This topic is locked
For months now..When my son tries to access Google the site gets redirected to taplika and he gets bombed with new windows that
open from "saleplus"; clicking on any link opens a new window from saleplus or creates pages that overlap the whole window from
NOW programs and browser extensions have to install themselves.
finally we couldnt get google to launch. I went to task and uninstalled the programs that were most recently added
untill I could launch Google. YA me!!
Launching Google still is bringing taplika redirect and ads at every click.. even though i uninstalled a taplika program file from panel!! grr.
The search circle is going round and round and gets pretty much nowhere! you wait forever to click a link...get a page
etc.. and using the X to try and stop it does nothing. finally while you are working the google will just crash out to
the sad little guy that says...time to relaoad AGAIN>>>grr. I am writing this on notepad because it draggs so bad
to type on the question box and grrrr...timed out again!!
While changing my settings to put scan on desktop I saw taplika was set up as the default browser and reset it to google..
..nice clean launch into google now...but processor still going round and round slow as mud!
I got a clean click result to your scan page as well as download link...NO POP ADS!! YA US!! shocked it was a default..hmmm
I launched explorer to have a look and it redirects too...just different companies..well then... Got to love the important update
coming on screen saying need to update explorer..not me!!
I have uninstalled and deleted all things I can tell are trash. some things still may be.. that I am unsure of how they are used
and afraid to lose needed items.
My son says he did not install the McKfee; but it DID show a trojon on a media converter and "optomizerPro3.89\reminder" .. another self installed scan!!
I was able to uninstall the media converter but optimizerPro is pro work!! the unstaller refuses to open and the reminder
(the file with the trojon) states .. it cant be deleted because the file is open. Well I managed to get it all deleted
except for.. OptProMon..a dll file in program files (x86). this one refuses to go sayin the file is open in optomizer
monitoring..grr. but McAfee came back clean so...all optimizerpro files closed off in recycle bin except monitor file
Finally, I didnt remove any temp or cookie files because i dont know which ones are needed for sites and programs to run well.
But if we have to go through some bumps and glitches..oh well there they go if you say they need to!!
Below is the FRST log for your review...I know I am confident in this site and appreciate
the help!! this will be the second time we get my son back on track...maybe he'll finally believe and not wait till he gets
shut out again!! Bahaha not funny really I suppose...sometimes shut down is shut out!!
Ya..filled out topic line on this page and this sentence....DRAGGGGGGGGG SLOWWWW
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015 01
Ran by Eric York (administrator) on ERICYORK-PC on 24-05-2015 22:56:55
Running from C:\Users\Eric York\Desktop
Loaded Profiles: Eric York (Available Profiles: Eric York)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
() C:\ProgramData\Nuilijoaruto\1.0.1.0\ufxnoaep.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Eric York\AppData\Local\Akamai\netsession_win.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(PC Utilities Software Limited) C:\ProgramData\{e5045fa1-7bf3-a0d0-e504-45fa17bf7e85}\hqghumeaylnlf.exe
() C:\ProgramData\{a69497bb-3c58-16c2-a694-497bb3c55eec}\Paddington 2014 MKV 1080p DD5.1 NedSubs TBS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Akamai Technologies, Inc.) C:\Users\Eric York\AppData\Local\Akamai\netsession_win.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\ProgramData\Nuilijoaruto\1.0.1.0\ufxnoaep.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(DownloadAdmin) C:\Users\Eric York\AppData\Local\UpdateAdmin\UpdateAdmin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [myradioplayer Tray] => "C:\Program Files (x86)\myradioplayer\myradioplayerTray.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2877554017-1696531486-103451963-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-14] (Valve Corporation)
HKU\S-1-5-21-2877554017-1696531486-103451963-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Eric York\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2877554017-1696531486-103451963-1000\...\Run: [UpdateAdmin] => C:\Users\Eric York\AppData\Local\UpdateAdmin\UpdateAdmin.exe [225552 2014-10-16] (DownloadAdmin)
AppInit_DLLs-x32: C:\PROGRA~3\{DC703~1\1170~1.1\tedo.dll => "C:\PROGRA~3\{DC703~1\1170~1.1\tedo.dll" File not found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-03-27]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Eric York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Champs.2015.HDRip.XViD-juggs[ETRG].lnk [2015-03-31]
ShortcutTarget: Champs.2015.HDRip.XViD-juggs[ETRG].lnk -> C:\ProgramData\{14d215c9-2b26-e2f1-14d2-215c92b25724}\Champs.2015.HDRip.XViD-juggs[ETRG].exe (No File)
Startup: C:\Users\Eric York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk [2015-05-05]
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{e5045fa1-7bf3-a0d0-e504-45fa17bf7e85}\hqghumeaylnlf.exe (PC Utilities Software Limited)
Startup: C:\Users\Eric York\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Paddington 2014 MKV 1080p DD5.1 NedSubs TBS.lnk [2015-04-13]
ShortcutTarget: Paddington 2014 MKV 1080p DD5.1 NedSubs TBS.lnk -> C:\ProgramData\{a69497bb-3c58-16c2-a694-497bb3c55eec}\Paddington 2014 MKV 1080p DD5.1 NedSubs TBS.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchy.easylifeapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://searchy.easylifeapp.com/
HKU\S-1-5-21-2877554017-1696531486-103451963-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchy.easylifeapp.com/
HKU\S-1-5-21-2877554017-1696531486-103451963-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {589B893E-773C-4941-88C2-0DCC718E621C} URL =
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.goo...&cc=US&unqvl=86
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.goo...&cc=US&unqvl=86
SearchScopes: HKU\S-1-5-21-2877554017-1696531486-103451963-1000 -> {589B893E-773C-4941-88C2-0DCC718E621C} URL = http://websearch.goo...&cc=US&unqvl=86
SearchScopes: HKU\S-1-5-21-2877554017-1696531486-103451963-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://taplika.com/r...=2066106222&ir=
BHO: IsaveuR -> {069C4103-B8AD-46EA-85B7-5D0A90176798} -> C:\Program Files (x86)\IsaveuR\87s0mIX9fsABMp.x64.dll [2015-05-24] ()
BHO: AllCheapPRiCe -> {A0D6956C-4538-4CD8-8D2B-F75463ABA3E2} -> C:\Program Files (x86)\AllCheapPRiCe\bfcsVzhOSznkGp.x64.dll [2015-05-24] ()
BHO-x32: IsaveuR -> {069C4103-B8AD-46EA-85B7-5D0A90176798} -> C:\Program Files (x86)\IsaveuR\87s0mIX9fsABMp.dll [2015-05-24] ()
BHO-x32: AllCheapPRiCe -> {A0D6956C-4538-4CD8-8D2B-F75463ABA3E2} -> C:\Program Files (x86)\AllCheapPRiCe\bfcsVzhOSznkGp.dll [2015-05-24] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-01-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-01-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-11]
CHR Extension: (Google Docs) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-11]
CHR Extension: (Google Drive) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-11]
CHR Extension: (YouTube) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-11]
CHR Extension: (Translate This) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohaeepgdechbpphaodjkjghdeajomaa [2015-05-24]
CHR Extension: (Google Search) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-11]
CHR Extension: (Google Sheets) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-11]
CHR Extension: (1click timer) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\igloknlllonknnbkfgggfkigmeegmakf [2015-04-09]
CHR Extension: (Scroll Marker) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdoinodpdahlmpgmpmhonheidpjhhnid [2015-04-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-24]
CHR Extension: (Taplika New Tab) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkjojacgdjkninepeghaamnapdjmlfn [2015-05-24]
CHR Extension: (AutODealsApp) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpomadidloebceiegjjgmoepjnnpbpjk [2015-04-09]
CHR Extension: (Google Wallet) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-11]
CHR Extension: (Weather Aware) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiahdodpoomdjoegkmibpmgejobfpcn [2015-04-13]
CHR Extension: (Gmail) - C:\Users\Eric York\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-11]
CHR HKLM\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-2877554017-1696531486-103451963-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.goog...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.goo...ice/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-30] (Advanced Micro Devices, Inc.) []
R2 b37c34bf; c:\Program Files (x86)\SystemUp\SystemUp.dll [1623552 2015-04-23] () []
R2 da05e809; c:\Program Files (x86)\Optimizer Pro 3.89\OptProMon.dll [1750568 2015-05-05] () <==== ATTENTION
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-24 22:56 - 2015-05-24 22:57 - 00016112 _____ () C:\Users\Eric York\Desktop\FRST.txt
2015-05-24 22:53 - 2015-05-24 22:53 - 02108416 _____ (Farbar) C:\Users\Eric York\Desktop\FRST64.exe
2015-05-24 20:44 - 2015-05-24 20:44 - 02108416 _____ (Farbar) C:\Users\Eric York\Downloads\FRST64 (1).exe
2015-05-24 20:28 - 2015-05-24 20:28 - 00000000 ____D () C:\Program Files (x86)\AllCheapPRiCe
2015-05-24 20:27 - 2015-05-24 20:27 - 00000000 ____D () C:\Program Files (x86)\Translate This
2015-05-24 20:27 - 2015-05-24 20:27 - 00000000 ____D () C:\Program Files (x86)\IsaveuR
2015-05-24 20:27 - 2015-05-24 20:27 - 00000000 ____D () C:\Program Files (x86)\ExstrACCoupOn
2015-05-24 17:12 - 2015-05-24 17:13 - 00031993 _____ () C:\Users\Eric York\Downloads\Addition.txt
2015-05-24 17:11 - 2015-05-24 22:56 - 00000000 ____D () C:\FRST
2015-05-24 17:11 - 2015-05-24 20:49 - 00038154 _____ () C:\Users\Eric York\Downloads\FRST.txt
2015-05-24 17:11 - 2015-05-24 17:11 - 02108416 _____ (Farbar) C:\Users\Eric York\Downloads\FRST64.exe
2015-05-24 16:14 - 2015-05-24 16:14 - 00002998 _____ () C:\Windows\System32\Tasks\{49D61FB6-47AE-4E2C-99AF-646F5D49E052}
2015-05-24 16:13 - 2015-05-24 16:13 - 00002998 _____ () C:\Windows\System32\Tasks\{43ABFCDF-4A53-451C-B44C-05EE154A6A98}
2015-05-24 15:48 - 2015-05-24 15:48 - 00003216 _____ () C:\Windows\System32\Tasks\{30414C1D-A7B5-4977-B2F6-E4EC87D9F35D}
2015-05-24 15:34 - 2015-05-24 15:34 - 00003218 _____ () C:\Windows\System32\Tasks\{ADFAB84C-ADC3-4C25-B054-131242659405}
2015-05-24 12:29 - 2015-05-24 12:29 - 00000024 _____ () C:\Users\Eric York\AppData\Roaming\appdataFr25.bin
2015-05-24 11:13 - 2015-05-24 15:29 - 00003450 _____ () C:\Windows\System32\Tasks\Nuilijoaruto
2015-05-22 16:08 - 2015-05-24 11:04 - 00000000 ____D () C:\Program Files (x86)\BItSaver
2015-05-20 19:12 - 2015-05-24 11:13 - 00000000 ____D () C:\ProgramData\Nuilijoaruto
2015-05-18 18:04 - 2015-05-18 18:04 - 00000000 ____D () C:\Users\Eric York\Downloads\Game.of.Thrones.S05E06.HDTV.x264-ASAP[ettv]
2015-05-18 18:03 - 2015-05-18 18:03 - 00028219 _____ () C:\Users\Eric York\Downloads\DBE720F223AAE9B6E5886122FD2EEE18B90195C1.torrent
2015-05-16 20:17 - 2015-05-24 11:04 - 00000000 ____D () C:\Users\Eric York\Downloads\The 100 - The Complete Season 2 [HDTV]
2015-05-16 20:16 - 2015-05-16 20:16 - 00061954 _____ () C:\Users\Eric York\Downloads\A81F006EA0EC63A7EFEA9CD5B0700801D933A711.torrent
2015-05-16 20:15 - 2015-05-16 20:15 - 00004865 _____ () C:\Users\Eric York\Downloads\56534C6F12D0512E98817E232C441328BDF4E1B8 (1).torrent
2015-05-16 11:07 - 2015-05-16 11:07 - 00000000 ____D () C:\Users\Eric York\Downloads\Slow.West.2015.HDRip.XviD.AC3-EVO
2015-05-16 11:06 - 2015-05-16 11:06 - 00118995 _____ () C:\Users\Eric York\Downloads\7ABC52707286AECAAA420276EA2DDDAD01B1834E.torrent
2015-05-14 15:55 - 2015-05-14 15:57 - 00000000 ____D () C:\Users\Eric York\Downloads\The.Lazasur.Effect.2015.HC.HDRip.XViD.AC3-ETRG
2015-05-14 15:55 - 2015-05-14 15:56 - 00000000 ____D () C:\Users\Eric York\Downloads\The.SpongeBob.Movie.Sponge.Out.Of.Water.2015.HC.HDRip.XviD.AC3-EVO
2015-05-14 15:55 - 2015-05-14 15:55 - 00114787 _____ () C:\Users\Eric York\Downloads\24D8DADE1F9652E79437B64001B655F2F804BFEA.torrent
2015-05-14 15:54 - 2015-05-14 15:54 - 00112714 _____ () C:\Users\Eric York\Downloads\4E12FFE93319E45F453FB76E5EE1ED184266A81A.torrent
2015-05-14 08:33 - 2015-05-14 08:33 - 00000000 ____D () C:\Users\Eric York\Downloads\The.Flash.2014.S01E22.HDTV.x264-LOL[ettv]
2015-05-14 08:30 - 2015-05-14 08:30 - 00018911 _____ () C:\Users\Eric York\Downloads\FCCC12C6F43DFEDB0CAC0217A99DC27077709604.torrent
2015-05-14 08:30 - 2015-05-14 08:30 - 00000000 ____D () C:\Users\Eric York\Downloads\Arrow.S03E23.HDTV.x264-LOL[ettv]
2015-05-14 08:29 - 2015-05-14 08:30 - 00000000 ____D () C:\Users\Eric York\Downloads\Strange.Magic.2015.DVDRip.XviD-EVO
2015-05-14 08:29 - 2015-05-14 08:29 - 00079049 _____ () C:\Users\Eric York\Downloads\0EB9589C33E69139223952EEFF17CC57689AB618.torrent
2015-05-14 08:29 - 2015-05-14 08:29 - 00057631 _____ () C:\Users\Eric York\Downloads\A7AB46A31BC742774767F6FBF19F1C5F47BB1572.torrent
2015-05-14 08:29 - 2015-05-14 08:29 - 00022664 _____ () C:\Users\Eric York\Downloads\EC205D2198F0E0F708D53360F5AB76F2B5DF7BFC.torrent
2015-05-14 08:29 - 2015-05-14 08:29 - 00000000 ____D () C:\Users\Eric York\Downloads\Project.Almanac.2014.BRRip.XViD-ETRG
2015-05-14 08:29 - 2015-05-14 08:29 - 00000000 ____D () C:\Users\Eric York\Downloads\Ex.Machina.2015.DVDRip.XViD-ETRG
2015-05-14 08:28 - 2015-05-14 08:28 - 00057288 _____ () C:\Users\Eric York\Downloads\4109B71CBE61C6299AAD929D57128FA1D0E7918E.torrent
2015-05-14 08:27 - 2015-05-14 08:27 - 00057698 _____ () C:\Users\Eric York\Downloads\1CDAA83BFC308D3780BC7E712150F9AD13B9ED39.torrent
2015-05-14 08:27 - 2015-05-14 08:27 - 00000000 ____D () C:\Users\Eric York\Downloads\Chappie.2015.HDRip.XViD-ETRG
2015-05-12 19:08 - 2015-05-12 19:08 - 00023844 _____ () C:\Users\Eric York\Downloads\46F613E7A84241E1A6D46F71E95AD137985B4F49.torrent
2015-05-12 19:08 - 2015-05-12 19:08 - 00000000 ____D () C:\Users\Eric York\Downloads\Arrow.S03E22.HDTV.x264-LOL[ettv]
2015-05-12 19:07 - 2015-05-12 19:08 - 00000000 ____D () C:\Users\Eric York\Downloads\Game.of.Thrones.S05E05.HDTV.x264-ASAP[ettv]
2015-05-12 19:07 - 2015-05-12 19:07 - 00025033 _____ () C:\Users\Eric York\Downloads\9800748DDDA1891DEF1D01C04F8CC0BCCAE1A192.torrent
2015-05-10 07:37 - 2015-05-10 07:37 - 00000000 ____D () C:\Users\Eric York\AppData\Local\speed browser
2015-05-10 07:37 - 2015-05-10 07:37 - 00000000 ____D () C:\Program Files (x86)\speed browser
2015-05-09 21:17 - 2015-05-09 21:17 - 00000000 ____D () C:\Users\Eric York\Downloads\Fast.and.Furious.7.2015.HC.HDRip.XViD.AC3-ETRG
2015-05-09 21:16 - 2015-05-09 21:16 - 00117315 _____ () C:\Users\Eric York\Downloads\FF368B75C326AD29232504EDB33E56A2CB19A860.torrent
2015-05-09 21:16 - 2015-05-09 21:16 - 00117315 _____ () C:\Users\Eric York\Downloads\FF368B75C326AD29232504EDB33E56A2CB19A860 (1).torrent
2015-05-09 12:21 - 2015-05-09 12:22 - 00000000 ____D () C:\Users\Eric York\Downloads\Infini.2015.HDRip.XViD-ETRG
2015-05-09 12:21 - 2015-05-09 12:21 - 00057855 _____ () C:\Users\Eric York\Downloads\8C6E4535100C0B5337A6D11A6ECB4BBCC55D01FE.torrent
2015-05-08 15:38 - 2015-05-08 15:38 - 00000000 ____D () C:\Users\Eric York\Downloads\Maggie.2015.HDRip.XViD-ETRG
2015-05-08 15:37 - 2015-05-08 15:37 - 00057193 _____ () C:\Users\Eric York\Downloads\60F2D66FD7252535F71D86D6EE6BF043A71B132E.torrent
2015-05-07 20:35 - 2015-05-07 20:35 - 00114612 _____ () C:\Users\Eric York\Downloads\05FA764BA998C17796FF808CE96D77D377D0E348.torrent
2015-05-07 20:35 - 2015-05-07 20:35 - 00000000 ____D () C:\Users\Eric York\Downloads\Run.All.Night.2015.HC.HDRip.XViD.AC3-ETRG
2015-05-07 13:10 - 2015-05-07 13:10 - 00000001 _____ () C:\Users\Eric York\AppData\Local\DSI.DAT
2015-05-06 23:52 - 2015-05-24 11:04 - 00000000 ____D () C:\ProgramData\Browser
2015-05-06 21:53 - 2015-05-06 22:04 - 00000000 ____D () C:\Users\Eric York\Downloads\Just.Before.I.Go.2014.DVDRip.XViD-ETRG
2015-05-06 21:53 - 2015-05-06 21:53 - 00057286 _____ () C:\Users\Eric York\Downloads\4145BFAF40EBBB8044C9649CC4D3F2065E68E2E0.torrent
2015-05-06 21:51 - 2015-05-06 21:53 - 00000000 ____D () C:\Users\Eric York\Downloads\Fast.&.Furious.7.2015.TS.XViD NO1KNOWS
2015-05-06 21:51 - 2015-05-06 21:51 - 00131843 _____ () C:\Users\Eric York\Downloads\CBFD19EBB5F12283A0D54A00CB1ED6C500C316D0.torrent
2015-05-06 21:50 - 2015-05-06 21:50 - 00000000 ____D () C:\Users\Eric York\Downloads\The.Asylum.2015.720p.WEB-DL.x264 ETRG
2015-05-06 21:49 - 2015-05-06 21:49 - 00230495 _____ () C:\Users\Eric York\Downloads\98D63B9174DB605FCFCD9F09933A3467E3CB9E8A.torrent
2015-05-06 17:52 - 2015-05-06 17:52 - 00000000 ____D () C:\Users\Eric York\AppData\Roaming\Macromedia
2015-05-05 23:17 - 2015-05-05 23:17 - 00000000 ____D () C:\Users\Eric York\AppData\Local\iConvertor
2015-05-05 23:10 - 2015-05-07 00:10 - 00000059 _____ () C:\Users\Eric York\AppData\Roaming\WB.CFG
2015-05-05 22:17 - 2015-05-24 13:21 - 00003276 _____ () C:\Windows\System32\Tasks\Optimizer Pro Schedule
2015-05-05 22:17 - 2015-05-05 22:17 - 00000000 ____D () C:\Users\Eric York\Documents\Optimizer Pro
2015-05-05 22:17 - 2015-05-05 22:17 - 00000000 ____D () C:\Users\Eric York\AppData\Roaming\Optimizer Pro
2015-05-05 22:13 - 2015-05-05 22:13 - 09815040 _____ () C:\Users\Eric York\Downloads\openofficeorg31.msi
2015-05-05 22:12 - 2015-05-05 22:12 - 00003866 _____ () C:\Windows\System32\Tasks\UpdateAdmin
2015-05-05 22:12 - 2015-05-05 22:12 - 00000000 ____D () C:\Users\Eric York\AppData\Local\UpdateAdmin
2015-05-05 22:12 - 2015-05-05 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateAdmin
2015-05-05 22:11 - 2015-05-24 16:00 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.89
2015-05-05 22:11 - 2015-05-06 17:40 - 00000000 ____D () C:\ProgramData\{e5045fa1-7bf3-a0d0-e504-45fa17bf7e85}
2015-05-05 22:10 - 2015-05-24 18:20 - 00000000 ____D () C:\Users\Eric York\AppData\Local\ArcadeTwist
2015-05-05 22:09 - 2015-05-05 22:09 - 01147632 _____ () C:\Users\Eric York\Downloads\Chrome_Updater.exe
2015-05-05 22:08 - 2015-05-05 22:09 - 00000603 _____ () C:\Users\Eric York\Downloads\openofficesuite-setup.website
2015-05-05 21:54 - 2015-05-05 21:55 - 00000000 ____D () C:\Users\Eric York\Desktop\Alicia
2015-05-05 20:40 - 2015-05-05 20:40 - 00761076 _____ () C:\Users\Eric York\Downloads\Canon U.S.A. _ Support & Drivers _ PIXMA iP2600.html
2015-05-05 20:40 - 2015-05-05 20:40 - 00000000 ____D () C:\Users\Eric York\Downloads\Canon U.S.A. _ Support & Drivers _ PIXMA iP2600_files
2015-05-05 20:34 - 2015-05-05 20:34 - 06512600 _____ (383 Media, Inc.) C:\Users\Eric York\Downloads\DriverRestore.exe
2015-05-05 20:31 - 2015-05-05 20:31 - 05379408 _____ () C:\Users\Eric York\Downloads\ip2600svst215ej.exe
2015-05-04 21:20 - 2015-05-04 21:20 - 01021280 _____ () C:\Windows\Minidump\050415-25038-01.dmp
2015-04-30 19:46 - 2015-04-30 19:50 - 00000000 ____D () C:\Users\Eric York\Downloads\The 100 - Season 2 Complete - ChameE
2015-04-30 19:45 - 2015-04-30 19:45 - 00004865 _____ () C:\Users\Eric York\Downloads\56534C6F12D0512E98817E232C441328BDF4E1B8.torrent
2015-04-30 19:24 - 2015-04-30 19:55 - 00000000 ____D () C:\Users\Eric York\Downloads\Spawn.1997-1999.DVDRip.COMPLETE.S01-S03.x264.AC3-5.1 {1337x}-Noir
2015-04-30 19:23 - 2015-04-30 19:23 - 00041347 _____ () C:\Users\Eric York\Downloads\265C793071E483720A7832F488E62904F1E3B949.torrent
2015-04-30 19:23 - 2015-04-30 19:23 - 00041347 _____ () C:\Users\Eric York\Downloads\265C793071E483720A7832F488E62904F1E3B949 (1).torrent
2015-04-30 19:21 - 2015-04-30 19:21 - 00016661 _____ () C:\Users\Eric York\Downloads\_-demonoid.pw-_Order_of_Battle_Pacific_1_5_8_[en_de_fr_ru][SimpleSetup].TORRENT
2015-04-30 19:21 - 2015-04-30 19:21 - 00013248 _____ () C:\Users\Eric York\Downloads\+-demonoid.pw-+_This_War_of_Mine_1_3_1_Multi8Installer_[SimpleSetup].TORRENT
2015-04-30 19:20 - 2015-04-30 19:20 - 00013248 _____ () C:\Users\Eric York\Downloads\[[demonoid.pw]]-This_War_of_Mine_1_3_1_Multi8Installer_[SimpleSetup].TORRENT
2015-04-30 16:52 - 2015-04-30 16:52 - 00114335 _____ () C:\Users\Eric York\Downloads\F3C967221C65CE045179B68AF878133C742E60F6.torrent
2015-04-30 16:52 - 2015-04-30 16:52 - 00000000 ____D () C:\Users\Eric York\Downloads\Kingsman.The.Secret.Service.2014.HC.HDRip.XViD.AC3-ETRG
2015-04-30 13:46 - 2015-04-30 13:46 - 00021955 _____ () C:\Users\Eric York\Downloads\DAF477796CB33FD626AEB8E78474D2AC761CA0A1.torrent
2015-04-30 13:46 - 2015-04-30 13:46 - 00000000 ____D () C:\Users\Eric York\Downloads\Get.Hard.2015.HC.HDRip.XViD-ETRG
2015-04-30 13:46 - 2015-04-30 13:46 - 00000000 ____D () C:\Users\Eric York\Downloads\Arrow.S03E21.HDTV.x264-LOL[ettv]
2015-04-30 13:45 - 2015-04-30 13:45 - 00057126 _____ () C:\Users\Eric York\Downloads\93605453497BBBA0871D9BD822A5ECDE71C65FD1.torrent
2015-04-30 10:11 - 2015-04-30 10:11 - 00795192 _____ (Software Internet ) C:\Users\Eric York\Downloads\java_runtime_enviroment_setup.exe
2015-04-30 10:11 - 2015-04-30 10:11 - 00003154 _____ () C:\Users\Eric York\Downloads\AC1526308B7442CA3ECC2D9CAEC2F2A9D179AE31.torrent
2015-04-28 01:04 - 2015-04-28 01:04 - 00000000 ____D () C:\ProgramData\BlockIt Ad remover
2015-04-27 16:24 - 2015-04-27 16:24 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-04-26 15:52 - 2015-04-26 15:53 - 00000000 ____D () C:\Users\Eric York\Downloads\Jupiter.Ascending.2015.HDRip.XviD-ETRG
2015-04-26 15:52 - 2015-04-26 15:52 - 00014987 _____ () C:\Users\Eric York\Downloads\2EED3322CB099F0164326A302581C969D412A659.torrent
2015-04-26 15:50 - 2015-04-26 16:14 - 00000000 ____D () C:\Users\Eric York\Downloads\UFC 186 Johnson vs Horiguchi HDTV H264-Ben -={SPARROW}=-
2015-04-26 15:49 - 2015-04-26 15:49 - 00237440 _____ () C:\Users\Eric York\Downloads\F73873E6664001D4036BD5CE5A235C3EDE7AB841.torrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-24 22:56 - 2014-12-10 14:19 - 01196325 _____ () C:\Windows\WindowsUpdate.log
2015-05-24 22:15 - 2014-12-11 03:16 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-24 20:28 - 2015-04-09 19:00 - 00000000 ____D () C:\ProgramData\7855897752521555993
2015-05-24 19:54 - 2013-12-11 04:19 - 00723920 _____ () C:\Windows\system32\perfh019.dat
2015-05-24 19:54 - 2013-12-11 04:19 - 00150222 _____ () C:\Windows\system32\perfc019.dat
2015-05-24 19:54 - 2009-07-14 01:13 - 01647438 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-24 19:54 - 2009-07-14 00:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-24 19:54 - 2009-07-14 00:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-24 19:47 - 2015-01-13 12:57 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-24 19:47 - 2014-12-11 03:16 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-24 19:47 - 2009-07-14 00:51 - 00087673 _____ () C:\Windows\setupact.log
2015-05-24 19:46 - 2015-01-13 12:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-24 19:46 - 2010-11-20 23:47 - 00013458 _____ () C:\Windows\PFRO.log
2015-05-24 19:46 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-24 16:17 - 2014-12-11 03:17 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-24 15:52 - 2014-12-10 14:22 - 00000000 ____D () C:\Users\Eric York\AppData\Local\VirtualStore
2015-05-24 11:21 - 2015-03-27 22:14 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-24 11:10 - 2014-12-11 03:16 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-24 11:10 - 2014-12-11 03:16 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-24 11:09 - 2015-04-10 16:13 - 00000020 _____ () C:\Users\Eric York\AppData\Roaming\appdataFr3.bin
2015-05-24 11:08 - 2014-12-10 14:22 - 00000000 ____D () C:\Users\Eric York
2015-05-24 11:04 - 2015-04-05 03:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-24 11:04 - 2015-04-05 03:00 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-24 11:04 - 2015-03-27 22:15 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-05-24 11:04 - 2015-03-15 16:28 - 00000000 ____D () C:\Users\Eric York\AppData\Roaming\BitTorrent
2015-05-24 11:04 - 2015-01-23 15:20 - 00000000 ____D () C:\Users\Eric York\AppData\Local\Akamai
2015-05-24 11:04 - 2014-12-11 03:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-24 11:04 - 2011-04-12 04:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-24 11:04 - 2011-04-12 04:28 - 00000000 ____D () C:\Windows\ShellNew
2015-05-24 11:04 - 2011-04-12 04:28 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-24 11:04 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-24 11:04 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-24 11:04 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2015-05-24 11:04 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-24 11:04 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-24 11:03 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2015-05-13 14:18 - 2014-12-10 16:20 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-10 20:12 - 2015-03-27 22:13 - 00000000 ____D () C:\Users\Eric York\AppData\Local\Adobe
2015-05-05 22:09 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Resources
2015-05-04 21:20 - 2015-03-23 23:19 - 463138055 _____ () C:\Windows\MEMORY.DMP
2015-05-04 21:20 - 2015-03-23 23:19 - 00000000 ____D () C:\Windows\Minidump
2015-04-27 17:31 - 2015-04-21 18:29 - 00000000 __HDC () C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}
==================== Files in the root of some directories =======
2015-05-24 12:29 - 2015-05-24 12:29 - 0000024 _____ () C:\Users\Eric York\AppData\Roaming\appdataFr25.bin
2015-04-10 16:13 - 2015-05-24 11:09 - 0000020 _____ () C:\Users\Eric York\AppData\Roaming\appdataFr3.bin
2015-05-05 23:10 - 2015-05-07 00:10 - 0000059 _____ () C:\Users\Eric York\AppData\Roaming\WB.CFG
2015-05-07 13:10 - 2015-05-07 13:10 - 0000001 _____ () C:\Users\Eric York\AppData\Local\DSI.DAT
2014-12-11 19:33 - 2014-12-11 19:33 - 0007605 _____ () C:\Users\Eric York\AppData\Local\Resmon.ResmonCfg
2015-05-24 15:35 - 2015-05-24 16:02 - 0011760 _____ () C:\Users\Eric York\AppData\Local\Temp-log.txt
2015-03-18 08:01 - 2015-03-18 08:01 - 0000000 _____ () C:\Users\Eric York\AppData\Local\{92E43EF1-04D3-4EE8-A6DE-9EBB2E894B8E}
2014-12-29 14:18 - 2014-12-29 14:18 - 0000000 _____ () C:\Users\Eric York\AppData\Local\{BFC38138-B67E-4E96-A540-B012DB2974B7}
Some files in TEMP:
====================
C:\Users\Eric York\AppData\Local\Temp\1250.exe
C:\Users\Eric York\AppData\Local\Temp\294C.exe
C:\Users\Eric York\AppData\Local\Temp\36D8.exe
C:\Users\Eric York\AppData\Local\Temp\4200.exe
C:\Users\Eric York\AppData\Local\Temp\440.exe
C:\Users\Eric York\AppData\Local\Temp\4818.exe
C:\Users\Eric York\AppData\Local\Temp\4E00.exe
C:\Users\Eric York\AppData\Local\Temp\54F4.exe
C:\Users\Eric York\AppData\Local\Temp\54F8.exe
C:\Users\Eric York\AppData\Local\Temp\5C38.exe
C:\Users\Eric York\AppData\Local\Temp\6240.exe
C:\Users\Eric York\AppData\Local\Temp\62D0.exe
C:\Users\Eric York\AppData\Local\Temp\66D8.exe
C:\Users\Eric York\AppData\Local\Temp\6830.exe
C:\Users\Eric York\AppData\Local\Temp\6B40.exe
C:\Users\Eric York\AppData\Local\Temp\7010.exe
C:\Users\Eric York\AppData\Local\Temp\7980.exe
C:\Users\Eric York\AppData\Local\Temp\87B8.exe
C:\Users\Eric York\AppData\Local\Temp\8820.exe
C:\Users\Eric York\AppData\Local\Temp\8DA8.exe
C:\Users\Eric York\AppData\Local\Temp\8EC8.exe
C:\Users\Eric York\AppData\Local\Temp\8F18.exe
C:\Users\Eric York\AppData\Local\Temp\90A0.exe
C:\Users\Eric York\AppData\Local\Temp\9260.exe
C:\Users\Eric York\AppData\Local\Temp\9410.exe
C:\Users\Eric York\AppData\Local\Temp\9B60.exe
C:\Users\Eric York\AppData\Local\Temp\9EB0.exe
C:\Users\Eric York\AppData\Local\Temp\B360.exe
C:\Users\Eric York\AppData\Local\Temp\B6DC.exe
C:\Users\Eric York\AppData\Local\Temp\BB00.exe
C:\Users\Eric York\AppData\Local\Temp\C640.exe
C:\Users\Eric York\AppData\Local\Temp\D530.exe
C:\Users\Eric York\AppData\Local\Temp\DB70.exe
C:\Users\Eric York\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\Eric York\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\Eric York\AppData\Local\Temp\DRHelper_uninstallComplete.exe
C:\Users\Eric York\AppData\Local\Temp\E3A8.exe
C:\Users\Eric York\AppData\Local\Temp\E670.exe
C:\Users\Eric York\AppData\Local\Temp\EAFC.exe
C:\Users\Eric York\AppData\Local\Temp\F158.exe
C:\Users\Eric York\AppData\Local\Temp\F4E0.exe
C:\Users\Eric York\AppData\Local\Temp\F5E8.exe
C:\Users\Eric York\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Eric York\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Eric York\AppData\Local\Temp\nvStInst.exe
C:\Users\Eric York\AppData\Local\Temp\optprosetup.exe
C:\Users\Eric York\AppData\Local\Temp\setacl.exe
C:\Users\Eric York\AppData\Local\Temp\SpOrder.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-24 09:31
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 01
Ran by Eric York at 2015-05-24 22:57:28
Running from C:\Users\Eric York\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2877554017-1696531486-103451963-500 - Administrator - Disabled)
Eric York (S-1-5-21-2877554017-1696531486-103451963-1000 - Administrator - Enabled) => C:\Users\Eric York
Guest (S-1-5-21-2877554017-1696531486-103451963-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2877554017-1696531486-103451963-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version: - )
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2877554017-1696531486-103451963-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AllCheapPRiCe (HKLM-x32\...\{5A1D3F9E-73B5-95EC-1233-6646E1358965}) (Version: - "") <==== ATTENTION
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
BitTorrent (HKU\S-1-5-21-2877554017-1696531486-103451963-1000\...\BitTorrent) (Version: 7.9.3.40101 - BitTorrent Inc.)
ccc-core-static (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Download EasyMP Monitor version 1.0 (HKLM-x32\...\UsersGuideDownload EasyMP Monitor_is1) (Version: 1.0 - )
EverQuest (HKU\S-1-5-21-2877554017-1696531486-103451963-1000\...\soe-EverQuest) (Version: 1.0.3.183 - Sony Online Entertainment)
ExstrACCoupOn (HKLM-x32\...\{98449C67-C7AF-BB53-112D-26C916814611}) (Version: - "") <==== ATTENTION
EZDownloader (HKLM-x32\...\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1) (Version: 1.0 - EZDownloader) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HydraVision (x32 Version: 4.2.234.0 - Advanced Micro Devices, Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IsaveuR (HKLM-x32\...\{F1422DAA-0829-09A1-7536-73936CAB8FFA}) (Version: - "") <==== ATTENTION
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OptiShot (HKLM-x32\...\OptiShot) (Version: 2.5.0.3080 - Dancin' Dogg Golf)
OptiShot2 (HKLM-x32\...\OptiShot2) (Version: 3.0.0.3156 - OptiShot Golf)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Station Launcher (HKLM-x32\...\{49668BEE-D721-449C-82D3-C7561945F706}) (Version: 1.01.9000 - Sony Online Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechWarrior (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{b37c34bf}) (Version: - TechWarrior) <==== ATTENTION
The Elder Scrolls Online (HKLM-x32\...\Steam App 306130) (Version: - Zenimax Online Studios)
The Lord of the Rings Online™ (HKLM-x32\...\Steam App 212500) (Version: - Turbine, Inc.)
Translate This (HKLM-x32\...\{45606A90-3363-3A3B-1C15-C40E77F4DAA0}) (Version: - "") <==== ATTENTION
UpdateAdmin (HKLM-x32\...\{07B4B423-E4DA-47D1-8327-B589EB4BEB58}) (Version: 2.0.1885 - DownloadAdmin) <==== ATTENTION!
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
18-05-2015 03:01:42 Windows Update
24-05-2015 10:58:14 Restore Operation
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B88B76E-CAFB-429B-BBFB-50504C667B7C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {13AE7611-8CC6-4645-AB9A-2D29285BC2E1} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {1647ABED-8DD3-4F08-A410-32DEFE72B2AB} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {4FFFCA50-C8CD-4958-B2F8-ABEB08786166} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-11] (Google Inc.)
Task: {59A5EBF8-BB18-4D85-8390-1F36815AB1B4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {8FDCD82E-0014-419F-A625-352EA3C90554} - System32\Tasks\Nuilijoaruto => C:\ProgramData\Nuilijoaruto\1.0.1.0\ufxnoaep.exe [2015-05-24] ()
Task: {A3ECFAA8-9348-4CB1-AABE-C3141D4D8791} - System32\Tasks\{04FD7150-DC96-4785-AD94-1BACE06A655E} => C:\Users\Public\Sony Online Entertainment\Installed Games\EverQuest\LaunchPad.exe [2013-03-04] (Sony Online Entertainment)
Task: {ADD713BA-D9F1-47E9-9D7A-ED360679E515} - System32\Tasks\{43ABFCDF-4A53-451C-B44C-05EE154A6A98} => Chrome.exe
Task: {BF011C96-1E14-4D03-9DA4-B6869984B0BA} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {C1591969-FF3C-4E5E-B1C7-7749E60EF4D4} - System32\Tasks\{49D61FB6-47AE-4E2C-99AF-646F5D49E052} => Chrome.exe
Task: {C432F44D-3F15-4AC5-B116-9B17192B9E79} - System32\Tasks\{30414C1D-A7B5-4977-B2F6-E4EC87D9F35D} => pcalua.exe -a "C:\Program Files (x86)\SalEPPlus\jd5meOoimmVPBI.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {CA695F23-CE16-491A-AB24-4AB3870F0318} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-11] (Google Inc.)
Task: {D12F610A-8506-40EE-A64A-43623D229821} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro 3.89\OptProLauncher.exe <==== ATTENTION
Task: {E19C6E9B-55D3-432C-AE2D-CFE2ABFC0561} - System32\Tasks\{ADFAB84C-ADC3-4C25-B054-131242659405} => pcalua.exe -a "C:\Program Files (x86)\ActiveCoupon\ActiveCoupon.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {EBC7DD46-39F1-4EBB-83C2-0A1F1906B33A} - System32\Tasks\UpdateAdmin => C:\Users\Eric York\AppData\Local\UpdateAdmin\UpdateAdmin.exe [2014-10-16] (DownloadAdmin) <==== ATTENTION
Task: {F2452B38-9EFF-483D-AF5A-AAD2D91613FE} - System32\Tasks\{D47AEDBC-1A98-4E5F-B74E-85A28B20B135} => pcalua.exe -a "C:\Users\Eric York\Downloads\dxwebsetup-feb2010.exe" -d "C:\Users\Eric York\Downloads"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-01-13 12:47 - 2015-01-09 19:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-24 11:13 - 2015-05-24 11:13 - 00159232 _____ () C:\ProgramData\Nuilijoaruto\1.0.1.0\ufxnoaep.exe
2014-04-13 21:16 - 2014-04-13 21:16 - 00374272 _____ () C:\ProgramData\{a69497bb-3c58-16c2-a694-497bb3c55eec}\Paddington 2014 MKV 1080p DD5.1 NedSubs TBS.exe
2015-04-23 19:01 - 2015-04-23 19:01 - 01623552 _____ () c:\Program Files (x86)\SystemUp\SystemUp.dll
2015-01-13 12:58 - 2015-04-16 13:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 21:28 - 2015-04-22 22:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-19 21:28 - 2015-04-22 22:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 21:28 - 2015-04-22 22:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-01-13 12:58 - 2015-05-14 21:58 - 02396352 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-13 12:58 - 2014-12-01 17:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-01-13 12:58 - 2014-12-01 17:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-01-13 12:58 - 2014-12-01 17:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-01-13 12:58 - 2014-12-01 17:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-01-13 12:58 - 2014-12-01 17:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-13 12:58 - 2015-05-14 21:57 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-05-05 22:11 - 2015-05-05 22:11 - 01750568 _____ () c:\Program Files (x86)\Optimizer Pro 3.89\OptProMon.dll
2015-01-13 12:58 - 2015-05-11 15:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-24 16:17 - 2015-05-13 12:48 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\libglesv2.dll
2015-05-24 16:17 - 2015-05-13 12:48 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\libegl.dll
2015-05-24 16:17 - 2015-05-13 12:48 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\myradioplayer => ""="service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2877554017-1696531486-103451963-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Eric York\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER Error getting ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EFDFB4D3-C3DB-46E2-9101-78A20CA306A9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DAA160D8-475D-4940-A743-1BEF68CCF764}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E6A2559E-6551-4B40-90E1-F65E8F19A41C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6463EA33-9E6D-41E4-8799-A935FE157B31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{53F81A62-C1DE-45FD-86F0-2174C8DCFC32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{565BFC19-CED8-488E-A5EA-D0D971580E8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{38FB7698-C4C6-4D3D-8F5E-7A5AFAE0F46C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6F9D1456-214D-4020-9BC0-2637DD38A2F9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DE0B4A65-53EB-4E5B-90B4-F27FC8B5FC9D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{633D9ECE-4929-43E9-99D3-18E59F4DDECB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{4D200715-2589-49E8-8693-C4C538278AA4}C:\users\public\sony online entertainment\installed games\everquest\eqvoiceservice.exe] => (Allow) C:\users\public\sony online entertainment\installed games\everquest\eqvoiceservice.exe
FirewallRules: [UDP Query User{EC4FC64C-EAD2-4AB5-96FE-6476C3F5017D}C:\users\public\sony online entertainment\installed games\everquest\eqvoiceservice.exe] => (Allow) C:\users\public\sony online entertainment\installed games\everquest\eqvoiceservice.exe
FirewallRules: [{D4239777-4184-40A3-B509-72D358F2A73F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{9BAC1A68-8CF4-476A-9A49-AA2B8AFF3825}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{ADC8279A-7197-4BA9-9558-D992E2689D7F}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{769BB0AD-EF06-4A1E-8CBD-6644ADCE22A2}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{DA6D3C99-2CEC-43DE-AF90-F6CEF10C8419}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lord of the Rings Online\TurbineInvoker.exe
FirewallRules: [{13016CC7-F876-4DFB-913B-8D5B813897F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lord of the Rings Online\TurbineInvoker.exe
FirewallRules: [{97533AAB-2CC9-4686-8AE4-566897234B19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\zosSteamStarter.exe
FirewallRules: [{0392A2F7-8A0D-44F2-86EE-95CD4EF79D3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\zosSteamStarter.exe
FirewallRules: [TCP Query User{EB8877C5-6F60-4191-8C7E-0D1295A0A76C}C:\program files (x86)\steam\steamapps\common\zenimax online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\zenimax online\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{4B41C694-138C-4D39-84D2-790635C88157}C:\program files (x86)\steam\steamapps\common\zenimax online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\zenimax online\launcher\bethesda.net_launcher.exe
FirewallRules: [TCP Query User{FE50A01D-9DD4-4BD2-AFB7-077FE4043635}C:\users\eric york\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\eric york\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{64919891-FD54-4E0A-852F-9EEBFAAE4F8B}C:\users\eric york\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\eric york\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{3CDFCBBA-640D-4BD0-8FE5-60DF80A06F90}C:\users\eric york\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\eric york\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{92CD3461-D17A-467C-9CB0-67ADE4C15A1A}C:\users\eric york\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\eric york\appdata\local\akamai\netsession_win.exe
FirewallRules: [{6A69A231-7396-4B63-B31E-475DA6F36B38}] => (Allow) C:\Users\Eric York\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B3264FFE-2C7E-4D2A-8838-DA4A023D9182}] => (Allow) C:\Users\Eric York\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{5929866B-BE12-4D61-9659-3132522E369F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/24/2015 10:13:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (05/24/2015 10:02:36 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\2ee3e40c-5bcb-4fbf-ba35-3456b4e647b6.dmp
Error: (05/24/2015 08:53:26 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\b56ae9d0-908e-421f-861c-b95f8d671c84.dmp
Error: (05/24/2015 08:24:04 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\95537046-0173-40ed-bec1-bda47cd50611.dmp
Error: (05/24/2015 07:48:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/24/2015 06:38:45 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\ec403056-58b3-449d-9611-7b5ba841749b.dmp
Error: (05/24/2015 06:20:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 7bc
Start Time: 01d0965cf45c6ef3
Termination Time: 81
Application Path: C:\Windows\Explorer.EXE
Report Id: 1104e309-0263-11e5-b2d4-d4856411a8ff
Error: (05/24/2015 05:16:08 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\cb1f8716-9917-4f60-b5e3-202dfce134b9.dmp
Error: (05/24/2015 05:08:56 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\6ba32646-4a6c-43b0-ac3e-e53cbdded12f.dmp
Error: (05/24/2015 04:48:51 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\6c66df14-2968-42bf-b07f-a3ac1e51dea6.dmp
System errors:
=============
Error: (05/24/2015 06:07:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AE479D24-AF59-4DEB-9D8B-D1E7DFA2C6A6}
Error: (05/24/2015 06:07:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VOTPrx service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 200 milliseconds: Restart the service.
Error: (05/24/2015 03:36:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The rHxYgxoLfON service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/24/2015 02:26:33 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:24:48 PM on 5/24/2015 was unexpected.
Error: (05/24/2015 01:14:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053
Error: (05/24/2015 01:14:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (05/24/2015 01:11:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:06:05 PM on 5/24/2015 was unexpected.
Error: (05/24/2015 11:10:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053
Error: (05/24/2015 11:10:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
Error: (05/24/2015 10:59:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The VOTPrx service terminated unexpectedly. It has done this 316 time(s).
Microsoft Office:
=========================
Error: (05/24/2015 10:13:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"c:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
Error: (05/24/2015 10:02:36 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\2ee3e40c-5bcb-4fbf-ba35-3456b4e647b6.dmp
Error: (05/24/2015 08:53:26 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\b56ae9d0-908e-421f-861c-b95f8d671c84.dmp
Error: (05/24/2015 08:24:04 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\95537046-0173-40ed-bec1-bda47cd50611.dmp
Error: (05/24/2015 07:48:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/24/2015 06:38:45 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\ec403056-58b3-449d-9611-7b5ba841749b.dmp
Error: (05/24/2015 06:20:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.175677bc01d0965cf45c6ef381C:\Windows\Explorer.EXE1104e309-0263-11e5-b2d4-d4856411a8ff
Error: (05/24/2015 05:16:08 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\cb1f8716-9917-4f60-b5e3-202dfce134b9.dmp
Error: (05/24/2015 05:08:56 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\6ba32646-4a6c-43b0-ac3e-e53cbdded12f.dmp
Error: (05/24/2015 04:48:51 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=053408FD421846B5A4D2F06C075A058C;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\6c66df14-2968-42bf-b07f-a3ac1e51dea6.dmp
CodeIntegrity Errors:
===================================
Date: 2015-01-11 11:42:53.899
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-11 11:42:53.837
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-11 11:39:49.568
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-11 11:39:49.490
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-11 11:34:29.461
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-11 11:34:29.398
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-12 09:16:08.342
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-12 09:16:08.280
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-12 08:56:42.110
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-12 08:56:42.048
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Athlon™ II X2 255 Processor
Percentage of memory in use: 42%
Total physical RAM: 5119.28 MB
Available physical RAM: 2948.52 MB
Total Pagefile: 10236.75 MB
Available Pagefile: 7306.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:1862.92 GB) (Free:1652.38 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 87EAF776)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)
==================== End of log ============================
as they used to say when I was teaching monkey see, monkey do. A demonstration is worth a thousand words 
Sign In
Create Account
