Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My Computer Won't Download


  • Please log in to reply

#1
NibbPower

NibbPower

    New Member

  • Member
  • Pip
  • 1 posts

I tried to download some files on a site called DeviantArt. I tried all my browser, it won't work. So I search up why it won't let me download. I found this website, and told me to try doing the frst. It's just that site, but some other sites that I use occasionally, does not allow to let me upload or download files or save images.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015

Ran by Sally (administrator) on THELAPTOP-HP on 24-07-2015 00:39:22
Running from C:\Users\Sally\Desktop
Loaded Profiles: The Laptop & Sally (Available Profiles: The Laptop & Sally)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
() C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
() C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTHIDMonitor.exe
() C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTHIDMonitor.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\loggingserver.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Don HO [email protected]) C:\Program Files (x86)\Notepad++\notepad++.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Sally\Desktop\FRST64 (1).exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2814760 2011-07-15] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-08-16] (IDT, Inc.)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [42808 2011-06-27] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-09-02] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2563472 2015-07-16] ()
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2584240 2015-05-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-340233962-23204301-678684381-1000\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
HKU\S-1-5-21-340233962-23204301-678684381-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2895552 2015-07-21] (Valve Corporation)
HKU\S-1-5-21-340233962-23204301-678684381-1003\...\Run: [FFF3A74E5272057F3299F1E6625538CCFC9B7837._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-13] (Google Inc.)
HKU\S-1-5-21-340233962-23204301-678684381-1003\...\Run: [GoogleChromeAutoLaunch_36EBDB968D44FC4E424D20215CC93539] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-13] (Google Inc.)
HKU\S-1-5-21-340233962-23204301-678684381-1003\...\Run: [BackgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Sally\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-340233962-23204301-678684381-1003\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-340233962-23204301-678684381-1003\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Startup: C:\Users\Sally\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk [2014-07-14]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\The Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-08-27]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
GroupPolicyUsers\S-1-5-21-340233962-23204301-678684381-1003\User: Group Policy Restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-340233962-23204301-678684381-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...9FA0D603E&SSPV=
HKU\S-1-5-21-340233962-23204301-678684381-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
HKU\S-1-5-21-340233962-23204301-678684381-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg...pr&d=2014-02-2115:32:25&v=18.7.0.147&pid=safeguard&sg=0&sap=hp
HKU\S-1-5-21-340233962-23204301-678684381-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
URLSearchHook: HKLM-x32 - SweetPacks Toolbar - {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Users\Sally\AppData\LocalLow\SweetPacks\prxtbSwe0.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-340233962-23204301-678684381-1000 - SweetPacks Toolbar - {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Users\Sally\AppData\LocalLow\SweetPacks\prxtbSwe0.dll (ClientConnect Ltd.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM -> {CAD05BC4-1EBD-4712-8DE0-80441C9A5060} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {2B8A6F6C-0C4F-4C82-A6BE-43297FC9DE65} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {CAD05BC4-1EBD-4712-8DE0-80441C9A5060} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1000 -> DefaultScope {2B8A6F6C-0C4F-4C82-A6BE-43297FC9DE65} URL = http://search.condui...9FA0D603E&SSPV=
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1000 -> {2B8A6F6C-0C4F-4C82-A6BE-43297FC9DE65} URL = http://search.condui...9FA0D603E&SSPV=
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg....fr&d=2013-08-2919:53:58&v=17.3.0.49&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1000 -> {CAD05BC4-1EBD-4712-8DE0-80441C9A5060} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...pr&d=2014-02-2115:32:25&v=18.7.0.147&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://mysearch.avg....fr&d=2014-02-1115:20:56&v=17.3.1.91&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...pr&d=2014-02-2115:32:25&v=18.7.0.147&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> {ABB9349C-A076-4415-AE20-6E7F288D791F} URL = http://search.condui...2721058732&UM=2
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> {CAD05BC4-1EBD-4712-8DE0-80441C9A5060} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll [2014-08-02] (Oracle Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll [2011-08-26] (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll [2014-08-02] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2015-05-04] (PasswordBox, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-31] (Oracle Corporation)
BHO-x32: SweetPacks Toolbar -> {7e8a1050-cf67-4575-92df-dcc60e7d952d} -> C:\Users\Sally\AppData\LocalLow\SweetPacks\prxtbSwe0.dll [2014-03-26] (ClientConnect Ltd.)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll [2011-08-26] (HP)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.7.0.147\AVG SafeGuard toolbar_toolbar.dll [2015-07-16] (AVG Secure Search)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-31] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.7.0.147\AVG SafeGuard toolbar_toolbar.dll [2015-07-16] (AVG Secure Search)
Toolbar: HKLM-x32 - SweetPacks Toolbar - {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Users\Sally\AppData\LocalLow\SweetPacks\prxtbSwe0.dll [2014-03-26] (ClientConnect Ltd.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-340233962-23204301-678684381-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-340233962-23204301-678684381-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-340233962-23204301-678684381-1000 -> No Name - {7E8A1050-CF67-4575-92DF-DCC60E7D952D} -  No File
Toolbar: HKU\S-1-5-21-340233962-23204301-678684381-1003 -> No Name - {7E8A1050-CF67-4575-92DF-DCC60E7D952D} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-10-12] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.7.0\ViProtocol.dll [2015-07-16] (AVG Secure Search)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75 192.168.1.1
Tcpip\..\Interfaces\{ABA5AD84-99F4-421A-ADAC-8D6449E9854C}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C016C0BF-C11D-4964-8AF1-8408DA4EBA7D}: [DhcpNameServer] 75.75.76.76 75.75.75.75 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\Sally\AppData\Roaming\Mozilla\Firefox\Profiles\zp81lllg.default-1412991426807
FF DefaultSearchEngine: AVG Secure Search
FF SearchEngineOrder.1: default-search.net
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: https://mysearch.avg...pr&d=2014-02-2115:32:25&v=18.7.0.147&pid=safeguard&sg=0&sap=hp
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-08-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-08-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-12] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-05-05] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.7.0\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-10-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2015-01-12] (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2013-08-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-05-05] (Adobe Systems)
FF Plugin HKU\S-1-5-21-340233962-23204301-678684381-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-16] (Apple Inc.)
FF SearchPlugin: C:\Users\Sally\AppData\Roaming\Mozilla\Firefox\Profiles\zp81lllg.default-1412991426807\searchplugins\avg-secure-search.xml [2015-07-16]
FF SearchPlugin: C:\Users\Sally\AppData\Roaming\Mozilla\Firefox\Profiles\zp81lllg.default-1412991426807\searchplugins\default-search.xml [2014-10-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml [2014-10-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2015-07-16]
FF Extension: Adblock Plus - C:\Users\Sally\AppData\Roaming\Mozilla\Firefox\Profiles\zp81lllg.default-1412991426807\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-10]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.7.0.147
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.7.0.147 [2015-07-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-21]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-07-03] <==== ATTENTION
 
Chrome: 
=======
CHR Profile: C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-31]
CHR Extension: (Google Drive) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-30]
CHR Extension: (panda dumpling) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default\Extensions\caaclfkfmcnlppkambfehbfhlekhpenf [2015-06-16]
CHR Extension: (Website Logon) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2014-01-31]
CHR Extension: (AdBlock) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-04]
CHR Extension: (Rocket New Tab) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom [2014-07-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-29]
CHR Extension: (Project Naptha) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default\Extensions\molncoemjfmpgdkbdlbjmhlcgniigdnf [2015-02-14]
CHR Extension: (AVG SafeGuard) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-01-31]
CHR Extension: (Google Wallet) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16]
CHR Extension: (Battlefield Play4Free) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2015-02-09]
CHR Extension: (Gmail) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-31]
CHR Profile: C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-14]
CHR Extension: (Google Docs) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-14]
CHR Extension: (Google Drive) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-14]
CHR Extension: (YouTube) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-14]
CHR Extension: (Google Search) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-14]
CHR Extension: (Website Logon) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2015-01-14]
CHR Extension: (Google Sheets) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-14]
CHR Extension: (Rocket New Tab) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom [2015-01-14]
CHR Extension: (AVG SafeGuard) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-01-14]
CHR Extension: (Google Wallet) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-14]
CHR Extension: (Gmail) - C:\Users\Sally\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-14]
CHR HKLM\...\Chrome\Extension: [ibnjmihbbanannlbobkbmnmckjnmdnom] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-340233962-23204301-678684381-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ibnjmihbbanannlbobkbmnmckjnmdnom] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-340233962-23204301-678684381-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
CHR HKLM-x32\...\Chrome\Extension: [ibnjmihbbanannlbobkbmnmckjnmdnom] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.3.0.49\avg.crx [2014-01-10]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1522664 2015-05-18] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [254016 2014-11-14] (WildTangent)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
R2 ISCTAgent; C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [93696 2011-09-06] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-02-09] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
R2 vToolbarUpdater18.7.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe [1842576 2015-07-16] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [67040 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-27] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253920 2015-05-07] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [220128 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-05-04] (AVG Technologies CZ, s.r.o.)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2011-09-06] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-24 00:39 - 2015-07-24 00:40 - 00050188 _____ C:\Users\Sally\Desktop\FRST.txt
2015-07-24 00:38 - 2015-07-24 00:39 - 00000000 ____D C:\FRST
2015-07-24 00:37 - 2015-07-24 00:37 - 02135552 _____ (Farbar) C:\Users\Sally\Desktop\FRST64 (1).exe
2015-07-23 14:07 - 2015-07-23 14:08 - 00000168 _____ C:\Users\Sally\quote.txt
2015-07-19 12:05 - 2015-07-19 12:08 - 00000000 ____D C:\Users\Sally\AppData\Local\SXMaple
2015-07-19 02:10 - 2015-07-19 02:10 - 00084086 _____ C:\Users\Sally\Downloads\Alchemy.rar
2015-07-19 01:54 - 2015-07-19 02:07 - 2681128626 _____ C:\Users\Sally\Downloads\MapleStorySEA1.50.3.rar
2015-07-18 20:14 - 2015-07-18 20:14 - 00034001 _____ C:\Users\Sally\Desktop\sourcebans.smx
2015-07-18 14:51 - 2015-07-18 14:51 - 00002757 _____ C:\Users\Sally\Downloads\actions4photoshop(3D-generator).zip
2015-07-16 21:19 - 2015-07-16 21:19 - 00000000 ____D C:\Users\Sally\AppData\Roaming\reprisal
2015-07-16 20:57 - 2015-07-16 20:58 - 00000000 ____D C:\Users\Sally\AppData\Roaming\Tera_Awesomium
2015-07-16 19:08 - 2015-07-16 19:08 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-16 19:08 - 2015-07-16 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-16 19:07 - 2015-07-16 19:08 - 00000000 ____D C:\Program Files\iTunes
2015-07-16 19:07 - 2015-07-16 19:07 - 00000000 ____D C:\Program Files\iPod
2015-07-16 19:07 - 2015-07-16 19:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-16 19:03 - 2015-07-16 19:07 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-16 19:03 - 2015-07-16 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-07-16 19:02 - 2015-07-16 19:02 - 00000000 ____D C:\Program Files\Bonjour
2015-07-16 19:02 - 2015-07-16 19:02 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-07-16 18:55 - 2015-07-16 19:07 - 00000000 ____D C:\ProgramData\Apple Computer
2015-07-16 18:55 - 2015-07-16 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-16 18:55 - 2015-07-16 18:55 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-14 12:07 - 2015-07-14 12:07 - 00000000 ____D C:\Users\Sally\AppData\Local\TempTaskUpdateDetection968535B4-1AFF-476E-AA4A-E4AA1FBE607F
2015-07-12 02:00 - 2015-07-12 02:00 - 00000000 ____D C:\Users\Sally\AppData\Local\CEF
2015-07-11 20:56 - 2015-07-11 20:56 - 00008326 _____ C:\Users\Sally\Desktop\webshortcuts_csgo.smx
2015-07-09 19:25 - 2015-07-09 20:11 - 00000000 ____D C:\GMOD
2015-07-03 01:46 - 2015-07-10 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-30 00:39 - 2015-06-30 00:39 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-06-28 01:00 - 2015-07-22 11:37 - 00000930 _____ C:\Windows\setupact.log
2015-06-28 01:00 - 2015-06-28 01:00 - 00000000 _____ C:\Windows\setuperr.log
2015-06-27 09:37 - 2015-07-16 20:52 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-27 09:37 - 2015-06-27 09:37 - 00000000 ____D C:\Users\Sally\AppData\Local\TERA
2015-06-25 13:09 - 2015-07-23 22:19 - 00000163 _____ C:\Users\Sally\Documents\ClownfishForTeamspeak.ini
2015-06-25 02:26 - 2015-06-25 02:26 - 63405318 _____ C:\Users\Sally\Documents\152074.rar
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-24 00:36 - 2014-01-25 13:01 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-24 00:31 - 2014-10-05 01:38 - 00000000 ____D C:\Users\Sally\AppData\Roaming\FileZilla
2015-07-24 00:22 - 2013-08-20 16:26 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-23 23:58 - 2014-07-03 12:58 - 00000292 _____ C:\Windows\Tasks\Rocket Updater.job
2015-07-23 23:45 - 2013-08-20 19:58 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-23 22:41 - 2014-02-07 20:34 - 00000000 ____D C:\Users\Sally\AppData\Roaming\TS3Client
2015-07-23 22:25 - 2013-08-19 10:54 - 01648215 _____ C:\Windows\WindowsUpdate.log
2015-07-23 19:36 - 2014-01-25 13:01 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-23 18:33 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-23 18:33 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-23 15:19 - 2013-08-20 16:02 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FE653D33-FB89-479A-B61C-5D0CC1A27639}
2015-07-23 14:07 - 2013-08-20 16:02 - 00000000 ____D C:\Users\Sally
2015-07-23 09:27 - 2013-08-19 14:40 - 00000000 ____D C:\ProgramData\MFAData
2015-07-23 05:31 - 2014-03-22 14:30 - 00004990 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for TheLaptop-HP-Sally TheLaptop-HP
2015-07-23 02:52 - 2014-12-17 22:14 - 00007542 _____ C:\Users\Sally\Purge Instruction.txt
2015-07-23 02:00 - 2013-08-27 18:32 - 00000000 ____D C:\Users\Sally\AppData\Local\Adobe
2015-07-22 20:04 - 2014-04-18 14:57 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSally
2015-07-22 20:04 - 2014-03-28 20:31 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForSally.job
2015-07-22 16:40 - 2013-08-30 17:51 - 00000000 ____D C:\Users\Sally\AppData\Local\CrashDumps
2015-07-22 15:37 - 2013-08-19 21:39 - 00003226 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTHELAPTOP-HP$
2015-07-22 15:37 - 2013-08-19 21:39 - 00000350 _____ C:\Windows\Tasks\HPCeeScheduleForTHELAPTOP-HP$.job
2015-07-22 11:56 - 2014-10-12 13:25 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-22 11:37 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-22 02:18 - 2014-04-13 17:47 - 00000000 ____D C:\Users\Sally\AppData\Roaming\OBS
2015-07-22 01:19 - 2013-08-23 16:38 - 00000000 ____D C:\Users\Sally\Documents\My Received Files
2015-07-21 22:26 - 2014-04-13 17:47 - 00000000 ____D C:\Program Files (x86)\OBS
2015-07-21 20:46 - 2013-10-23 16:27 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-07-21 13:47 - 2014-07-03 15:03 - 00000000 ____D C:\Users\Sally\AppData\Local\TSVNCache
2015-07-20 22:09 - 2014-10-24 23:36 - 00000000 ____D C:\Users\Sally\Downloads\random
2015-07-20 14:59 - 2015-03-27 23:32 - 00000000 ____D C:\Users\Sally\AppData\Roaming\vlc
2015-07-20 02:30 - 2014-06-23 13:50 - 00000000 ____D C:\Users\Sally\AppData\Roaming\Apple Computer
2015-07-19 11:29 - 2015-01-14 22:29 - 00000000 ____D C:\Users\Sally\Desktop\SERVER
2015-07-18 16:46 - 2013-09-07 16:24 - 00000000 ____D C:\Users\Sally\Documents\GFX
2015-07-18 16:38 - 2014-05-23 19:54 - 00001456 _____ C:\Users\Sally\AppData\Local\Adobe Save for Web 12.0 Prefs
2015-07-18 12:05 - 2010-11-20 22:47 - 01154024 _____ C:\Windows\PFRO.log
2015-07-16 19:08 - 2014-06-23 14:10 - 00000000 ____D C:\Users\Sally\AppData\Local\Apple Computer
2015-07-16 19:06 - 2014-06-23 13:34 - 00000000 ____D C:\ProgramData\Apple
2015-07-16 17:33 - 2014-02-21 16:32 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2015-07-16 17:33 - 2013-08-19 14:43 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2015-07-16 13:42 - 2013-10-13 16:10 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-07-16 13:42 - 2011-10-19 19:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-16 13:39 - 2014-12-24 16:41 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 23:27 - 2015-05-19 11:28 - 00000000 ____D C:\Users\Sally\Downloads\Random 2
2015-07-15 19:31 - 2014-01-25 13:01 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 19:31 - 2014-01-25 13:01 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 16:45 - 2013-08-20 19:58 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 16:45 - 2013-08-20 19:58 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 16:45 - 2011-10-19 19:08 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 12:39 - 2009-07-14 00:13 - 00782010 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-14 20:30 - 2014-01-25 13:02 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-14 12:56 - 2013-10-19 01:27 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-07-14 00:48 - 2014-06-05 21:53 - 00000000 ____D C:\Users\Sally\Desktop\PSD COLORINGS
2015-07-13 14:48 - 2014-07-09 13:05 - 00000000 ____D C:\Users\Sally\Desktop\Edit
2015-07-12 23:36 - 2015-01-12 02:43 - 00000000 ____D C:\Users\Sally\AppData\Local\NexonLauncher
2015-07-11 20:54 - 2015-01-12 18:28 - 00000000 ____D C:\Users\Sally\Desktop\KZ
2015-07-11 20:18 - 2015-03-09 11:09 - 00003675 _____ C:\Users\Sally\random 2.txt
2015-07-10 14:39 - 2014-10-05 01:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-07-10 14:39 - 2014-10-05 01:36 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-07-10 10:41 - 2013-08-19 14:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-09 11:31 - 2009-07-13 23:45 - 05287840 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-01 21:25 - 2015-03-27 23:31 - 00001062 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-07-01 17:07 - 2013-08-21 16:36 - 00181552 _____ C:\Users\Sally\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-30 00:40 - 2013-08-20 17:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-30 00:39 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-29 07:10 - 2014-03-20 17:36 - 00102400 ___SH C:\Users\Sally\Thumbs.db
2015-06-28 11:33 - 2015-03-09 11:13 - 00001915 _____ C:\Users\Sally\random 1.txt
2015-06-27 22:15 - 2015-01-12 02:43 - 00000000 ____D C:\Users\Sally\AppData\Roaming\NexonLauncher
2015-06-27 06:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-06-27 03:32 - 2015-02-17 13:01 - 00000000 ____D C:\Users\Sally\Documents\Phone
2015-06-27 00:48 - 2013-08-25 14:46 - 00000000 ____D C:\Windows\Minidump
2015-06-26 14:15 - 2013-08-30 20:29 - 00000000 ____D C:\Users\Sally\AppData\Roaming\Skype
2015-06-25 15:21 - 2015-03-28 12:41 - 00000000 ____D C:\Users\Sally\PaintToolSAI
2015-06-25 02:09 - 2015-05-07 15:07 - 00000000 ____D C:\Program Files\Adobe
2015-06-25 02:09 - 2013-12-28 16:24 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-06-24 01:33 - 2015-03-09 11:13 - 00001788 _____ C:\Users\Sally\random 3.txt
 
==================== Files in the root of some directories =======
 
2013-08-19 14:43 - 2014-06-03 14:42 - 0003744 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-01-02 22:32 - 2014-01-18 18:17 - 0000132 _____ () C:\Users\Sally\AppData\Roaming\Adobe PNG Format CC Prefs
2014-09-28 20:22 - 2014-09-28 20:22 - 0001181 _____ () C:\Users\Sally\AppData\Roaming\trace_FilterInstaller.txt
2014-09-28 20:22 - 2014-09-28 20:22 - 0000000 _____ () C:\Users\Sally\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-05-23 19:54 - 2015-07-18 16:38 - 0001456 _____ () C:\Users\Sally\AppData\Local\Adobe Save for Web 12.0 Prefs
2015-02-10 22:54 - 2015-05-12 13:55 - 0007613 _____ () C:\Users\Sally\AppData\Local\Resmon.ResmonCfg
2014-07-14 00:24 - 2014-07-14 00:24 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some files in TEMP:
====================
C:\Users\Sally\AppData\Local\Temp\0x10000003_(null)_2015-07-12_23-37-42_MAPLESTORY.EXE
C:\Users\Sally\AppData\Local\Temp\49bd13b0e4667bfe846a441583f50462.dll
C:\Users\Sally\AppData\Local\Temp\amd64.exe
C:\Users\Sally\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll
C:\Users\Sally\AppData\Local\Temp\npp.6.7.9.2.Installer.exe
C:\Users\Sally\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\Sally\AppData\Local\Temp\xmlUpdater.exe
C:\Users\The Laptop\AppData\Local\Temp\CleanSchedule.exe
C:\Users\The Laptop\AppData\Local\Temp\mgsqlite3.dll
C:\Users\The Laptop\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\The Laptop\AppData\Local\Temp\NGMDll.dll
C:\Users\The Laptop\AppData\Local\Temp\NGMResource.dll
C:\Users\The Laptop\AppData\Local\Temp\NGMSetup.exe
C:\Users\The Laptop\AppData\Local\Temp\nsd53D0.exe
C:\Users\The Laptop\AppData\Local\Temp\nseB43C.exe
C:\Users\The Laptop\AppData\Local\Temp\nsi4FF8.exe
C:\Users\The Laptop\AppData\Local\Temp\nsoDE1A.exe
C:\Users\The Laptop\AppData\Local\Temp\nsoE25F.exe
C:\Users\The Laptop\AppData\Local\Temp\nsoEC6E.exe
C:\Users\The Laptop\AppData\Local\Temp\nst573B.exe
C:\Users\The Laptop\AppData\Local\Temp\nst7B9C.exe
C:\Users\The Laptop\AppData\Local\Temp\offercast.exe
C:\Users\The Laptop\AppData\Local\Temp\oi_{F150EEEC-D17B-43FF-BC80-35DEE3B6F579}.exe
C:\Users\The Laptop\AppData\Local\Temp\SecondStepInstaller.exe
C:\Users\The Laptop\AppData\Local\Temp\Shortcut_IMsetup.exe
C:\Users\The Laptop\AppData\Local\Temp\SkypeSetup.exe
C:\Users\The Laptop\AppData\Local\Temp\sp-downloader.exe
C:\Users\The Laptop\AppData\Local\Temp\SweetIMInstallValidator.exe
C:\Users\The Laptop\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\The Laptop\AppData\Local\Temp\unicows.dll
C:\Users\The Laptop\AppData\Local\Temp\WSSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-23 05:04
 
==================== End of log ============================
This is the additional.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015

Ran by Sally at 2015-07-24 00:42:09
Running from C:\Users\Sally\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-340233962-23204301-678684381-500 - Administrator - Disabled)
Guest (S-1-5-21-340233962-23204301-678684381-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-340233962-23204301-678684381-1002 - Limited - Enabled)
Sally (S-1-5-21-340233962-23204301-678684381-1003 - Administrator - Enabled) => C:\Users\Sally
The Laptop (S-1-5-21-340233962-23204301-678684381-1000 - Administrator - Enabled) => C:\Users\The Laptop
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Internet Security 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.0.1.87 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5961 - AVG Technologies)
AVG 2015 (Version: 15.0.4354 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5961 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.7.0.147 - AVG Technologies)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blio (HKLM-x32\...\{64937FA6-946F-4D2D-90D4-4AB5C3EC4564}) (Version: 2.2.7922 - K-NFB Reading Technology, Inc.)
Bloons TD5 (HKLM-x32\...\Steam App 306020) (Version:  - Ninja Kiwi)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG5500 series User Registration (HKLM-x32\...\Canon MG5500 series User Registration) (Version:  - ‭Canon Inc.)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4422 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Echo of Soul (HKLM-x32\...\Steam App 290140) (Version:  - Nvius)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileZilla Client 3.12.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.12.0.2 - Tim Kosse)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version:  - )
GnuWin32: Bzip2-1.0.5 (HKLM-x32\...\Bzip2-1.0.5_is1) (Version: 1.0.5 - GnuWin32)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Application Assistant (HKLM\...\{0CE7EBAF-157D-4111-9146-057CB2A4023E}) (Version: 1.1.466.3970 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{D638A23C-5C5F-4B71-A354-EC78B2BDD320}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Documentation (HKLM-x32\...\{D25BAEFB-2216-4757-90FF-0007635BE7A1}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{9CAB2212-0732-4827-8EC4-61D8EF0AA65B}) (Version: 1.0.11 - Hewlett-Packard Company)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{D6159AEF-32BD-4177-82AE-5ED1F0F0DC1D}) (Version: 3.1.1.10066 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{5F0E36BD-658D-476C-9289-E6EA2C164830}) (Version: 1.0.10 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{5036764A-435D-40C9-869C-31085A3D741D}) (Version: 8.7.4751.3798 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13476.3753 - Hewlett-Packard Company)
HP SimplePass PE 2012 (HKLM-x32\...\{423FBEB8-21C6-4720-A8DA-B19B06FDB607}) (Version: 5.3.1.7 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{1DFA0C99-6E2E-46F4-B242-51C7CF41DDE5}) (Version: 4.5.12.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
IB Updater Service (HKLM-x32\...\WNLT) (Version: 4.0.7.6 - ) <==== ATTENTION
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
IdleMaster (HKU\S-1-5-21-340233962-23204301-678684381-1003\...\1d85483b1c982d8c) (Version: 0.9.0.0 - IdleMaster)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6359.0 - IDT)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2462 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.2.1001 - Intel Corporation)
Intel® Smart Connect Technology 1.0 (HKLM-x32\...\{0A918A9E-74F2-41CB-969F-FB0CB9A51DD8}) (Version: 1.0.698.0 - Intel)
Intel® WiDi (HKLM-x32\...\{7257132D-7F65-41E6-A90F-43BF6099461A}) (Version: 2.1.42.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E2D0B67F-8032-4E11-87C6-C8C721D331B3}) (Version: 15.01.0500.0903 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Java SE Development Kit 8 Update 20 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.23 - Oracle Corporation)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MapleStory (HKLM-x32\...\MapleStory) (Version:  - )
MapleStory (HKLM-x32\...\Steam App 216150) (Version:  - Nexon)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4737.1003 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0a2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.1.1 - Nexon)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.19.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.19.0 - Renesas Electronics Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.97 - WildTangent) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SweetPacks Toolbar for IE (HKLM-x32\...\IECT3310511) (Version: 6.17.0.33 - SweetPacks) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.16.1 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{A70C559F-6D76-4A64-81FF-3F403139579E}) (Version: 6.1.5.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
Topaz Denoise 3 (HKLM-x32\...\{390B7821-3CDE-4579-B940-B0A06B86136A}) (Version: 3.0.1 - Topaz Labs)
TortoiseSVN 1.8.7.25475 (64 bit) (HKLM\...\{A8573F59-C080-4495-A9A8-EC32D8A4ECFF}) (Version: 1.8.25475 - TortoiseSVN)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VIP Access SDK (1.0.1.2)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.2 - Symantec Inc.)
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
WildTangent Games App for HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-340233962-23204301-678684381-1003_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Restore Points =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-05-12 13:58 - 2015-05-12 13:58 - 00001433 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1       localhost
127.0.0.1       localhost127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
127.0.0.1                   na1r.services.adobe.com
127.0.0.1                   hlrcv.stage.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {068A89D6-BB5F-42C9-9250-AF50DB2139E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {0C37E3E4-D282-4DF1-AA0A-1DFE63A42873} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation)
Task: {193DDCD0-CE38-42C1-95C7-352DF96445F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-25] (Google Inc.)
Task: {1A0BB1DA-ADAE-489D-802A-34E4E7CF652E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1FBE550D-FAC1-4584-ADC2-9DFA86833534} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {250FED15-94F0-4758-8770-296E76306A50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-07] (Hewlett-Packard)
Task: {2A85FFF9-E560-463D-883A-51F9C82A5C60} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-27] ()
Task: {2D11B49E-936B-4F2A-8F43-622FAF387F22} - System32\Tasks\{2E76144E-EFB7-4F37-BF21-3082F9DC66DE} => C:\PaintToolSAI\sai.exe
Task: {2F62BFB3-6B5C-485E-B1DF-0CA100672FBC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {3137EFB4-932B-41F9-AC40-274B1C1B78E4} - System32\Tasks\{F7D75468-6CD7-4010-8468-8884EE2D760F} => pcalua.exe -a "C:\Users\Sally\Downloads\Install-My-Family-5-Sep-2014 (1).exe" -d C:\Users\Sally\Downloads
Task: {5ED2310D-8BF0-49FB-BCC9-1C0F704BE4D0} - System32\Tasks\AdobeAAMUpdater-1.0-TheLaptop-HP-Sally => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30] (Adobe Systems Incorporated)
Task: {62208145-BC07-4154-B37C-D7AE029F887C} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-22] (CyberLink)
Task: {6BDED1FB-546C-4DD5-BC04-9A005E1A54B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {700B0917-078B-492B-8C26-DDE56D4A74D6} - System32\Tasks\HPCeeScheduleForTHELAPTOP-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {72C1DBBF-4284-4FB6-A3BC-D48286D5DF99} - System32\Tasks\Microsoft Office 15 Sync Maintenance for TheLaptop-HP-Sally TheLaptop-HP => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-06-02] (Microsoft Corporation)
Task: {75B4CEA0-FD64-4437-B0D7-83FCCB2FD7DF} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {9A021FFC-128B-4CE3-9F23-CFAC81FF4058} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {AE946FFB-B917-4502-A93B-850F8DB96FDF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {B08FDB2A-38FF-46A7-8C72-6BA170BC7646} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-06-09] (Microsoft Corporation)
Task: {C0DAE089-65B9-49C1-9069-8D921718C320} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {C0DFC04E-4B75-46E5-910D-85C056F45AB6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {CCB919AB-2703-4A24-9D47-70FF65647EAC} - System32\Tasks\Rocket Updater => C:\Users\Sally\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {CD9C8901-CBBA-416F-B770-307C95819079} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation)
Task: {D632BF1E-7C0B-4C58-AF56-6746F2850299} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-25] (Google Inc.)
Task: {D6B28EAD-E9DA-4741-A279-828608CF203C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-07] (Hewlett-Packard)
Task: {E7F0F4D6-03B2-49B6-8E96-940214844625} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {EBE0855D-F801-402C-B182-74A7B3A96CB2} - System32\Tasks\HPCeeScheduleForSally => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSally.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTHELAPTOP-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Rocket Updater.job => 0x0106010089B46F29E8D6254FA9DDEB1D725AEF1E4600F2000000000044440000200000000014730F020007800013040000208021DF0707000400170017003A000000C30200003E0043003A005C00550073006500720073005C00530061006C006C0079005C0041007000700044006100740061005C0052006F0061006D0069006E0067005C0052004F0043004B00450054007E0031005C005500500044004100540045007E0031005C005500500044004100540045007E0031002E00450058004500000007002F0043006800650063006B00000000000600530061006C006C00790000000000000008000000000000000000010030000000D207030007000000000000000C003A00A00500003C0000000000000001000000010000000000000000000000
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-09-06 13:48 - 2011-09-06 13:48 - 00093696 _____ () C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2011-09-06 13:48 - 2011-09-06 13:48 - 00026112 _____ () C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\ISCTHidMonitor.exe
2013-08-05 01:15 - 2013-08-05 01:15 - 00070712 _____ () C:\Windows\system32\bdmpega64.acm
2015-02-09 05:28 - 2015-02-09 05:28 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-04-16 17:42 - 2015-04-16 17:42 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-03-17 12:18 - 2015-01-27 10:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\1033\GrooveIntlResource.dll
2014-05-06 20:37 - 2014-05-06 20:37 - 00076032 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-05-06 20:37 - 2014-05-06 20:37 - 00088832 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2015-07-09 12:32 - 2015-07-09 12:32 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-07-16 15:24 - 2015-07-16 15:24 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\loggingserver.exe
2011-07-27 09:37 - 2011-07-27 09:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-21 16:32 - 2015-07-16 17:33 - 02563472 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2015-04-16 17:41 - 2015-04-16 17:41 - 05842080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-10-12 13:25 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-09-06 13:48 - 2011-09-06 13:48 - 00036352 _____ () C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2014-05-14 11:45 - 2014-05-14 11:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll
2015-07-16 15:24 - 2015-07-16 15:24 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\log4cplusU.dll
2013-07-01 08:20 - 2015-07-03 11:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 19:45 - 2015-07-03 11:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-19 19:45 - 2015-07-03 11:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 19:45 - 2015-07-03 11:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 17:55 - 2015-07-21 14:32 - 02410176 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 12:09 - 2014-12-01 16:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 12:09 - 2014-12-01 16:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 12:09 - 2014-12-01 16:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 12:09 - 2014-12-01 16:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 12:09 - 2014-12-01 16:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-07-26 14:46 - 2015-07-21 14:32 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-12 01:58 - 2015-07-07 15:41 - 00169984 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2014-02-21 16:32 - 2014-08-25 13:45 - 01654296 ____N () C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll
2015-04-20 07:16 - 2015-04-20 07:16 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2013-07-15 14:32 - 2015-07-03 11:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-10-15 19:31 - 2014-10-15 19:31 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c06cf242153fb97b43ad808aa24328c1\IsdiInterop.ni.dll
2013-08-19 10:54 - 2011-08-24 00:37 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-06-08 14:06 - 2015-06-08 14:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2015-05-15 09:24 - 2015-05-15 09:24 - 02873856 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
2015-03-17 12:18 - 2015-01-27 09:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-05 22:21 - 2014-05-05 22:21 - 00065792 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-05-05 22:20 - 2014-05-05 22:20 - 00071936 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2015-07-09 12:32 - 2015-07-09 12:32 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-07-14 20:30 - 2015-07-13 16:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 20:30 - 2015-07-13 16:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll
2015-07-14 20:30 - 2015-07-13 16:55 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\PepperFlash\pepflashplayer.dll
2014-02-28 08:33 - 2014-02-28 08:33 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll
2014-02-27 08:46 - 2014-02-27 08:46 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 08:45 - 2014-02-27 08:45 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 08:43 - 2014-08-04 08:43 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2014-08-04 08:43 - 2014-08-04 08:43 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-02-27 08:46 - 2014-02-27 08:46 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 08:46 - 2014-02-27 08:46 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 08:45 - 2014-08-04 08:45 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 08:45 - 2014-08-04 08:45 - 00484808 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 08:46 - 2014-02-27 08:46 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\DRM:احتضان
AlternateDataStreams: C:\Users\Sally\MediaFire:mf_x
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-340233962-23204301-678684381-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\The Laptop\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-340233962-23204301-678684381-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Sally\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.76.76 - 75.75.75.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{C372A510-FDC1-435F-A1CD-5A4D3D0BB2D8}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{928272CC-0A36-4067-B73F-DB5874708363}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{EAD92DD8-7C30-4D92-985B-879C1D51B137}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\IndivDRM.exe
FirewallRules: [{BE33EA1F-4162-4A96-88A6-43046049E9D5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\IndivDRM.exe
FirewallRules: [{E16D2341-0CDF-453E-99AD-2A18895507A5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{DE34FAB1-16B8-4ED7-8D6B-97BC288FDAEF}] => (Allow) LPort=2869
FirewallRules: [{94A8C662-C66F-40C7-9AE7-82272B9762B0}] => (Allow) LPort=1900
FirewallRules: [{79B84CE4-1082-4D7C-B175-B2F871242A3D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{BB27FDE7-7DFE-4E92-B49B-CB575E4CA3AC}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{128D7C24-BCF6-4130-8D14-513BE8A8E73F}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{C6FA1EA8-C5E3-4D50-8910-896121117A6C}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{72ADA51D-1028-49A9-9983-A916CC51955F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{64AF2C77-905E-4553-9C0C-BBE7690E1A8C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E136DD79-B1A0-40CA-B179-82A66FEEA7CD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4695A9B5-7BFD-4502-A66C-DE6080FA72A5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E5C7F85B-9A38-4FB6-8F0B-582BD74D58E9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{EA674D0A-3708-4017-9FEB-94372C5DBC09}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{23BEB6F6-C48A-4EA1-9A40-9BAFD78B961C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{0795BB2A-CA2A-4D25-9E73-C3AA50DEFE1D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{B55E321A-CCBE-4B18-B627-99D89943C28B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{BEB1815B-AF5D-49DA-BC8B-804B17B27470}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{82292937-61B1-4504-8376-6E1CDF7489F5}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{EB185032-636C-4990-90D9-B427927DBB34}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4D9E9AA1-A987-4E45-A3EE-B113EC0EA7C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{18977403-7013-410A-A45D-ECC9ECEF7BDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{07435B9D-BFD8-4856-968E-BC86B7455A08}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{2AE6E404-4886-4C50-AE63-5BA6EA04F785}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{A5CC4BE1-0C79-4B03-A211-A7271F019E12}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1CEF2DD8-25C4-46C6-A54F-5E8F957C9623}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D8F1B7C6-F35A-4931-8661-4E5FA130F092}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2A48111E-0453-4245-923D-956547C10282}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B58F4904-EEC4-43E4-BBD0-8C912F9B2576}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{D09FBBD9-4EB5-4566-9D6C-D477A29285D0}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{0AE5E19F-6741-4EA5-8A6A-479EB330266F}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{08AA9580-2A21-434C-AFFD-A7E52E0DEAC1}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{4F7B599E-6B0D-44CF-9214-07DA2BA88902}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{C18B6418-E90E-41A1-80D1-0CE5D8DCFD8C}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{0FCCA91F-486F-403A-8BCC-1D2D48AEDE07}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{4656F3F4-B5A3-4EA5-B857-E40496F2B595}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{9CA6B864-CBD7-45F6-95C1-0737F0EAB974}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{5C4AE151-0A35-47A4-9A06-4CF13882813F}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{8345FC05-44D4-4A1D-AE26-D24791D92E95}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{5C9B81F9-E74C-4314-BEA3-131CEF5C160E}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{E1EF4924-694C-400D-A7E0-6D326D72198C}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{AA9B7926-08A3-4D3E-AC88-89B67EA9197A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{F9E62A0F-CB19-4CE7-B403-77F91C37C690}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{DD1462EB-1B9A-41DB-B13C-F363939EB1B3}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{941CBB4A-48CB-4B21-A166-83C5DA3F7D7C}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{80020247-474B-4F17-872E-DA883DFAAE82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{825E46D2-8555-4FE5-948A-2EC8557E9F40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [TCP Query User{E6A58353-0ABB-42C0-B5D3-6A8EE413A5CF}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{0835D7E4-B913-49C8-895E-025D85616511}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{565CECFC-1DC1-4B83-BF1C-6C521BF23EB2}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{7B18266E-26E7-4F87-A6ED-18DC996ACB09}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{B3F03D5C-0F2E-46AB-A9AB-20111ACAB54F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{34205D19-B3EB-4629-8EA6-4024054A8B37}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{3104A201-0BFD-4FEA-B1D7-B729095C71CC}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{98F12479-A073-4526-AB89-3EE3F9001E4C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{1AD4EEE1-6315-4CC2-8474-96FE6BFC26BE}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{C6C11215-1EEC-4D19-8AA2-D7AFE60414CD}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{DA76E7EB-DD58-4226-8121-DC4EF865C4A7}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{DAB7F319-43D7-4A56-9F7F-EBFB4BA6E375}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [TCP Query User{76C7C802-A9CF-4EAA-A798-78382B9374E6}C:\program files (x86)\adobe\adobe edge animate cc\edgeanimate.exe] => (Allow) C:\program files (x86)\adobe\adobe edge animate cc\edgeanimate.exe
FirewallRules: [UDP Query User{2407369A-5CA6-4BF2-9BFB-13AB1BA205C0}C:\program files (x86)\adobe\adobe edge animate cc\edgeanimate.exe] => (Allow) C:\program files (x86)\adobe\adobe edge animate cc\edgeanimate.exe
FirewallRules: [{5C89BF28-CD1B-4C7A-BC0A-38A7738D838C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D19B3BD4-9C17-4056-931C-17C3257FCAC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{76548DE1-8A07-4027-9336-200B21FA21B2}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C65FDFE5-A0B7-4FEB-8D79-A51C4FC5FE1F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{7986997D-836A-4C33-8C6B-A99DA2691E5A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{0E770361-FAE3-4006-AEE9-EE4052ECAE57}G:\outlast whistleblower\binaries\win64\olgame.exe] => (Allow) G:\outlast whistleblower\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{1C1814C4-04F2-4089-A376-B071B32E5728}G:\outlast whistleblower\binaries\win64\olgame.exe] => (Allow) G:\outlast whistleblower\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{A32B22AF-3617-4618-A8A7-C35E81EAA213}G:\outlast whistleblower\binaries\win64\olgame.exe] => (Allow) G:\outlast whistleblower\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{08BDEA28-253E-4653-9364-0D028A81B369}G:\outlast whistleblower\binaries\win64\olgame.exe] => (Allow) G:\outlast whistleblower\binaries\win64\olgame.exe
FirewallRules: [{D358B37A-9B2B-4C68-804C-B4FE4E522E6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MapleStory\nxsteam.exe
FirewallRules: [{87298252-4B71-4031-876E-EDA45972ECE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MapleStory\nxsteam.exe
FirewallRules: [TCP Query User{D9B094E4-85CD-4597-9424-730678C93F66}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{25B3822F-2E07-4D00-8C2F-57B316E6171F}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [TCP Query User{9A27957E-4E24-4E8C-BE63-9436E12CD4DD}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{4F0E16B1-A01F-4C47-A459-9F9561BD6415}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{286D6E89-9634-4AD9-9432-D010039DE918}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{3795EFFC-AFD1-4BDE-A66C-2A46737A0A68}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{DA2D84ED-50CC-4735-B2E3-BAEFB8DC31AC}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{96EA4E50-5529-4D2F-8B09-C69F93F2FF84}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{839BC07D-0E36-4914-8499-B4D3237C5856}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{06A0DB64-DD4F-4FEE-AF83-F6C6A6D9B823}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [TCP Query User{6E3C66C6-8B41-4BB3-A56C-DB0FF5D7C602}C:\program files\java\jdk1.7.0_03\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_03\bin\java.exe
FirewallRules: [UDP Query User{610BD2A6-D50E-4889-8FC5-3BEFD96FB794}C:\program files\java\jdk1.7.0_03\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_03\bin\java.exe
FirewallRules: [{C1E78A3D-D7C8-4C44-9504-95F47EC5D0C2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{4B3A12E8-25A0-4942-AB17-DD01CC56947A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{7FDA06F6-7A3E-435B-A3BD-CB2D74F4168A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{8BE15385-55D6-493D-853C-339A91C59DF2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{AD850128-B53A-4615-B314-2185C985A6B2}C:\users\sally\desktop\sourcefiles\java.exe] => (Allow) C:\users\sally\desktop\sourcefiles\java.exe
FirewallRules: [UDP Query User{C893C7C2-AA02-433B-9FF2-EF8F5F3DE3DE}C:\users\sally\desktop\sourcefiles\java.exe] => (Allow) C:\users\sally\desktop\sourcefiles\java.exe
FirewallRules: [{562387EF-C5F8-4264-9926-3E2B38BB258B}] => (Block) C:\users\sally\desktop\sourcefiles\java.exe
FirewallRules: [{C40E77E5-AC0E-41AF-B0B4-CD50BB0BF80A}] => (Block) C:\users\sally\desktop\sourcefiles\java.exe
FirewallRules: [TCP Query User{15DCD617-AED2-4CC3-B0F2-6E998F01A09B}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{AFC0DCBE-08AE-4B48-94A4-163394B8A344}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [{5FD97A9A-D306-4F02-A128-02A0DEA2311D}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{F8F94A7C-ACCF-44C0-A64E-706E9FFB4D7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{871B2C81-F32D-4898-ADCB-067C7A345BFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F7917CD3-E5DA-41E6-8EEF-920C3296DB5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{05650787-1D3A-49B5-8E56-689D6065BDCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F645BB1A-AAC0-43AB-B6D3-407107EF9F5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{1B344F14-63A9-4F93-8D58-99FE531A330D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{39F6171E-D133-4CB2-9986-339CC2DE78C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{412CCBA7-ACF9-40EE-96DA-0AE9CDA41004}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{8C916AFF-A92F-4B70-B0B2-AB71A2C11A18}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{C8BA5C5A-0DD6-4DEF-87A0-4E3B41D82F7A}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{15189C05-59FD-42A4-B71E-79840753EF21}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [UDP Query User{C8F408B9-BDDC-4177-A831-F714C173FA3E}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{D5A8CA4D-47C8-4501-9C7E-267221B20FB0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C6AF8682-359E-49D6-9BE9-92A2E419F47F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{9C2D1E4F-9B87-4E6F-BA39-CBD7801AC218}C:\gmod\srcds.exe] => (Allow) C:\gmod\srcds.exe
FirewallRules: [UDP Query User{09B6892C-0758-410A-949D-825D3FA1602F}C:\gmod\srcds.exe] => (Allow) C:\gmod\srcds.exe
FirewallRules: [{78BF255A-0E7C-43EF-9F53-BAB9B6EB527C}] => (Block) C:\gmod\srcds.exe
FirewallRules: [{333A6033-0822-44CE-B71C-7A85719B2447}] => (Block) C:\gmod\srcds.exe
FirewallRules: [{2FA2F55C-47F3-491E-AD53-010A5945DA89}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [TCP Query User{3391F175-7E40-45F4-899A-39674900F195}C:\my little pony ttt\srcds.exe] => (Allow) C:\my little pony ttt\srcds.exe
FirewallRules: [UDP Query User{7F11A5B7-BC4A-4875-9B58-2BBB78124D9D}C:\my little pony ttt\srcds.exe] => (Allow) C:\my little pony ttt\srcds.exe
FirewallRules: [{4E98DA68-1B20-4EAB-BDB7-F7D9CF7E9CB4}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{3B9535EB-05AA-42FF-AA26-EDC2670141B2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{9FDE974F-B136-497A-8017-805376F7F505}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{D4EA89DD-DE2D-4FAE-9931-78B29CD8492E}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [UDP Query User{D8B5477D-5913-4D62-AD97-20546F148AD1}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [TCP Query User{E8CEF302-948A-4547-ADD1-AA96438ECEB8}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [UDP Query User{EB805F96-7DC0-4CEB-A789-A99454945884}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [{AEF655EA-5787-46A7-A8DA-A0515CBB5AB9}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A3F6D27F-983D-4D5F-87E0-C72C05BD4CF1}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FB97437C-FC74-4AF3-9C7B-E4C59DF7B45C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{6902779D-E2CC-4119-B5B5-EE4B24F32ACC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{99E17BAB-7A34-440E-82FC-6C9830142265}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{13F46A35-B495-4C96-8C5C-B4FE112A654D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [TCP Query User{6104730B-2D5E-4381-8FBE-12CF1CE633A6}C:\users\sally\desktop\stop_me\srcds.exe] => (Allow) C:\users\sally\desktop\stop_me\srcds.exe
FirewallRules: [UDP Query User{9B4CB26B-E6C8-46DD-B2BA-45897EC3FC2C}C:\users\sally\desktop\stop_me\srcds.exe] => (Allow) C:\users\sally\desktop\stop_me\srcds.exe
FirewallRules: [{5411DE8B-2068-4D74-8986-0E8612B3476A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0C99DF4C-3DFF-45BC-8310-19C394BC4AA1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6ED9F87A-8396-4091-843B-4FC93C461BF6}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{9BE1A0C3-9DF1-4015-8ACC-EF1888CCEC3E}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{B6744DCD-2365-4E46-88C7-604BE2E8EC71}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5883178B-CFB7-4C49-9CE3-DEAC205068FC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E4BCB07A-84E3-4CED-BDEF-326CA0F75EAA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{87C39DD1-D32D-46D0-BB04-09C42F79CB9A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B0ABFBB2-DA73-40B7-B254-B12D241D72E8}] => (Allow) C:\Nexon\Library\vindictus\appdata\en-US\NMService.exe
FirewallRules: [{F240ABFC-A810-4BF4-B229-A5DB89B96893}] => (Allow) C:\Nexon\Library\vindictus\appdata\en-US\NMService.exe
FirewallRules: [{49E6F0DE-7134-4858-AF03-6B0A2B007080}] => (Allow) C:\Nexon\Library\vindictus\appdata\en-US\NMService.exe
FirewallRules: [{615F048A-E15E-46E2-B870-F928AC3BF336}] => (Allow) C:\Nexon\Library\vindictus\appdata\en-US\NMService.exe
FirewallRules: [{B932B979-9C81-4B51-A59F-1E7E85AECF8F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{B05B6024-ABD9-4A32-8497-52DFFA751BA8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{859D1692-2591-4FC7-91D4-502019C6E95B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{F179298D-BB9D-4BAF-9B9D-62886DE25CF2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{2E0658FB-9C31-4DDC-8106-CAA33F497822}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{7E67C55F-4D75-4077-9DAE-A75D14932C9E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [TCP Query User{F6E86D27-6F34-4D60-850A-47E3BE6063A2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F49D7D77-5283-4B3F-95D5-5E0C02FB2CE5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{332FA7B6-8F28-4132-9197-4B68A1B1CDE8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{AF5618C0-B003-4F24-8C9B-0C0B922E5B55}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{47017CDE-5C1B-4A6E-A81F-F271D7FEB8FB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{B51F4655-6EB5-4F51-91B1-6BB640B40FD2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{04B29331-474C-4ADD-8E7D-F20AB0A87565}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{2F66CC2E-2C6E-4F53-A6D4-6F4BD2931EC1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{C608C247-0871-437E-91A0-4C86AA6FDD38}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{11BD1282-12D1-4574-8106-72C693112D91}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{EDA1BAED-E142-4CA2-9A4C-4EB42A011663}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{E623036C-6351-481A-922B-7EECBE1BE9C7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{7719DE2B-2275-4885-9148-D38A52474676}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6373622E-5D0C-442D-9AA2-27A5AA672626}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{15693864-2D2E-4394-8F08-5A7A85AD5EC1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{98242954-6BBB-4065-A4E3-AF7DE327FEDB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5F289CCA-010A-4839-9F43-EA4E37FDCE97}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{03F519FF-230C-4DDB-B31C-BA96A0298951}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AF544069-E79C-4E1B-8C02-6ECDD753173C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F5DB0718-365F-48C0-98F8-50D4DCD095DD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F34B2B6D-5018-4CAC-86E3-1067320F4932}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{111BD0D3-2412-42AE-8E0F-D56A7C11F0C2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{A6DFAC10-D284-46ED-8C69-EB40B258AEC0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BloonsTD5\BTD5-Win.exe
FirewallRules: [{1B7DBDC1-1978-4465-9C74-1FD1F2D8F292}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BloonsTD5\BTD5-Win.exe
FirewallRules: [TCP Query User{7A0FD0D5-305F-414F-B82F-5F18AA173CE3}C:\users\sally\appdata\local\temp\rar$exa0.040\alchemy.exe] => (Allow) C:\users\sally\appdata\local\temp\rar$exa0.040\alchemy.exe
FirewallRules: [UDP Query User{5EEA0D5C-147B-4A62-8F09-C02F92811C36}C:\users\sally\appdata\local\temp\rar$exa0.040\alchemy.exe] => (Allow) C:\users\sally\appdata\local\temp\rar$exa0.040\alchemy.exe
FirewallRules: [{A70D8030-7BBB-4D56-A648-1D27AD84AFAC}] => (Block) C:\users\sally\appdata\local\temp\rar$exa0.040\alchemy.exe
FirewallRules: [{022F628E-1841-442F-9B4E-D358A9361767}] => (Block) C:\users\sally\appdata\local\temp\rar$exa0.040\alchemy.exe
FirewallRules: [TCP Query User{5EDD53EE-12EF-468C-ABEE-D61750C9D633}C:\users\sally\appdata\local\temp\rar$exa0.706\alchemy.exe] => (Allow) C:\users\sally\appdata\local\temp\rar$exa0.706\alchemy.exe
FirewallRules: [UDP Query User{59ABA795-084A-4A6E-A90F-84F250C8D1EE}C:\users\sally\appdata\local\temp\rar$exa0.706\alchemy.exe] => (Allow) C:\users\sally\appdata\local\temp\rar$exa0.706\alchemy.exe
FirewallRules: [{C68F71E4-F565-4C25-B08E-4365DBE71E41}] => (Block) C:\users\sally\appdata\local\temp\rar$exa0.706\alchemy.exe
FirewallRules: [{A7290C7C-6F64-4250-AEB1-E2C6F6D1913E}] => (Block) C:\users\sally\appdata\local\temp\rar$exa0.706\alchemy.exe
FirewallRules: [TCP Query User{85C4D3CF-485E-49D5-A36F-AAEE6CCE6891}C:\users\sally\appdata\local\temp\rar$exa0.397\alchemy.exe] => (Allow) C:\users\sally\appdata\local\temp\rar$exa0.397\alchemy.exe
FirewallRules: [UDP Query User{D914FD45-E216-4C64-A187-77C17DE1B4EF}C:\users\sally\appdata\local\temp\rar$exa0.397\alchemy.exe] => (Allow) C:\users\sally\appdata\local\temp\rar$exa0.397\alchemy.exe
FirewallRules: [{A2E7CBC1-93EB-4748-B531-9B904E66E93B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Echo of Soul\EOSLauncher.exe
FirewallRules: [{790C3AFD-0B54-4D40-B683-396319D8313C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Echo of Soul\EOSLauncher.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/22/2015 04:39:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 43.0.2357.134, time stamp: 0x55a4072f
Faulting module name: chrome.dll, version: 43.0.2357.134, time stamp: 0x55a4037a
Exception code: 0xc0000005
Fault offset: 0x0042b847
Faulting process id: 0x95c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (07/22/2015 11:58:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/22/2015 11:37:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/22/2015 11:37:27 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CIRSTDriverApi::CreateInstance   *****Unable to open the IRST device driver
 
Error: (07/22/2015 11:37:27 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CDriverApi::GetInterfaceAlias   *****Unable to enumerate device interfaces, error=0x103
 
Error: (07/21/2015 11:49:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BTD5-Win.exe, version: 2.16.0.0, time stamp: 0x5562f953
Faulting module name: GraphicsCaptureHook.dll, version: 0.6.3.0, time stamp: 0x54fa2bb9
Exception code: 0xc0000005
Fault offset: 0x00001aee
Faulting process id: 0x27c4
Faulting application start time: 0xBTD5-Win.exe0
Faulting application path: BTD5-Win.exe1
Faulting module path: BTD5-Win.exe2
Report Id: BTD5-Win.exe3
 
Error: (07/21/2015 01:47:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/21/2015 01:46:54 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CIRSTDriverApi::CreateInstance   *****Unable to open the IRST device driver
 
Error: (07/21/2015 01:46:54 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CDriverApi::GetInterfaceAlias   *****Unable to enumerate device interfaces, error=0x103
 
Error: (07/20/2015 08:51:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program hl2.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: ea0
 
Start Time: 01d0c3575c7c6d38
 
Termination Time: 0
 
Application Path: C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
 
Report Id: fbbc5573-2f4a-11e5-aad0-4ceb42269aa2
 
 
System errors:
=============
Error: (07/23/2015 05:45:52 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (07/22/2015 10:11:49 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (07/22/2015 12:04:39 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{C016C0BF-C11D-4964-8AF1-8408DA4EBA7D}.
The backup browser is stopping.
 
Error: (07/22/2015 11:38:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (07/22/2015 11:37:25 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753636.
 
Error: (07/22/2015 02:52:04 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
 
Error: (07/21/2015 04:28:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (07/21/2015 04:28:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (07/21/2015 03:50:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (07/21/2015 03:50:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
 
Microsoft Office:
=========================
Error: (07/22/2015 04:39:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe43.0.2357.13455a4072fchrome.dll43.0.2357.13455a4037ac00000050042b84795c01d0c49cc67603f7C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\chrome.dll2d0300aa-30ba-11e5-9b1a-4ceb42269aa2
 
Error: (07/22/2015 11:58:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/22/2015 11:37:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/22/2015 11:37:27 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CIRSTDriverApi::CreateInstance   *****Unable to open the IRST device driver
 
Error: (07/22/2015 11:37:27 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CDriverApi::GetInterfaceAlias   *****Unable to enumerate device interfaces, error=0x103
 
Error: (07/21/2015 11:49:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BTD5-Win.exe2.16.0.05562f953GraphicsCaptureHook.dll0.6.3.054fa2bb9c000000500001aee27c401d0c436f16e616cC:\Program Files (x86)\Steam\steamapps\common\BloonsTD5\BTD5-Win.exeC:\Program Files (x86)\OBS\plugins\GraphicsCapture\GraphicsCaptureHook.dll041d55fd-302d-11e5-96ec-4ceb42269aa2
 
Error: (07/21/2015 01:47:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/21/2015 01:46:54 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CIRSTDriverApi::CreateInstance   *****Unable to open the IRST device driver
 
Error: (07/21/2015 01:46:54 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CDriverApi::GetInterfaceAlias   *****Unable to enumerate device interfaces, error=0x103
 
Error: (07/20/2015 08:51:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: hl2.exe0.0.0.0ea001d0c3575c7c6d380C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exefbbc5573-2f4a-11e5-aad0-4ceb42269aa2
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 63%
Total physical RAM: 6091.81 MB
Available physical RAM: 2251.21 MB
Total Virtual: 12181.83 MB
Available Virtual: 5940.1 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:445.8 GB) (Free:54.85 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:15.8 GB) (Free:2.3 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:0 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C832951F)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=445.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
 
==================== End of log ============================

 


Edited by NibbPower, 23 July 2015 - 11:52 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

I tried the site with three browsers and had no problem right clicking and Save Image As.  Is that how you are trying to download?

 

I do see a lot of adware and toolbars so let's clean them up:

 

Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

scan-results.jpg

Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site

  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

 

Then run a FRST scan again with the Addition box checked and post both logs that you get.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP