hi,my chrome browser keeps redirecting me to ads due to something called primosearch.I downloaded a trial of yac(yet anothercleaner)to try and remove it however I still have it and can't get rid of it....yac also picked up two pups which my kav2015 picked up around two weeks ago and eliminated so I don't know if yac removed or restored these aswell.
My laptop is running windows 7 pro 64-bit os.
I downloaded and ran FRST as admin.here are my logs :
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-04-2015
Ran by Ally (administrator) on ALLYBALLYBONGO on 11-04-2015 23:27:36
Running from C:\Users\Ally\Downloads
Loaded Profiles: Ally (Available profiles: Ally)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Reflection Software Solutions Pvt. Ltd.) C:\Program Files (x86)\CraveWorldClock\CWClock.exe
(Spotify Ltd) C:\Users\Ally\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\wmi64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [6492672 2011-01-18] (Dell Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-02-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686744 2012-09-05] ()
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1270064 2014-12-11] ()
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-52834813-3660881880-2756664971-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-52834813-3660881880-2756664971-1000\...\Run: [Crave World Clock] => C:\Program Files (x86)\CraveWorldClock\CWClock.exe [3687120 2012-03-26] (Reflection Software Solutions Pvt. Ltd.)
HKU\S-1-5-21-52834813-3660881880-2756664971-1000\...\Run: [AceWebExtensionUpdater] => C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe [22824 2015-02-28] ()
HKU\S-1-5-21-52834813-3660881880-2756664971-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-52834813-3660881880-2756664971-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-52834813-3660881880-2756664971-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-52834813-3660881880-2756664971-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk
ShortcutTarget: Dell System Manager.lnk -> C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe (Dell Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = uk.yahoo.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = uk.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = uk.yahoo.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = uk.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = uk.yahoo.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = uk.yahoo.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = uk.yahoo.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = uk.yahoo.com
HKU\S-1-5-21-52834813-3660881880-2756664971-1000\Software\Microsoft\Internet Explorer\Main,Start Page = uk.yahoo.com
HKU\S-1-5-21-52834813-3660881880-2756664971-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = uk.yahoo.com
SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-01-28] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-01-28] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
FireFox:
========
FF ProfilePath: C:\Users\Ally\AppData\Roaming\Mozilla\Firefox\Profiles\irp808ed.default-1422547318810
FF NewTab: uk.yahoo.com
FF Homepage: uk.yahoo.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-02] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-02] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-01-28] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-01-28] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-01-28] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-52834813-3660881880-2756664971-1000: @hola.org/vlc,version=1.6.654 -> C:\Users\Ally\AppData\Local\Hola\firefox\app\vlc [2015-02-13] ()
FF user.js: detected! => C:\Users\Ally\AppData\Roaming\Mozilla\Firefox\Profiles\irp808ed.default-1422547318810\user.js [2015-01-29]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Extension: AS Magic Player - C:\Users\Ally\AppData\Roaming\Mozilla\Firefox\Profiles\irp808ed.default-1422547318810\Extensions\magicplayer@acestream.org [2015-04-09]
FF Extension: YouTube High Definition - C:\Users\Ally\AppData\Roaming\Mozilla\Firefox\Profiles\irp808ed.default-1422547318810\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-01-29]
FF Extension: Adblock Plus - C:\Users\Ally\AppData\Roaming\Mozilla\Firefox\Profiles\irp808ed.default-1422547318810\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-29]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-01-28]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-01-28]
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-01-28]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-01-28]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-01-28]
FF Extension: No Name - C:\Users\Ally\AppData\Roaming\Mozilla\Firefox\Profiles\irp808ed.default-1422547318810\extensions\fftoolbar2014@etech.com [Not Found]
Chrome:
=======
CHR HomePage: Default -> uk.yahoo.com
CHR StartupUrls: Default -> "uk.yahoo.com"
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Ally\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Ally\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-30]
CHR Extension: (Click&Clean) - C:\Users\Ally\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2015-01-31]
CHR Extension: (Adblock Super) - C:\Users\Ally\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-01-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ally\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-10]
CHR Extension: (Google Wallet) - C:\Users\Ally\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30]
CHR Extension: (Click&Clean App) - C:\Users\Ally\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-01-30]
CHR Extension: (Gmail) - C:\Users\Ally\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-30]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-03-27] (Elex do Brasil Participações Ltda)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S4 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
S4 O2SDIOAssist; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-19] () [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5839872 2011-01-18] (Dell Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [246296 2015-03-27] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [42520 2015-03-27] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [96792 2015-03-27] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [39448 2015-03-27] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [90648 2015-03-27] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-03-11] (Elex do Brasil Participações Ltda)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2015-01-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2015-01-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-11 23:27 - 2015-04-11 23:27 - 00021640 _____ () C:\Users\Ally\Downloads\FRST.txt
2015-04-11 23:27 - 2015-04-11 23:27 - 00000000 ____D () C:\FRST
2015-04-11 23:09 - 2015-04-11 23:10 - 02095616 _____ (Farbar) C:\Users\Ally\Downloads\FRST64.exe
2015-04-11 22:27 - 2015-04-11 22:27 - 00000000 ____D () C:\Windows\LastGood
2015-04-11 22:26 - 2015-04-11 22:26 - 00000000 ____D () C:\Windows\system32\log
2015-04-11 22:26 - 2015-04-11 22:26 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\Elex-tech
2015-04-11 22:26 - 2015-04-11 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2015-04-11 22:26 - 2015-04-11 22:26 - 00000000 ____D () C:\Program Files (x86)\Elex-tech
2015-04-11 22:26 - 2015-03-27 10:17 - 00042520 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-04-11 22:26 - 2015-03-26 04:43 - 00027136 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2015-04-11 22:26 - 2015-03-11 13:59 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-04-11 04:09 - 2015-04-11 21:03 - 00000224 _____ () C:\Windows\setupact.log
2015-04-11 04:09 - 2015-04-11 04:09 - 00000368 _____ () C:\Windows\PFRO.log
2015-04-11 04:09 - 2015-04-11 04:09 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-11 01:47 - 2015-04-11 01:50 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\vlc
2015-04-11 01:47 - 2015-04-11 01:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-04-10 23:36 - 2015-04-10 23:36 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-10 23:36 - 2015-04-10 23:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-10 23:36 - 2015-04-10 23:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-10 23:36 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-10 23:36 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-10 23:36 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-10 23:35 - 2015-04-10 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2015-04-10 23:35 - 2015-04-10 23:35 - 00000000 ____D () C:\Program Files\Greenshot
2015-04-10 23:26 - 2015-04-11 21:54 - 00000000 ___RD () C:\Users\Ally\Documents\EPUB MOBI Library
2015-04-10 23:13 - 2015-04-10 23:14 - 00000000 ____D () C:\Users\Ally\.ebookreader
2015-04-10 23:12 - 2015-04-10 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Ebook Reader
2015-04-10 23:12 - 2015-04-10 23:12 - 00000000 ____D () C:\Program Files (x86)\Icecream Ebook Reader
2015-04-10 04:05 - 2015-04-11 21:54 - 00000000 ___RD () C:\Users\Ally\Documents\Calibre Library
2015-04-10 04:05 - 2015-04-10 04:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-04-10 04:05 - 2015-04-10 04:05 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2015-04-09 19:44 - 2015-04-11 01:44 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\ACEStream
2015-04-09 19:44 - 2015-04-09 19:45 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\AceWebExtension
2015-04-09 19:19 - 2015-04-09 19:19 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\StreamTorrent
2015-04-09 04:30 - 2015-04-10 19:59 - 00001958 _____ () C:\Users\Ally\.pia_manager_crash.log
2015-04-08 23:38 - 2015-03-23 04:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-08 23:38 - 2015-03-23 04:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-08 23:38 - 2015-03-23 04:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-08 23:38 - 2015-03-23 04:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-08 23:38 - 2015-03-23 04:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-08 23:38 - 2015-03-23 04:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-08 23:38 - 2015-03-23 04:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-08 23:38 - 2015-03-23 04:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-08 04:21 - 2015-04-09 04:34 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\Spotify
2015-04-08 04:21 - 2015-04-09 04:34 - 00000000 ____D () C:\Users\Ally\AppData\Local\Spotify
2015-04-08 04:21 - 2015-04-08 04:21 - 00001792 _____ () C:\Users\Ally\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-04-04 06:30 - 2015-04-04 06:30 - 00000000 ____D () C:\Windows\Sun
2015-04-04 06:29 - 2015-04-04 06:29 - 00003150 _____ () C:\Windows\System32\Tasks\{2D32D84D-06CC-49C5-8DE5-7F41BB08A6C9}
2015-04-03 04:42 - 2015-04-03 04:42 - 00000000 ____D () C:\Users\Ally\AppData\Local\DDMSettings
2015-04-02 15:58 - 2015-04-02 15:58 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-02 15:58 - 2015-04-02 15:58 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-01 14:03 - 2015-04-11 22:37 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\Skype
2015-04-01 14:03 - 2015-04-01 14:05 - 00000000 ____D () C:\ProgramData\Skype
2015-04-01 14:03 - 2015-04-01 14:03 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-01 14:03 - 2015-04-01 14:03 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-01 14:03 - 2015-04-01 14:03 - 00000000 ____D () C:\Users\Ally\AppData\Local\Skype
2015-04-01 13:23 - 2015-04-01 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-04-01 13:23 - 2015-04-01 13:23 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-31 14:46 - 2015-04-09 23:36 - 00003484 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-03-31 14:46 - 2015-03-31 14:46 - 00004038 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-03-31 14:46 - 2015-03-31 14:46 - 00003228 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-03-31 14:46 - 2015-03-31 14:46 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-03-31 14:46 - 2015-03-31 14:46 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-03-31 14:43 - 2015-03-31 21:58 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
2015-03-31 14:43 - 2015-03-31 14:43 - 00003598 _____ () C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-03-31 14:43 - 2015-03-31 14:43 - 00000000 __HDC () C:\ProgramData\{6AACA38B-2810-4B47-BDEC-D7A1F38B1531}
2015-03-28 18:35 - 2015-04-11 22:37 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\dvdcss
2015-03-20 13:51 - 2015-03-20 13:51 - 00000463 _____ () C:\Users\Ally\Documents\scrot.txt
2015-03-15 07:45 - 2015-03-15 07:45 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\Boilsoft
2015-03-15 07:45 - 2015-03-15 07:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boilsoft
2015-03-15 07:45 - 2015-03-15 07:45 - 00000000 ____D () C:\Program Files (x86)\Boilsoft
2015-03-13 13:57 - 2015-03-13 13:57 - 00000000 ____D () C:\Program Files (x86)\STMicroelectronics
2015-03-13 13:57 - 2011-07-15 22:31 - 00022128 _____ (ST Microelectronics) C:\Windows\system32\Drivers\stdcfltn.sys
2015-03-13 13:45 - 2015-03-13 13:45 - 13536952 _____ (Dell Inc.) C:\Users\Ally\Documents\Chipset_Driver_RCHTX_WN_2.00.10.34_A11.EXE
2015-03-13 02:06 - 2012-05-21 12:54 - 00068208 _____ (STMicroelectronics) C:\Windows\system32\Drivers\ST_ACCEL.sys
2015-03-13 02:03 - 2015-03-13 01:54 - 10142928 _____ (Renesas Electronics Corporation ) C:\Users\Ally\Documents\RENESAS-USB3-Host-Driver-30230-setup.exe
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\2C0A
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0C0A
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0C04
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0816
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0804
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0424
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\041F
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\041E
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\041D
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\041B
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0419
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0416
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0415
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0414
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0413
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0412
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0411
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0410
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\040E
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\040D
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\040C
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\040B
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\040A
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0409
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0408
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0407
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0406
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0405
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0404
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Windows\system32\0401
2015-03-13 01:59 - 2015-03-13 01:59 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2015-03-12 02:52 - 2015-03-12 02:52 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\Titanium
2015-03-12 02:52 - 2015-03-12 02:52 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\Apple Computer
2015-03-12 02:52 - 2015-03-12 02:52 - 00000000 ____D () C:\Users\Ally\AppData\Local\Apple Computer
2015-03-12 02:51 - 2015-03-12 02:53 - 00000000 ____D () C:\Program Files\pia_manager
2015-03-12 02:51 - 2015-03-12 02:51 - 00003168 _____ () C:\Windows\System32\Tasks\Private Internet Access Startup
2015-03-12 02:51 - 2015-03-12 02:51 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-11 23:19 - 2015-01-30 14:06 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-11 23:18 - 2009-07-14 05:45 - 00021504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-11 23:18 - 2009-07-14 05:45 - 00021504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-11 23:07 - 2015-01-29 01:41 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-11 23:06 - 2015-01-29 01:41 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2015-04-11 23:04 - 2015-01-30 20:37 - 00000000 ___RD () C:\Program Files\Tools
2015-04-11 22:50 - 2015-01-28 13:06 - 01132253 _____ () C:\Windows\WindowsUpdate.log
2015-04-11 22:37 - 2015-01-28 21:03 - 00000000 ____D () C:\Windows\Panther
2015-04-11 22:37 - 2015-01-28 13:10 - 00000000 ____D () C:\Users\Ally
2015-04-11 22:37 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-04-11 22:17 - 2015-01-30 14:06 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-11 21:51 - 2015-01-28 17:17 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-04-11 21:48 - 2015-01-29 01:26 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-04-11 21:03 - 2015-02-22 06:42 - 00000356 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job
2015-04-11 21:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-11 04:30 - 2015-01-28 20:18 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\uTorrent
2015-04-11 01:44 - 2015-02-03 04:04 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\.ACEStream
2015-04-11 00:09 - 2015-01-28 21:44 - 00000000 ___RD () C:\Users\Ally\Documents\My Kindle Content
2015-04-10 23:36 - 2015-01-30 20:31 - 00000000 ____D () C:\Program Files\Anti-Malware
2015-04-10 22:54 - 2015-02-20 15:29 - 00000000 ____D () C:\ProgramData\Origin
2015-04-10 06:35 - 2009-07-14 06:13 - 00756534 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-10 06:33 - 2015-02-04 00:29 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\calibre
2015-04-10 05:12 - 2015-01-28 20:35 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\Vso
2015-04-10 05:12 - 2015-01-28 20:35 - 00000000 ____D () C:\ProgramData\VSO
2015-04-10 04:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-10 04:10 - 2015-02-04 00:34 - 00000000 ____D () C:\Users\Ally\AppData\Local\calibre-cache
2015-04-09 23:39 - 2015-01-28 20:37 - 00000000 ___RD () C:\Users\Ally\Documents\ConvertXtoDVD
2015-04-09 20:57 - 2015-02-03 04:05 - 00000000 ___HD () C:\_acestream_cache_
2015-04-09 19:36 - 2015-01-28 22:42 - 00000000 ____D () C:\Users\Ally\AppData\Roaming\Kodi
2015-04-09 07:15 - 2009-07-14 06:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-08 23:42 - 2015-01-28 16:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-08 23:42 - 2015-01-28 16:45 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-04 21:19 - 2015-01-28 20:35 - 00099384 _____ () C:\Users\Ally\AppData\Roaming\inst.exe
2015-04-04 21:19 - 2015-01-28 20:35 - 00082816 _____ (VSO Software) C:\Users\Ally\AppData\Roaming\pcouffin.sys
2015-04-04 21:19 - 2015-01-28 20:35 - 00007859 _____ () C:\Users\Ally\AppData\Roaming\pcouffin.cat
2015-04-04 21:19 - 2015-01-28 20:35 - 00000055 _____ () C:\Users\Ally\AppData\Roaming\pcouffin.log
2015-04-04 10:20 - 2015-01-28 18:02 - 00000000 ____D () C:\ProgramData\PCDr
2015-04-04 07:13 - 2015-01-28 14:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-04 06:35 - 2015-01-28 14:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 04:42 - 2015-01-29 16:48 - 00000000 ____D () C:\ProgramData\DivX
2015-04-02 15:58 - 2015-01-28 19:59 - 00000000 ____D () C:\Users\Ally\AppData\Local\Adobe
2015-04-01 13:23 - 2015-03-03 06:57 - 00002800 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-04-01 01:10 - 2015-01-28 21:44 - 00000000 ____D () C:\Users\Ally\AppData\Local\Amazon
2015-03-31 14:46 - 2015-01-28 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-03-31 14:43 - 2015-01-28 14:06 - 00000000 ____D () C:\Program Files (x86)\Dell
2015-03-31 14:43 - 2015-01-28 13:55 - 00000000 ____D () C:\Program Files\Dell
2015-03-31 01:28 - 2015-01-28 20:10 - 00000000 ____D () C:\Users\Ally\AppData\Local\PokerStars.UK
2015-03-30 22:52 - 2015-01-28 20:09 - 00000000 ____D () C:\Program Files (x86)\PokerStars.UK
2015-03-27 13:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-13 13:57 - 2015-01-29 15:51 - 00000000 ____D () C:\Program Files\STMicroelectronics
2015-03-13 13:57 - 2015-01-28 13:47 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-13 01:28 - 2015-01-29 15:53 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2015-03-12 23:48 - 2015-01-29 02:13 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-03-12 06:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2015-02-08 21:09 - 2015-02-08 21:09 - 0000037 ___SH () C:\Users\Ally\AppData\Roaming\3383130714d37bd0a5e1c67.49796809
2015-01-28 20:35 - 2015-04-04 21:19 - 0099384 _____ () C:\Users\Ally\AppData\Roaming\inst.exe
2015-01-28 20:35 - 2015-04-04 21:19 - 0007859 _____ () C:\Users\Ally\AppData\Roaming\pcouffin.cat
2015-01-28 20:35 - 2015-04-04 21:19 - 0001167 _____ () C:\Users\Ally\AppData\Roaming\pcouffin.inf
2015-01-28 20:35 - 2015-04-04 21:19 - 0000055 _____ () C:\Users\Ally\AppData\Roaming\pcouffin.log
2015-01-28 20:35 - 2015-04-04 21:19 - 0082816 _____ (VSO Software) C:\Users\Ally\AppData\Roaming\pcouffin.sys
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-27 12:55
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-04-2015
Ran by Ally at 2015-04-11 23:28:06
Running from C:\Users\Ally\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-52834813-3660881880-2756664971-1000\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.34 - STMicroelectronics)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-52834813-3660881880-2756664971-1000\...\Amazon Kindle) (Version: - Amazon)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 5.2.0.0 - Auslogics Labs Pty Ltd)
Boilsoft Video Joiner 6.57 (HKLM-x32\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version: - Boilsoft, Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{64973F6A-8754-43D1-BDD0-FC6F0546347B}) (Version: 14.4.6.2 - Broadcom Corporation)
calibre (HKLM-x32\...\{A9EF1103-1033-463B-A057-E23CD65D087E}) (Version: 2.24.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Crave World Clock Pro 1.6.3 (HKLM-x32\...\Crave World Clock Pro_is1) (Version: - Reflection Software Solutions Pvt. Ltd.)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell)
Dell System Manager (HKLM\...\{9CC89928-4787-4ED5-9942-4EBF6C2468E6}) (Version: 1.7.10000 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.127 - ALPS ELECTRIC CO., LTD.)
DFX (HKLM-x32\...\DFX) (Version: 11.306.0.0 - Power Technology)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.100.235.13 - Dell Inc.)
Easy Graphic Converter 1.2 (HKLM-x32\...\Easy Graphic Converter 1.2_is1) (Version: 1.1 - Etru Software Development)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Greenshot 1.2.5.19 (HKLM\...\Greenshot_is1) (Version: 1.2.5.19 - Greenshot)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.1.0.001 - HTC Corporation)
Icecream Ebook Reader version 1.55 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 1.55 - Icecream Apps)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InstallVC90Support (x32 Version: 1.01.0000 - Novatel Wireless) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.70.1205 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3040 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{938A412F-78C1-4158-8590-038A1D670A57}) (Version: 3.0.07.47 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (x32 Version: 3.0.07.47 - O2Micro International LTD.) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version: - PokerStars.uk)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKU\S-1-5-21-52834813-3660881880-2756664971-1000\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.64 - VSO Software)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03CB5BCF-4193-4759-8D5C-F8F9EB4D29FF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {2562F1F3-5250-459F-BE68-BCCF07807F73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-30] (Google Inc.)
Task: {32BB4D30-99BE-413D-867C-2233DF6B6D3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-30] (Google Inc.)
Task: {49F4C8FA-4D41-4670-A8A2-81B51DA71101} - System32\Tasks\{4E0039BE-A4CE-4E38-8956-57687356B15F} => pcalua.exe -a C:\Users\Ally\Downloads\SWB_DRVR_ME7P1_1P5M_7_1_70_1198_MR_A04_SETUP_ZPE.exe -d C:\Users\Ally\Downloads
Task: {586E96A6-42ED-48C6-A0DA-55DE51A50D95} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-03-12] ()
Task: {609818A9-5A8A-4137-801F-BADC64A061AB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {7207E151-E7CE-46F6-87CC-BBC3DA4AEA16} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {807C2A68-BF56-493E-A58D-C81CBFCDBD37} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {9CD1E3A6-E46F-4BC0-B4AD-5E1D07675F4C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.)
Task: {B93C1664-4784-45F6-9803-10174FA5C850} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {BAE1E7F3-5A44-41B8-8EBE-E18941C6E0E6} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-03-20] (PC-Doctor, Inc.)
Task: {C8F27570-4146-4284-A446-BD1C6A405C08} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: {D9FBE6D9-2EE2-4674-8ACB-0894BE5C47CC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {E9AE60C8-6B54-4F95-BA5E-CB671DD5ABF8} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.)
Task: {EA9EED9B-D04B-4BFB-A549-193CA594555C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {F3E426BC-9448-4D03-996D-341808FFAF89} - System32\Tasks\{2D32D84D-06CC-49C5-8DE5-7F41BB08A6C9} => pcalua.exe -a C:\Users\Ally\Downloads\chromeinstall-8u40.exe -d C:\Users\Ally\Downloads
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-02-25 10:28 - 2012-12-07 18:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-03-12 02:51 - 2015-03-12 02:51 - 08817658 _____ () C:\Program Files\pia_manager\pia_manager.exe
2015-01-28 13:42 - 2013-02-22 20:43 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-13 13:57 - 2012-09-05 13:51 - 00686744 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2015-01-30 20:19 - 2007-09-02 14:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2015-02-28 02:23 - 2015-02-28 02:23 - 00022824 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe
2015-03-12 02:51 - 2015-03-12 02:51 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2014-03-06 16:00 - 2014-03-06 16:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2015-01-30 20:19 - 2007-09-02 14:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2015-04-11 21:03 - 2015-04-11 21:03 - 00012800 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-04-11 21:03 - 2015-04-11 21:03 - 00009728 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-04-11 21:03 - 2015-04-11 21:03 - 00014848 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-04-11 21:03 - 2015-04-11 21:03 - 00094208 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\src\rgloader\rgloader193.mswin.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00009216 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-04-11 21:03 - 2015-04-11 21:03 - 00094208 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00126976 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00087552 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00016384 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-04-11 21:03 - 2015-04-11 21:03 - 00127316 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\bin\libffi-6.dll
2015-04-11 21:03 - 2015-04-11 21:03 - 00008704 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-04-11 21:03 - 2015-04-11 21:03 - 00013312 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-04-11 21:03 - 2015-04-11 21:03 - 00095744 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00026624 _____ () C:\Users\Ally\AppData\Local\Temp\ocr7203.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2011-06-12 14:09 - 2011-06-12 14:09 - 00038400 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\_socket.pyd
2011-06-12 14:09 - 2011-06-12 14:09 - 00720896 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\_ssl.pyd
2014-01-23 12:37 - 2014-01-23 12:37 - 00036352 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\_psutil_mswindows.pyd
2012-02-07 17:37 - 2012-02-07 17:37 - 00098816 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\win32api.pyd
2012-02-07 17:35 - 2012-02-07 17:35 - 00110080 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\pywintypes27.dll
2012-02-07 17:38 - 2012-02-07 17:38 - 00358912 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\pythoncom27.dll
2012-02-07 17:42 - 2012-02-07 17:42 - 00266240 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\win32com.shell.shell.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00287232 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\_hashlib.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00106496 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\_ctypes.pyd
2010-10-10 23:23 - 2010-10-10 23:23 - 00723968 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\apsw.pyd
2011-01-18 22:56 - 2011-01-18 22:56 - 00334336 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\M2Crypto.__m2crypto.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00011776 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\select.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00152576 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\pyexpat.pyd
2011-06-12 14:06 - 2011-06-12 14:06 - 00688128 _____ () C:\Users\Ally\AppData\Roaming\AceWebExtension\updater\lib\unicodedata.pyd
2015-04-11 21:04 - 2015-04-11 21:04 - 00012800 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00009728 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00014848 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00094208 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\src\rgloader\rgloader193.mswin.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00094208 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00118784 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00069120 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00083968 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\bin\zlib1.dll
2015-04-11 21:04 - 2015-04-11 21:04 - 00026624 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00275968 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00015360 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00008192 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00009216 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00023552 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00008704 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00008704 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00008704 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00008704 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00036352 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00126976 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00087552 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00016384 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00127316 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\bin\libffi-6.dll
2015-04-11 21:04 - 2015-04-11 21:04 - 00013312 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00095744 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-04-11 21:04 - 2015-04-11 21:04 - 00026624 _____ () C:\Users\Ally\AppData\Local\Temp\ocrC428.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-03-12 02:51 - 2015-03-12 02:51 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2015-03-12 02:51 - 2015-03-12 02:51 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2015-03-12 02:51 - 2015-03-12 02:51 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2015-03-12 02:51 - 2015-03-12 02:51 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2015-03-12 02:51 - 2015-03-12 02:51 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2015-03-12 02:51 - 2015-03-12 02:51 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2015-03-12 02:51 - 2015-03-12 02:51 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2015-03-12 02:51 - 2015-03-12 02:51 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2015-03-12 02:51 - 2015-03-12 02:51 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2015-03-12 02:51 - 2015-03-12 02:51 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2015-03-12 02:51 - 2015-03-12 02:51 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2015-03-12 02:51 - 2015-03-12 02:51 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2015-03-12 02:51 - 2015-03-12 02:51 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2015-04-11 22:26 - 2015-03-27 10:12 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2015-04-11 22:26 - 2015-03-11 13:59 - 00176976 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unrar.dll
2015-04-11 22:26 - 2015-03-11 13:59 - 00087744 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unacev2.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-52834813-3660881880-2756664971-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ally\AppData\Local\Temp\\wcwallpaper.bmp
DNS Servers: 194.168.4.100 - 194.168.8.100
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: dcpsysmgrsvc => 2
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: O2FLASH => 2
MSCONFIG\Services: O2SDIOAssist => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: wltrysvc => 2
==================== Accounts: =============================
Administrator (S-1-5-21-52834813-3660881880-2756664971-500 - Administrator - Disabled)
Ally (S-1-5-21-52834813-3660881880-2756664971-1000 - Administrator - Enabled) => C:\Users\Ally
Guest (S-1-5-21-52834813-3660881880-2756664971-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-52834813-3660881880-2756664971-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/11/2015 09:05:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/11/2015 09:28:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/11/2015 06:06:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/11/2015 04:11:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/11/2015 01:43:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.2.0.0, time stamp: 0x00000004
Faulting module name: libqt4_plugin.dll, version: 2.2.0.0, time stamp: 0x00020002
Exception code: 0x40000015
Fault offset: 0x008f20e8
Faulting process id: 0x570
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3
Error: (04/11/2015 01:42:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.2.0.0, time stamp: 0x00000004
Faulting module name: libqt4_plugin.dll, version: 2.2.0.0, time stamp: 0x00020002
Exception code: 0x40000015
Fault offset: 0x008f20e8
Faulting process id: 0x4e0
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3
Error: (04/11/2015 01:41:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.2.0.0, time stamp: 0x00000004
Faulting module name: libqt4_plugin.dll, version: 2.2.0.0, time stamp: 0x00020002
Exception code: 0x40000015
Fault offset: 0x008f20e8
Faulting process id: 0x1344
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3
Error: (04/10/2015 11:00:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/10/2015 07:59:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/10/2015 10:32:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (04/10/2015 10:57:58 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (04/10/2015 10:10:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
Error: (04/09/2015 03:43:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Agent service failed to start due to the following error:
%%1053
Error: (04/09/2015 03:43:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect.
Error: (04/08/2015 11:05:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Agent service failed to start due to the following error:
%%1053
Error: (04/08/2015 11:05:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect.
Error: (04/07/2015 06:44:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Agent service failed to start due to the following error:
%%1053
Error: (04/07/2015 06:44:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect.
Error: (04/06/2015 11:45:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Agent service failed to start due to the following error:
%%1053
Error: (04/06/2015 11:45:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect.
Microsoft Office Sessions:
=========================
Error: (04/11/2015 09:05:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/11/2015 09:28:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/11/2015 06:06:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/11/2015 04:11:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/11/2015 01:43:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.2.0.000000004libqt4_plugin.dll2.2.0.00002000240000015008f20e857001d073f07ddcd2adC:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dllc6a4c268-dfe3-11e4-9fdc-90004ef07b08
Error: (04/11/2015 01:42:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.2.0.000000004libqt4_plugin.dll2.2.0.00002000240000015008f20e84e001d073f0487c8f09C:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dlla455e88e-dfe3-11e4-9fdc-90004ef07b08
Error: (04/11/2015 01:41:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.2.0.000000004libqt4_plugin.dll2.2.0.00002000240000015008f20e8134401d073f007ca2df6C:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll71659c9d-dfe3-11e4-9fdc-90004ef07b08
Error: (04/10/2015 11:00:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/10/2015 07:59:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/10/2015 10:32:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-02-13 18:07:46.091
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-02-13 18:07:45.731
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-02-02 03:54:54.645
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-02-02 03:54:54.551
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 41%
Total physical RAM: 3993.05 MB
Available physical RAM: 2334.9 MB
Total Pagefile: 7984.29 MB
Available Pagefile: 5769.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:201.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 7CCA5245)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================