Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016 Ran by User (25-12-2016 12:22:18) Running from C:\Users\User\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2012-09-28 04:25:17) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3910213348-232855233-1580435985-500 - Administrator - Disabled) Guest (S-1-5-21-3910213348-232855233-1580435985-501 - Limited - Enabled) => C:\Users\Guest HomeGroupUser$ (S-1-5-21-3910213348-232855233-1580435985-1005 - Limited - Enabled) User (S-1-5-21-3910213348-232855233-1580435985-1000 - Administrator - Enabled) => C:\Users\User ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation) Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2728.00 - CyberLink Corp.) Acer Crystal Eye Webcam (x32 Version: 1.5.2728.00 - CyberLink Corp.) Hidden Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Acer Incorporated) Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent) Acer Instant Update Service (HKLM\...\{682EC6E8-A300-45FD-8F09-0F3A6EA334D6}) (Version: 1.00.3004 - Acer Incorporated) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.11.1107.1418 - Acer Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated) Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated) Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC) Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.126 - Atheros) Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Atheros) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software) AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies) Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ‎Canon Inc.‬) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬) Canon MG5400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5400_series) (Version: 1.00 - Canon Inc.) Canon MG5400 series On-screen Manual (HKLM-x32\...\Canon MG5400 series On-screen Manual) (Version: 7.5.0 - Canon Inc.) Canon MG5400 series User Registration (HKLM-x32\...\Canon MG5400 series User Registration) (Version: - Canon Inc.‎) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform) Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.1.44.1 - Citrix Systems, Inc.) clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.00.3004 - Acer Incorporated) clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.00.3004 - Acer Incorporated) clear.fi SDK - MVP 2 (x32 Version: 2.0.1505 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (x32 Version: 2.0.1502 - CyberLink Corp.) Hidden Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.70 - DivX, LLC) Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc) Dropbox (HKLM-x32\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.57.1 - Dropbox, Inc.) Hidden Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.) Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.1.2 - FUHU, Inc.) Fooz Kids (x32 Version: 3.1.2 - FUHU, Inc.) Hidden Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.) Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Acer Inc.) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office XP Media Content (HKLM-x32\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation) Microsoft Office XP Professional (HKLM-x32\...\{91110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla) MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.) newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9006 - NTI Corporation) NTI Media Maker 9 (x32 Version: 9.0.2.9006 - NTI Corporation) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden PrintMaster 6.0 Platinum (HKLM-x32\...\0832-3492-6567-1002) (Version: 6.0.6.146 - Encore Software Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.) SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.2.0 - Synaptics Incorporated) TOPO! 4 (HKLM-x32\...\{5B3FB6D4-1B88-413D-8DE7-A7E2D58DE5B2}) (Version: 4.4.1 - National Geographic Maps) Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden Unity Web Player (HKU\S-1-5-21-3910213348-232855233-1580435985-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) VantagePoint (HKLM-x32\...\InstallShield_{1D21ED4F-3C5E-45C3-9795-8C8CB2AB31DC}) (Version: 2.43.0000 - Magellan Navigation, Inc.) VantagePoint (x32 Version: 2.43.0000 - Magellan Navigation, Inc.) Hidden VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden video4fuze 0.6 (HKLM-x32\...\video4fuze) (Version: 0.6 - ssorgatem productions) Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {008309CA-5759-4A54-9374-0E87AB2568E9} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink) Task: {035FD0C7-6A7A-4F77-9C79-840F8231F8C5} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {05C8B81B-00CE-4F41-BC81-EE81B4429C82} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-15] (Adobe Systems Incorporated) Task: {0DB1BB4A-3F43-43A1-954C-6FB2D54408E7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {113CA32F-FF56-4A3E-92B9-07D8FE1AAEAD} - System32\Tasks\SafeZone scheduled Autoupdate 1482657779 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software) Task: {1CB30930-A1B6-4CD1-8080-F62F4361602E} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2012-01-18] (Acer) Task: {3650BFBC-FFDE-4C2A-A44F-FBB451652A23} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.) Task: {4E5F48D3-4EEE-4B10-B799-FB21E707F6D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd) Task: {5D3C0B8B-5AB0-41A4-A33D-4C04501916C1} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-06] (Acer Incorporated) Task: {68DB9391-97C2-4A84-8843-2AC276C2C60E} - System32\Tasks\{6C770607-AF17-47A3-BA13-7B3D4609748C} => pcalua.exe -a C:\Users\User\Downloads\MVP_243.exe -d C:\Users\User\Downloads Task: {73602E00-B59C-4355-91AC-3BCD484E84CB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-12-25] (AVAST Software) Task: {8B269379-1448-4C08-8C56-832C05FCEAD8} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.) Task: {A8EB7A9B-1C6B-4BF5-BCEE-F44C48DDAED1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {ACD0CFE6-4FB8-4E97-8EDE-A9771D775724} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {B23A906D-ACEF-4D00-981D-62B969D51582} - System32\Tasks\{AF680108-542E-4E1D-9578-C467A08E848A} => pcalua.exe -a "C:\Program Files (x86)\WildGames\Uninstall.exe" -d C:\Windows\system32 Task: {B860807D-D232-44D8-802C-BE051CE0107A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {BF85E417-1721-4009-8C44-9CA8EA839CC5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-12-25] (AVAST Software) Task: {DA8D2EFA-2A40-44A9-84A6-F3A1DCD84AFA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {EFF6AFF6-829B-4955-AB5F-D4C345E07D75} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-07-19 10:01 - 2016-10-23 15:14 - 00980552 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe 2011-06-17 06:49 - 2011-06-17 06:49 - 00034304 _____ () C:\Windows\System32\ssp8ml6.dll 2006-12-04 00:26 - 2006-12-04 00:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll 2012-09-27 21:45 - 2012-03-16 04:48 - 00127320 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 2012-09-27 22:02 - 2012-03-26 18:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-07-19 10:01 - 2016-10-23 15:14 - 02180680 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe 2016-12-25 02:20 - 2016-12-25 02:20 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-12-25 03:28 - 2016-12-25 03:28 - 03131344 _____ () C:\Program Files\AVAST Software\Avast\defs\16122500\algo.dll 2016-12-25 02:20 - 2016-12-25 02:20 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2012-01-05 14:22 - 2012-01-05 14:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 2012-01-05 14:22 - 2012-01-05 14:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll 2012-01-05 14:22 - 2012-01-05 14:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll 2012-09-27 21:45 - 2012-03-07 07:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2016-12-11 18:11 - 2016-11-11 13:36 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-12-11 18:11 - 2016-11-11 13:36 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-12-11 18:11 - 2016-11-11 13:36 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-12-11 18:11 - 2016-12-21 11:26 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-12-11 18:11 - 2016-11-11 13:36 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-12-11 18:11 - 2016-11-11 13:37 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2016-12-21 18:12 - 2016-11-11 13:36 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2016-12-21 18:12 - 2016-11-11 13:37 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2016-12-21 18:12 - 2016-11-11 13:36 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-12-11 18:11 - 2016-11-11 13:38 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-12-11 18:11 - 2016-12-21 11:26 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2016-12-21 18:12 - 2016-11-11 13:36 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2016-12-21 18:12 - 2016-11-11 13:38 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-12-11 18:11 - 2016-11-11 13:38 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2016-12-11 18:11 - 2016-11-11 13:39 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-12-11 18:11 - 2016-12-21 11:26 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-12-11 18:11 - 2016-11-11 13:38 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-12-11 18:11 - 2016-12-21 11:26 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-12-11 18:11 - 2016-11-11 13:38 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-12-11 18:11 - 2016-11-11 13:38 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-12-11 18:11 - 2016-11-11 13:38 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-12-11 18:11 - 2016-11-11 13:39 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-12-11 18:11 - 2016-11-11 13:39 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-12-11 18:11 - 2016-11-11 13:38 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-12-11 18:11 - 2016-11-11 13:39 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-12-11 18:11 - 2016-11-11 13:37 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-12-11 18:11 - 2016-11-11 13:39 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2016-12-11 18:11 - 2016-12-21 11:26 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-12-11 18:11 - 2016-12-21 11:26 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-12-11 18:11 - 2016-12-21 11:26 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-12-11 18:11 - 2016-12-21 11:26 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-12-11 18:11 - 2016-11-11 13:39 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2016-12-11 18:11 - 2016-12-21 11:26 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2016-12-21 18:12 - 2016-11-11 13:35 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2016-12-21 18:12 - 2016-12-21 11:26 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-12-21 18:12 - 2016-12-21 11:26 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-12-11 18:11 - 2016-11-11 13:37 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-12-11 18:11 - 2016-12-21 11:26 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd 2016-12-21 18:12 - 2016-11-11 13:42 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2016-12-21 18:12 - 2016-11-11 13:42 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2016-12-21 18:12 - 2016-12-21 11:26 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00171320 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2016-12-11 18:11 - 2016-11-11 13:39 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2016-12-11 18:11 - 2016-12-21 11:26 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2016-12-21 18:12 - 2016-12-21 11:26 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2016-12-25 02:20 - 2016-12-25 02:20 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-12-15 07:17 - 2016-12-15 07:17 - 19761240 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 19:34 - 2016-12-25 00:25 - 00000938 ____R C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3910213348-232855233-1580435985-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: Dolby Advanced Audio v2 => "C:\Dolby PCEE4\pcee4.exe" -autostart MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE MSCONFIG\startupreg: InstantUpdate => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe MSCONFIG\startupreg: VantagePointLite.exe => "C:\Program Files (x86)\Magellan\VantagePoint\VPLite\VantagePoint Lite.exe" MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{A6773784-2305-4FA5-819B-D0418E0CA755}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{2CACAA2C-C514-4392-8638-2B52AD49D354}] => LPort=2869 FirewallRules: [{99231177-EE65-4A96-8FCE-7485AE1E43CD}] => LPort=1900 FirewallRules: [{89D9DFF1-76F7-4978-9FE5-9F00A9FB4073}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{6F68B07E-1E51-4521-8E3A-ABFB96505E24}] => C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{CCCAEC12-A668-4D4C-A30D-930597385362}] => C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{B9989C24-C7AE-451E-9D3B-1FC05C9A8872}] => C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{3088D0AE-12DC-40EA-8066-BB1485232D9E}] => C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{FA64D39F-8D92-4AE8-86A1-0B56196BA5B0}] => C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{EF33DFAE-86D7-495B-9D8C-57037A12C853}] => C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{BBA72985-0465-462A-80C4-0FC08CFA94EC}] => C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{06346D29-3499-4831-A6E4-777836A93C56}] => C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{0EE38B1B-C0DD-49AD-B60A-08A83BF73702}] => C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{46E16E82-7286-4377-95C6-6B54AC634539}] => C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{CD2C13F0-5D4D-4B80-9045-611CDE92F3E9}] => C:\Program Files (x86)\Acer\clear.fi SDK20\Movie\PlayMovie.exe FirewallRules: [{7CDB6857-EB3F-4C2F-A5CB-3DD474D936CF}] => C:\Program Files (x86)\Acer\clear.fi SDK20\MVP\VideoPlayer.exe FirewallRules: [{95CE1F32-7EFF-45B8-9688-3BACAA27045A}] => C:\Program Files (x86)\Acer\clear.fi SDK20\MVP\MusicPlayer.exe FirewallRules: [{B8AA2780-6B9F-4CC7-9BF2-DB41771EA257}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{3386BFE6-7B56-4853-BCCC-7F8498A46475}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [TCP Query User{60F48F07-CA30-4044-841A-8472308D9E4D}C:\users\user\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => C:\users\user\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe FirewallRules: [UDP Query User{CFF8AF3A-8C4E-4CE5-BB01-7D9693DE2A78}C:\users\user\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => C:\users\user\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe FirewallRules: [TCP Query User{A640F2EE-3D26-40FD-99C5-69BD1160D4D1}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{065E2F44-94CA-47B1-B646-4AE1AF28A9EE}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{EF0E4CE4-1DF7-4E99-9C32-2F131509B2F8}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EAAD9A90-B444-4B01-9427-D96A0B77DE5E}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{B09E8C05-83F2-4503-A65F-0EDE622EA6CC}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{DEE73AEA-3217-48D4-BDC7-DDDECD19D9C2}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{9F9CE1E8-DA5A-40B5-BEDA-6457E67B7699}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AF191252-4F15-4E7E-B712-BC65015C6A95}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{521E21EA-1EF9-42A2-AA43-5DE778411093}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{4F914662-91C7-4D59-BB33-44E216F7432F}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 24-12-2016 14:10:56 Scheduled Checkpoint 25-12-2016 01:52:25 Removed AVG 25-12-2016 01:54:53 Removed AVG 2016 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/25/2016 12:20:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program FRST64.exe version 21.12.2016.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 15f4 Start Time: 01d25ee3c01da9b1 Termination Time: 20 Application Path: C:\Users\User\Downloads\FRST64.exe Report Id: 0baeca51-cad7-11e6-8e90-206a8ad0086d Error: (12/25/2016 11:34:49 AM) (Source: DbxSvc) (EventID: 320) (User: ) Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified. Error: (12/25/2016 11:33:35 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: plugin-container.exe, version: 50.1.0.6186, time stamp: 0x584a057c Faulting module name: mozglue.dll, version: 50.1.0.6186, time stamp: 0x5849ff8b Exception code: 0x80000003 Fault offset: 0x0000ec79 Faulting process id: 0x1894 Faulting application start time: 0x01d25ed9893b055e Faulting application path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting module path: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll Report Id: a4500ff9-cad0-11e6-bc1a-206a8ad0086d Error: (12/25/2016 03:28:04 AM) (Source: DbxSvc) (EventID: 320) (User: ) Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified. Error: (12/25/2016 02:25:22 AM) (Source: DbxSvc) (EventID: 320) (User: ) Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified. Error: (12/25/2016 02:21:32 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll". Dependent Assembly Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/25/2016 02:08:55 AM) (Source: DbxSvc) (EventID: 320) (User: ) Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified. Error: (12/25/2016 01:54:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed System Error: The system cannot find the file specified. . Error: (12/25/2016 01:54:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary aswSP. System Error: The system cannot find the file specified. . Error: (12/25/2016 01:54:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt. System Error: The system cannot find the file specified. . System errors: ============= Error: (12/25/2016 11:35:51 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. Error: (12/25/2016 03:29:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. Error: (12/25/2016 03:28:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: avipbb avkmgr Error: (12/25/2016 03:28:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avgntflt service failed to start due to the following error: The system cannot find the file specified. Error: (12/25/2016 02:26:24 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. Error: (12/25/2016 02:25:27 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: avipbb avkmgr Error: (12/25/2016 02:25:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avgntflt service failed to start due to the following error: The system cannot find the file specified. Error: (12/25/2016 02:10:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. Error: (12/25/2016 02:09:13 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: avipbb avkmgr Error: (12/25/2016 02:08:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avgntflt service failed to start due to the following error: The system cannot find the file specified. CodeIntegrity: =================================== Date: 2014-01-03 17:29:20.531 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\MUD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-03 17:29:20.410 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\MUD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-02 12:38:36.549 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\MUD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-02 12:38:36.429 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\MUD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-02 12:36:55.256 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\MUD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-02 12:36:55.135 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\MUD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-02 12:17:45.632 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\MUD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-02 12:17:45.513 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\MUD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-02 12:16:26.700 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\MUD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-02 12:16:26.581 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\MUD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU 967 @ 1.30GHz Percentage of memory in use: 52% Total physical RAM: 3889.6 MB Available physical RAM: 1828.45 MB Total Virtual: 7777.39 MB Available Virtual: 5527.87 MB ==================== Drives ================================ Drive c: (ACER) (Fixed) (Total:446.13 GB) (Free:200.3 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 18AB0785) Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=446.1 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================