Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02
Ran by Judy (administrator) on JUDYSPC on 13-01-2015 01:31:51
Running from C:\Users\Judy\Downloads
Loaded Profile: Judy (Available profiles: Judy)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSysSvc64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dell Inc.) C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Aviata Inc) C:\Program Files (x86)\Dell Product Registration\prodreg.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634648 2014-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387224 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Dell Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2015-01-13] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-1053173477-2516257368-127646272-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1053173477-2516257368-127646272-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-1053173477-2516257368-127646272-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1053173477-2516257368-127646272-1001 -> DefaultScope {4EAA66C3-2AD8-43FD-818E-6197E4040679} URL =
SearchScopes: HKU\S-1-5-21-1053173477-2516257368-127646272-1001 -> {4EAA66C3-2AD8-43FD-818E-6197E4040679} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FFE2BB90-2B0E-4AB5-8510-60D3AB42CDA3}: [NameServer] 8.8.8.8,8.8.4.4
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-13]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-13]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 0264361421114391mcinstcleanup; C:\Users\Judy\AppData\Local\Temp\026436~1.EXE [850120 2013-12-13] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows ® Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-13] (AVAST Software)
S2 Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [45936 2014-11-13] (Dell)
S2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [73072 2014-11-10] (Dell)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [293440 2014-04-01] (Aviata, Inc.)
R2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-02] (SoftThinks SAS)
R2 WavesSysSvc; C:\Program Files\Realtek\Audio\HDA\WavesSysSvc64.exe [497664 2014-04-06] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [X]
S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-13] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-13] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
S3 RTLU3E8023-W8-64; C:\Windows\system32\DRIVERS\rtu30x64w8.sys [92376 2013-10-09] (Realtek )
S3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-11-06] (Microsoft Corporation)
S3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-11-06] (Microsoft Corporation)
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [83968 2013-11-21] (STMicroelectronics)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-03-10] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
S0 cfwids; system32\drivers\cfwids.sys [X]
S0 mfeapfk; system32\drivers\mfeapfk.sys [X]
R0 mfeavfk; system32\drivers\mfeavfk.sys [X]
S0 mfeelamk; system32\drivers\mfeelamk.sys [X]
S0 mfefirek; system32\drivers\mfefirek.sys [X]
R0 mfehidk; system32\drivers\mfehidk.sys [X]
R0 mfewfpk; system32\drivers\mfewfpk.sys [X]
S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-13 01:31 - 2015-01-13 01:31 - 00011037 _____ () C:\Users\Judy\Downloads\FRST.txt
2015-01-13 01:31 - 2015-01-13 01:31 - 00000000 ____D () C:\FRST
2015-01-13 01:28 - 2015-01-13 01:28 - 02124288 _____ (Farbar) C:\Users\Judy\Downloads\FRST64.exe
2015-01-13 01:24 - 2015-01-13 01:24 - 00000000 ___RD () C:\Users\Judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-01-13 01:11 - 2015-01-13 01:11 - 00001982 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-13 01:11 - 2015-01-13 01:11 - 00000000 ____D () C:\Users\Judy\AppData\Roaming\AVAST Software
2015-01-13 01:11 - 2015-01-13 01:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-13 01:10 - 2015-01-13 01:11 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-13 01:10 - 2015-01-13 01:10 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1421133057593
2015-01-13 01:10 - 2015-01-13 01:10 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-13 01:10 - 2015-01-13 01:10 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-01-13 01:10 - 2015-01-13 01:10 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-13 01:10 - 2015-01-13 01:10 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-13 01:10 - 2015-01-13 01:10 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-13 01:10 - 2015-01-13 01:10 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-13 01:10 - 2015-01-13 01:10 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-01-13 01:10 - 2015-01-13 01:10 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.1421133059640
2015-01-13 01:10 - 2015-01-13 01:10 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-13 01:10 - 2015-01-13 01:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-13 01:10 - 2015-01-13 01:10 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-13 01:08 - 2015-01-13 01:08 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-13 01:07 - 2015-01-13 01:08 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-13 00:52 - 2014-12-31 05:14 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-12 20:22 - 2015-01-12 20:22 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-01-12 20:12 - 2015-01-12 20:12 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-01-12 20:12 - 2015-01-12 20:12 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-01-12 19:13 - 2015-01-12 19:13 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-01-12 19:13 - 2015-01-12 19:13 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-12 19:13 - 2015-01-12 19:13 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-12 18:51 - 2015-01-12 19:19 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-12 18:48 - 2015-01-12 18:48 - 00000000 ____D () C:\Users\Judy\Desktop\New folder
2015-01-12 18:35 - 2015-01-12 18:51 - 00135384 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-12 18:35 - 2015-01-12 18:51 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-12 18:35 - 2015-01-12 18:35 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-12 18:35 - 2015-01-12 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-12 18:35 - 2015-01-12 18:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-12 18:35 - 2015-01-12 18:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-12 18:35 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-12 18:35 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-12 07:54 - 2015-01-12 07:54 - 00000000 ____D () C:\ProgramData\AMMYY
2015-01-12 07:49 - 2015-01-12 07:49 - 00002263 _____ () C:\Users\Judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\(Trial version) Quicktechno.lnk
2015-01-12 07:49 - 2015-01-12 07:49 - 00002263 _____ () C:\Users\Judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\(Trial version) Quicktechno (2).lnk
2014-12-21 06:39 - 2014-11-26 15:10 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-21 06:39 - 2014-11-26 15:10 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-21 06:34 - 2014-12-21 06:34 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-15 17:33 - 2014-10-30 16:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-15 17:33 - 2014-10-30 16:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-13 01:29 - 2014-11-06 15:06 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-01-13 01:29 - 2014-11-06 14:52 - 01835494 _____ () C:\Windows\WindowsUpdate.log
2015-01-13 01:28 - 2014-11-20 10:11 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1053173477-2516257368-127646272-1001
2015-01-13 01:04 - 2014-11-20 12:58 - 00000000 ____D () C:\Users\Judy\AppData\Roaming\DropboxOEM
2015-01-13 01:00 - 2014-11-26 07:12 - 00000000 ____D () C:\Users\Judy\AppData\Local\CrashDumps
2015-01-13 01:00 - 2014-11-06 13:03 - 00000000 ____D () C:\Windows\Panther
2015-01-13 01:00 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-13 00:54 - 2014-11-26 14:30 - 00000000 ____D () C:\ProgramData\softthinks
2015-01-13 00:50 - 2014-11-20 10:11 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2C586433-0591-4B63-82A4-6CAC836FDE99}
2015-01-12 20:46 - 2014-11-28 20:14 - 00000000 ____D () C:\Users\Judy\AppData\Roaming\Skype
2015-01-12 20:46 - 2014-11-28 20:14 - 00000000 ____D () C:\ProgramData\Skype
2015-01-12 20:24 - 2013-08-22 09:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-01-12 20:06 - 2014-11-06 15:09 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-12 19:59 - 2014-11-06 15:09 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-01-12 19:30 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-12 18:18 - 2014-03-18 03:53 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-12 18:14 - 2013-08-22 07:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-12 18:12 - 2013-08-22 08:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-12 18:11 - 2013-08-22 07:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-21 06:43 - 2014-11-06 15:06 - 00000000 ____D () C:\Program Files (x86)\Dell Update
2014-12-21 06:43 - 2014-11-06 15:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-12-21 06:34 - 2014-12-05 16:23 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-21 06:34 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-21 06:34 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-21 06:34 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-21 06:34 - 2013-08-22 09:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-18 15:46 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-18 09:30 - 2014-11-06 15:05 - 00000000 ____D () C:\ProgramData\PCDr
2014-12-17 18:46 - 2014-12-05 13:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-17 18:44 - 2014-12-05 13:41 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Judy\AppData\Local\Temp\0264361421114391mcinst.exe
C:\Users\Judy\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-12 19:29
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015 02
Ran by Judy at 2015-01-13 01:34:50
Running from C:\Users\Judy\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Data Services (HKLM\...\{90F9BFC9-A2A9-403F-9A40-1063FAD035BA}) (Version: 1.1.6.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{0D2426EF-A4D1-403B-B78B-2897D6AD3021}) (Version: 1.1.333.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{17FFE63C-6734-4950-B488-134B5A2505F7}) (Version: 2.04.0280 - Aviata Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.2.3 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{D9D0E75C-F791-402A-98E2-A2F43E7B0CE3}) (Version: 1.1.1054.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.21 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0052 - ST Microelectronics)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
23-11-2014 06:05:34 Windows Update
26-11-2014 12:04:24 Windows Update
28-11-2014 19:08:15 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
28-11-2014 19:09:37 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
03-12-2014 13:22:13 Windows Update
08-12-2014 04:04:01 Windows Modules Installer
17-12-2014 18:39:42 Windows Modules Installer
21-12-2014 06:30:30 Windows Update
12-01-2015 19:16:21 Removed Amazon 1Button App
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {22CDF6A6-DE48-4652-8395-59D847E63387} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc)
Task: {24CCA0AB-9DE2-47DC-9E0D-CE5859EA943D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {3913081E-EF24-44B2-BF35-4A90679AB7B9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {4A52583A-560E-4391-AD95-3B0B82273A94} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-13] (AVAST Software)
Task: {4BDA971C-1FD8-4E65-BC7E-AD82385393CD} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {A5B8818D-90D7-43DA-9DB0-5FAA50A751AD} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc)
Task: {B50A300B-27F1-4B44-8C81-E46F12B7B400} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-06-30] (Realtek Semiconductor)
Task: {BDE10C78-FF35-4BF4-B69D-D80C2D148D6A} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-10] (Synaptics Incorporated)
Task: {EBB6EA56-2454-4F46-A982-2ECB7A396448} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {FF9F3BEC-BCEB-4BE5-B6BC-710407934D8D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-17] (Microsoft Corporation)
==================== Loaded Modules (whitelisted) =============
2014-01-10 16:53 - 2014-01-10 16:53 - 00016384 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Interfaces.dll
2014-01-10 16:53 - 2014-01-10 16:53 - 00081408 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Objects.dll
2014-01-10 16:53 - 2014-01-10 16:53 - 00815616 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Resources.dll
2014-01-10 17:24 - 2014-01-10 17:24 - 00052736 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Plugins.SelfUpdate.dll
2014-01-10 17:24 - 2014-01-10 17:24 - 00019968 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Common.dll
2014-11-06 15:08 - 2014-06-04 17:02 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-11-06 15:08 - 2014-06-04 17:02 - 00019744 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2014-11-06 15:08 - 2014-06-04 17:03 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2014-02-26 02:46 - 2014-02-26 02:46 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 02:43 - 2014-02-26 02:43 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 02:50 - 2014-02-26 02:50 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2014-11-06 15:08 - 2014-07-02 23:55 - 00487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2015-01-13 01:10 - 2015-01-13 01:10 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011201\algo.dll
2015-01-13 01:10 - 2015-01-13 01:10 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-06 15:08 - 2014-07-30 19:37 - 01906464 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-11-06 15:08 - 2012-11-26 01:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-11-06 15:06 - 2012-11-26 01:19 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "mcpltui_exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-1053173477-2516257368-127646272-500 - Administrator - Disabled)
Guest (S-1-5-21-1053173477-2516257368-127646272-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1053173477-2516257368-127646272-1003 - Limited - Enabled)
Judy (S-1-5-21-1053173477-2516257368-127646272-1001 - Administrator - Enabled) => C:\Users\Judy
==================== Faulty Device Manager Devices =============
Name: HID Sensor Collection
Description: HID Sensor Collection
Class Guid: {5175d334-c371-4806-b3ba-71fd53c9258d}
Manufacturer: Microsoft
Service: SensorsHIDClassDriver
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/12/2015 07:48:06 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/12/2015 07:41:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (01/12/2015 07:31:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (01/12/2015 06:24:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 6.22.0.107 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 12d8
Start Time: 01d02ec5bca0c994
Termination Time: 4294967295
Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
Report Id: 903083c4-9aba-11e4-825e-4cbb583ad087
Faulting package full name:
Faulting package-relative application ID:
Error: (01/12/2015 06:13:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (01/12/2015 06:10:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 6.22.0.107 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 10f0
Start Time: 01d01d1b62e1e3ff
Termination Time: 4294967295
Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
Report Id: 9daada32-9ab8-11e4-825d-4cbb583ad087
Faulting package full name:
Faulting package-relative application ID:
Error: (01/12/2015 06:10:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mmc.exe version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 839c
Start Time: 01d02e6fa8dc5214
Termination Time: 4294967295
Application Path: C:\Windows\system32\mmc.exe
Report Id: 75ab3658-9ab8-11e4-825d-4cbb583ad087
Faulting package full name:
Faulting package-relative application ID:
Error: (01/12/2015 08:00:32 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (01/12/2015 06:51:42 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/11/2015 06:56:10 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
System errors:
=============
Error: (01/12/2015 08:48:32 PM) (Source: DCOM) (EventID: 10010) (User: Judyspc)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/12/2015 08:48:32 PM) (Source: DCOM) (EventID: 10010) (User: Judyspc)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/12/2015 08:48:32 PM) (Source: DCOM) (EventID: 10010) (User: Judyspc)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/12/2015 08:48:31 PM) (Source: DCOM) (EventID: 10010) (User: Judyspc)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/12/2015 08:01:09 PM) (Source: DCOM) (EventID: 10010) (User: Judyspc)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (01/12/2015 08:00:38 PM) (Source: DCOM) (EventID: 10010) (User: Judyspc)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (01/12/2015 07:30:14 PM) (Source: DCOM) (EventID: 10010) (User: Judyspc)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/12/2015 07:30:15 PM) (Source: DCOM) (EventID: 10010) (User: Judyspc)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/21/2014 06:43:37 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (12/17/2014 06:56:12 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 252.
Microsoft Office Sessions:
=========================
Error: (01/12/2015 07:48:06 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/12/2015 07:41:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Judy\AppData\Local\Temp\nshA51E.tmp\PIPInstaller_PLT-G_.exe
Error: (01/12/2015 07:31:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe
Error: (01/12/2015 06:24:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.22.0.10712d801d02ec5bca0c9944294967295C:\Program Files (x86)\Skype\Phone\Skype.exe903083c4-9aba-11e4-825e-4cbb583ad087
Error: (01/12/2015 06:13:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (01/12/2015 06:10:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.22.0.10710f001d01d1b62e1e3ff4294967295C:\Program Files (x86)\Skype\Phone\Skype.exe9daada32-9ab8-11e4-825d-4cbb583ad087
Error: (01/12/2015 06:10:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mmc.exe6.3.9600.16384839c01d02e6fa8dc52144294967295C:\Windows\system32\mmc.exe75ab3658-9ab8-11e4-825d-4cbb583ad087
Error: (01/12/2015 08:00:32 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883
Error: (01/12/2015 06:51:42 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/11/2015 06:56:10 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
CodeIntegrity Errors:
===================================
Date: 2014-11-20 10:09:38.250
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Celeron® CPU N2830 @ 2.16GHz
Percentage of memory in use: 88%
Total physical RAM: 3979.2 MB
Available physical RAM: 471.38 MB
Total Pagefile: 4827.2 MB
Available Pagefile: 3158.75 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:456.98 GB) (Free:414.29 GB) NTFS
Drive d: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32
Drive x: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.45 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:7.39 GB) (Free:0.73 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: FA22D922)
Partition: GPT Partition Type.
==================== End Of Log ============================
Edited by xxjermeyxx, 13 January 2015 - 01:48 AM.