Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015 Ran by michael at 2015-04-10 02:39:24 Running from C:\Users\michael\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.) Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon) Anki (HKLM-x32\...\Anki) (Version: - ) Assassin's Creed ® III (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.00 - Ubisoft) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.) Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP) Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell) Dell Update (HKLM-x32\...\{9E4750A7-90F6-4181-8A8A-B1ADF4216E93}) (Version: 1.0.1059.0 - Dell Inc.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) GMBlue: Player (HKLM-x32\...\GMPlayer-EarlyAccess) (Version: 1.99.385.35933 - YoYo Games Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.240 - SurfRight B.V.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation) McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3084480920-560358504-3113808803-1001\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell) My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org) Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.2.0.38 - Symantec Corporation) PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.) Python 3.4.2 (HKLM-x32\...\{2583CDBA-8A53-4622-BB67-1D163714C1B4}) (Version: 3.4.16349 - Python Software Foundation) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.304 - Qualcomm Atheros Communications) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7016 - Realtek Semiconductor Corp.) Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden UE4 Prerequisites (x86) (HKLM-x32\...\{162863d7-4b83-429c-baa7-fcedd09f331f}) (Version: 1.0.8.0 - Epic Games, Inc.) UE4 Prerequisites (x86) (x32 Version: 1.0.8.0 - Epic Games, Inc.) Hidden Unity (HKLM-x32\...\Unity) (Version: 4.6.1f1 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-3084480920-560358504-3113808803-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS) Update for Japanese Microsoft IME Postal Code Dictionary (HKLM\...\{1B2C85A0-2B9E-4291-8B37-468D57503E98}) (Version: 16.0.1171.1 - Microsoft Corporation) Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation) Update for Japanese Microsoft IME Standard Dictionary (HKLM\...\{4DF9BC73-D405-4C3B-A0EA-1E390A8AFC73}) (Version: 16.0.1404.1 - Microsoft Corporation) Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation) Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation) Update for Japanese Microsoft IME Trending Words Dictionary (HKLM\...\{B939BFEB-824F-4456-A4EE-2B86ED04033D}) (Version: 16.0.1016.1 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3084480920-560358504-3113808803-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\michael\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 24-03-2015 11:56:07 Scheduled Checkpoint 03-04-2015 01:20:25 Scheduled Checkpoint 06-04-2015 02:30:01 avast! antivirus system restore point 08-04-2015 21:10:51 Installed Mumble 1.2.8 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {27B055C1-EE1D-4813-97F6-EDBCC88A715F} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] () Task: {295DE33F-E131-40CC-ACFC-2491E6F6A399} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.) Task: {29D7407D-323C-4693-A951-90239234A391} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] () Task: {2BEABDCD-C1FF-4144-BD63-0485B6DDB161} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc) Task: {319989AE-4686-427F-9D65-277279BCDB11} - System32\Tasks\avastBCLRestartS-1-5-21-3084480920-560358504-3113808803-1001 => Chrome.exe Task: {395BF81A-BA03-4586-836F-D4F3988F1339} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-23] (Microsoft Corporation) Task: {560B4E85-C432-411B-BE7B-405DBAD72C88} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-04] (CyberLink) Task: {6E9EEA52-05AF-49F4-97D9-971108ADF021} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation) Task: {76D4584F-13E8-48A5-A405-E31F635B7BBA} - System32\Tasks\PocketCloudUpdater => C:\Program Task: {79D62E14-9F3E-4C59-8623-16A67256769A} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {909E4474-8709-4D1E-8853-ADF258B2D144} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3084480920-560358504-3113808803-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe Task: {9316879D-9528-43AD-B668-43DBDB7D78AF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-10] (Microsoft Corporation) Task: {9FB9A990-79D7-4BF8-90DE-667592A6D354} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3084480920-560358504-3113808803-1001 Task: {A1F49EE2-A293-45A0-AC3A-99737D2C4D3A} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation) Task: {A5FCDAE0-4A3C-4757-8842-BB5A0D1727E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-01] (Google Inc.) Task: {BE8DC225-39D3-4E8C-8069-F6C8B7B312D9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-06] (Avast Software s.r.o.) Task: {CAEA042B-2AC4-4191-8C41-762577E8B3CF} - System32\Tasks\Norton Security Scan for michael => C:\Program Files (x86)\Norton Security Scan\Engine\4.2.0.38\Nss.exe [2015-02-11] (Symantec Corporation) Task: {CEEF3FFB-CEF6-455B-8176-BDFC85D2E4D3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation) Task: {D154EA30-8A02-4222-A83F-6412E24C350B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-01] (Google Inc.) Task: {D20749D2-4116-4225-8A37-C69EACCE00D8} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.) Task: {DCAB521A-7005-42D7-9320-4296AB399C56} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-03-20] (PC-Doctor, Inc.) Task: {DDE7BAB8-4B20-44DF-9B47-4F0C8392FDF2} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc) Task: {FB10034C-3DEE-45DB-9616-6890595146E0} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Norton Security Scan for michael.job => C:\PROGRA~2\NORTON~2\Engine\420~1.38\Nss.exe ==================== Loaded Modules (whitelisted) ============== 2015-02-05 08:43 - 2015-02-05 08:43 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2013-08-22 13:40 - 2013-08-22 13:40 - 00016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe 2013-08-22 13:40 - 2013-08-22 13:40 - 00040240 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherServiceLib.dll 2013-08-22 13:40 - 2013-08-22 13:40 - 00046384 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherHelperLib.dll 2014-01-10 16:53 - 2014-01-10 16:53 - 00016384 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Interfaces.dll 2014-01-10 16:53 - 2014-01-10 16:53 - 00081408 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Objects.dll 2014-01-10 16:53 - 2014-01-10 16:53 - 00815616 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Resources.dll 2014-01-10 17:24 - 2014-01-10 17:24 - 00052736 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Plugins.SelfUpdate.dll 2014-01-10 17:24 - 2014-01-10 17:24 - 00019968 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Common.dll 2013-09-05 01:20 - 2013-09-05 01:20 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll 2013-09-05 01:24 - 2013-09-05 01:24 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe 2015-02-11 15:13 - 2015-02-11 15:13 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2014-06-30 12:31 - 2014-03-12 14:22 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll 2014-06-30 12:31 - 2014-03-12 14:22 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll 2014-06-30 12:31 - 2014-03-12 14:22 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll 2015-02-11 15:12 - 2015-02-11 15:12 - 05739680 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2015-04-06 02:31 - 2015-04-06 02:31 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-04-06 02:31 - 2015-04-06 02:31 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-04-08 18:19 - 2015-04-08 18:19 - 02925056 _____ () C:\Program Files\AVAST Software\Avast\defs\15040802\algo.dll 2015-04-09 18:59 - 2015-04-09 18:59 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15040901\algo.dll 2014-06-30 12:21 - 2013-12-09 17:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-03-17 03:27 - 2015-03-17 03:28 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-06-30 12:18 - 2013-03-04 22:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-03-05 13:41 - 2013-03-05 13:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2015-02-15 14:58 - 2015-02-15 14:58 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll 2015-02-15 14:58 - 2015-02-15 14:58 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll 2015-02-15 14:58 - 2015-02-15 14:58 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll 2015-02-27 17:32 - 2012-07-20 12:52 - 00140800 _____ () C:\Program Files (x86)\RPG Maker VX Ace\Game.exe 2015-02-27 17:32 - 2002-02-02 03:02 - 01085952 _____ () C:\Program Files (x86)\RPG Maker VX Ace\System\RGSS301.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\michael\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3084480920-560358504-3113808803-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\michael\Pictures\235.png DNS Servers: 65.32.5.111 - 65.32.5.112 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-3084480920-560358504-3113808803-500 - Administrator - Disabled) Guest (S-1-5-21-3084480920-560358504-3113808803-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3084480920-560358504-3113808803-1003 - Limited - Enabled) michael (S-1-5-21-3084480920-560358504-3113808803-1001 - Administrator - Enabled) => C:\Users\michael ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/09/2015 04:48:32 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1240 Start Time: 01d072a8a7b16477 Termination Time: 44 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 93b5cb5a-de9d-11e4-827d-90489a8a05d0 Faulting package full name: Faulting package-relative application ID: Error: (04/09/2015 04:13:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Project64k.exe, version: 0.0.0.0, time stamp: 0x3f29edc7 Faulting module name: Project64k.exe, version: 0.0.0.0, time stamp: 0x3f29edc7 Exception code: 0xc0000005 Fault offset: 0x0001d879 Faulting process id: 0x272c Faulting application start time: 0xProject64k.exe0 Faulting application path: Project64k.exe1 Faulting module path: Project64k.exe2 Report Id: Project64k.exe3 Faulting package full name: Project64k.exe4 Faulting package-relative application ID: Project64k.exe5 Error: (04/09/2015 03:41:26 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2748 Start Time: 01d072a0eda3c148 Termination Time: 15 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 31a59356-de94-11e4-827d-90489a8a05d0 Faulting package full name: Faulting package-relative application ID: Error: (04/09/2015 02:07:37 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mcupdmgr.exe, version: 12.8.957.0, time stamp: 0x535ae03b Faulting module name: McRtMui.dll_unloaded, version: 3.8.702.2, time stamp: 0x51f30813 Exception code: 0xc0000005 Fault offset: 0x00000000000037f7 Faulting process id: 0x1f80 Faulting application start time: 0xmcupdmgr.exe0 Faulting application path: mcupdmgr.exe1 Faulting module path: mcupdmgr.exe2 Report Id: mcupdmgr.exe3 Faulting package full name: mcupdmgr.exe4 Faulting package-relative application ID: mcupdmgr.exe5 Error: (04/09/2015 00:20:34 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: fb8 Start Time: 01d07280cc628be6 Termination Time: 1294 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 216f1d04-de78-11e4-827d-90489a8a05d0 Faulting package full name: Faulting package-relative application ID: Error: (04/08/2015 11:50:50 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (04/08/2015 11:45:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 3314 Start Time: 01d0727f51cb1cb9 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: 45ef5eae-de73-11e4-827c-90489a8a05d0 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (04/08/2015 11:11:13 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 85c Start Time: 01d07258c52007d3 Termination Time: 4294967295 Application Path: C:\Windows\syswow64\wwahost.exe Report Id: 3c044245-de6e-11e4-827c-90489a8a05d0 Faulting package full name: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c Faulting package-relative application ID: App Error: (04/08/2015 10:45:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1450 Start Time: 01d07276ea95ad43 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: e0ee57d7-de6a-11e4-827c-90489a8a05d0 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (04/08/2015 09:48:02 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 140c Start Time: 01d0726e88fd2fc3 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: d6087bef-de62-11e4-827c-90489a8a05d0 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 System errors: ============= Error: (04/09/2015 06:56:25 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. Error: (04/09/2015 07:31:46 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10. Error: (04/09/2015 07:31:46 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10. Error: (04/09/2015 04:56:41 AM) (Source: DCOM) (EventID: 10010) (User: PC) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (04/08/2015 11:10:02 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. Error: (04/08/2015 06:16:29 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. Error: (04/08/2015 06:18:35 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service. Error: (04/08/2015 06:18:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WlanSvc service. Error: (04/08/2015 06:17:14 AM) (Source: DCOM) (EventID: 10010) (User: PC) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (04/08/2015 06:17:14 AM) (Source: DCOM) (EventID: 10010) (User: PC) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Microsoft Office Sessions: ========================= Error: (04/09/2015 04:48:32 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17416124001d072a8a7b1647744C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE93b5cb5a-de9d-11e4-827d-90489a8a05d0 Error: (04/09/2015 04:13:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Project64k.exe0.0.0.03f29edc7Project64k.exe0.0.0.03f29edc7c00000050001d879272c01d072a42f58aacaC:\Users\michael\Desktop\Project64k\Project64k.exeC:\Users\michael\Desktop\Project64k\Project64k.exeb19b6242-de98-11e4-827d-90489a8a05d0 Error: (04/09/2015 03:41:26 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17416274801d072a0eda3c14815C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE31a59356-de94-11e4-827d-90489a8a05d0 Error: (04/09/2015 02:07:37 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: mcupdmgr.exe12.8.957.0535ae03bMcRtMui.dll_unloaded3.8.702.251f30813c000000500000000000037f71f8001d07293da88b44bc:\PROGRA~1\mcafee\msc\mcupdmgr.exeMcRtMui.dll19e72d5c-de87-11e4-827d-90489a8a05d0 Error: (04/09/2015 00:20:34 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17416fb801d07280cc628be61294C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE216f1d04-de78-11e4-827d-90489a8a05d0 Error: (04/08/2015 11:50:50 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (04/08/2015 11:45:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20689331401d0727f51cb1cb94294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe45ef5eae-de73-11e4-827c-90489a8a05d0microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (04/08/2015 11:11:13 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wwahost.exe6.3.9600.1741585c01d07258c52007d34294967295C:\Windows\syswow64\wwahost.exe3c044245-de6e-11e4-827c-90489a8a05d0Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp Error: (04/08/2015 10:45:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20689145001d07276ea95ad434294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exee0ee57d7-de6a-11e4-827c-90489a8a05d0microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (04/08/2015 09:48:02 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20689140c01d0726e88fd2fc34294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exed6087bef-de62-11e4-827c-90489a8a05d0microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU G3240 @ 3.10GHz Percentage of memory in use: 62% Total physical RAM: 4012.95 MB Available physical RAM: 1520.96 MB Total Pagefile: 6444.95 MB Available Pagefile: 2874.66 MB Total Virtual: 131072 MB Available Virtual: 131071.85 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:919.56 GB) (Free:841.45 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 0095AD54) Partition: GPT Partition Type. ==================== End Of Log ============================