Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015 01
Ran by msingh at 2015-05-28 19:51:47
Running from C:\Users\msingh\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-814935137-3960788824-2020595886-500 - Administrator - Disabled)
Guest (S-1-5-21-814935137-3960788824-2020595886-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-814935137-3960788824-2020595886-1005 - Limited - Enabled)
msingh (S-1-5-21-814935137-3960788824-2020595886-1001 - Administrator - Enabled) => C:\Users\msingh
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Block N Load (HKLM-x32\...\Steam App 299360) (Version: - Jagex)
Bloggie Software (HKLM-x32\...\BloggieSoftware) (Version: 3.3.1.73 - Sony)
Bloggie Software (x32 Version: 3.3.1.73 - Sony Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.1 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.1 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{C0C47F85-F48F-4709-9150-3FA62FA2DEAF}) (Version: 2.6.1000.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.3.13.5 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DSC/AA Factory Installer (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden
Flvto YouTube Downloader (HKLM-x32\...\Flvto YouTube Downloader) (Version: 0.6.7 - Hotger)
FMS (HKLM-x32\...\FMS) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth (HKLM-x32\...\{1A295C25-6E02-49FB-826B-F0D2C56FFA4E}) (Version: 7.1.4.1529 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iExplorer 3.6.9.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6261.27 - PC-Doctor, Inc.)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Predator (HKLM-x32\...\{017B444A-4C86-43AC-A9A8-D3C99143E073}) (Version: 3 - Predator-Usb)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6927 - Realtek Semiconductor Corp.)
ROBLOX Player for msingh (HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Studio for msingh (HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - Keen Software House)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Unity Web Player (HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Vovoid VSXu 0.5.0 (HKLM-x32\...\VSXu 0.5.0) (Version: 0.5.0 - Vovoid Media Technologies AB)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-814935137-3960788824-2020595886-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\msingh\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-814935137-3960788824-2020595886-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\msingh\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-814935137-3960788824-2020595886-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\msingh\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-814935137-3960788824-2020595886-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\msingh\AppData\Local\Roblox\Versions\version-482ae366f82d4d7c\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-814935137-3960788824-2020595886-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\msingh\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-814935137-3960788824-2020595886-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\msingh\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-814935137-3960788824-2020595886-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\msingh\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
16-05-2015 19:04:57 Removed Ji_Ga_Zo
22-05-2015 20:41:38 Windows Update
26-05-2015 18:45:13 Windows Backup
27-05-2015 19:29:14 Restore Point Created by FRST
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04697E68-1434-4621-A505-E17C8C8BE11D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {15822A82-BA76-4861-85A5-4828920E698E} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {2042DC01-A2E2-40BD-A9DC-FC5EB5528E10} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-02] (CyberLink Corp.)
Task: {3ED59CBC-C834-4D04-843B-26D1BD155F81} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-23] (Microsoft Corporation)
Task: {3F056410-9CA3-4C9A-B114-D61D5FAB2344} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-814935137-3960788824-2020595886-1001UA => C:\Users\msingh\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {58B13CCF-D30D-4DE2-B635-00E9AEF9655E} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {60EE4C2C-2572-4478-AAD8-18825985BAA5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {652009CD-07EB-4517-9CE2-2C9E1C508E6D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {6BDE436D-9F4B-4CBE-BA02-8ED7D5C4434C} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {6C00C75C-1FD0-48BD-9452-568F2670EA94} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {783F0C23-AFC1-48AD-8DEE-A4E9777487AE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {8641F42D-7D9E-45C2-8C02-4072AB45C705} - System32\Tasks\{1C2FE9C9-ACEC-4D47-AC62-C2367C22CA4F} => pcalua.exe -a C:\Users\msingh\Downloads\FMS\fms2alpha85.exe -d C:\Users\msingh\Downloads\FMS
Task: {A1ABA4E2-18E1-420D-A793-F33CAA96980C} - \PCDoctorBackgroundMonitorTask No Task File <==== ATTENTION
Task: {A943BFF0-67B2-4C73-A273-4B23ADEA2B03} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {A94BF97C-A5B3-4B0E-910E-D845D2A785A6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-18] (Microsoft Corporation)
Task: {AE24E647-F4B2-4222-95B4-4C681B6CE6D9} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-05] (Synaptics Incorporated)
Task: {C65A8DEE-AD1D-44C4-9801-E5408115AD96} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-02] (CyberLink)
Task: {CFEF160A-B3D6-4FBF-966B-BF4A53BE4188} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-814935137-3960788824-2020595886-1001Core => C:\Users\msingh\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {D41691DE-5A3E-43D8-9140-CEFBCBC77495} - \PCDEventLauncherTask No Task File <==== ATTENTION
Task: {D49B6050-1E54-45D1-83F0-4D939EA5673D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {D9A65C48-7A97-4BD0-917D-AC3C229A5A0A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-18] (Microsoft Corporation)
Task: {F2D4D2E9-CE7C-4309-A678-E118CCA6B8EC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-814935137-3960788824-2020595886-1001Core.job => C:\Users\msingh\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-814935137-3960788824-2020595886-1001UA.job => C:\Users\msingh\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (Whitelisted) ==============
2015-03-14 13:40 - 2015-01-27 08:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-19 21:12 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-13 23:45 - 2014-01-13 23:45 - 00012728 _____ () C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.315_x64__8wekyb3d8bbwe\Microsoft.PerfTrack.winmd
2015-01-26 20:04 - 2015-01-26 20:04 - 00347136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\94e2bc13589233f9d2cc54292717b8cf\Windows.Globalization.ni.dll
2015-01-26 20:04 - 2015-01-26 20:04 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll
2015-01-26 20:04 - 2015-01-26 20:04 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\a4efa88b742703220e527956d8ab4e84\Windows.System.ni.dll
2015-01-26 20:04 - 2015-01-26 20:04 - 01278464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\f9ac074d298db459c5eff6d3256861c8\Windows.Storage.ni.dll
2015-01-26 20:04 - 2015-01-26 20:04 - 01782784 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\3f4dc590466037f015f65bc07d1ea923\Windows.ApplicationModel.ni.dll
2015-05-07 19:48 - 2015-05-07 19:48 - 00143888 _____ () C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.315_x64__8wekyb3d8bbwe\HNF.Utilities.winmd
2014-03-02 18:18 - 2014-03-02 18:19 - 00551440 _____ () C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.315_x64__8wekyb3d8bbwe\SqliteWrapper.dll
2014-01-13 23:45 - 2014-01-13 23:45 - 00660920 _____ () C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.315_x64__8wekyb3d8bbwe\Sqlite3.dll
2015-01-26 20:04 - 2015-01-26 20:04 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\4bd80968bf666252841ca7792faaff11\Windows.UI.ni.dll
2015-05-07 19:48 - 2015-05-07 19:48 - 00280064 _____ () C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.315_x64__8wekyb3d8bbwe\Microsoft.Bing.AppEx.Telemetry.winmd
2015-01-26 20:04 - 2015-01-26 20:04 - 00632320 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Security\c7f6d022c5d5aec4891cb6b3b9934336\Windows.Security.ni.dll
2014-03-02 18:18 - 2014-03-02 18:19 - 00016912 _____ () C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.315_x64__8wekyb3d8bbwe\SqliteWrapper.winmd
2015-01-26 20:04 - 2015-01-26 20:04 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f0dd293f95c402613c49fb2fac85bdd\Windows.Networking.ni.dll
2015-02-25 17:22 - 2015-02-25 17:22 - 01383936 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Web\b9985906d4d9f96e8c8047c4657a1388\Windows.Web.ni.dll
2015-01-26 20:04 - 2015-01-26 20:04 - 00467456 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\ea818a24554fc2db9a73de1e79afb286\Windows.Graphics.ni.dll
2015-01-26 20:04 - 2015-01-26 20:04 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\fae2b750f87849ca11806d20b2504bf2\Windows.Data.ni.dll
2015-05-07 19:48 - 2015-05-07 19:48 - 00322576 _____ () C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.315_x64__8wekyb3d8bbwe\AppEx.HealthAndFitnessApp.DataStoreManager.DLL
2015-05-07 19:48 - 2015-05-07 19:48 - 00033296 _____ () C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.315_x64__8wekyb3d8bbwe\Microsoft.Practices.Mobile.DLL
2015-05-07 19:48 - 2015-05-07 19:48 - 00264720 _____ () C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.315_x64__8wekyb3d8bbwe\Platform.UserDataStoreClient.DLL
2015-05-07 19:48 - 2015-05-07 19:48 - 00056848 _____ () C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.315_x64__8wekyb3d8bbwe\Appex.HealthAndFitnessApp.DataStoreModel.DLL
2015-05-07 19:48 - 2015-05-07 19:48 - 00027664 _____ () C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.315_x64__8wekyb3d8bbwe\Platform.UserDataStoreModel.DLL
2015-01-26 20:04 - 2015-01-26 20:04 - 02019840 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Devices\0b4b3f23bdebd1d056b32b31e2f746bb\Windows.Devices.ni.dll
2013-06-17 09:35 - 2013-06-17 09:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2013-05-08 11:52 - 2013-05-08 11:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2015-05-14 18:26 - 2015-05-14 18:26 - 00960000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\6c2169e34bfb3814fa44f267572335f6\Windows.UI.ni.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\msingh\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tammgF119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tammgR119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tammgF119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tammgR119.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-814935137-3960788824-2020595886-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Theme1\img6.jpg
DNS Servers: 192.168.1.1 - 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Cifliaejgi => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: DellDigitalDelivery => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel® Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SftService => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: ZAtheros Wlan Agent => 2
HKLM\...\StartupApproved\StartupFolder: => "Bloggie Watcher Utility.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\StartupApproved\StartupFolder: => "Bloggie Watcher Utility.lnk"
HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\StartupApproved\StartupFolder: => "archimedes-ships-1-6-4 (1).lnk"
HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\StartupApproved\StartupFolder: => "archimedes-ships-1-6-4.lnk"
HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\StartupApproved\Run: => "AppleIEDAV"
HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\StartupApproved\Run: => "Flvto Youtube Downloader"
HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-814935137-3960788824-2020595886-1001\...\StartupApproved\Run: => "Window Hide Tool"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B1AEDFFD-EF10-4B42-A867-7FD5E1654349}] => (Allow) C:\Users\msingh\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{ADE91327-AE6A-4EFF-82F2-6A887F20AB27}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{B9315DFC-4F7B-4B6B-A0B3-744411BE6080}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{BF765730-5CE8-4134-9215-F0B88A218363}] => (Allow) LPort=1900
FirewallRules: [{63657DF8-30FD-4045-940E-A55059334063}] => (Allow) LPort=2869
FirewallRules: [{49245A28-C149-4BD8-8CCC-CE2F06E0FB4D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{42903FFD-F5DB-4070-8A8D-97597FFDD49F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{73D94D51-A362-4EA0-BB01-C5C7871310C6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{5B36D55B-038D-4CA5-8901-82318BF8A073}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{CEBA69AA-193E-4B0A-AF37-7642BF0B8F87}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6E2F2A52-F0C1-4764-8085-0760647486AA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BD68416E-06F4-4844-A829-07A161ECF6B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2 Demo\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C6AE1991-79D0-4A27-A2AF-17811FD0DD1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2 Demo\bin\win_x86\eurotrucks2.exe
FirewallRules: [{B18C5AF4-B569-4E9D-831A-D771847FA5B6}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{75C04C89-960B-45BB-9BE9-9232EF6E549D}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{A797E3DD-9913-4606-9196-57FF1BA2D763}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{100260BE-6CDE-4070-8FEA-BCEA9FD374BD}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{BA1F0C57-F37A-4EFB-A9F1-A83E8F11F5A0}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{92BC0707-F06A-4E4F-971E-DF7E30447CE1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{69D75E92-CF56-4A00-85E3-B2265880A8AC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{541F4F80-096A-4DC7-A5AC-D78FE5F33940}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3D5D3870-17C2-4AC2-A654-1693FA338C33}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{290E1C08-01E8-4209-AA3A-B243F7B3CB9D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C35E6038-BC16-4AF8-9037-B72F497C3636}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A5387EC1-BAD4-4799-B958-FE2C4C46F61B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{48969441-7CD1-4AFF-8D1F-934843778314}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{303808D2-7887-4738-962A-F47D18BE9F50}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [TCP Query User{F1FFF5D7-A9A9-4F20-A713-72E5C93A8A3E}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{7AFA88EB-4369-4799-86BD-DD602E619A04}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{2095777F-32CA-426C-853B-5735116C13C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{AD5D2B99-1013-4F08-8E04-4AC0B4C26947}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{43A93CD5-9E8F-4955-8AEB-CB0C3E7259AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{E4F472CA-E3EB-48D3-B0EE-B2CA9F790FE4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{EF820659-9275-4690-8D63-FA3FC089B67F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dizzel\Dizzel.exe
FirewallRules: [{A0D67918-BA45-4033-9178-10B257FE469F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dizzel\Dizzel.exe
FirewallRules: [TCP Query User{389D619A-D1E2-42A6-9C7A-A713835E9D19}C:\users\msingh\desktop\kodi\kodi.exe] => (Allow) C:\users\msingh\desktop\kodi\kodi.exe
FirewallRules: [UDP Query User{BDC23E07-5061-43F1-8634-34E67D62EB87}C:\users\msingh\desktop\kodi\kodi.exe] => (Allow) C:\users\msingh\desktop\kodi\kodi.exe
FirewallRules: [TCP Query User{0551EC1B-6990-45A8-A32F-A3A798B5D571}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{121F8948-A2BF-413D-92EE-B8DEB755D4A1}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{826F9FF0-024B-4E10-AE2D-5C27BFA16D81}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{A07C2A66-751F-4A71-AD67-B51645790FC5}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{22B896D0-1148-46F1-A086-E0088B169E96}C:\program files (x86)\ffsplit\ffsplit.exe] => (Allow) C:\program files (x86)\ffsplit\ffsplit.exe
FirewallRules: [UDP Query User{72785844-481F-470E-913D-7956D673D34C}C:\program files (x86)\ffsplit\ffsplit.exe] => (Allow) C:\program files (x86)\ffsplit\ffsplit.exe
FirewallRules: [TCP Query User{527935E6-2E84-41D1-999A-2FA43A15808C}C:\users\msingh\downloads\sahaj\world_of_tanks\wotlauncher.exe] => (Block) C:\users\msingh\downloads\sahaj\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{301E4999-9CF1-4DA8-B85E-76962ECD0F67}C:\users\msingh\downloads\sahaj\world_of_tanks\wotlauncher.exe] => (Block) C:\users\msingh\downloads\sahaj\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{22747CD7-2A64-4E31-8D48-82B641B95773}C:\users\msingh\downloads\sahaj\world_of_tanks\worldoftanks.exe] => (Allow) C:\users\msingh\downloads\sahaj\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{ECEAA333-B6D8-46CA-8DA6-AE9A69D31768}C:\users\msingh\downloads\sahaj\world_of_tanks\worldoftanks.exe] => (Allow) C:\users\msingh\downloads\sahaj\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{8706CB4E-72F5-4FBA-9148-FAE5F6B4FAEB}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8080160C-472A-4152-B6E6-5B7DDE383C2E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{056ABB18-2EE9-4446-88E4-1C39A83932D5}] => (Allow) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe
FirewallRules: [{E76191AC-CD52-42DD-BA10-082AEFD9334C}] => (Allow) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe
FirewallRules: [{0D889415-5D66-4061-A2F1-32CD722B6A70}] => (Allow) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe
FirewallRules: [{B8654F89-0431-4165-8113-81ECFE770CBC}] => (Allow) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe
FirewallRules: [{1B8B5C47-D2D7-458D-9C77-23FDE162A03C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{FA551CF9-0EDF-4E60-910A-0C89D7BC260B}] => (Allow) C:\Users\msingh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{78CB0F21-C711-4022-A6EA-F220AFC2666B}] => (Allow) C:\Users\msingh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{38A6EA0B-ABD0-4CA3-95F9-6DB27029AC4D}C:\program files (x86)\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{9034D7A2-4BC9-4F51-AC8F-7B088D0033E3}C:\program files (x86)\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\java.exe
FirewallRules: [TCP Query User{071948A1-ADC3-49C8-A70C-3F55E97D9E15}C:\users\msingh\downloads\sahaj\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\msingh\downloads\sahaj\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{B24264E2-3F99-471B-AD4E-ED8B735CF08D}C:\users\msingh\downloads\sahaj\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\msingh\downloads\sahaj\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A97543E4-17B7-4E0A-9532-EDA24D4F2D3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{ABBD2C04-1315-4885-BBCC-9769951B8694}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [TCP Query User{6270F254-0334-449C-9546-2D2D67B2C181}C:\users\msingh\downloads\sahaj\mcpe server\pocketmine-mp\bin\php\php.exe] => (Allow) C:\users\msingh\downloads\sahaj\mcpe server\pocketmine-mp\bin\php\php.exe
FirewallRules: [UDP Query User{7C9F9F54-0BDF-4DB8-BB3A-6CC8EEE1E175}C:\users\msingh\downloads\sahaj\mcpe server\pocketmine-mp\bin\php\php.exe] => (Allow) C:\users\msingh\downloads\sahaj\mcpe server\pocketmine-mp\bin\php\php.exe
FirewallRules: [TCP Query User{33B38B44-3FA0-4B1B-AA19-76C0C53553E1}C:\users\msingh\downloads\sahaj\pocketmine-mp\bin\php\php.exe] => (Allow) C:\users\msingh\downloads\sahaj\pocketmine-mp\bin\php\php.exe
FirewallRules: [UDP Query User{BD7DC619-7DDB-4EDF-8C35-DDD652CA9786}C:\users\msingh\downloads\sahaj\pocketmine-mp\bin\php\php.exe] => (Allow) C:\users\msingh\downloads\sahaj\pocketmine-mp\bin\php\php.exe
FirewallRules: [{2F02D50B-B5E3-46F8-9867-2901F033BD84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{4D8B1DD6-D67F-4DE0-A577-1308A933B97B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{4A91C558-652D-48C0-89B0-F5F30E3E97F8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/28/2015 05:24:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17416, time stamp: 0x5452eed9
Faulting module name: igd10iumd32.dll, version: 10.18.10.3379, time stamp: 0x52b20a9b
Exception code: 0xc0000005
Fault offset: 0x0003c007
Faulting process id: 0x3acc
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
Error: (05/28/2015 05:21:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2694
Start Time: 01d099a4a8e87120
Termination Time: 4294967295
Application Path: C:\WINDOWS\syswow64\wwahost.exe
Report Id: 9d88f20d-0598-11e5-bedd-74867a3d23a5
Faulting package full name: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (05/28/2015 03:32:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2c4
Start Time: 01d09996127a4b3e
Termination Time: 4294967295
Application Path: C:\WINDOWS\system32\wwahost.exe
Report Id: 5aca0afc-0589-11e5-bedb-74867a3d23a5
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe
Faulting package-relative application ID: Microsoft.WindowsLive.Mail
Error: (05/28/2015 03:32:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINGH)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/28/2015 03:31:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: SINGH)
Description: App microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe+Microsoft.WindowsLive.Mail did not launch within its allotted time.
Error: (05/27/2015 08:34:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mbam.exe version 1.0.2.929 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 11d4
Start Time: 01d098f681a4dc04
Termination Time: 15
Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
Report Id: 5ed95d9a-04ea-11e5-bedb-74867a3d23a5
Faulting package full name:
Faulting package-relative application ID:
Error: (05/27/2015 07:29:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service vemifotj since QueryServiceConfig API failed
System Error:
Access is denied.
.
Error: (05/27/2015 07:29:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service luonilhkog since QueryServiceConfig API failed
System Error:
Access is denied.
.
Error: (05/27/2015 07:29:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary tammgR119 service.
System Error:
Access is denied.
.
Error: (05/27/2015 07:29:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary tammgF119 service.
System Error:
Access is denied.
.
System errors:
=============
Error: (05/28/2015 05:30:05 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 47.
Error: (05/28/2015 04:15:04 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 47.
Error: (05/28/2015 04:15:04 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 47.
Error: (05/28/2015 04:09:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 47.
Error: (05/28/2015 04:09:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 47.
Error: (05/28/2015 03:51:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (05/28/2015 03:51:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office ClickToRun Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (05/28/2015 03:51:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (05/28/2015 03:44:34 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056
Error: (05/28/2015 03:44:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Microsoft Office:
=========================
Error: (05/28/2015 05:24:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452eed9igd10iumd32.dll10.18.10.337952b20a9bc00000050003c0073acc01d099a254d0d1e1C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\igd10iumd32.dll1c71177e-0599-11e5-bedd-74867a3d23a5
Error: (05/28/2015 05:21:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17415269401d099a4a8e871204294967295C:\WINDOWS\syswow64\wwahost.exe9d88f20d-0598-11e5-bedd-74867a3d23a5Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp
Error: (05/28/2015 03:32:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.174152c401d09996127a4b3e4294967295C:\WINDOWS\system32\wwahost.exe5aca0afc-0589-11e5-bedb-74867a3d23a5microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail
Error: (05/28/2015 03:32:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINGH)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927142
Error: (05/28/2015 03:31:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: SINGH)
Description: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe+Microsoft.WindowsLive.Mail
Error: (05/27/2015 08:34:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.2.92911d401d098f681a4dc0415C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe5ed95d9a-04ea-11e5-bedb-74867a3d23a5
Error: (05/27/2015 07:29:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service vemifotj since QueryServiceConfig API failed
System Error:
Access is denied.
Error: (05/27/2015 07:29:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service luonilhkog since QueryServiceConfig API failed
System Error:
Access is denied.
Error: (05/27/2015 07:29:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary tammgR119 service.
System Error:
Access is denied.
Error: (05/27/2015 07:29:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary tammgF119 service.
System Error:
Access is denied.
CodeIntegrity Errors:
===================================
Date: 2015-05-15 21:18:39.051
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.
Date: 2015-05-15 21:18:38.973
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.
Date: 2015-05-15 21:18:38.895
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.
Date: 2015-05-15 21:18:38.801
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.
Date: 2015-05-15 21:18:38.723
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.
Date: 2015-05-15 21:18:38.598
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.
Date: 2015-05-15 21:18:38.473
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.
Date: 2015-05-15 21:18:38.285
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.
Date: 2015-05-15 21:18:38.176
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.
Date: 2015-05-15 21:18:38.098
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 33%
Total physical RAM: 7908.96 MB
Available physical RAM: 5278.04 MB
Total Pagefile: 15844.96 MB
Available Pagefile: 13239.99 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.82 GB) (Free:814.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E648430E)
Partition: GPT Partition Type.
==================== End of log ============================