Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Unwanted pop ups advertising at random times [Solved]

Started by awesomesauce , May 02 2015 01:38 AM

This topic is locked

#1
awesomesauce

Posted 02 May 2015 - 01:38 AM

Member

Member
21 posts

Hi there,

Pop ups keep coming up for different things. We think they have come from free movie websites.

Please help. Thanks.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015

Ran by Carol (administrator) on CAROL-PC on 02-05-2015 17:30:20

Running from C:\Users\Carol\Downloads

Loaded Profiles: Carol (Available profiles: Carol & James)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe

() C:\Program Files (x86)\FastPlayer\FPUpdaterService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Sony Corporation) C:\Program Files (x86)\Sony\Bloggie Software\BGVolumeWatcher.exe

() C:\Program Files (x86)\FastPlayer\OtherBrowser.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION

HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION

HKU\S-1-5-21-3591160918-901661972-950247392-1000\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-3591160918-901661972-950247392-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bloggie Watcher Utility.lnk [2012-08-29]

ShortcutTarget: Bloggie Watcher Utility.lnk -> C:\Program Files (x86)\Sony\Bloggie Software\BGVolumeWatcher.exe (Sony Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserFastPlayer.lnk [2015-01-23]

ShortcutTarget: WebBrowserFastPlayer.lnk -> C:\Program Files (x86)\FastPlayer\OtherBrowser.exe ()

SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - webcheck.dll (Microsoft Corporation)

SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - webcheck.dll (Microsoft Corporation)

GroupPolicyUsers\S-1-5-21-3591160918-901661972-950247392-1000\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-3591160918-901661972-950247392-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch

HKU\S-1-5-21-3591160918-901661972-950247392-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.ninemsn.com.au/?ocid=iehp

HKU\S-1-5-21-3591160918-901661972-950247392-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE

URLSearchHook: HKLM-x32 - (No Name) - {a5ae8924-4036-420f-b7f6-a47e4b8f692e} - No File

SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}

SearchScopes: HKU\S-1-5-21-3591160918-901661972-950247392-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =

BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll No File

BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File

BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO-x32: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll No File

BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File

BHO-x32: Bruowse2saavee -> {6F297D47-2B72-AD67-4423-C7ECAEB5BA8A} -> C:\ProgramData\Bruowse2saavee\514d1b1f71740.dll No File

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO-x32: No Name -> {a5ae8924-4036-420f-b7f6-a47e4b8f692e} -> No File

Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)

Toolbar: HKU\S-1-5-21-3591160918-901661972-950247392-1000 -> No Name - {A5AE8924-4036-420F-B7F6-A47E4B8F692E} - No File

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip\..\Interfaces\{1267F5CD-4556-4393-B6E1-8B09D801A455}: [NameServer] 111.118.175.56,118.127.33.48

FireFox:

========

FF ProfilePath: C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\r5wa9iy1.default

FF NewTab: hxxp://www.news.net/index.php?referid=130

FF DefaultSearchEngine: Free Lunch Design TB Customized Web Search

FF DefaultSearchEngine,S:

FF DefaultSearchUrl:

FF SearchEngineOrder.1:

FF SearchEngineOrder.1,S:

FF SelectedSearchEngine: Free Lunch Design TB Customized Web Search

FF SelectedSearchEngine,S:

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-06-14] (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()

FF Plugin-x32: @java.com/DTPlugin,version=10.4.1 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-04-04] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File

FF Plugin-x32: @java.com/JavaPlugin,version=10.4.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-04-04] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-13] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-13] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)

FF Plugin HKU\S-1-5-21-3591160918-901661972-950247392-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Carol\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-01] (Unity Technologies ApS)

FF Extension: Free Lunch Design TB - C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\r5wa9iy1.default\Extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e} [2013-12-07]

FF Extension: Adblock Plus - C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\r5wa9iy1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-02-16]

FF Extension: DownThemAll! - C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\r5wa9iy1.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-02-16]

FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4

FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack

FF Extension: AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack [2012-05-16]

FF Extension: No Name - C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\r5wa9iy1.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com [Not Found]

Chrome:

=======

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File

CHR Plugin: (AVG Internet Security) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\plugins/avgnpss.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

CHR Plugin: (Java™ Platform SE 7 U4) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Java Deployment Toolkit 7.0.40.255) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Unity Player) - C:\Users\Carol\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

CHR Profile: C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Bookmark Manager) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]

CHR Extension: (Google Wallet) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-05]

CHR HKLM-x32\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Program Files (x86)\AVG\AVG2012\Chrome\donottrack.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()

R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [57344 2011-08-22] () [File not signed]

R2 FastPlayerUpdaterService; C:\Program Files (x86)\FastPlayer\FPUpdaterService.exe [382464 2015-03-24] () [File not signed]

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-18] (NVIDIA Corporation)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-18] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-18] (NVIDIA Corporation)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-09-15] ()

R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-02-10] ()

S3 netr28x; C:\Windows\System32\DRIVERS\Dnetr28x.sys [1885792 2012-12-19] (Ralink Technology, Corp.)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-18] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-04] (NVIDIA Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S1 jmgmnjwc; \??\C:\Windows\system32\drivers\jmgmnjwc.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-02 17:30 - 2015-05-02 17:30 - 02101248 _____ (Farbar) C:\Users\Carol\Downloads\FRST64.exe

2015-05-02 17:30 - 2015-05-02 17:30 - 00017648 _____ () C:\Users\Carol\Downloads\FRST.txt

2015-05-02 17:30 - 2015-05-02 17:30 - 00000000 ____D () C:\FRST

2015-05-01 22:42 - 2015-05-01 22:42 - 00000000 ____D () C:\f57d86652f66db427cedac5627a5

2015-05-01 22:42 - 2015-05-01 22:42 - 00000000 ____D () C:\984f00313b86f54d43

2015-04-30 20:24 - 2015-04-30 20:24 - 00000000 ____D () C:\921e45a3c9bec619a38846

2015-04-30 20:24 - 2015-04-30 20:24 - 00000000 ____D () C:\6251a4d9750a5b5a437e78

2015-04-29 19:51 - 2015-04-29 19:51 - 00000000 ____D () C:\af51c05d4ed67d3ef619f249e2e92f20

2015-04-29 19:51 - 2015-04-29 19:51 - 00000000 ____D () C:\77658a2fb31f5887ade48386f17f0d4e

2015-04-28 20:49 - 2015-04-28 20:49 - 00000000 ____D () C:\3dcb91a02a312559e6a9872ca173

2015-04-28 20:49 - 2015-04-28 20:49 - 00000000 ____D () C:\23d4765be6166a0987fea420

2015-04-27 20:05 - 2015-04-27 20:05 - 00000000 ____D () C:\731e25a4dafa6593b0acb89c

2015-04-27 20:04 - 2015-04-27 20:05 - 00000000 ____D () C:\cf7a832866a3ebd06cab48319146bb58

2015-04-26 21:07 - 2015-04-26 21:07 - 00000000 ____D () C:\e7ef6088c03662a8ce5dedee08e2433d

2015-04-26 20:38 - 2015-04-26 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-04-26 20:38 - 2015-04-26 20:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2015-04-26 20:38 - 2015-04-26 20:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2015-04-26 14:03 - 2015-04-26 14:03 - 00000000 ____D () C:\Users\Carol\AppData\Local\{B1BFD2F3-88AE-4958-A32A-A71D79648FE6}

2015-04-25 16:21 - 2015-04-25 16:21 - 00000000 ____D () C:\59219c031d7fc826f23b

2015-04-25 16:20 - 2015-04-25 16:21 - 00000000 ____D () C:\4daa0b524c286aa55e2d19dfb21e

2015-04-25 16:10 - 2015-04-26 14:54 - 00114279 _____ () C:\Users\Carol\Documents\Kobis bday movie.wlmp

2015-04-25 13:34 - 2015-04-25 13:35 - 33357365 _____ () C:\Users\Carol\Downloads\Major Lazer & DJ Snake - Lean On (feat. MØ) (Official Lyric Video).mp4

2015-04-25 10:56 - 2015-04-25 10:56 - 00000000 ____D () C:\Users\Carol\AppData\Local\{9FF752F7-389C-4A3E-B669-186E11AA21C9}

2015-04-22 21:10 - 2015-04-22 21:10 - 00000000 ____D () C:\d808a0c628719657ea

2015-04-22 21:10 - 2015-04-22 21:10 - 00000000 ____D () C:\04fb60c4bb9f352cadd841b870

2015-04-21 22:04 - 2015-04-21 22:04 - 00000000 ____D () C:\abc865591078640ac7b68a13

2015-04-21 18:51 - 2015-04-21 18:51 - 00000000 ____D () C:\7b935fbdf45ea42cb0fbf003

2015-04-21 18:50 - 2015-04-21 18:51 - 00000000 ____D () C:\b0357379142702db35

2015-04-20 21:34 - 2015-04-20 21:34 - 00000000 ____D () C:\ef42bb7b9f142ad64fd337dd4e9b2523

2015-04-20 11:49 - 2015-04-20 11:49 - 00000000 ____D () C:\68fddbe3c5e5b95c1d

2015-04-17 22:29 - 2015-04-17 22:29 - 00000000 ____D () C:\4ed2a1eaa2bb72dd0fdc8844f1c02e

2015-04-17 22:29 - 2015-04-17 22:29 - 00000000 ____D () C:\0629bbf10ce6a3dc414a8f8769ae4b

2015-04-15 19:41 - 2015-04-15 19:41 - 00000000 ____D () C:\21cbda4bb5d0aa62ae75

2015-04-15 19:35 - 2015-04-15 19:36 - 00000000 ____D () C:\0242b18f308dd333dafefb

2015-04-15 11:21 - 2015-03-25 13:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-04-15 11:21 - 2015-03-25 13:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-04-15 11:21 - 2015-03-25 13:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-04-15 11:21 - 2015-03-25 13:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-04-15 11:21 - 2015-03-25 13:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-04-15 11:21 - 2015-03-25 13:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-04-15 11:21 - 2015-03-25 13:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-04-15 11:21 - 2015-03-25 13:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-04-15 11:21 - 2015-03-25 13:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-04-15 11:21 - 2015-03-25 13:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-04-15 11:21 - 2015-03-25 13:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-04-15 11:21 - 2015-03-25 13:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-04-15 11:21 - 2015-03-25 13:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-04-15 11:21 - 2015-03-25 13:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-04-15 11:21 - 2015-03-25 13:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-04-15 11:21 - 2015-03-25 13:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-04-15 11:21 - 2015-03-23 13:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-04-15 11:21 - 2015-03-23 13:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-04-15 11:21 - 2015-03-23 13:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-04-15 11:21 - 2015-03-23 13:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-04-15 11:21 - 2015-03-23 13:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-04-15 11:21 - 2015-03-23 13:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2015-04-15 11:21 - 2015-03-23 13:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-04-15 11:21 - 2015-03-23 13:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-04-15 11:21 - 2015-03-10 13:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2015-04-15 11:21 - 2015-03-10 13:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2015-04-15 11:21 - 2015-03-10 13:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2015-04-15 11:21 - 2015-03-10 13:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2015-04-15 11:21 - 2015-03-05 15:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2015-04-15 11:21 - 2015-03-05 14:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2015-04-15 11:20 - 2015-04-02 10:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-04-15 11:20 - 2015-04-02 09:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-04-15 11:20 - 2015-03-17 15:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-04-15 11:20 - 2015-03-17 15:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-04-15 11:20 - 2015-03-17 15:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-04-15 11:20 - 2015-03-17 15:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2015-04-15 11:20 - 2015-03-17 15:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2015-04-15 11:20 - 2015-03-17 15:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2015-04-15 11:20 - 2015-03-17 15:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-04-15 11:20 - 2015-03-17 15:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2015-04-15 11:20 - 2015-03-17 15:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-04-15 11:20 - 2015-03-17 15:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2015-04-15 11:20 - 2015-03-17 15:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2015-04-15 11:20 - 2015-03-17 15:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-04-15 11:20 - 2015-03-17 15:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-04-15 11:20 - 2015-03-17 15:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-04-15 11:20 - 2015-03-17 15:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 15:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-04-15 11:20 - 2015-03-17 15:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-04-15 11:20 - 2015-03-17 14:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2015-04-15 11:20 - 2015-03-17 14:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-04-15 11:20 - 2015-03-17 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-04-15 11:20 - 2015-03-17 14:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-04-15 11:20 - 2015-03-17 14:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-04-15 11:20 - 2015-03-17 14:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-04-15 11:20 - 2015-03-17 14:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-04-15 11:20 - 2015-03-17 14:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-04-15 11:20 - 2015-03-17 14:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-04-15 11:20 - 2015-03-17 14:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2015-04-15 11:20 - 2015-03-17 14:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2015-04-15 11:20 - 2015-03-17 14:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2015-04-15 11:20 - 2015-03-17 14:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-04-15 11:20 - 2015-03-17 14:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-04-15 11:20 - 2015-03-17 14:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2015-04-15 11:20 - 2015-03-17 14:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-04-15 11:20 - 2015-03-17 14:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2015-04-15 11:20 - 2015-03-17 14:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-04-15 11:20 - 2015-03-17 14:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 13:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2015-04-15 11:20 - 2015-03-17 13:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2015-04-15 11:20 - 2015-03-17 13:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 13:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 13:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2015-04-15 11:20 - 2015-03-17 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2015-04-15 11:20 - 2015-03-13 14:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-04-15 11:20 - 2015-03-13 14:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-04-15 11:20 - 2015-03-13 14:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-04-15 11:20 - 2015-03-13 14:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-04-15 11:20 - 2015-03-13 14:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-04-15 11:20 - 2015-03-13 14:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-04-15 11:20 - 2015-03-13 14:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-04-15 11:20 - 2015-03-13 14:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-04-15 11:20 - 2015-03-13 14:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-04-15 11:20 - 2015-03-13 14:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-04-15 11:20 - 2015-03-13 13:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-04-15 11:20 - 2015-03-13 13:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-04-15 11:20 - 2015-03-13 13:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-04-15 11:20 - 2015-03-13 13:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-04-15 11:20 - 2015-03-13 13:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-04-15 11:20 - 2015-03-13 13:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-04-15 11:20 - 2015-03-13 13:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-04-15 11:20 - 2015-03-13 13:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-04-15 11:20 - 2015-03-13 13:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-04-15 11:20 - 2015-03-13 13:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-04-15 11:20 - 2015-03-13 13:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-04-15 11:20 - 2015-03-13 13:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-04-15 11:20 - 2015-03-13 13:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-04-15 11:20 - 2015-03-13 13:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-04-15 11:20 - 2015-03-13 13:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-04-15 11:20 - 2015-03-13 13:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-04-15 11:20 - 2015-03-13 13:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-04-15 11:20 - 2015-03-13 13:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-04-15 11:20 - 2015-03-13 13:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-04-15 11:20 - 2015-03-13 13:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-04-15 11:20 - 2015-03-13 13:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-04-15 11:20 - 2015-03-13 13:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-04-15 11:20 - 2015-03-13 13:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-04-15 11:20 - 2015-03-13 13:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-04-15 11:20 - 2015-03-13 13:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-04-15 11:20 - 2015-03-13 13:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-04-15 11:20 - 2015-03-13 13:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-04-15 11:20 - 2015-03-13 13:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-04-15 11:20 - 2015-03-13 13:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-04-15 11:20 - 2015-03-13 13:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-04-15 11:20 - 2015-03-13 13:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-04-15 11:20 - 2015-03-13 13:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-04-15 11:20 - 2015-03-13 12:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-04-15 11:20 - 2015-03-13 12:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-04-15 11:20 - 2015-03-13 12:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-04-15 11:20 - 2015-03-13 12:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-04-15 11:20 - 2015-03-13 12:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-04-15 11:20 - 2015-03-13 12:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-04-15 11:20 - 2015-03-13 12:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-04-15 11:20 - 2015-03-13 12:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-04-15 11:20 - 2015-03-13 12:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-04-15 11:20 - 2015-03-13 12:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-04-15 11:20 - 2015-03-13 12:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-04-15 11:20 - 2015-03-13 12:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-04-15 11:20 - 2015-03-13 12:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-04-15 11:20 - 2015-03-13 12:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-04-15 11:20 - 2015-03-04 14:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys

2015-04-15 11:20 - 2015-03-04 14:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll

2015-04-15 11:20 - 2015-03-04 14:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll

2015-04-15 11:20 - 2015-02-25 13:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys

2015-04-07 16:36 - 2015-04-07 16:37 - 00000000 ___SD () C:\Windows\system32\GWX

2015-04-07 16:36 - 2015-04-07 16:36 - 00000000 ___SD () C:\Windows\SysWOW64\GWX

2015-04-07 16:36 - 2015-04-07 16:36 - 00000000 ____D () C:\03104ab33c2e6bace6a14f1f

2015-04-07 12:47 - 2015-04-18 09:56 - 00000000 ____D () C:\ProgramData\{873a30b8-7093-9a03-873a-a30b8709c2e1}

2015-04-07 12:47 - 2015-04-07 12:47 - 00467144 _____ () C:\Users\Carol\Downloads\Redfoo - Juicy Wiggle (Lyric and Dance).exe

2015-04-07 12:46 - 2015-04-07 12:46 - 00000000 ____D () C:\Users\Carol\AppData\Local\Apps\2.0

2015-04-04 19:28 - 2015-04-04 19:28 - 00000000 ____D () C:\0834732e71b78a354c

2015-04-03 14:43 - 2015-04-03 14:43 - 00000000 ____D () C:\154f51a0b370d09d8143d98b284c

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-02 17:16 - 2014-07-30 20:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-05-02 16:41 - 2014-07-30 20:12 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-05-02 16:41 - 2014-07-30 20:12 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-05-02 16:40 - 2012-06-16 14:35 - 00000000 ____D () C:\Users\Carol\AppData\Local\Google

2015-05-02 16:40 - 2012-06-16 14:35 - 00000000 ____D () C:\Program Files (x86)\Google

2015-05-02 16:39 - 2009-07-14 14:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-05-02 16:39 - 2009-07-14 14:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-05-02 16:36 - 2009-07-14 15:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-05-02 16:35 - 2012-02-10 12:42 - 01354759 _____ () C:\Windows\WindowsUpdate.log

2015-05-02 16:31 - 2012-02-10 13:11 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys

2015-05-02 16:31 - 2012-02-10 12:46 - 00000000 ____D () C:\ProgramData\NVIDIA

2015-05-02 16:31 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-05-02 16:31 - 2009-07-14 14:51 - 00143479 _____ () C:\Windows\setupact.log

2015-05-01 18:01 - 2010-11-21 13:47 - 00211624 _____ () C:\Windows\PFRO.log

2015-04-30 18:50 - 2012-04-25 17:14 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\.minecraft

2015-04-29 16:42 - 2014-07-30 20:12 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2015-04-26 14:48 - 2012-02-10 13:49 - 00000000 ____D () C:\Users\Carol\AppData\Local\Windows Live

2015-04-17 11:28 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache

2015-04-17 11:24 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\AppCompat

2015-04-17 10:28 - 2014-12-18 02:15 - 00000000 ____D () C:\Windows\system32\appraiser

2015-04-17 10:28 - 2014-05-06 20:05 - 00000000 ___SD () C:\Windows\system32\CompatTel

2015-04-17 10:28 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2015-04-15 19:41 - 2013-08-16 21:18 - 00000000 ____D () C:\Windows\system32\MRT

2015-04-15 19:37 - 2012-03-03 07:51 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-04-15 11:18 - 2014-07-30 20:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-04-15 11:17 - 2014-07-30 20:11 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-04-15 11:17 - 2014-07-30 20:11 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-04-07 11:24 - 2014-01-06 07:36 - 00000000 ____D () C:\Program Files (x86)\Steam

2015-04-07 10:15 - 2012-11-08 17:01 - 00000000 ____D () C:\Users\Carol\Documents\adina

==================== Files in the root of some directories =======

2014-07-24 18:53 - 2014-07-24 18:53 - 0001192 _____ () C:\Users\Carol\AppData\Roaming\aps.scan.quick.results

2014-07-24 18:53 - 2014-07-24 18:53 - 0002932 _____ () C:\Users\Carol\AppData\Roaming\aps.scan.results

2014-07-24 18:53 - 2014-07-24 18:53 - 0000316 _____ () C:\Users\Carol\AppData\Roaming\aps.uninstall.scan.results

2012-02-15 08:43 - 2012-02-15 08:43 - 0095222 _____ () C:\Users\Carol\AppData\Roaming\Doxillion.dmp

Some content of TEMP:

====================

C:\Users\Carol\AppData\Local\Temp\43C4.exe

C:\Users\Carol\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

C:\Users\Carol\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe

C:\Users\James\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-25 11:58

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015

Ran by Carol at 2015-05-02 17:30:55

Running from C:\Users\Carol\Downloads

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3591160918-901661972-950247392-500 - Administrator - Disabled)

Carol (S-1-5-21-3591160918-901661972-950247392-1000 - Administrator - Enabled) => C:\Users\Carol

Guest (S-1-5-21-3591160918-901661972-950247392-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3591160918-901661972-950247392-1010 - Limited - Enabled)

James (S-1-5-21-3591160918-901661972-950247392-1004 - Administrator - Enabled) => C:\Users\James

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe PDF iFilter 9 for 64-bit platforms (HKLM\...\{5EA12CF3-8162-47F6-ACAF-45AD03EFB08F}) (Version: 9.0.0 - Adobe)

Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)

AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden

Bloggie Software (HKLM-x32\...\BloggieSoftware) (Version: 3.3.1.73 - Sony)

Bloggie Software (x32 Version: 3.3.1.73 - Sony Corporation) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)

Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden

FastPlayer (HKLM-x32\...\FastPlayer) (Version: v1.0.0.11 - SoftForce LLC) <==== ATTENTION

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Java™ 7 Update 4 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217004FF}) (Version: 7.0.40 - Oracle)

JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)

Mozilla Firefox 33.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 en-GB)) (Version: 33.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)

NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)

ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.531.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6423 - Realtek Semiconductor Corp.)

SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden

Smart 6 B11.0824.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)

Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)

Uni-Stat (HKLM-x32\...\{2C0D5586-B96C-404F-96D7-91BE2A304853}) (Version: 4.0 - Avery Dennsion)

Unity Web Player (HKU\S-1-5-21-3591160918-901661972-950247392-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)

VAFPlayer (HKLM-x32\...\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}) (Version: 1.6.8 - Tuguu SL) <==== ATTENTION

VIO Player version 1.0.1 (HKLM-x32\...\{C8A17598-7F89-41EA-9876-0F89DA0B24F1}_is1) (Version: 1.0.1 - VIO)

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

17-04-2015 22:29:07 Windows Update

18-04-2015 09:56:30 Windows Defender Checkpoint

18-04-2015 12:31:23 Windows Update

19-04-2015 20:25:54 Windows Update

20-04-2015 11:48:26 Windows Update

20-04-2015 21:33:36 Windows Update

21-04-2015 18:50:20 Windows Update

21-04-2015 22:03:59 Windows Update

22-04-2015 21:10:13 Windows Update

25-04-2015 16:20:42 Windows Update

26-04-2015 21:06:43 Windows Update

27-04-2015 20:04:23 Windows Update

28-04-2015 20:48:54 Windows Update

29-04-2015 19:50:57 Windows Update

30-04-2015 20:24:00 Windows Update

01-05-2015 22:41:52 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 12:34 - 2014-12-16 12:51 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06BD2710-1D47-4DD1-BE25-5BE8C00E0682} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-3 No Task File <==== ATTENTION

Task: {0E3B203C-EF1E-49E1-822D-D2E89464809A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)

Task: {146EEE3A-E0A5-40FA-A169-58CFE7423B02} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-1 No Task File <==== ATTENTION

Task: {1C66AF32-C379-4A7B-8456-BE08CE3D87BC} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-4 No Task File <==== ATTENTION

Task: {21E8D46D-75EA-4650-9453-E38FEA2FEE67} - System32\Tasks\{D5590380-BB80-44FA-8258-9367CDFE0BFC} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/113900

Task: {3C5EC24D-609A-4CE3-9EED-18E4872CFAA7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)

Task: {3D04B37C-F930-46C7-8C56-67C591DE8766} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: {49D58B38-4997-4A93-B682-EBEBC319D59E} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION

Task: {4CD61D61-9AAB-433C-867A-B0F97C4C9BB3} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: {5780AF66-CF83-4248-B342-059496E7989D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-30] (Google Inc.)

Task: {71C02812-3E16-4D01-9CD8-52EA3829A437} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-5 No Task File <==== ATTENTION

Task: {8C785076-E57E-43D2-92C5-29DAE404BD06} - System32\Tasks\ParetoLogic Update Version3_triggeronce => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe

Task: {92F75FA2-082E-4BF5-8D3D-D3B67718C624} - System32\Tasks\{8BA3EEB2-7288-4412-B805-96F8727AAC0E} => pcalua.exe -a C:\Users\James\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=tugs <==== ATTENTION

Task: {972724E4-447D-4EA5-A25A-7A86CDFC8D5C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {AEEBCD4C-A7DF-4698-A044-EBD989892F2F} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)

Task: {AF464D88-CC5F-4AF8-B3D0-A18657097839} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: {B8AC961D-F09E-4C6A-AD8C-7B08A9DE5E2D} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-2 No Task File <==== ATTENTION

Task: {BA0E3111-CD17-44B5-B6AE-884D145B885B} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-18] ()

Task: {CB84CF0F-DF21-4736-AD79-6734E934ECA6} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)

Task: {D122BE80-2055-4F56-920A-63E61137AF22} - \ASP No Task File <==== ATTENTION

Task: {D476D96E-9A37-47AF-B65F-C4B907F77161} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-30] (Google Inc.)

Task: {D8BCA465-685D-47D6-9F7E-8F6E0008D3E9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)

Task: {DBD19F11-49A0-4AF3-8635-5EE64EA9CFF1} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-11 No Task File <==== ATTENTION

Task: {F440EB41-D288-4DA4-8AF1-678ED91A6A3E} - System32\Tasks\4677 => Wscript.exe C:\Users\James\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION

Task: {F71B0664-29EB-444F-AE86-6BF1205DA225} - \9a2748f4-9e4a-4fa8-9c8f-cbbe03388518-5_user No Task File <==== ATTENTION

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

==================== Loaded Modules (whitelisted) ==============

2012-11-18 17:42 - 2014-11-13 07:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2012-02-10 13:06 - 2011-08-22 14:26 - 00057344 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe

2015-03-24 19:43 - 2015-03-24 19:43 - 00382464 _____ () C:\Program Files (x86)\FastPlayer\FPUpdaterService.exe

2012-09-15 16:59 - 2012-09-15 17:28 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2010-01-03 00:42 - 2010-01-03 00:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2015-02-04 02:18 - 2015-02-04 02:18 - 00134656 _____ () C:\Program Files (x86)\FastPlayer\OtherBrowser.exe

2014-10-11 12:06 - 2014-10-11 12:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-02-10 13:06 - 2009-05-04 16:56 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\ycc.dll

2012-01-08 23:41 - 2012-01-08 23:41 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll

2015-04-29 16:42 - 2015-04-28 12:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll

2015-04-29 16:42 - 2015-04-28 12:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll

2015-04-29 16:42 - 2015-04-28 12:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3591160918-901661972-950247392-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 111.118.175.56 - 118.127.33.48

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"

MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"

MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"

MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [TCP Query User{9258F95C-A408-4142-B8AE-AE6439B74DA5}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe

FirewallRules: [UDP Query User{5E59D1A4-5C8E-4538-B85C-345963053855}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe

FirewallRules: [{4D580550-A9A6-4E9D-B44F-7B858895EB6A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{14429002-2D65-4DE5-AD79-30A143D66102}] => (Allow) LPort=2869

FirewallRules: [{8DD86304-43EA-4694-BCDB-7FD1A405138F}] => (Allow) LPort=1900

FirewallRules: [{F6E20282-4CF4-402F-B6F5-278030D2A6F4}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe

FirewallRules: [{9170361A-B38B-4F4F-8087-4EA3AD6C8FAF}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe

FirewallRules: [TCP Query User{FFDFF61F-42C9-4E5C-AC5D-DB2FF79E42F4}C:\program files (x86)\steam\steamapps\epictas10\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\epictas10\team fortress 2\hl2.exe

FirewallRules: [UDP Query User{43DEB30F-E915-4CF5-9002-98868A92980F}C:\program files (x86)\steam\steamapps\epictas10\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\epictas10\team fortress 2\hl2.exe

FirewallRules: [TCP Query User{3CAA7A1B-7434-413D-8E23-869AAD9BFA2C}C:\program files (x86)\yworks\yed\yed.exe] => (Allow) C:\program files (x86)\yworks\yed\yed.exe

FirewallRules: [UDP Query User{4A165447-A214-466D-9DFB-7D3F57A0D582}C:\program files (x86)\yworks\yed\yed.exe] => (Allow) C:\program files (x86)\yworks\yed\yed.exe

FirewallRules: [{A2D3EB15-F05A-4EBA-A56B-021D39D3C586}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\magicka\Magicka.exe

FirewallRules: [{5F3F2C62-E59F-482D-B552-263009DC2A3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\magicka\Magicka.exe

FirewallRules: [{6912FF34-3CDA-41BA-82B8-B4B54C3073F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\gotham city impostors\Engine.exe

FirewallRules: [{A22BF31A-5BA2-4C81-B3A2-56621683862D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\gotham city impostors\Engine.exe

FirewallRules: [TCP Query User{BD3902B1-BF45-4820-8F87-143A842C8636}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe

FirewallRules: [UDP Query User{30E20469-D238-48F2-9BE1-CBDA41E3C3BB}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe

FirewallRules: [TCP Query User{4FF52B39-0761-4AE6-A762-C49B5DF97329}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe

FirewallRules: [UDP Query User{4054916D-7899-415A-AC28-0757C8ACEF79}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe

FirewallRules: [TCP Query User{F59146D1-8F78-4A92-86F9-1F21F23507F5}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe

FirewallRules: [UDP Query User{FAAE8753-C6F8-4F8B-A02A-0984083B78C4}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe

FirewallRules: [TCP Query User{BF777991-A792-4C3D-9CB0-00D6FED0E797}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [UDP Query User{CC21F787-4B7C-4C56-906C-C8CEBF77310E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [{7B91E786-51B9-4CBC-9696-0B2D921070F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wargame European Escalation Trailer\smp.exe

FirewallRules: [{4BA2CAF6-5C8C-4414-AC7E-D169BDD184BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wargame European Escalation Trailer\smp.exe

FirewallRules: [{0F6210E7-0380-4655-95D3-4705C7AAE3A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wargame European Escalation Steam Trailer\smp.exe

FirewallRules: [{CE8A2F7E-6371-491D-AB8F-2C9B7529E27B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wargame European Escalation Steam Trailer\smp.exe

FirewallRules: [{72A5DC08-7F09-4536-82A7-872FA9A00C56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tribes\Binaries\Win32\HirezBridge.exe

FirewallRules: [{862BA387-55D7-4128-BEF2-23A8D73D37B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tribes\Binaries\Win32\HirezBridge.exe

FirewallRules: [{B47B500B-58A0-4AFA-98CC-69A9CDF97AA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe

FirewallRules: [{0849AB6F-7DF6-496F-9AE0-A5A6AC60C2A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe

FirewallRules: [TCP Query User{4E89BDCF-19AF-4563-98BD-9B16646748FF}C:\program files (x86)\steam\steamapps\common\crimecraft\binaries\crimecraft.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\crimecraft\binaries\crimecraft.exe

FirewallRules: [UDP Query User{985B0AA2-0D4A-4FEE-8E8A-120A7C8EEF3E}C:\program files (x86)\steam\steamapps\common\crimecraft\binaries\crimecraft.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\crimecraft\binaries\crimecraft.exe

FirewallRules: [{31B37175-8DBB-49A9-B600-15B9030A991F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{DADB5FE8-7134-436E-97CB-FF085B282E95}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{59552991-608D-4DE8-9F20-A5BDF25BB109}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{9E45E40C-F7E8-4205-87C3-83FDC4A73DDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{23088588-F492-4D02-88A2-A85987D97371}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

FirewallRules: [{FD84288E-4A9E-4388-AC07-A83D645D950C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\crimecraft\SteamLauncher.exe

FirewallRules: [{4F6BF286-0F82-425A-A554-D21094A6E3EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\crimecraft\SteamLauncher.exe

FirewallRules: [{A63E967D-2B81-4F55-A313-1154AE97D9A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\world of battles\release\launcher.exe

FirewallRules: [{7F91F784-73BC-42C9-922A-995FC49A62E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\world of battles\release\launcher.exe

FirewallRules: [TCP Query User{D6B6B9B1-6744-46B9-AA3C-987E7C6F1FD0}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe

FirewallRules: [UDP Query User{1210EC1E-7929-46AD-B53F-7848FA023492}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe

FirewallRules: [{AEF02FDC-C71F-4C4D-9A21-7B49FE254D3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Combat Arms\calauncher.exe

FirewallRules: [{3A6CA6D2-483D-46FB-B3A2-FE4ADC624873}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Combat Arms\calauncher.exe

FirewallRules: [TCP Query User{84BF4581-391F-4842-A208-70ED8F2C2E96}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [UDP Query User{25F3BE97-8650-4A85-A746-59036AF15A1D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [{E404B646-C483-4069-8DC0-38B31C2AEAE1}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

FirewallRules: [{88E4FFB6-F246-4787-A2EB-26C28E577559}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

FirewallRules: [{5F4BC986-6D6B-4215-A8BB-7E55981138DE}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe

FirewallRules: [{20DF95F7-C386-4104-9FDA-01CDFF06AE0F}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe

FirewallRules: [{6C503274-758E-4C31-98AC-1516C8A18A8F}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

FirewallRules: [{010CE73C-2887-4848-8F8D-D6EF651A172C}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

FirewallRules: [{0C8B7E04-2585-4029-8325-F2804DA4B01E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{E86F68EF-50F8-4A17-8C98-AC848F87F1BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{583440BB-B7B3-432C-9B90-CF8778B7E68F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe

FirewallRules: [{2284D384-432D-4025-8119-DB0D3FF29CF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe

FirewallRules: [{81830E5B-5F61-4FDC-8020-FEABD5B1E408}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{5BFC482B-B684-4F4F-B2F6-A61D674DA023}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{5962FAF7-83DD-4AF0-8EFC-40E266B3BE48}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{C7B1C7DF-E5F0-44DD-A879-140B7B99A14C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{D69DE80E-BFF1-4716-AFB2-4DF272F35F48}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{8C3E42FD-E53A-4C7E-98BE-D45C813C4D46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{E6F08356-47D8-4CC1-A2F3-5D115A605DE5}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe

FirewallRules: [{B8FC0F77-726A-4596-83D8-DD3E33671FB8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{784CF343-DD61-4408-854C-D5DBE5406A7B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{205EE884-DFDC-4929-85B3-A0D5612CEB50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

FirewallRules: [{5F4E779D-BE1D-4ED1-80F0-4394238085E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

FirewallRules: [{C7CD83B0-24AF-4D0E-86C5-6FB659FF1AE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{B36DD21A-A653-489C-AB77-0D80624F4834}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{C939523E-EDA5-486F-A286-228492171F83}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: D-Link DWA-548 Wireless N PCIe Desktop Adapter

Description: D-Link DWA-548 Wireless N PCIe Desktop Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: D-Link Corporation

Service: netr28x

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Teredo Tunneling Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:

==================

Error: (05/01/2015 10:42:32 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)