Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015 Ran by Jamie_2 at 2015-05-22 10:13:40 Running from C:\Users\Jamie_2\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3151930542-3110385303-2721579357-500 - Administrator - Disabled) Connor (S-1-5-21-3151930542-3110385303-2721579357-1002 - Administrator - Enabled) => C:\Users\Connor Guest (S-1-5-21-3151930542-3110385303-2721579357-501 - Administrator - Enabled) => C:\Users\Guest Jamie (S-1-5-21-3151930542-3110385303-2721579357-1001 - Administrator - Enabled) => C:\Users\Jamie Jamie_2 (S-1-5-21-3151930542-3110385303-2721579357-1003 - Administrator - Enabled) => C:\Users\Jamie_2 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.07.2004 - Acer Incorporated) abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated) abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.08.2003.3 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.03.2004.4 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.06.2004 - Acer Incorporated) Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.3001 - Acer Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon) AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.07.2004.0 - Acer Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3323.57 - CyberLink Corp.) eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM) Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.) Game Channels (x32 Version: 9.2.0.11 - WildTangent, Inc.) Hidden Gateway Games (HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\Pokki_9a4324f00d4f0f3e5795bc8a599c0551ac01936f) (Version: 1.1.9.43466 - Pokki) Gateway Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Gateway Incorporated) Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8101 - Gateway Incorporated) iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.) Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Gateway Incorporated) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Gateway Incorporated) Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft Access 2013 (HKLM-x32\...\Office15.AccessR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla) Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG) Norton Online Backup (HKLM-x32\...\{652C1CDF-C61D-4525-9348-8C272CC2DB24}) (Version: 2.10.1.3 - Symantec Corporation) Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer) OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation) Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Polar Golfer (x32 Version: 3.0.2.59 - WildTangent) Hidden Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.11 - Qualcomm Atheros) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7032 - Realtek Semiconductor Corp.) Run N Gun Football (x32 Version: 2.2.0.95 - WildTangent) Hidden Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited) Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Unity Web Player (HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\...\UnityWebPlayer) (Version: 5.0.0f4 - Unity Technologies ApS) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VirtualDJ 8 (HKLM-x32\...\{C322F3EC-3737-47E7-8FAF-1E1A1DE237ED}) (Version: 8.0.2179.0 - Atomix Productions) Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden WinRAR 5.01 (32-bit) (x32 Version: 5.01.0 - win.rar GmbH) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jamie_2\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File CustomCLSID: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003_Classes\CLSID\{B2711232-6AEE-4EC7-99D6-299B3E558250}\InprocServer32 -> C:\Program Files\Acer\Remote Files\ExplorerDataProvider.dll (Acer Incorporated) CustomCLSID: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003_Classes\CLSID\{E16E2EBA-BE71-4D2C-A676-49FC87DF8E70}\InprocServer32 -> C:\Program Files\Acer\Remote Files\ExplorerDataProvider.dll (Acer Incorporated) CustomCLSID: HKU\S-1-5-21-3151930542-3110385303-2721579357-1003_Classes\CLSID\{E1C94EAB-11E8-4224-A3CE-066CD0B98E88}\InprocServer32 -> C:\Program Files\Acer\Remote Files\ExplorerDataProvider.dll (Acer Incorporated) ==================== Restore Points ========================= 12-05-2015 13:43:12 Removed WeatherApp 19-05-2015 21:55:57 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {04E44ADD-8AB7-45A6-8AD7-53B8FE4B79C5} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Gateway\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {1D323EC4-4D6F-418A-85C6-7C56D01421C1} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation) Task: {25BAB0B6-1164-4B02-B5B8-EA32684DB737} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {25FD6F17-A476-4165-9692-3A2DAB137DFD} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-05-06] (Acer) Task: {4433835E-37C0-4DE7-9060-426094C8D2D9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-09] (Avast Software s.r.o.) Task: {48475E8F-E5CF-49A9-A0C2-D724684E9C63} - System32\Tasks\{823E1466-B77B-428D-9F59-CCE8898088E0} => pcalua.exe -a C:\Users\Jamie_2\AppData\Local\Roblox\Versions\version-1cfeb951d6084e36\RobloxPlayerLauncher.exe -c -uninstall Task: {4AF3B665-0E9F-4CA2-85D5-BCE77B0693A8} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION Task: {55434E55-0A68-42E2-A194-82C57F7BF623} - System32\Tasks\ALU => C:\Program Files (x86)\Gateway\Live Updater\updater.exe [2013-07-08] () Task: {5845FFE3-A0E1-4AF6-A58B-C765F1711B3E} - System32\Tasks\IEError => C:\Program Files (x86)\FixMyPcutil\Popialert.exe Task: {58CA3CF3-E5F2-4893-B37C-4C4D5D03014E} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Gateway\Gateway Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated) Task: {5C8E2278-A550-4BA5-A6AB-2838ABCDAEB1} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION Task: {65EFE115-5DE1-40C7-AAE4-1F06802529FE} - System32\Tasks\boosterpop => C:\Program Files (x86)\FixMyPcutil\Probsalert.exe Task: {670D99FE-C4D3-454D-9EFE-F9C10EB6FC34} - System32\Tasks\UPDTEXE4_WDR => C:\Program Files (x86)\Portable WeatherApp\updater.exe Task: {6C23E86F-E687-4A43-A3E2-EA4F09BDA230} - System32\Tasks\avastBCLRestartS-1-5-21-3151930542-3110385303-2721579357-1003 => Chrome.exe Task: {7405BC2F-AC54-4D3B-8A5E-10A4F2A028EA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation) Task: {8C86E2AA-E88F-4698-8990-096F77635A19} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation) Task: {9C80953E-F373-4ABF-B883-E22FC02C65BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {9D35732B-4C44-4E1C-A285-BDFC364EF927} - System32\Tasks\AI_Updater => C:\Program Files (x86)\FixMyPcutil\updater.exe Task: {A87E3C1A-B87C-48DD-B69D-3A8BF83CDC23} - System32\Tasks\HDNINSTSCHD => C:\Windows\PCBHDNW\hdnInstaller.exe Task: {B1C698D9-D3C3-4322-8C51-FB0C9BF5B84A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated) Task: {B953CB21-E8E3-4A2B-9A1A-405C72FCBE03} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {DC951D6A-1980-4DA6-B686-77D7466BCF20} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {E0963C70-3EF7-4D79-A4DB-C3C5D99501EA} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [2013-08-22] (Acer Incorporated) Task: {EBD060E0-11BB-4A34-A623-7078D9A0D40E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {F0D663D4-DF28-4991-A174-674808AAC6E9} - System32\Tasks\IE_ERR4WDR => C:\Program Files (x86)\Portable WeatherApp\IEError.exe Task: {F3320FD2-053F-4891-B7A7-52D783E3A6CD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (Whitelisted) ============== 2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-09-25 07:04 - 2013-09-25 07:04 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-09-25 07:01 - 2013-09-25 07:01 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2013-12-21 04:48 - 2012-11-01 15:23 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL 2013-12-21 04:48 - 2012-11-01 15:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL 2013-09-25 07:08 - 2013-09-25 07:08 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe 2013-10-24 01:32 - 2013-08-30 19:05 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-05-06 16:14 - 2015-05-06 16:14 - 00092928 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe 2015-05-06 16:14 - 2015-05-06 16:14 - 00090368 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe 2015-05-09 16:14 - 2015-05-09 16:14 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-05-09 16:14 - 2015-05-09 16:14 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-05-19 18:19 - 2015-05-19 18:19 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051901\algo.dll 2015-05-21 18:37 - 2015-05-21 18:37 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052101\algo.dll 2013-12-21 05:00 - 2013-09-16 00:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-05-06 16:04 - 2015-05-06 16:04 - 00203008 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll 2015-05-06 16:04 - 2015-05-06 16:04 - 00119552 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll 2015-05-12 16:39 - 2015-05-12 16:39 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll 2015-05-06 10:08 - 2015-05-06 10:08 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll 2015-05-08 10:41 - 2015-05-08 10:41 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll 2015-05-08 10:41 - 2015-05-08 10:41 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll 2015-05-08 10:41 - 2015-05-08 10:41 - 00641792 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll 2015-05-08 10:41 - 2015-05-08 10:41 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll 2015-05-06 10:06 - 2015-05-06 10:06 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll 2015-05-09 16:14 - 2015-05-09 16:14 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-05-06 16:15 - 2015-05-06 16:15 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\Users\Connor\OneDrive:ms-properties AlternateDataStreams: C:\Users\Connor\SkyDrive:ms-properties AlternateDataStreams: C:\Users\Connor\SkyDrive.old:ms-properties AlternateDataStreams: C:\Users\Jamie\OneDrive:ms-properties AlternateDataStreams: C:\Users\Jamie\SkyDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3151930542-3110385303-2721579357-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img5.jpg DNS Servers: 192.168.1.254 ==================== MSCONFIG/TASK MANAGER Error getting == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{D9B354B2-93D0-4197-A641-FB9E2E26228D}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{B2B46BEA-ADCB-438B-934C-6FFDAD343179}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{4B3CA851-4F30-4A03-928A-0598CACEDFE4}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{5EB86B74-DFD8-4EF6-AC33-376483E97A13}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{9779BDFF-C417-48CF-AE4D-E69E6A0B9B25}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{1C457C87-00D5-466B-8EA6-2630332755B4}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{91D55A73-AA6E-41A6-93F9-E9D9B65ED806}] => (Allow) C:\Program Files\Soluto\SolutoCleanup.exe FirewallRules: [{5705DF0F-BD89-47A4-853E-67B5862E9BBC}] => (Allow) C:\Program Files\Soluto\SolutoConsole.exe FirewallRules: [{167F5E4A-C040-42E2-A31B-20FE90B6E82B}] => (Allow) C:\Program Files\Soluto\SolutoUpdateService.exe FirewallRules: [{ACFE884E-5EBC-4E96-A516-D3214447D8AD}] => (Allow) C:\Program Files\Soluto\SolutoService.exe FirewallRules: [{829DF541-A649-41AD-8BDD-BFBA0E61DE2A}] => (Allow) C:\Program Files\Soluto\Soluto.exe FirewallRules: [{730723A0-2616-4B51-A981-98D1172BDCCB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{22CD744F-EAE8-437B-8131-EEA7099C8BA5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{74B2F555-63B0-40D3-87F0-330F6442747C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{4F87F829-F7F1-453B-8DD1-C3F95012DA8E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{7ED14D0E-BE87-43E1-8B30-A415DDEDC60D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{8D425A2A-CB7D-4BB9-8EB8-0D369CC225CD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{63F2CA03-9BBB-4483-9AA0-BF3FA08DFD87}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{25E0209B-6401-4D0F-8D70-0B503FF4C803}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{ED06182B-0C0A-470E-A3E6-1073703AE83F}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{A628EE6C-94C5-478D-AE8F-A48E51433843}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{91589E48-ED35-463B-B483-F827A647163A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{E16CA03D-87B3-4AC9-9692-04CF5B41025B}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{6E78B9E1-4708-4AA0-85AD-00719356EAB4}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{9A6D5591-E8B3-4C87-8F61-C430B46CC5F4}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{A97B65F8-41C1-4662-996E-AC7743427C91}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{0E2174C8-0A0E-4918-920C-70A6B2124605}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{E62AAC17-7D3A-496A-A838-F3E8660B71C0}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{F0BA7837-EA7C-4F1F-B4B1-3A865E82AA2B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{0C6ABE43-DAB1-42DF-B098-FDB3BAE1FA48}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{AA620479-6CA2-48FA-B29C-BDFE247578D1}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{C8760F79-3B01-4F67-975C-71493BDB09DB}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{B0E74F52-9495-420A-AC69-BC7CF1BAFD90}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{003D18B6-D54C-48CC-951A-E8782C599F75}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{8D0ADE99-716F-4A43-86EE-57495945A3F6}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{0EBB5846-8BC6-4704-BE88-78F80AEE1BB9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{2455D777-5E45-4AA6-AE9A-C7480DA313F2}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{C170E62B-BB92-465A-8B29-D7ACCD414D57}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{FD00772C-7C99-433B-99CB-5C8A79902911}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{31E478D7-E3D3-42C2-9B5C-BFC0015095D3}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe FirewallRules: [{D548FE96-553B-4DD3-A04A-2B54032BBE77}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe FirewallRules: [{24E8825D-27AB-4561-AC30-B9F7014B49C8}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe FirewallRules: [{39F02F26-AECD-45A7-9A70-EF0250E8D874}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe FirewallRules: [{9FDA2C9C-DCAA-4878-8D52-4194CBBDCF8A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe FirewallRules: [{86BBED60-73C3-488E-994F-20DA33A2F274}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe FirewallRules: [{05793316-94FA-47D3-8D06-06FD52BF79BD}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe FirewallRules: [{EB59708E-E825-4D3D-9AB2-AD1DF48790CE}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe FirewallRules: [{1F211513-4261-4BC1-9B48-03EFE51A7949}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{C6A33110-5B7F-4FAF-B80F-59641409FE41}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{DBAE1A29-D7BB-4AA3-8D1D-FB4B799F373A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{A0FBC99F-DFA7-4E59-856F-9291BB2B3C55}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{3598EDE0-51F6-4FC2-880A-DB09C569A6F4}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe FirewallRules: [{61D275D3-C599-46DE-A9AA-976F54562112}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe FirewallRules: [{400D6C20-CA9F-412D-AEC7-49CE8111EB98}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe FirewallRules: [{8F592DE2-6C70-4A02-A071-FA7FEA83D8B6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe FirewallRules: [{6A90CB1E-16D8-4D0C-8AAF-42CA6E073D40}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe FirewallRules: [{07647DEA-8886-4194-9FE5-A41135DD0024}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe FirewallRules: [{7A2B384C-A921-49C1-94CE-69FA28F1AFB7}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe FirewallRules: [{2B5DE71A-2F6A-4F33-BD21-241947B883B6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe FirewallRules: [{F5CAE72B-1F31-4B98-8D69-C77F520B2F3D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{C4973FE2-9367-47C0-A882-92420C65A6B0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{F891AE3F-F0D1-46DE-92D7-EA777613F4EF}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{B407D4F5-7E7B-4E10-99EA-623147DD5A41}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [TCP Query User{9BACEE27-2BED-46D9-B7E1-386656437E68}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [UDP Query User{21801213-420B-4D6B-B210-AF50085B2AE8}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [{9540590B-9A1D-4568-9675-CDF5A1EDF069}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F371021D-565D-409F-AD95-B500BDA5D9E1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{4E83EE42-E644-4523-B7E2-12FE68A7A269}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{523D82FC-C538-48B9-9767-B6AF08769690}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{35AFB435-5B04-4CDB-B510-AB100565395D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{EF8B13DD-4097-48A2-9B18-599D0A6B0685}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{288C13E5-1B1B-4734-B157-1148736819BB}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal_\ccd.exe FirewallRules: [{BBC1FD11-0D2C-48BB-BFEA-4AA43D78DB71}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal_\ccd.exe FirewallRules: [{64F728C0-9713-4DC0-96A1-0E8F9BB2C45B}] => (Allow) C:\Users\Jamie\AppData\Local\Temp\air71B5.exe FirewallRules: [{B2303422-48A0-4F90-9F89-12E1477C913B}] => (Allow) C:\Users\Jamie\AppData\Local\Temp\file_3852601319.exe FirewallRules: [{48907515-0B94-4F85-991A-D0B31F981A4F}] => (Allow) C:\Users\Jamie\AppData\Local\Temp\file_133157.exe FirewallRules: [{F708E3F4-C9A0-48DD-8A69-2EB382B01993}] => (Allow) c:\program files\pcreg\pcreg.exe FirewallRules: [{3D2AF091-97FF-4B3C-AC62-89C311BCB290}] => (Allow) c:\program files\pcreg\pcreg.exe FirewallRules: [{06BAB88F-75EE-4211-9616-93F217E17968}] => (Allow) c:\program files\pcreg\service.exe FirewallRules: [{B1620382-9775-4741-8487-66AE4C2594E0}] => (Allow) c:\program files\pcreg\service.exe FirewallRules: [TCP Query User{D2636B97-934D-454E-803E-5FA2E95BB0B4}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{D477C277-1EDB-4AE5-A4E1-72110BA84D29}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{F8EB728B-A7CA-4D16-9E14-DD2BE7476C59}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe FirewallRules: [{7E6089D3-60FE-41FE-BE5F-216B1D71607C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe FirewallRules: [{8003AF8D-9125-462C-B505-67E902CA33AA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe FirewallRules: [{A5675542-9C01-4769-A01A-4E6ACD968507}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe FirewallRules: [{72918A1D-33D6-46D3-BA70-0F2F16D025DD}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{74E32853-2527-417A-A664-159ED8C037B2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{0A23D1E3-E7A5-41C9-BBBC-5EB8B46675C9}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{02CBBA7F-B28F-4494-853F-68B9B4E78571}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{97FE2DB0-6635-4A05-8ADF-59E5B0FEE075}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{55309764-E5BA-40B1-A551-05A3F3CDA4FA}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe FirewallRules: [{51D6AEA6-934A-40A0-AB51-AB27E9F4A7A6}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{A889F870-6877-49FA-BE28-33C223F71885}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe FirewallRules: [{2718D856-17D2-4D5D-8A30-E31C8A4A6EA3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{C3130C98-114B-4CD5-B3E9-A4A270E210C4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{D94B7CA4-3A58-45CB-938F-DC1D639218EA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{1E12382D-B702-4F8C-9D74-F5DE62E59493}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [TCP Query User{C0569F0C-52C1-4466-A102-D336A3093A1D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{30212FCD-F7E1-4F08-9E24-7F5C00232507}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{D9E02E1C-4688-45B6-ADF4-D34AAFD78778}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{3266638F-26A5-4500-8EBA-781D7C022DDE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{1D0ADFBC-3C38-4DFF-BFE3-29893DF5B099}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe FirewallRules: [{15A47769-FD60-4E4E-8339-F4CD2EA37171}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe FirewallRules: [TCP Query User{159EC2D0-C659-4D96-8157-9A7960AC82D7}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [UDP Query User{E0901FE3-32A8-4A0D-8941-AA65C3AF3722}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [TCP Query User{E4F38732-A9E7-4238-89E5-1DBD86AB65A8}C:\users\jamie_2\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\jamie_2\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{5AB862F9-E96E-4AA1-A7A7-993A540E29EA}C:\users\jamie_2\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\jamie_2\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{B64BECF6-DA3A-4002-B24C-B60F9D93C365}C:\users\jamie_2\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\jamie_2\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{8A93426B-9F1E-48EA-B1D8-20D28428AF0E}C:\users\jamie_2\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\jamie_2\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{B00B65B1-37F0-405E-9385-A5693B31D23B}C:\users\jamie_2\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\jamie_2\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{4D747267-F458-4047-AA96-5170D183891E}C:\users\jamie_2\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\jamie_2\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{16F2CCA2-7AA0-4C95-8270-F01EA9F71627}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{BD398113-BB6F-4C06-AB4D-E7D8D84711BD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{DFB30E35-47C9-44A1-BFD2-4F21D86C232B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{06420FEE-9BD6-4AA5-832E-8312768E3F6E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{A8F49D60-7CF8-4246-952B-806A06FCA793}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{E51F6D64-1EF8-40B8-8120-B78DB725DAAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{39C414AC-62B1-4A36-856E-30C5F43F2206}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Faulty Device Manager Devices ============= Name: N861 Description: N861 Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: ZTE Service: WUDFWpdMtp Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Android Description: Android Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (05/22/2015 02:19:21 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1937 Error: (05/22/2015 02:19:21 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1937 Error: (05/22/2015 02:19:21 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/21/2015 09:34:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: plugin-container.exe, version: 38.0.1.5611, time stamp: 0x55541a90 Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2 Exception code: 0xc000000d Fault offset: 0x000f4da4 Faulting process id: 0x1ad8 Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Faulting package full name: plugin-container.exe4 Faulting package-relative application ID: plugin-container.exe5 Error: (05/21/2015 09:34:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: plugin-container.exe, version: 38.0.1.5611, time stamp: 0x55541a90 Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2 Exception code: 0xc000000d Fault offset: 0x000f4da4 Faulting process id: 0x1ad8 Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Faulting package full name: plugin-container.exe4 Faulting package-relative application ID: plugin-container.exe5 Error: (05/20/2015 11:19:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: BackgroundAgent.exe, version: 1.0.1.7, time stamp: 0x5549779c Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0xc0000005 Fault offset: 0x00011891 Faulting process id: 0x1300 Faulting application start time: 0xBackgroundAgent.exe0 Faulting application path: BackgroundAgent.exe1 Faulting module path: BackgroundAgent.exe2 Report Id: BackgroundAgent.exe3 Faulting package full name: BackgroundAgent.exe4 Faulting package-relative application ID: BackgroundAgent.exe5 Error: (05/20/2015 03:33:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RemoteFilesService.exe, version: 1.2.3001.0, time stamp: 0x52d67028 Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5 Exception code: 0xc0000417 Fault offset: 0x0006ccd5 Faulting process id: 0x1838 Faulting application start time: 0xRemoteFilesService.exe0 Faulting application path: RemoteFilesService.exe1 Faulting module path: RemoteFilesService.exe2 Report Id: RemoteFilesService.exe3 Faulting package full name: RemoteFilesService.exe4 Faulting package-relative application ID: RemoteFilesService.exe5 Error: (05/20/2015 03:32:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: BackgroundAgent.exe, version: 1.0.1.7, time stamp: 0x5549779c Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0xc0000005 Fault offset: 0x00011891 Faulting process id: 0xca8 Faulting application start time: 0xBackgroundAgent.exe0 Faulting application path: BackgroundAgent.exe1 Faulting module path: BackgroundAgent.exe2 Report Id: BackgroundAgent.exe3 Faulting package full name: BackgroundAgent.exe4 Faulting package-relative application ID: BackgroundAgent.exe5 Error: (05/20/2015 01:53:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1593 Error: (05/20/2015 01:53:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1593 System errors: ============= Error: (05/22/2015 09:59:32 AM) (Source: DCOM) (EventID: 10010) (User: Pc) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (05/22/2015 09:59:02 AM) (Source: DCOM) (EventID: 10010) (User: Pc) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (05/21/2015 11:43:25 AM) (Source: DCOM) (EventID: 10010) (User: Pc) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (05/21/2015 11:42:55 AM) (Source: DCOM) (EventID: 10010) (User: Pc) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (05/20/2015 08:17:52 PM) (Source: DCOM) (EventID: 10010) (User: Pc) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/20/2015 10:34:55 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: The Windows Update service did not shut down properly after receiving a preshutdown control. Error: (05/20/2015 07:17:47 AM) (Source: DCOM) (EventID: 10010) (User: Pc) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (05/20/2015 07:17:17 AM) (Source: DCOM) (EventID: 10010) (User: Pc) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (05/19/2015 01:31:44 PM) (Source: DCOM) (EventID: 10010) (User: Pc) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (05/19/2015 01:31:14 PM) (Source: DCOM) (EventID: 10010) (User: Pc) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Microsoft Office: ========================= Error: (05/22/2015 02:19:21 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1937 Error: (05/22/2015 02:19:21 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1937 Error: (05/22/2015 02:19:21 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/21/2015 09:34:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe38.0.1.561155541a90ntdll.dll6.3.9600.17736550f42c2c000000d000f4da41ad801d093cacd0c9517C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SYSTEM32\ntdll.dll11e8f348-ffbe-11e4-82b5-40f02f6f3be6 Error: (05/21/2015 09:34:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe38.0.1.561155541a90ntdll.dll6.3.9600.17736550f42c2c000000d000f4da41ad801d093cacd0c9517C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SYSTEM32\ntdll.dll0b0bc1e5-ffbe-11e4-82b5-40f02f6f3be6 Error: (05/20/2015 11:19:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: BackgroundAgent.exe1.0.1.75549779cMSVCR100.dll10.0.40219.3254df2be1ec000000500011891130001d0935beebd28feC:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\SYSTEM32\MSVCR100.dll42a1b491-ff68-11e4-82b5-40f02f6f3be6 Error: (05/20/2015 03:33:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: RemoteFilesService.exe1.2.3001.052d67028MSVCR90.dll9.0.30729.838751ea24a5c00004170006ccd5183801d09333c841e492C:\Program Files\Acer\Remote Files\RemoteFilesService.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll07e7bf88-ff27-11e4-82b5-40f02f6f3be6 Error: (05/20/2015 03:32:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: BackgroundAgent.exe1.0.1.75549779cMSVCR100.dll10.0.40219.3254df2be1ec000000500011891ca801d0930a6650c617C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\SYSTEM32\MSVCR100.dllf9bb9c9c-ff26-11e4-82b5-40f02f6f3be6 Error: (05/20/2015 01:53:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1593 Error: (05/20/2015 01:53:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1593 CodeIntegrity Errors: =================================== Date: 2014-08-08 00:27:07.559 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-08 00:27:07.395 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-08 00:27:07.244 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-08 00:27:06.963 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-08 00:27:06.800 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-08 00:27:06.643 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-08 00:27:04.535 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-08 00:27:04.307 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-08 00:27:04.031 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-08 00:27:03.757 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU 1017U @ 1.60GHz Percentage of memory in use: 58% Total physical RAM: 3973.6 MB Available physical RAM: 1643.98 MB Total Pagefile: 5137.04 MB Available Pagefile: 1820.07 MB Total Virtual: 131072 MB Available Virtual: 131071.82 MB ==================== Drives ================================ Drive c: (Gateway) (Fixed) (Total:449.2 GB) (Free:378.96 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: D38AC4BA) Partition: GPT Partition Type. ==================== End of log ============================