Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-05-2016 01 Ran by henri_000 (2016-05-04 20:47:23) Running from C:\Users\henri_000\Desktop Windows 10 Home Version 1511 (X64) (2015-12-28 17:37:46) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2481831376-2314398108-120359188-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2481831376-2314398108-120359188-503 - Limited - Disabled) Guest (S-1-5-21-2481831376-2314398108-120359188-501 - Limited - Disabled) henri_000 (S-1-5-21-2481831376-2314398108-120359188-1001 - Administrator - Enabled) => C:\Users\henri_000 HomeGroupUser$ (S-1-5-21-2481831376-2314398108-120359188-1003 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{7E6ACD66-B207-217A-4D56-070D89395CED}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) AutoCAD 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden AutoCAD 2015 Language Pack - English (Version: 20.0.51.0 - Autodesk) Hidden Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk) Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk) Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk) Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) AVG (Version: 16.71.7596 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4565 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.71.7596 - AVG Technologies) AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.9.726 - AVG Technologies) BlueStacks Notification Center (HKLM-x32\...\{CA64F713-4AA8-47EB-AAA8-C215A425AAF1}) (Version: 0.9.17.5012 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.67.1076 - AB Team, d.o.o.) CamStudio OSS Desktop Recorder (HKLM-x32\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team) CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform) Counter Strike 1.6 (HKLM-x32\...\{1CE6BBC8-A3D3-4F79-B095-AF775F2BCFE1}) (Version: 1.0.0 - Slimi) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.) Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.) Dell Data Vault (Version: 4.3.8.0 - Dell Inc.) Hidden Dell Product Registration (HKLM-x32\...\{764E68FE-C2F9-410E-90A8-CE7F8B9A36E2}) (Version: 2.03.0204 - Aviata Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{B57A8AFE-6735-4497-BD52-BD2F838F5CF0}) (Version: 1.2.1.31 - Dell) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated) Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FMW 1 (Version: 1.73.2 - AVG Technologies) Hidden Free MP3 Cutter 2.0 (HKLM-x32\...\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1) (Version: 2.0 - PolySoft Solutions) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden GoPro App (x32 Version: 5.7.549 - GoPro, Inc.) Hidden GoPro Studio 2.5.7 (HKLM-x32\...\{b996dca2-156c-4d2c-b9a3-59fac08cef33}) (Version: 2.5.7.549 - GoPro, Inc.) HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro) iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{6882ac6d-e97d-4e25-b3ea-5f3f21055dfe}) (Version: 16.6.0 - Intel Corporation) iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) K-Lite Codec Pack 12.0.1 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.0.1 - KLCP) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Maxx Audio Installer (x64) (Version: 2.6.6168.8 - Waves Audio Ltd.) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) MPC-HC 1.7.6 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.6 - MPC-HC Team) OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.1.0 - Popcorn Time) puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.) Rapport (x32 Version: 3.5.1609.47 - Trusteer) Hidden Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.4.1 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28549 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Skype Web Plugin (HKLM-x32\...\{15AF46DB-9EBA-4662-AA52-29EF23585035}) (Version: 3.2.0.23388 - Skype Technologies S.A.) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\Spotify) (Version: 1.0.26.132.ga4e3ccee - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro) WinRAR 5.11 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2481831376-2314398108-120359188-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2481831376-2314398108-120359188-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2481831376-2314398108-120359188-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\henri_000\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2481831376-2314398108-120359188-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {25EA3BD0-43FE-4665-A57E-FEDD1285891A} - System32\Tasks\GoogleUpdateTaskMachineCore1cfea8bca81b3ae => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.) Task: {28E7303D-32E1-4827-960F-6B0D58CD7362} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-02-19] (Aviata Inc) Task: {290C0A98-E895-42C1-A9C3-B44D9E088B9B} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2016-03-24] (PC-Doctor, Inc.) Task: {2D32DF12-2213-45A0-8392-6EED5B120CE6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {32E303B4-187D-436C-A27D-434774478D5A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {3AA5B817-6112-483A-918D-B1F7C3144692} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {43CCCCEA-5CCE-4B89-9B44-E82FC75D17B3} - \SaferUpdateTaskSCUD -> No File <==== ATTENTION Task: {4504E0D8-F52F-4EA9-A7FC-5C3F75720224} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.) Task: {46292169-E513-4DFD-BDD8-F0EAF1AA2352} - System32\Tasks\GoogleUpdateTaskMachineCore1d044c16fd990d0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.) Task: {4C49AF16-CD93-46A7-9ADE-70D3FDE94663} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe Task: {53F58E0E-5D99-410C-A4B4-D252C56D732D} - System32\Tasks\GoogleUpdateTaskMachineUA1cffff64c4badd5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.) Task: {570158C0-D42D-4818-A1D6-4C59BDEC0C69} - System32\Tasks\123 => C:\Windows\System32\shutdown.exe [2015-10-30] (Microsoft Corporation) <==== ATTENTION Task: {59BB724A-8481-458E-B0A3-45E77F4CDE7A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {60A0B1C6-614B-40FC-903B-EF5382D0B09B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-22] (Adobe Systems Incorporated) Task: {6ABAB2D3-8986-4F5F-91C0-B72146F6A7E8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation) Task: {7072023E-1C27-4CEA-BA91-4BAC39999DFD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {7112E2D4-DCD9-475A-A5A5-3054E499C173} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {76FA4BB2-60F7-4174-9032-A806B562D513} - System32\Tasks\{14577FD8-11F6-4EED-AACB-4AF4711701BF} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.18.0.109&LastError=12002 Task: {8D86B0A1-4503-441D-B7D8-1439A605AA0E} - System32\Tasks\{6B485D2C-A3B4-4639-8CB5-60F2BF3B9A79} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\" Task: {90ECB244-3EE0-4E88-B7E4-49D0BD58C8BD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MATIELLO-henri_000 Matiello => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2013-09-09] (Microsoft Corporation) Task: {979381D9-3559-4BF0-A754-163D0E7CBAAB} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-03-02] () Task: {9A59FB58-3CE1-4FB3-94F7-592F98BEFC6F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {9B71144B-79F0-4DB8-AF39-442590524EFD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {9B9D3645-1F5A-49E4-B3E3-AA804C416A7F} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-03-14] (Dell Inc.) Task: {9D7925D5-86DA-4EFA-A3A7-9DBB519D7997} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {A3FC7AE0-C1D6-4472-B748-E340C2FBEE29} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {AA38AA6E-47CE-457F-A260-8D0E2565A57A} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-12-01] (Apple Inc.) Task: {B0EE322A-F176-4240-BFBE-B456B9C03963} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {B59C2245-719B-4E3E-B442-7E58CD43AAE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.) Task: {BB314930-6CF8-4E79-AA12-92255A52D70B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd) Task: {C25DF5A7-ADD0-4D0D-9A94-B96E9C41D929} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {C85E4F8E-BFC2-4B77-A3EE-29849536B802} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-15] (Synaptics Incorporated) Task: {D663F653-622D-4FD3-ABA7-9F4002607BF1} - System32\Tasks\turn off => C:\Windows\System32\shutdown.exe [2015-10-30] (Microsoft Corporation) Task: {DB6DB6DC-894B-484E-885C-ECFF69D5D99A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {DE9C8D04-070D-404F-AA4B-1F57F865EEE4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {E00C6AA7-6D6B-4256-B8A1-DCA51AF951D4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {F0ACAD0F-306F-42C1-805D-C2C9460BA5D2} - System32\Tasks\{FFF9B5A0-FDA8-4426-90FD-ECB0CB2B79F8} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\" Task: {F32E6110-F3C7-4858-99EE-5C0FD98BDE42} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2016-03-24] (PC-Doctor, Inc.) Task: {F9CF9A74-787E-4A61-AEF4-DEADA793BFB0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfea8bca81b3ae.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d044c16fd990d0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cffff64c4badd5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-02-08 17:03 - 2016-04-25 03:17 - 01223752 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe 2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-11-04 22:11 - 2015-11-04 22:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2016-04-12 19:40 - 2016-04-12 19:40 - 00192584 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.9\loggingserver.exe 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-12 19:05 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-07-17 11:35 - 2015-12-18 11:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-04-12 19:05 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2013-10-16 22:25 - 2013-10-16 22:25 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-12-28 22:29 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-04-12 19:04 - 2016-04-02 00:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-04-12 19:04 - 2016-04-02 00:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-04-12 19:04 - 2016-04-01 23:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-04-12 19:04 - 2016-04-01 23:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-04-12 19:04 - 2016-04-02 00:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2012-01-10 01:41 - 2015-03-29 22:42 - 00568392 _____ () C:\Program Files (x86)\puush\puush.exe 2015-12-21 04:55 - 2015-12-21 04:55 - 00292352 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2016-04-19 09:56 - 2016-04-19 09:56 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-04-02 04:39 - 2014-12-04 23:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2015-04-02 04:39 - 2014-12-04 23:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2016-04-12 19:40 - 2016-04-12 19:40 - 00533576 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.9\log4cplusU.dll 2014-04-29 17:39 - 2013-12-18 14:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-06-02 14:51 - 2015-06-02 14:51 - 00545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2016-04-19 20:04 - 2016-03-10 21:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2016-04-19 20:04 - 2015-07-03 13:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2016-04-19 20:04 - 2016-03-31 17:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll 2016-04-19 20:04 - 2015-07-03 13:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2016-04-19 20:04 - 2015-07-03 13:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2016-04-19 20:04 - 2016-02-08 20:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2016-04-19 20:04 - 2016-02-08 20:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2016-04-19 20:04 - 2016-02-08 20:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2016-04-19 20:04 - 2016-02-08 20:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2016-04-19 20:04 - 2016-02-08 20:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2016-04-19 20:04 - 2016-03-31 17:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-04-19 20:04 - 2016-02-17 19:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2015-10-02 09:15 - 2015-10-02 09:15 - 02287616 _____ () C:\Program Files (x86)\GoPro\Tools\Importer\gopro-lib-win-analytics.dll 2016-04-19 20:04 - 2016-02-08 22:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2015-10-22 20:33 - 2016-04-08 16:39 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll 2016-01-05 22:11 - 2016-01-05 22:11 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2016-02-21 20:51 - 2015-10-06 16:26 - 50656768 _____ () C:\Users\henri_000\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2016-02-21 20:51 - 2015-10-06 16:26 - 01874944 _____ () C:\Users\henri_000\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2016-02-21 20:51 - 2015-10-06 16:26 - 00075264 _____ () C:\Users\henri_000\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2016-04-19 09:56 - 2016-04-19 09:56 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 09:56 - 2016-04-19 09:56 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 10:25 - 2015-06-01 08:13 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts # ::1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2481831376-2314398108-120359188-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\henri_000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "CodecPackTrayMenu.lnk" HKLM\...\StartupApproved\Run32: => "BlueStacks Agent" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "ADSKAppManager" HKLM\...\StartupApproved\Run32: => "vProt" HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\StartupApproved\Run: => "iCloudServices" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{1B7DFE73-6867-49FA-863C-6534F64C1B10}C:\users\henri_000\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\henri_000\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{3794E397-D7B8-4F6C-BA75-796912058533}C:\users\henri_000\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\henri_000\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{D2D26291-36EE-4F66-8A6D-86774AFEBFD5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{99B54162-E4B6-4766-B1A6-D1C86849AD74}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{E7AE3301-B3F5-45C5-B4FD-36A43FF96E94}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{53698EA7-493B-49D3-8404-6EE04540DEDB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [UDP Query User{F29CAB59-B405-4505-8290-53A28B930E4D}C:\program files (x86)\slimi\counter strike 1.6\hl.exe] => (Allow) C:\program files (x86)\slimi\counter strike 1.6\hl.exe FirewallRules: [TCP Query User{DBA55743-F68B-4430-9427-FD297404AD52}C:\program files (x86)\slimi\counter strike 1.6\hl.exe] => (Allow) C:\program files (x86)\slimi\counter strike 1.6\hl.exe FirewallRules: [{D618B355-5A67-4705-A2B2-C714AA16AE11}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{76310223-DB29-4A65-BC02-CCD67F18CD1D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [UDP Query User{EF8FF986-CC4D-441D-9644-A6558C8A672E}C:\users\henri_000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\henri_000\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{F0AD8FCA-48C2-485F-8559-15F4C1B99405}C:\users\henri_000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\henri_000\appdata\roaming\spotify\spotify.exe FirewallRules: [{263AE4F6-41E9-4F53-9EDC-D96E087EBE59}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{E3B6ED98-0D49-4E7A-AB8C-9404D8E055D7}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{FD4AAE2C-2232-475F-9995-C46994226B7D}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{5E5A7D4D-E347-4A62-9721-17A90AF9D215}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{22FD75F9-06C3-4250-80B5-4039BDDB1DD4}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{EB8CCC4D-CAEE-4A78-9F05-6C80A7858659}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{26287F92-7852-49DA-8E53-DDAEE9364671}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{7A085000-5A58-4EEA-B78A-C1C0CEE536CB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{F263D71B-A086-4B9C-A597-A5E929535559}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{512BD5CC-2C56-4D12-8743-29C298DE4648}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{79A8190E-A5D3-4624-B875-FAFE42A78709}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{92EDD014-2A14-4F24-A4D8-A788F1C6917F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [TCP Query User{9D3906A1-B946-483C-9529-6BB6A2A44C39}C:\users\henri_000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\henri_000\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{F5D72924-F3BE-48E8-B651-F33E45176D4F}C:\users\henri_000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\henri_000\appdata\roaming\spotify\spotify.exe FirewallRules: [{895092E9-C3F7-4773-892B-B24891ED2C26}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{CA66D84F-409C-4D96-90B7-142C87D90A2E}C:\users\henri_000\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\henri_000\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{F408CBF9-09E0-4F10-941D-04365C676A03}C:\users\henri_000\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\henri_000\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{A27D0541-1A85-4D5E-B754-B651D9E84BB2}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe FirewallRules: [UDP Query User{D3A62834-572E-4275-AED3-DB6BDD256B2C}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe FirewallRules: [TCP Query User{5F290A59-6068-4954-A92A-6C50C6146C0F}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe FirewallRules: [UDP Query User{8FB8266C-A224-47D6-90B3-64B88DBB7A40}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe FirewallRules: [{D21A8738-C7C9-4407-8D5C-9369F43EB711}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{E69DC127-E002-4505-B60B-9BF338DC9BAD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{983FFBC8-48FF-46B1-B28C-E1B100B80484}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{97CDB676-9D95-4DEE-B3BC-D3F651604715}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{A10689C6-F005-4970-A5DB-58B25A995CC0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{3301FE31-0CE1-44DE-8F2B-BE509ED16ACE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{F8227887-B6FD-412A-B915-1BF12F4640A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{E8A89E5A-AF93-427B-9495-41E03A6B9C16}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{B4A7C022-8F5B-4273-AEA5-7EA851610D56}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{42ABC7E8-D626-45FC-94EC-5A4B3D56A65C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{5D45AEA1-9A10-4972-A95C-858900F57C60}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{89F984E2-18CC-42F4-B136-E229B61F2C58}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{7EE25B8F-6ED0-49C5-837B-47C4F772B5DE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{E8F1D506-F9C4-412F-87F1-04AE0A92410A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe ==================== Restore Points ========================= 19-04-2016 23:23:27 Installed DirectX 27-04-2016 17:45:41 Installed Rapport 01-05-2016 00:23:05 Removed BlueStacks Notification Center ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/03/2016 10:55:59 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0 Error: (05/03/2016 10:55:59 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0 Error: (05/03/2016 10:55:59 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0 Error: (05/03/2016 10:54:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe, version: 10.0.10586.0, time stamp: 0x5632d7ba Faulting module name: ESENT.dll, version: 10.0.10586.212, time stamp: 0x56fa1686 Exception code: 0xc0000602 Fault offset: 0x000000000022885f Faulting process id: 0xbdc Faulting application start time: 0xsvchost.exe0 Faulting application path: svchost.exe1 Faulting module path: svchost.exe2 Report Id: svchost.exe3 Faulting package full name: svchost.exe4 Faulting package-relative application ID: svchost.exe5 Error: (05/03/2016 10:54:46 PM) (Source: ESENT) (EventID: 908) (User: ) Description: svchost (3036) Terminating process due to non-recoverable failure: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS) Error: (05/03/2016 01:34:33 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program chrome.exe version 50.0.2661.94 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2f68 Start Time: 01d1a53660721953 Termination Time: 4294967295 Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Report Id: e9e1f5f7-114c-11e6-8326-a088695603b9 Faulting package full name: Faulting package-relative application ID: Error: (05/03/2016 09:16:54 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0 Error: (05/03/2016 09:16:54 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0 Error: (05/03/2016 09:16:54 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0 Error: (05/03/2016 12:18:10 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe, version: 10.0.10586.0, time stamp: 0x5632d7ba Faulting module name: ESENT.dll, version: 10.0.10586.212, time stamp: 0x56fa1686 Exception code: 0xc0000602 Fault offset: 0x000000000022885f Faulting process id: 0x17c Faulting application start time: 0xsvchost.exe0 Faulting application path: svchost.exe1 Faulting module path: svchost.exe2 Report Id: svchost.exe3 Faulting package full name: svchost.exe4 Faulting package-relative application ID: svchost.exe5 System errors: ============= Error: (05/04/2016 06:41:32 PM) (Source: DCOM) (EventID: 10010) (User: MATIELLO) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (05/04/2016 06:41:32 PM) (Source: DCOM) (EventID: 10010) (User: MATIELLO) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (05/04/2016 06:41:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_d368a2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (05/04/2016 06:41:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_d368a2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (05/04/2016 06:41:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_d368a2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (05/04/2016 06:41:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_d368a2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (05/04/2016 06:41:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (05/04/2016 12:16:27 AM) (Source: DCOM) (EventID: 10010) (User: MATIELLO) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (05/04/2016 12:16:26 AM) (Source: DCOM) (EventID: 10010) (User: MATIELLO) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (05/04/2016 12:16:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_5f0cd service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2016-05-04 20:45:19.540 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-04 20:45:19.529 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-04 20:44:57.532 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-04 20:44:57.518 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-04 17:01:25.984 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-04 17:01:25.962 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-03 23:43:58.785 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-03 23:43:58.760 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-03 23:00:33.854 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-03 23:00:33.832 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz Percentage of memory in use: 21% Total physical RAM: 16264.96 MB Available physical RAM: 12837.98 MB Total Virtual: 18696.96 MB Available Virtual: 14730.57 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:919.42 GB) (Free:348.27 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: C39D5BC1) Partition: GPT. ==================== End of Addition.txt ============================