Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Unwanted pop ups advertising at random times [Solved]


  • This topic is locked This topic is locked

#1
awesomesauce

awesomesauce

    Member

  • Member
  • PipPip
  • 21 posts

Hi there,

 

Pop ups keep coming up for different things. We think they have come from free movie websites.

 

Please help. Thanks.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by Carol (administrator) on CAROL-PC on 02-05-2015 17:30:20
Running from C:\Users\Carol\Downloads
Loaded Profiles: Carol (Available profiles: Carol & James)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
() C:\Program Files (x86)\FastPlayer\FPUpdaterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Bloggie Software\BGVolumeWatcher.exe
() C:\Program Files (x86)\FastPlayer\OtherBrowser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-3591160918-901661972-950247392-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3591160918-901661972-950247392-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bloggie Watcher Utility.lnk [2012-08-29]
ShortcutTarget: Bloggie Watcher Utility.lnk -> C:\Program Files (x86)\Sony\Bloggie Software\BGVolumeWatcher.exe (Sony Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserFastPlayer.lnk [2015-01-23]
ShortcutTarget: WebBrowserFastPlayer.lnk -> C:\Program Files (x86)\FastPlayer\OtherBrowser.exe ()
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - webcheck.dll (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-3591160918-901661972-950247392-1000\User: Group Policy restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3591160918-901661972-950247392-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-3591160918-901661972-950247392-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.ninemsn.com.au/?ocid=iehp
HKU\S-1-5-21-3591160918-901661972-950247392-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
URLSearchHook: HKLM-x32 - (No Name) - {a5ae8924-4036-420f-b7f6-a47e4b8f692e} - No File
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3591160918-901661972-950247392-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll No File
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll No File
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
BHO-x32: Bruowse2saavee -> {6F297D47-2B72-AD67-4423-C7ECAEB5BA8A} -> C:\ProgramData\Bruowse2saavee\514d1b1f71740.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: No Name -> {a5ae8924-4036-420f-b7f6-a47e4b8f692e} ->  No File
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3591160918-901661972-950247392-1000 -> No Name - {A5AE8924-4036-420F-B7F6-A47E4B8F692E} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{1267F5CD-4556-4393-B6E1-8B09D801A455}: [NameServer] 111.118.175.56,118.127.33.48
 
FireFox:
========
FF ProfilePath: C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\r5wa9iy1.default
FF NewTab: hxxp://www.news.net/index.php?referid=130
FF DefaultSearchEngine: Free Lunch Design TB Customized Web Search
FF DefaultSearchEngine,S: 
FF DefaultSearchUrl: 
FF SearchEngineOrder.1: 
FF SearchEngineOrder.1,S: 
FF SelectedSearchEngine: Free Lunch Design TB Customized Web Search
FF SelectedSearchEngine,S: 
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-06-14] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.4.1 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-04-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.4.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-04-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-3591160918-901661972-950247392-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Carol\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-01] (Unity Technologies ApS)
FF Extension: Free Lunch Design TB  - C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\r5wa9iy1.default\Extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e} [2013-12-07]
FF Extension: Adblock Plus - C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\r5wa9iy1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-02-16]
FF Extension: DownThemAll! - C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\r5wa9iy1.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-02-16]
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4
FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack
FF Extension: AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack [2012-05-16]
FF Extension: No Name - C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\r5wa9iy1.default\extensions\[email protected]be5605617.com [Not Found]
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Java™ Platform SE 7 U4) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.40.255) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Carol\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Profile: C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-05]
CHR HKLM-x32\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Program Files (x86)\AVG\AVG2012\Chrome\donottrack.crx [Not Found]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [57344 2011-08-22] () [File not signed]
R2 FastPlayerUpdaterService; C:\Program Files (x86)\FastPlayer\FPUpdaterService.exe [382464 2015-03-24] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-18] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-18] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-18] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-09-15] ()
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-02-10] ()
S3 netr28x; C:\Windows\System32\DRIVERS\Dnetr28x.sys [1885792 2012-12-19] (Ralink Technology, Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-04] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 jmgmnjwc; \??\C:\Windows\system32\drivers\jmgmnjwc.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-02 17:30 - 2015-05-02 17:30 - 02101248 _____ (Farbar) C:\Users\Carol\Downloads\FRST64.exe
2015-05-02 17:30 - 2015-05-02 17:30 - 00017648 _____ () C:\Users\Carol\Downloads\FRST.txt
2015-05-02 17:30 - 2015-05-02 17:30 - 00000000 ____D () C:\FRST
2015-05-01 22:42 - 2015-05-01 22:42 - 00000000 ____D () C:\f57d86652f66db427cedac5627a5
2015-05-01 22:42 - 2015-05-01 22:42 - 00000000 ____D () C:\984f00313b86f54d43
2015-04-30 20:24 - 2015-04-30 20:24 - 00000000 ____D () C:\921e45a3c9bec619a38846
2015-04-30 20:24 - 2015-04-30 20:24 - 00000000 ____D () C:\6251a4d9750a5b5a437e78
2015-04-29 19:51 - 2015-04-29 19:51 - 00000000 ____D () C:\af51c05d4ed67d3ef619f249e2e92f20
2015-04-29 19:51 - 2015-04-29 19:51 - 00000000 ____D () C:\77658a2fb31f5887ade48386f17f0d4e
2015-04-28 20:49 - 2015-04-28 20:49 - 00000000 ____D () C:\3dcb91a02a312559e6a9872ca173
2015-04-28 20:49 - 2015-04-28 20:49 - 00000000 ____D () C:\23d4765be6166a0987fea420
2015-04-27 20:05 - 2015-04-27 20:05 - 00000000 ____D () C:\731e25a4dafa6593b0acb89c
2015-04-27 20:04 - 2015-04-27 20:05 - 00000000 ____D () C:\cf7a832866a3ebd06cab48319146bb58
2015-04-26 21:07 - 2015-04-26 21:07 - 00000000 ____D () C:\e7ef6088c03662a8ce5dedee08e2433d
2015-04-26 20:38 - 2015-04-26 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-26 20:38 - 2015-04-26 20:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-26 20:38 - 2015-04-26 20:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-04-26 14:03 - 2015-04-26 14:03 - 00000000 ____D () C:\Users\Carol\AppData\Local\{B1BFD2F3-88AE-4958-A32A-A71D79648FE6}
2015-04-25 16:21 - 2015-04-25 16:21 - 00000000 ____D () C:\59219c031d7fc826f23b
2015-04-25 16:20 - 2015-04-25 16:21 - 00000000 ____D () C:\4daa0b524c286aa55e2d19dfb21e
2015-04-25 16:10 - 2015-04-26 14:54 - 00114279 _____ () C:\Users\Carol\Documents\Kobis bday movie.wlmp
2015-04-25 13:34 - 2015-04-25 13:35 - 33357365 _____ () C:\Users\Carol\Downloads\Major Lazer & DJ Snake - Lean On (feat. MØ) (Official Lyric Video).mp4
2015-04-25 10:56 - 2015-04-25 10:56 - 00000000 ____D () C:\Users\Carol\AppData\Local\{9FF752F7-389C-4A3E-B669-186E11AA21C9}
2015-04-22 21:10 - 2015-04-22 21:10 - 00000000 ____D () C:\d808a0c628719657ea
2015-04-22 21:10 - 2015-04-22 21:10 - 00000000 ____D () C:\04fb60c4bb9f352cadd841b870
2015-04-21 22:04 - 2015-04-21 22:04 - 00000000 ____D () C:\abc865591078640ac7b68a13
2015-04-21 18:51 - 2015-04-21 18:51 - 00000000 ____D () C:\7b935fbdf45ea42cb0fbf003
2015-04-21 18:50 - 2015-04-21 18:51 - 00000000 ____D () C:\b0357379142702db35
2015-04-20 21:34 - 2015-04-20 21:34 - 00000000 ____D () C:\ef42bb7b9f142ad64fd337dd4e9b2523
2015-04-20 11:49 - 2015-04-20 11:49 - 00000000 ____D () C:\68fddbe3c5e5b95c1d
2015-04-17 22:29 - 2015-04-17 22:29 - 00000000 ____D () C:\4ed2a1eaa2bb72dd0fdc8844f1c02e
2015-04-17 22:29 - 2015-04-17 22:29 - 00000000 ____D () C:\0629bbf10ce6a3dc414a8f8769ae4b
2015-04-15 19:41 - 2015-04-15 19:41 - 00000000 ____D () C:\21cbda4bb5d0aa62ae75
2015-04-15 19:35 - 2015-04-15 19:36 - 00000000 ____D () C:\0242b18f308dd333dafefb
2015-04-15 11:21 - 2015-03-25 13:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 11:21 - 2015-03-25 13:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 11:21 - 2015-03-25 13:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 11:21 - 2015-03-25 13:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 11:21 - 2015-03-25 13:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 11:21 - 2015-03-25 13:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 11:21 - 2015-03-25 13:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 11:21 - 2015-03-25 13:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 11:21 - 2015-03-25 13:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 11:21 - 2015-03-25 13:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 11:21 - 2015-03-25 13:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 11:21 - 2015-03-25 13:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 11:21 - 2015-03-25 13:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 11:21 - 2015-03-25 13:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 11:21 - 2015-03-25 13:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 11:21 - 2015-03-25 13:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 11:21 - 2015-03-23 13:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 11:21 - 2015-03-23 13:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 11:21 - 2015-03-23 13:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 11:21 - 2015-03-23 13:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 11:21 - 2015-03-23 13:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 11:21 - 2015-03-23 13:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 11:21 - 2015-03-23 13:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 11:21 - 2015-03-23 13:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 11:21 - 2015-03-10 13:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 11:21 - 2015-03-10 13:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 11:21 - 2015-03-10 13:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 11:21 - 2015-03-10 13:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 11:21 - 2015-03-05 15:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 11:21 - 2015-03-05 14:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 11:20 - 2015-04-02 10:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 11:20 - 2015-04-02 09:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 11:20 - 2015-03-17 15:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 11:20 - 2015-03-17 15:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 11:20 - 2015-03-17 15:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 11:20 - 2015-03-17 15:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 11:20 - 2015-03-17 15:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 11:20 - 2015-03-17 15:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 11:20 - 2015-03-17 15:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 11:20 - 2015-03-17 15:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 11:20 - 2015-03-17 15:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 11:20 - 2015-03-17 15:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 11:20 - 2015-03-17 15:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 11:20 - 2015-03-17 15:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 11:20 - 2015-03-17 15:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 11:20 - 2015-03-17 15:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 11:20 - 2015-03-17 15:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 15:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 11:20 - 2015-03-17 15:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 11:20 - 2015-03-17 14:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 11:20 - 2015-03-17 14:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 11:20 - 2015-03-17 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 11:20 - 2015-03-17 14:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 11:20 - 2015-03-17 14:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 11:20 - 2015-03-17 14:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 11:20 - 2015-03-17 14:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 11:20 - 2015-03-17 14:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 11:20 - 2015-03-17 14:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 11:20 - 2015-03-17 14:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 11:20 - 2015-03-17 14:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 11:20 - 2015-03-17 14:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 11:20 - 2015-03-17 14:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 11:20 - 2015-03-17 14:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 11:20 - 2015-03-17 14:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 11:20 - 2015-03-17 14:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 11:20 - 2015-03-17 14:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 11:20 - 2015-03-17 14:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 11:20 - 2015-03-17 14:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 13:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 11:20 - 2015-03-17 13:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 11:20 - 2015-03-17 13:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 13:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 13:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:20 - 2015-03-17 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:20 - 2015-03-13 14:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 11:20 - 2015-03-13 14:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 11:20 - 2015-03-13 14:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 11:20 - 2015-03-13 14:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 11:20 - 2015-03-13 14:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 11:20 - 2015-03-13 14:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 11:20 - 2015-03-13 14:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 11:20 - 2015-03-13 14:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 11:20 - 2015-03-13 14:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 11:20 - 2015-03-13 14:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 11:20 - 2015-03-13 13:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 11:20 - 2015-03-13 13:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 11:20 - 2015-03-13 13:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 11:20 - 2015-03-13 13:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 11:20 - 2015-03-13 13:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 11:20 - 2015-03-13 13:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 11:20 - 2015-03-13 13:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 11:20 - 2015-03-13 13:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 11:20 - 2015-03-13 13:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 11:20 - 2015-03-13 13:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 11:20 - 2015-03-13 13:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 11:20 - 2015-03-13 13:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 11:20 - 2015-03-13 13:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 11:20 - 2015-03-13 13:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 11:20 - 2015-03-13 13:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 11:20 - 2015-03-13 13:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 11:20 - 2015-03-13 13:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 11:20 - 2015-03-13 13:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 11:20 - 2015-03-13 13:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 11:20 - 2015-03-13 13:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 11:20 - 2015-03-13 13:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 11:20 - 2015-03-13 13:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 11:20 - 2015-03-13 13:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 11:20 - 2015-03-13 13:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 11:20 - 2015-03-13 13:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 11:20 - 2015-03-13 13:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 11:20 - 2015-03-13 13:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 11:20 - 2015-03-13 13:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 11:20 - 2015-03-13 13:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 11:20 - 2015-03-13 13:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 11:20 - 2015-03-13 13:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 11:20 - 2015-03-13 13:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 11:20 - 2015-03-13 12:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 11:20 - 2015-03-13 12:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 11:20 - 2015-03-13 12:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 11:20 - 2015-03-13 12:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 11:20 - 2015-03-13 12:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 11:20 - 2015-03-13 12:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 11:20 - 2015-03-13 12:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 11:20 - 2015-03-13 12:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 11:20 - 2015-03-13 12:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 11:20 - 2015-03-13 12:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 11:20 - 2015-03-13 12:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 11:20 - 2015-03-13 12:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 11:20 - 2015-03-13 12:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 11:20 - 2015-03-13 12:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 11:20 - 2015-03-04 14:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 11:20 - 2015-03-04 14:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 11:20 - 2015-03-04 14:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 11:20 - 2015-02-25 13:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-07 16:36 - 2015-04-07 16:37 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-07 16:36 - 2015-04-07 16:36 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-07 16:36 - 2015-04-07 16:36 - 00000000 ____D () C:\03104ab33c2e6bace6a14f1f
2015-04-07 12:47 - 2015-04-18 09:56 - 00000000 ____D () C:\ProgramData\{873a30b8-7093-9a03-873a-a30b8709c2e1}
2015-04-07 12:47 - 2015-04-07 12:47 - 00467144 _____ () C:\Users\Carol\Downloads\Redfoo - Juicy Wiggle (Lyric and Dance).exe
2015-04-07 12:46 - 2015-04-07 12:46 - 00000000 ____D () C:\Users\Carol\AppData\Local\Apps\2.0
2015-04-04 19:28 - 2015-04-04 19:28 - 00000000 ____D () C:\0834732e71b78a354c
2015-04-03 14:43 - 2015-04-03 14:43 - 00000000 ____D () C:\154f51a0b370d09d8143d98b284c
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-02 17:16 - 2014-07-30 20:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-02 16:41 - 2014-07-30 20:12 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-02 16:41 - 2014-07-30 20:12 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-02 16:40 - 2012-06-16 14:35 - 00000000 ____D () C:\Users\Carol\AppData\Local\Google
2015-05-02 16:40 - 2012-06-16 14:35 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-02 16:39 - 2009-07-14 14:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-02 16:39 - 2009-07-14 14:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-02 16:36 - 2009-07-14 15:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-02 16:35 - 2012-02-10 12:42 - 01354759 _____ () C:\Windows\WindowsUpdate.log
2015-05-02 16:31 - 2012-02-10 13:11 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-05-02 16:31 - 2012-02-10 12:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-02 16:31 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-02 16:31 - 2009-07-14 14:51 - 00143479 _____ () C:\Windows\setupact.log
2015-05-01 18:01 - 2010-11-21 13:47 - 00211624 _____ () C:\Windows\PFRO.log
2015-04-30 18:50 - 2012-04-25 17:14 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\.minecraft
2015-04-29 16:42 - 2014-07-30 20:12 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-26 14:48 - 2012-02-10 13:49 - 00000000 ____D () C:\Users\Carol\AppData\Local\Windows Live
2015-04-17 11:28 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache
2015-04-17 11:24 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-17 10:28 - 2014-12-18 02:15 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-17 10:28 - 2014-05-06 20:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-17 10:28 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 19:41 - 2013-08-16 21:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 19:37 - 2012-03-03 07:51 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 11:18 - 2014-07-30 20:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 11:17 - 2014-07-30 20:11 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 11:17 - 2014-07-30 20:11 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-07 11:24 - 2014-01-06 07:36 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-07 10:15 - 2012-11-08 17:01 - 00000000 ____D () C:\Users\Carol\Documents\adina
 
==================== Files in the root of some directories =======
 
2014-07-24 18:53 - 2014-07-24 18:53 - 0001192 _____ () C:\Users\Carol\AppData\Roaming\aps.scan.quick.results
2014-07-24 18:53 - 2014-07-24 18:53 - 0002932 _____ () C:\Users\Carol\AppData\Roaming\aps.scan.results
2014-07-24 18:53 - 2014-07-24 18:53 - 0000316 _____ () C:\Users\Carol\AppData\Roaming\aps.uninstall.scan.results
2012-02-15 08:43 - 2012-02-15 08:43 - 0095222 _____ () C:\Users\Carol\AppData\Roaming\Doxillion.dmp
 
Some content of TEMP:
====================
C:\Users\Carol\AppData\Local\Temp\43C4.exe
C:\Users\Carol\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Carol\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe
C:\Users\James\AppData\Local\Temp\nvStInst.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-25 11:58
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by Carol at 2015-05-02 17:30:55
Running from C:\Users\Carol\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3591160918-901661972-950247392-500 - Administrator - Disabled)
Carol (S-1-5-21-3591160918-901661972-950247392-1000 - Administrator - Enabled) => C:\Users\Carol
Guest (S-1-5-21-3591160918-901661972-950247392-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3591160918-901661972-950247392-1010 - Limited - Enabled)
James (S-1-5-21-3591160918-901661972-950247392-1004 - Administrator - Enabled) => C:\Users\James
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe PDF iFilter 9 for 64-bit platforms (HKLM\...\{5EA12CF3-8162-47F6-ACAF-45AD03EFB08F}) (Version: 9.0.0 - Adobe)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Bloggie Software (HKLM-x32\...\BloggieSoftware) (Version: 3.3.1.73 - Sony)
Bloggie Software (x32 Version: 3.3.1.73 - Sony Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
FastPlayer (HKLM-x32\...\FastPlayer) (Version: v1.0.0.11 - SoftForce LLC) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java™ 7 Update 4 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217004FF}) (Version: 7.0.40 - Oracle)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 33.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 en-GB)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.531.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6423 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Smart 6 B11.0824.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Uni-Stat (HKLM-x32\...\{2C0D5586-B96C-404F-96D7-91BE2A304853}) (Version: 4.0 - Avery Dennsion)
Unity Web Player (HKU\S-1-5-21-3591160918-901661972-950247392-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VAFPlayer (HKLM-x32\...\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}) (Version: 1.6.8 - Tuguu SL) <==== ATTENTION
VIO Player version 1.0.1 (HKLM-x32\...\{C8A17598-7F89-41EA-9876-0F89DA0B24F1}_is1) (Version: 1.0.1 - VIO)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
17-04-2015 22:29:07 Windows Update
18-04-2015 09:56:30 Windows Defender Checkpoint
18-04-2015 12:31:23 Windows Update
19-04-2015 20:25:54 Windows Update
20-04-2015 11:48:26 Windows Update
20-04-2015 21:33:36 Windows Update
21-04-2015 18:50:20 Windows Update
21-04-2015 22:03:59 Windows Update
22-04-2015 21:10:13 Windows Update
25-04-2015 16:20:42 Windows Update
26-04-2015 21:06:43 Windows Update
27-04-2015 20:04:23 Windows Update
28-04-2015 20:48:54 Windows Update
29-04-2015 19:50:57 Windows Update
30-04-2015 20:24:00 Windows Update
01-05-2015 22:41:52 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 12:34 - 2014-12-16 12:51 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {06BD2710-1D47-4DD1-BE25-5BE8C00E0682} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-3 No Task File <==== ATTENTION
Task: {0E3B203C-EF1E-49E1-822D-D2E89464809A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {146EEE3A-E0A5-40FA-A169-58CFE7423B02} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-1 No Task File <==== ATTENTION
Task: {1C66AF32-C379-4A7B-8456-BE08CE3D87BC} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-4 No Task File <==== ATTENTION
Task: {21E8D46D-75EA-4650-9453-E38FEA2FEE67} - System32\Tasks\{D5590380-BB80-44FA-8258-9367CDFE0BFC} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/113900
Task: {3C5EC24D-609A-4CE3-9EED-18E4872CFAA7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3D04B37C-F930-46C7-8C56-67C591DE8766} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {49D58B38-4997-4A93-B682-EBEBC319D59E} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {4CD61D61-9AAB-433C-867A-B0F97C4C9BB3} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {5780AF66-CF83-4248-B342-059496E7989D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-30] (Google Inc.)
Task: {71C02812-3E16-4D01-9CD8-52EA3829A437} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-5 No Task File <==== ATTENTION
Task: {8C785076-E57E-43D2-92C5-29DAE404BD06} - System32\Tasks\ParetoLogic Update Version3_triggeronce => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe
Task: {92F75FA2-082E-4BF5-8D3D-D3B67718C624} - System32\Tasks\{8BA3EEB2-7288-4412-B805-96F8727AAC0E} => pcalua.exe -a C:\Users\James\AppData\Roaming\webssearches\UninstallManager.exe -c  -ptid=tugs <==== ATTENTION
Task: {972724E4-447D-4EA5-A25A-7A86CDFC8D5C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AEEBCD4C-A7DF-4698-A044-EBD989892F2F} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {AF464D88-CC5F-4AF8-B3D0-A18657097839} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B8AC961D-F09E-4C6A-AD8C-7B08A9DE5E2D} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-2 No Task File <==== ATTENTION
Task: {BA0E3111-CD17-44B5-B6AE-884D145B885B} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-18] ()
Task: {CB84CF0F-DF21-4736-AD79-6734E934ECA6} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {D122BE80-2055-4F56-920A-63E61137AF22} - \ASP No Task File <==== ATTENTION
Task: {D476D96E-9A37-47AF-B65F-C4B907F77161} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-30] (Google Inc.)
Task: {D8BCA465-685D-47D6-9F7E-8F6E0008D3E9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {DBD19F11-49A0-4AF3-8635-5EE64EA9CFF1} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-11 No Task File <==== ATTENTION
Task: {F440EB41-D288-4DA4-8AF1-678ED91A6A3E} - System32\Tasks\4677 => Wscript.exe C:\Users\James\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {F71B0664-29EB-444F-AE86-6BF1205DA225} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-5_user No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2012-11-18 17:42 - 2014-11-13 07:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-02-10 13:06 - 2011-08-22 14:26 - 00057344 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
2015-03-24 19:43 - 2015-03-24 19:43 - 00382464 _____ () C:\Program Files (x86)\FastPlayer\FPUpdaterService.exe
2012-09-15 16:59 - 2012-09-15 17:28 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-01-03 00:42 - 2010-01-03 00:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-02-04 02:18 - 2015-02-04 02:18 - 00134656 _____ () C:\Program Files (x86)\FastPlayer\OtherBrowser.exe
2014-10-11 12:06 - 2014-10-11 12:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-10 13:06 - 2009-05-04 16:56 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\ycc.dll
2012-01-08 23:41 - 2012-01-08 23:41 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-04-29 16:42 - 2015-04-28 12:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-29 16:42 - 2015-04-28 12:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-04-29 16:42 - 2015-04-28 12:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3591160918-901661972-950247392-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 111.118.175.56 - 118.127.33.48
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
 
==================== FirewallRules (whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [TCP Query User{9258F95C-A408-4142-B8AE-AE6439B74DA5}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [UDP Query User{5E59D1A4-5C8E-4538-B85C-345963053855}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [{4D580550-A9A6-4E9D-B44F-7B858895EB6A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{14429002-2D65-4DE5-AD79-30A143D66102}] => (Allow) LPort=2869
FirewallRules: [{8DD86304-43EA-4694-BCDB-7FD1A405138F}] => (Allow) LPort=1900
FirewallRules: [{F6E20282-4CF4-402F-B6F5-278030D2A6F4}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{9170361A-B38B-4F4F-8087-4EA3AD6C8FAF}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [TCP Query User{FFDFF61F-42C9-4E5C-AC5D-DB2FF79E42F4}C:\program files (x86)\steam\steamapps\epictas10\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\epictas10\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{43DEB30F-E915-4CF5-9002-98868A92980F}C:\program files (x86)\steam\steamapps\epictas10\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\epictas10\team fortress 2\hl2.exe
FirewallRules: [TCP Query User{3CAA7A1B-7434-413D-8E23-869AAD9BFA2C}C:\program files (x86)\yworks\yed\yed.exe] => (Allow) C:\program files (x86)\yworks\yed\yed.exe
FirewallRules: [UDP Query User{4A165447-A214-466D-9DFB-7D3F57A0D582}C:\program files (x86)\yworks\yed\yed.exe] => (Allow) C:\program files (x86)\yworks\yed\yed.exe
FirewallRules: [{A2D3EB15-F05A-4EBA-A56B-021D39D3C586}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\magicka\Magicka.exe
FirewallRules: [{5F3F2C62-E59F-482D-B552-263009DC2A3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\magicka\Magicka.exe
FirewallRules: [{6912FF34-3CDA-41BA-82B8-B4B54C3073F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\gotham city impostors\Engine.exe
FirewallRules: [{A22BF31A-5BA2-4C81-B3A2-56621683862D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\gotham city impostors\Engine.exe
FirewallRules: [TCP Query User{BD3902B1-BF45-4820-8F87-143A842C8636}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{30E20469-D238-48F2-9BE1-CBDA41E3C3BB}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [TCP Query User{4FF52B39-0761-4AE6-A762-C49B5DF97329}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{4054916D-7899-415A-AC28-0757C8ACEF79}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{F59146D1-8F78-4A92-86F9-1F21F23507F5}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{FAAE8753-C6F8-4F8B-A02A-0984083B78C4}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{BF777991-A792-4C3D-9CB0-00D6FED0E797}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CC21F787-4B7C-4C56-906C-C8CEBF77310E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{7B91E786-51B9-4CBC-9696-0B2D921070F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wargame European Escalation Trailer\smp.exe
FirewallRules: [{4BA2CAF6-5C8C-4414-AC7E-D169BDD184BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wargame European Escalation Trailer\smp.exe
FirewallRules: [{0F6210E7-0380-4655-95D3-4705C7AAE3A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wargame European Escalation Steam Trailer\smp.exe
FirewallRules: [{CE8A2F7E-6371-491D-AB8F-2C9B7529E27B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wargame European Escalation Steam Trailer\smp.exe
FirewallRules: [{72A5DC08-7F09-4536-82A7-872FA9A00C56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tribes\Binaries\Win32\HirezBridge.exe
FirewallRules: [{862BA387-55D7-4128-BEF2-23A8D73D37B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tribes\Binaries\Win32\HirezBridge.exe
FirewallRules: [{B47B500B-58A0-4AFA-98CC-69A9CDF97AA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{0849AB6F-7DF6-496F-9AE0-A5A6AC60C2A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [TCP Query User{4E89BDCF-19AF-4563-98BD-9B16646748FF}C:\program files (x86)\steam\steamapps\common\crimecraft\binaries\crimecraft.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\crimecraft\binaries\crimecraft.exe
FirewallRules: [UDP Query User{985B0AA2-0D4A-4FEE-8E8A-120A7C8EEF3E}C:\program files (x86)\steam\steamapps\common\crimecraft\binaries\crimecraft.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\crimecraft\binaries\crimecraft.exe
FirewallRules: [{31B37175-8DBB-49A9-B600-15B9030A991F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DADB5FE8-7134-436E-97CB-FF085B282E95}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{59552991-608D-4DE8-9F20-A5BDF25BB109}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9E45E40C-F7E8-4205-87C3-83FDC4A73DDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{23088588-F492-4D02-88A2-A85987D97371}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{FD84288E-4A9E-4388-AC07-A83D645D950C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\crimecraft\SteamLauncher.exe
FirewallRules: [{4F6BF286-0F82-425A-A554-D21094A6E3EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\crimecraft\SteamLauncher.exe
FirewallRules: [{A63E967D-2B81-4F55-A313-1154AE97D9A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\world of battles\release\launcher.exe
FirewallRules: [{7F91F784-73BC-42C9-922A-995FC49A62E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\world of battles\release\launcher.exe
FirewallRules: [TCP Query User{D6B6B9B1-6744-46B9-AA3C-987E7C6F1FD0}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{1210EC1E-7929-46AD-B53F-7848FA023492}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{AEF02FDC-C71F-4C4D-9A21-7B49FE254D3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Combat Arms\calauncher.exe
FirewallRules: [{3A6CA6D2-483D-46FB-B3A2-FE4ADC624873}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Combat Arms\calauncher.exe
FirewallRules: [TCP Query User{84BF4581-391F-4842-A208-70ED8F2C2E96}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{25F3BE97-8650-4A85-A746-59036AF15A1D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{E404B646-C483-4069-8DC0-38B31C2AEAE1}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{88E4FFB6-F246-4787-A2EB-26C28E577559}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{5F4BC986-6D6B-4215-A8BB-7E55981138DE}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{20DF95F7-C386-4104-9FDA-01CDFF06AE0F}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{6C503274-758E-4C31-98AC-1516C8A18A8F}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{010CE73C-2887-4848-8F8D-D6EF651A172C}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{0C8B7E04-2585-4029-8325-F2804DA4B01E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E86F68EF-50F8-4A17-8C98-AC848F87F1BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{583440BB-B7B3-432C-9B90-CF8778B7E68F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2284D384-432D-4025-8119-DB0D3FF29CF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{81830E5B-5F61-4FDC-8020-FEABD5B1E408}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5BFC482B-B684-4F4F-B2F6-A61D674DA023}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5962FAF7-83DD-4AF0-8EFC-40E266B3BE48}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C7B1C7DF-E5F0-44DD-A879-140B7B99A14C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D69DE80E-BFF1-4716-AFB2-4DF272F35F48}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8C3E42FD-E53A-4C7E-98BE-D45C813C4D46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E6F08356-47D8-4CC1-A2F3-5D115A605DE5}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{B8FC0F77-726A-4596-83D8-DD3E33671FB8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{784CF343-DD61-4408-854C-D5DBE5406A7B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{205EE884-DFDC-4929-85B3-A0D5612CEB50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5F4E779D-BE1D-4ED1-80F0-4394238085E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C7CD83B0-24AF-4D0E-86C5-6FB659FF1AE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B36DD21A-A653-489C-AB77-0D80624F4834}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C939523E-EDA5-486F-A286-228492171F83}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: D-Link DWA-548 Wireless N PCIe Desktop Adapter
Description: D-Link DWA-548 Wireless N PCIe Desktop Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: D-Link Corporation
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/01/2015 10:42:32 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.
 
Error: (05/01/2015 10:42:17 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.
 
Error: (04/30/2015 08:24:51 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.
 
Error: (04/30/2015 08:24:43 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.
 
Error: (04/29/2015 07:51:33 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.
 
Error: (04/29/2015 07:51:21 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.
 
Error: (04/28/2015 08:49:40 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.
 
Error: (04/28/2015 08:49:28 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.
 
Error: (04/27/2015 08:05:10 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.
 
Error: (04/27/2015 08:05:00 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.
 
 
System errors:
=============
Error: (05/01/2015 10:42:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB3037581).
 
Error: (05/01/2015 10:42:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB2978128).
 
Error: (04/30/2015 08:24:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB3037581).
 
Error: (04/30/2015 08:24:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB2978128).
 
Error: (04/29/2015 07:51:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB3037581).
 
Error: (04/29/2015 07:51:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB2978128).
 
Error: (04/28/2015 08:49:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB3037581).
 
Error: (04/28/2015 08:49:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB2978128).
 
Error: (04/27/2015 08:05:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB3037581).
 
Error: (04/27/2015 08:05:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB2978128).
 
 
Microsoft Office Sessions:
=========================
Error: (05/01/2015 10:42:32 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (05/01/2015 10:42:17 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/30/2015 08:24:51 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/30/2015 08:24:43 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/29/2015 07:51:33 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/29/2015 07:51:21 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/28/2015 08:49:40 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/28/2015 08:49:28 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/27/2015 08:05:10 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/27/2015 08:05:00 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Internal MSI error. Installer terminated prematurely.(NULL)(NULL)(NULL)(NULL)(NULL)
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-11-28 15:59:43.456
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-28 15:59:43.418
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-26 07:53:07.732
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-26 07:53:07.712
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-26 07:51:03.180
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-26 07:51:03.118
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-25 18:22:33.377
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-25 18:22:33.347
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-25 18:22:17.317
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-25 18:22:17.287
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2500 CPU @ 3.30GHz
Percentage of memory in use: 42%
Total physical RAM: 4013.12 MB
Available physical RAM: 2312.77 MB
Total Pagefile: 8024.43 MB
Available Pagefile: 6050.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:838.84 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3704ACF9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you let me know what problems you are experiencing after this

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserFastPlayer.lnk [2015-01-23]
ShortcutTarget: WebBrowserFastPlayer.lnk -> C:\Program Files (x86)\FastPlayer\OtherBrowser.exe ()
GroupPolicyUsers\S-1-5-21-3591160918-901661972-950247392-1000\User: Group Policy restriction detected <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3591160918-901661972-950247392-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKLM-x32 - (No Name) - {a5ae8924-4036-420f-b7f6-a47e4b8f692e} - No File
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll No File
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO-x32: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll No File
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
BHO-x32: Bruowse2saavee -> {6F297D47-2B72-AD67-4423-C7ECAEB5BA8A} -> C:\ProgramData\Bruowse2saavee\514d1b1f71740.dll No File
BHO-x32: No Name -> {a5ae8924-4036-420f-b7f6-a47e4b8f692e} -> No File
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3591160918-901661972-950247392-1000 -> No Name - {A5AE8924-4036-420F-B7F6-A47E4B8F692E} - No File
FF DefaultSearchEngine: Free Lunch Design TB Customized Web Search
FF DefaultSearchEngine,S:
FF DefaultSearchUrl:
FF SearchEngineOrder.1:
FF SearchEngineOrder.1,S:
FF SelectedSearchEngine: Free Lunch Design TB Customized Web Search
FF SelectedSearchEngine,S:
FF Extension: Free Lunch Design TB - C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\r5wa9iy1.default\Extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e} [2013-12-07]
FF Extension: No Name - C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\r5wa9iy1.default\extensions\[email protected]be5605617.com [Not Found]
R2 FastPlayerUpdaterService; C:\Program Files (x86)\FastPlayer\FPUpdaterService.exe [382464 2015-03-24] () [File not signed]
S1 jmgmnjwc; \??\C:\Windows\system32\drivers\jmgmnjwc.sys [X]
2015-05-01 22:42 - 2015-05-01 22:42 - 00000000 ____D () C:\f57d86652f66db427cedac5627a5
2015-05-01 22:42 - 2015-05-01 22:42 - 00000000 ____D () C:\984f00313b86f54d43
2015-04-30 20:24 - 2015-04-30 20:24 - 00000000 ____D () C:\921e45a3c9bec619a38846
2015-04-30 20:24 - 2015-04-30 20:24 - 00000000 ____D () C:\6251a4d9750a5b5a437e78
2015-04-29 19:51 - 2015-04-29 19:51 - 00000000 ____D () C:\af51c05d4ed67d3ef619f249e2e92f20
2015-04-29 19:51 - 2015-04-29 19:51 - 00000000 ____D () C:\77658a2fb31f5887ade48386f17f0d4e
2015-04-28 20:49 - 2015-04-28 20:49 - 00000000 ____D () C:\3dcb91a02a312559e6a9872ca173
2015-04-28 20:49 - 2015-04-28 20:49 - 00000000 ____D () C:\23d4765be6166a0987fea420
2015-04-27 20:05 - 2015-04-27 20:05 - 00000000 ____D () C:\731e25a4dafa6593b0acb89c
2015-04-27 20:04 - 2015-04-27 20:05 - 00000000 ____D () C:\cf7a832866a3ebd06cab48319146bb58
2015-04-26 21:07 - 2015-04-26 21:07 - 00000000 ____D () C:\e7ef6088c03662a8ce5dedee08e2433d
2015-04-26 14:03 - 2015-04-26 14:03 - 00000000 ____D () C:\Users\Carol\AppData\Local\{B1BFD2F3-88AE-4958-A32A-A71D79648FE6}
2015-04-25 16:21 - 2015-04-25 16:21 - 00000000 ____D () C:\59219c031d7fc826f23b
2015-04-25 16:20 - 2015-04-25 16:21 - 00000000 ____D () C:\4daa0b524c286aa55e2d19dfb21e
2015-04-25 10:56 - 2015-04-25 10:56 - 00000000 ____D () C:\Users\Carol\AppData\Local\{9FF752F7-389C-4A3E-B669-186E11AA21C9}
2015-04-22 21:10 - 2015-04-22 21:10 - 00000000 ____D () C:\d808a0c628719657ea
2015-04-22 21:10 - 2015-04-22 21:10 - 00000000 ____D () C:\04fb60c4bb9f352cadd841b870
2015-04-21 22:04 - 2015-04-21 22:04 - 00000000 ____D () C:\abc865591078640ac7b68a13
2015-04-21 18:51 - 2015-04-21 18:51 - 00000000 ____D () C:\7b935fbdf45ea42cb0fbf003
2015-04-21 18:50 - 2015-04-21 18:51 - 00000000 ____D () C:\b0357379142702db35
2015-04-20 21:34 - 2015-04-20 21:34 - 00000000 ____D () C:\ef42bb7b9f142ad64fd337dd4e9b2523
2015-04-20 11:49 - 2015-04-20 11:49 - 00000000 ____D () C:\68fddbe3c5e5b95c1d
2015-04-17 22:29 - 2015-04-17 22:29 - 00000000 ____D () C:\4ed2a1eaa2bb72dd0fdc8844f1c02e
2015-04-17 22:29 - 2015-04-17 22:29 - 00000000 ____D () C:\0629bbf10ce6a3dc414a8f8769ae4b
2015-04-15 19:41 - 2015-04-15 19:41 - 00000000 ____D () C:\21cbda4bb5d0aa62ae75
2015-04-15 19:35 - 2015-04-15 19:36 - 00000000 ____D () C:\0242b18f308dd333dafefb
2015-04-07 16:36 - 2015-04-07 16:36 - 00000000 ____D () C:\03104ab33c2e6bace6a14f1f
2015-04-07 12:47 - 2015-04-18 09:56 - 00000000 ____D () C:\ProgramData\{873a30b8-7093-9a03-873a-a30b8709c2e1}
2015-04-07 12:47 - 2015-04-07 12:47 - 00467144 _____ () C:\Users\Carol\Downloads\Redfoo - Juicy Wiggle (Lyric and Dance).exe
2015-04-04 19:28 - 2015-04-04 19:28 - 00000000 ____D () C:\0834732e71b78a354c
2015-04-03 14:43 - 2015-04-03 14:43 - 00000000 ____D () C:\154f51a0b370d09d8143d98b284c
Task: {06BD2710-1D47-4DD1-BE25-5BE8C00E0682} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-3 No Task File <==== ATTENTION
Task: {146EEE3A-E0A5-40FA-A169-58CFE7423B02} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-1 No Task File <==== ATTENTION
Task: {1C66AF32-C379-4A7B-8456-BE08CE3D87BC} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-4 No Task File <==== ATTENTION
Task: {3D04B37C-F930-46C7-8C56-67C591DE8766} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {49D58B38-4997-4A93-B682-EBEBC319D59E} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {4CD61D61-9AAB-433C-867A-B0F97C4C9BB3} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {71C02812-3E16-4D01-9CD8-52EA3829A437} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-5 No Task File <==== ATTENTION
Task: {92F75FA2-082E-4BF5-8D3D-D3B67718C624} - System32\Tasks\{8BA3EEB2-7288-4412-B805-96F8727AAC0E} => pcalua.exe -a C:\Users\James\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=tugs <==== ATTENTION
Task: {AF464D88-CC5F-4AF8-B3D0-A18657097839} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B8AC961D-F09E-4C6A-AD8C-7B08A9DE5E2D} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-2 No Task File <==== ATTENTION
Task: {D122BE80-2055-4F56-920A-63E61137AF22} - \ASP No Task File <==== ATTENTION
Task: {DBD19F11-49A0-4AF3-8635-5EE64EA9CFF1} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-11 No Task File <==== ATTENTION
Task: {F440EB41-D288-4DA4-8AF1-678ED91A6A3E} - System32\Tasks\4677 => Wscript.exe C:\Users\James\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {F71B0664-29EB-444F-AE86-6BF1205DA225} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-5_user No Task File <==== ATTENTION
C:\ProgramData\Bruowse2saavee
C:\Windows\system32\drivers\jmgmnjwc.sys
C:\Program Files (x86)\AnyProtectEx
C:\Users\James\AppData\Roaming\webssearches
C:\Program Files (x86)\FastPlayer
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
awesomesauce

awesomesauce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

Hi Essexboy, 

 

Thank you for your help. The problem has been fixed internally, so we can close this topic.

 

Have a great day!

 

awesomesauce


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP