C:\Program Files\Pidgin\plugins\libsimple.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00021337 _____ () C:\Program Files\Pidgin\plugins\libxmpp.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00417758 _____ () C:\Program Files\Pidgin\libjabber.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00022832 _____ () C:\Program Files\Pidgin\plugins\libyahoo.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00236666 _____ () C:\Program Files\Pidgin\libymsg.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00019793 _____ () C:\Program Files\Pidgin\plugins\libyahoojp.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00047934 _____ () C:\Program Files\Pidgin\plugins\log_reader.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00021795 _____ () C:\Program Files\Pidgin\plugins\markerline.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00013456 _____ () C:\Program Files\Pidgin\plugins\newline.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00029225 _____ () C:\Program Files\Pidgin\plugins\notify.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00017023 _____ () C:\Program Files\Pidgin\plugins\offlinemsg.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00029256 _____ () C:\Program Files\Pidgin\plugins\pidginrc.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00015380 _____ () C:\Program Files\Pidgin\plugins\psychic.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00015429 _____ () C:\Program Files\Pidgin\plugins\relnot.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00015045 _____ () C:\Program Files\Pidgin\plugins\sendbutton.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00069575 _____ () C:\Program Files\Pidgin\plugins\spellchk.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00031427 _____ () C:\Program Files\Pidgin\plugins\ssl-nss.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00012004 _____ () C:\Program Files\Pidgin\plugins\ssl.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00015978 _____ () C:\Program Files\Pidgin\plugins\statenotify.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00030353 _____ () C:\Program Files\Pidgin\plugins\themeedit.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00032020 _____ () C:\Program Files\Pidgin\plugins\ticker.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00018399 _____ () C:\Program Files\Pidgin\plugins\timestamp.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00023851 _____ () C:\Program Files\Pidgin\plugins\timestamp_format.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00029791 _____ () C:\Program Files\Pidgin\plugins\win2ktrans.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00030771 _____ () C:\Program Files\Pidgin\plugins\winprefs.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00037191 _____ () C:\Program Files\Pidgin\plugins\xmppconsole.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00044494 _____ () C:\Program Files\Pidgin\plugins\xmppdisco.dll 2014-10-19 16:39 - 2014-10-19 16:39 - 00102400 _____ () C:\Program Files\Pidgin\sasl2\saslANONYMOUS.dll 2014-10-19 16:39 - 2014-10-19 16:39 - 00115712 _____ () C:\Program Files\Pidgin\sasl2\saslCRAMMD5.dll 2014-10-19 16:39 - 2014-10-19 16:39 - 00140288 _____ () C:\Program Files\Pidgin\sasl2\saslDIGESTMD5.dll 2014-10-19 16:39 - 2014-10-19 16:39 - 00102912 _____ () C:\Program Files\Pidgin\sasl2\saslLOGIN.dll 2014-10-19 16:39 - 2014-10-19 16:39 - 00102912 _____ () C:\Program Files\Pidgin\sasl2\saslPLAIN.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00486400 _____ () C:\Program Files\Pidgin\sqlite3.dll 2014-11-03 15:26 - 2014-11-03 15:26 - 00090496 _____ () C:\Program Files\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00509014 _____ () C:\Program Files\Pidgin\spellcheck\lib\enchant\libenchant_ispell.dll 2014-10-19 16:40 - 2014-10-19 16:40 - 00999501 _____ () C:\Program Files\Pidgin\spellcheck\lib\enchant\libenchant_myspell.dll 2015-03-03 05:15 - 2015-03-03 05:15 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll 2015-03-03 05:15 - 2015-03-03 05:15 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll 2015-02-12 03:55 - 2015-02-12 03:55 - 00291840 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2015-01-18 00:45 - 2014-11-25 22:12 - 40622592 _____ () C:\Users\chris\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2015-02-05 23:39 - 2015-02-05 23:39 - 00192512 _____ () C:\ProgramData\Razer\Synapse\RzStats\RigWrapper.dll 2010-11-22 18:56 - 2010-11-22 18:56 - 00087040 _____ () C:\Program Files\Raptr\_ctypes.pyd 2010-11-22 18:56 - 2010-11-22 18:56 - 00043008 _____ () C:\Program Files\Raptr\_socket.pyd 2010-11-22 18:56 - 2010-11-22 18:56 - 00805376 _____ () C:\Program Files\Raptr\_ssl.pyd 2014-05-13 19:26 - 2014-05-13 19:26 - 05812736 _____ () C:\Program Files\Raptr\PyQt4.QtGui.pyd 2014-05-13 19:26 - 2014-05-13 19:26 - 00067584 _____ () C:\Program Files\Raptr\sip.pyd 2014-05-13 19:26 - 2014-05-13 19:26 - 01662464 _____ () C:\Program Files\Raptr\PyQt4.QtCore.pyd 2014-05-13 19:26 - 2014-05-13 19:26 - 00494592 _____ () C:\Program Files\Raptr\PyQt4.QtNetwork.pyd 2010-11-22 18:57 - 2010-11-22 18:57 - 00096256 _____ () C:\Program Files\Raptr\win32api.pyd 2010-11-22 18:56 - 2010-11-22 18:56 - 00110592 _____ () C:\Program Files\Raptr\pywintypes26.dll 2010-11-22 18:56 - 2010-11-22 18:56 - 00010240 _____ () C:\Program Files\Raptr\select.pyd 2010-11-22 18:56 - 2010-11-22 18:56 - 00356864 _____ () C:\Program Files\Raptr\_hashlib.pyd 2010-11-22 18:57 - 2010-11-22 18:57 - 00036352 _____ () C:\Program Files\Raptr\win32process.pyd 2010-11-22 18:57 - 2010-11-22 18:57 - 00111104 _____ () C:\Program Files\Raptr\win32file.pyd 2010-11-22 18:56 - 2010-11-22 18:56 - 00044544 _____ () C:\Program Files\Raptr\_sqlite3.pyd 2011-02-15 14:17 - 2011-02-15 14:17 - 00417501 _____ () C:\Program Files\Raptr\sqlite3.dll 2010-11-22 18:57 - 2010-11-22 18:57 - 00167936 _____ () C:\Program Files\Raptr\win32gui.pyd 2014-05-13 19:26 - 2014-05-13 19:26 - 00313856 _____ () C:\Program Files\Raptr\PyQt4.QtWebKit.pyd 2010-11-22 18:56 - 2010-11-22 18:56 - 00127488 _____ () C:\Program Files\Raptr\pyexpat.pyd 2010-11-22 18:56 - 2010-11-22 18:56 - 00009216 _____ () C:\Program Files\Raptr\winsound.pyd 2010-11-22 18:56 - 2010-11-22 18:56 - 00354304 _____ () C:\Program Files\Raptr\pythoncom26.dll 2010-11-22 18:57 - 2010-11-22 18:57 - 00016384 _____ () C:\Program Files\Raptr\win32trace.pyd 2014-08-13 20:37 - 2014-08-13 20:37 - 00113171 _____ () C:\Program Files\Raptr\libvlc.dll 2014-08-13 20:37 - 2014-08-13 20:37 - 02396691 _____ () C:\Program Files\Raptr\libvlccore.dll 2010-11-22 18:57 - 2010-11-22 18:57 - 00263168 _____ () C:\Program Files\Raptr\win32com.shell.shell.pyd 2010-11-22 18:56 - 2010-11-22 18:56 - 00583680 _____ () C:\Program Files\Raptr\unicodedata.pyd 2010-11-22 18:56 - 2010-11-22 18:56 - 00324608 _____ () C:\Program Files\Raptr\PIL._imaging.pyd 2013-11-20 20:05 - 2013-11-20 20:05 - 00256000 _____ () C:\Program Files\Raptr\amd_ags.dll 2012-02-06 16:28 - 2012-02-06 16:28 - 00010752 _____ () C:\Program Files\Raptr\Crypto.Random.OSRNG.winrandom.pyd 2012-02-06 16:28 - 2012-02-06 16:28 - 00011264 _____ () C:\Program Files\Raptr\Crypto.Util._counter.pyd 2012-02-06 16:28 - 2012-02-06 16:28 - 00031744 _____ () C:\Program Files\Raptr\Crypto.Cipher.AES.pyd 2010-11-22 18:57 - 2010-11-22 18:57 - 00141312 _____ () C:\Program Files\Raptr\gobject._gobject.pyd 2014-06-17 20:56 - 2014-06-17 20:56 - 02717595 _____ () C:\Program Files\Raptr\heliotrope._purple.pyd 2011-02-15 14:17 - 2011-02-15 14:17 - 01213633 _____ () C:\Program Files\Raptr\libxml2-2.dll 2010-11-22 19:06 - 2010-11-22 19:06 - 00055808 _____ () C:\Program Files\Raptr\zlib1.dll 2013-05-09 19:52 - 2013-05-09 19:52 - 00495680 _____ () C:\Program Files\Raptr\plugins\libaim.dll 2013-05-09 19:52 - 2013-05-09 19:52 - 01183699 _____ () C:\Program Files\Raptr\liboscar.dll 2013-05-09 19:52 - 2013-05-09 19:52 - 00483306 _____ () C:\Program Files\Raptr\plugins\libicq.dll 2013-05-03 14:57 - 2013-05-03 14:57 - 00655356 _____ () C:\Program Files\Raptr\plugins\libirc.dll 2013-05-03 14:56 - 2013-05-03 14:56 - 01306387 _____ () C:\Program Files\Raptr\plugins\libmsn.dll 2013-05-03 14:56 - 2013-05-03 14:56 - 00565461 _____ () C:\Program Files\Raptr\plugins\libxmpp.dll 2013-05-03 14:57 - 2013-05-03 14:57 - 01640221 _____ () C:\Program Files\Raptr\libjabber.dll 2013-05-03 14:56 - 2013-05-03 14:56 - 00506276 _____ () C:\Program Files\Raptr\plugins\libyahoo.dll 2013-05-03 14:57 - 2013-05-03 14:57 - 01053730 _____ () C:\Program Files\Raptr\libymsg.dll 2013-05-03 14:57 - 2013-05-03 14:57 - 00497782 _____ () C:\Program Files\Raptr\plugins\libyahoojp.dll 2013-05-03 14:57 - 2013-05-03 14:57 - 00603326 _____ () C:\Program Files\Raptr\plugins\ssl-nss.dll 2013-05-03 14:57 - 2013-05-03 14:57 - 00474199 _____ () C:\Program Files\Raptr\plugins\ssl.dll 2015-01-18 00:45 - 2014-11-25 22:12 - 00911360 _____ () C:\Users\chris\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2015-01-18 00:45 - 2014-11-25 22:12 - 00134144 _____ () C:\Users\chris\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2015-03-04 18:08 - 2015-03-04 18:08 - 00750080 _____ () C:\Users\chris\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-03-12 23:38 - 2015-03-12 23:38 - 00043008 _____ () c:\users\chris\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplbgtjv.dll 2015-03-04 18:08 - 2015-03-04 18:08 - 00047616 _____ () C:\Users\chris\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-03-04 18:08 - 2015-03-04 18:08 - 00865280 _____ () C:\Users\chris\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-03-04 18:07 - 2015-03-04 18:07 - 00200704 _____ () C:\Users\chris\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2015-03-12 23:46 - 2015-02-09 05:56 - 00258944 _____ () C:\Program Files\Maxthon\bin\Maxzlib.dll 2015-03-12 23:46 - 2015-02-09 05:56 - 02128152 _____ () C:\Program Files\Maxthon\Core\Webkit\ffmpegsumo.dll 2015-03-12 23:47 - 2015-02-09 05:56 - 00247096 _____ () C:\Program Files\Maxthon\Addons\Mobile\MxMobile.dll 2015-03-12 23:46 - 2015-02-09 05:56 - 00258944 _____ () C:\Program Files\Maxthon\Bin\maxzlib.dll 2015-03-12 23:46 - 2015-02-09 05:56 - 00887064 _____ () C:\Program Files\Maxthon\Core\Webkit\libglesv2.dll 2015-03-12 23:46 - 2015-02-09 05:56 - 00109336 _____ () C:\Program Files\Maxthon\Core\Webkit\libegl.dll 2015-03-12 23:46 - 2015-02-09 05:56 - 04055504 _____ () C:\Program Files\Maxthon\Core\Webkit\pdf.dll 2015-02-04 15:06 - 2015-02-04 15:06 - 16852144 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll 2015-03-12 13:18 - 2015-02-25 09:50 - 00279040 ___SH () C:\Program Files\Mpidentantolycodal\Mpidentantolycodal.exe ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\chris\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1161005709-739677458-2447788345-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\chris\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 8.8.8.8 - 8.8.4.4 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "Start GeekBuddy.lnk" HKLM\...\StartupApproved\Run: => "tvncontrol" HKLM\...\StartupApproved\Run: => "Raptr" HKU\S-1-5-21-1161005709-739677458-2447788345-1001\...\StartupApproved\Run: => "Raptr" HKU\S-1-5-21-1161005709-739677458-2447788345-1001\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== Accounts: ============================= Administrator (S-1-5-21-1161005709-739677458-2447788345-500 - Administrator - Disabled) boinc_master (S-1-5-21-1161005709-739677458-2447788345-1004 - Limited - Enabled) => C:\Users\boinc_master boinc_project (S-1-5-21-1161005709-739677458-2447788345-1005 - Limited - Enabled) chris (S-1-5-21-1161005709-739677458-2447788345-1001 - Administrator - Enabled) => C:\Users\chris Guest (S-1-5-21-1161005709-739677458-2447788345-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1161005709-739677458-2447788345-1003 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/13/2015 00:49:55 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2068 Start Time: 01d05d486a7c0a05 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe\LiveComm.exe Report Id: 5e81b91c-c93c-11e4-977a-406186602fe8 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (03/13/2015 00:30:23 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 253c Start Time: 01d05d45a9a3073f Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe\LiveComm.exe Report Id: 9de068f7-c939-11e4-977a-406186602fe8 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (03/13/2015 00:20:00 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 25ec Start Time: 01d05d4439c3604a Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe\LiveComm.exe Report Id: 2e3d56a7-c938-11e4-977a-406186602fe8 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (03/12/2015 11:36:51 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: a38 Start Time: 01d05d3e29f7383b Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe\LiveComm.exe Report Id: 21d13e80-c932-11e4-977a-406186602fe8 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (03/12/2015 07:24:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: silentuninstaller.exe, version: 0.0.0.0, time stamp: 0x54a19219 Faulting module name: silentuninstaller.exe, version: 0.0.0.0, time stamp: 0x54a19219 Exception code: 0xc0000409 Fault offset: 0x000090d0 Faulting process id: 0x17e8 Faulting application start time: 0xsilentuninstaller.exe0 Faulting application path: silentuninstaller.exe1 Faulting module path: silentuninstaller.exe2 Report Id: silentuninstaller.exe3 Faulting package full name: silentuninstaller.exe4 Faulting package-relative application ID: silentuninstaller.exe5 Error: (03/12/2015 07:24:07 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Au_.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 9b8 Start Time: 01d05d1b68d31c5f Termination Time: 4294967295 Application Path: C:\Users\chris\AppData\Local\Temp\~nsu.tmp\Au_.exe Report Id: bf8a22b2-c90e-11e4-9778-406186602fe8 Faulting package full name: Faulting package-relative application ID: Error: (03/12/2015 01:06:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ObronaCleaner.exe, version: 1.0.0.0, time stamp: 0x54ede102 Faulting module name: ntdll.dll, version: 6.3.9600.17668, time stamp: 0x54c846b4 Exception code: 0xc0000374 Fault offset: 0x000d0ce2 Faulting process id: 0x2968 Faulting application start time: 0xObronaCleaner.exe0 Faulting application path: ObronaCleaner.exe1 Faulting module path: ObronaCleaner.exe2 Report Id: ObronaCleaner.exe3 Faulting package full name: ObronaCleaner.exe4 Faulting package-relative application ID: ObronaCleaner.exe5 Error: (03/12/2015 00:54:56 PM) (Source: MsiInstaller) (EventID: 11309) (User: COOKIE) Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it. Error: (03/12/2015 00:52:48 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {25670eeb-ba2c-4473-b279-f4878401bfd8} Error: (03/12/2015 08:31:23 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (03/13/2015 00:39:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Mpidentantolycodal service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. Error: (03/12/2015 11:35:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Software Protection service hung on starting. Error: (03/12/2015 11:31:00 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Mpidentantolycodal service hung on starting. Error: (03/12/2015 07:27:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Mpidentantolycodal service hung on starting. Error: (03/12/2015 07:26:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Hotspot Shield Service service failed to start due to the following error: %%2 Error: (03/12/2015 07:25:12 PM) (Source: DCOM) (EventID: 10010) (User: COOKIE) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (03/12/2015 07:20:46 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Mpidentantolycodal service hung on starting. Error: (03/12/2015 07:19:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Hotspot Shield Service service failed to start due to the following error: %%2 Error: (03/12/2015 07:18:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the YahooAUService service. Error: (03/12/2015 07:18:10 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BOINC service. Microsoft Office Sessions: ========================= Error: (03/13/2015 00:49:55 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20689206801d05d486a7c0a054294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe\LiveComm.exe5e81b91c-c93c-11e4-977a-406186602fe8microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (03/13/2015 00:30:23 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20689253c01d05d45a9a3073f4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe\LiveComm.exe9de068f7-c939-11e4-977a-406186602fe8microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (03/13/2015 00:20:00 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.2068925ec01d05d4439c3604a4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe\LiveComm.exe2e3d56a7-c938-11e4-977a-406186602fe8microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (03/12/2015 11:36:51 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20689a3801d05d3e29f7383b4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe\LiveComm.exe21d13e80-c932-11e4-977a-406186602fe8microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (03/12/2015 07:24:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: silentuninstaller.exe0.0.0.054a19219silentuninstaller.exe0.0.0.054a19219c0000409000090d017e801d05d1b9c8b70c5C:\Program Files\BubbleSound\silentuninstaller.exeC:\Program Files\BubbleSound\silentuninstaller.exeeb0d0f80-c90e-11e4-9778-406186602fe8 Error: (03/12/2015 07:24:07 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Au_.exe0.0.0.09b801d05d1b68d31c5f4294967295C:\Users\chris\AppData\Local\Temp\~nsu.tmp\Au_.exebf8a22b2-c90e-11e4-9778-406186602fe8 Error: (03/12/2015 01:06:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: ObronaCleaner.exe1.0.0.054ede102ntdll.dll6.3.9600.1766854c846b4c0000374000d0ce2296801d05ce509152fe9C:\Users\chris\AppData\Local\Obrona Cleaner\ObronaCleaner.exeC:\Windows\SYSTEM32\ntdll.dll2d5c02da-c8da-11e4-9777-406186602fe8 Error: (03/12/2015 00:54:56 PM) (Source: MsiInstaller) (EventID: 11309) (User: COOKIE) Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/12/2015 00:52:48 PM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005, Access is denied. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {25670eeb-ba2c-4473-b279-f4878401bfd8} Error: (03/12/2015 08:31:23 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\razer_common_driver\Vista_XP\DPInst_amd64.exe CodeIntegrity Errors: =================================== Date: 2014-07-18 20:12:11.699 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-18 19:28:06.505 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-18 19:05:51.207 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-18 18:39:16.487 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-18 18:17:46.534 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-18 01:54:33.418 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-17 21:35:44.956 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-17 20:54:49.723 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-17 20:48:34.731 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-17 20:40:26.065 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz Percentage of memory in use: 77% Total physical RAM: 3583.24 MB Available physical RAM: 789.46 MB Total Pagefile: 5930.93 MB Available Pagefile: 1489.98 MB Total Virtual: 2047.88 MB Available Virtual: 1867.95 MB ==================== Drives ================================ Drive c: (Main Beast) (Fixed) (Total:289.3 GB) (Free:116 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Backup) (Fixed) (Total:149.04 GB) (Free:62.36 GB) NTFS Drive f: (VADER) (Removable) (Total:3.76 GB) (Free:0.03 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 0C170C16) Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 34084AE9) Partition 1: (Active) - (Size=289.3 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 3.8 GB) (Disk ID: 04DD5721) Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0C) ==================== End Of Log ============================