Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Norton Outbound Traffic [Closed]


  • This topic is locked This topic is locked

#1
twamstfi

twamstfi

    New Member

  • Member
  • Pip
  • 2 posts

I restarted my PC for a Norton Update, and when it turned back on I kept getting an Outbound Traffic Error. It told me to use Norton Power Eraser, which I did hoping to end this problem. However, I still do get this problem. Can possible you guys help me?  Here is the FRST scan results:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Anna (administrator) on GIGABYTE on 24-07-2015 17:40:34
Running from C:\Users\Anna\Downloads
Loaded Profiles: Anna (Available Profiles: normu_000 & Inese & Anna)
Platform: Windows 8.1 Pro (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\nf.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\tampmon.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\nf.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(BitTorrent Inc.) C:\Users\Anna\AppData\Roaming\uTorrent\uTorrent.exe
(Spotify Ltd) C:\Users\Anna\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2041192 2012-12-19] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-4166853913-3560998128-3814506462-1009\...\Run: [uTorrent] => C:\Users\Anna\AppData\Roaming\uTorrent\uTorrent.exe [1998432 2015-06-29] (BitTorrent Inc.)
HKU\S-1-5-21-4166853913-3560998128-3814506462-1009\...\Run: [Spotify Web Helper] => C:\Users\Anna\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2008632 2015-07-14] (Spotify Ltd)
HKU\S-1-5-21-4166853913-3560998128-3814506462-1009\...\Run: [Spotify] => "C:\Users\Anna\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
HKU\S-1-5-21-4166853913-3560998128-3814506462-1009\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
Startup: C:\Users\Toms\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PlayerGenerator14_2_2.rar.lnk [2015-02-01]
ShortcutTarget: PlayerGenerator14_2_2.rar.lnk -> C:\ProgramData\{62f8ff01-a81b-c8d9-62f8-8ff01a81fc06}\PlayerGenerator14_2_2.rar.exe (No File)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.7.0.11
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.7.0.11
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.7.0.11
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.7.0.11
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.7.0.11
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-4166853913-3560998128-3814506462-1009\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-4166853913-3560998128-3814506462-1009\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.7.0.11
HKU\S-1-5-21-4166853913-3560998128-3814506462-1009\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/nl-nl/?ocid=iehp
HKU\S-1-5-21-4166853913-3560998128-3814506462-1009\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\S-1-5-21-4166853913-3560998128-3814506462-1009\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files (x86)\Norton Family\Engine64\3.2.1.34\coIEPlg.dll [2015-06-24] (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation)
BHO-x32: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\coIEPlg.dll [2015-06-24] (Symantec Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.1.1
Tcpip\..\Interfaces\{B8ECE66C-2861-4A3E-88BA-14ACFB90FACC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{B8ECE66C-2861-4A3E-88BA-14ACFB90FACC}: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.1.1
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-02-11] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dict-enlv.xml [2015-06-28]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml [2015-02-08]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\salidzinilv.xml [2015-06-28]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sslv.xml [2015-06-28]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn [2015-07-24]
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.0.0.52\coFFFw
FF Extension: Norton Family - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.0.0.52\coFFFw [2015-07-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\Toms\AppData\Roaming\Mozilla\Firefox\Profiles\c2nxr88h.default\extensions\[email protected]
FF Extension: Fast Start - C:\Users\Toms\AppData\Roaming\Mozilla\Firefox\Profiles\c2nxr88h.default\extensions\[email protected] [2015-02-08]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-24]
CHR Extension: (Google Docs) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-24]
CHR Extension: (Google Drive) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-24]
CHR Extension: (YouTube) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-24]
CHR Extension: (Norton Security Toolbar) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-07-24]
CHR Extension: (Google Search) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-24]
CHR Extension: (Google Sheets) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-24]
CHR Extension: (Norton Identity Safe) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-12-24]
CHR Extension: (Hey Girl) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcpmmhaffdebnmkjelaohgjmndeongip [2015-02-01]
CHR Extension: (Norton™ Family) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp [2014-12-24]
CHR Extension: (Google Wallet) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-24]
CHR Extension: (Gmail) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-24]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-24]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\Extensions\Chrome.crx [2015-07-02]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-24]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\Extensions\Chrome.crx [2015-07-02]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2647256 2014-01-24] (Blue Coat Systems, Inc.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe [282016 2015-07-16] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [File not signed]
R2 NSM; C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\NF.exe [362320 2015-06-24] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [File not signed]
R2 TampMon; C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\TampMon.exe [306488 2015-06-24] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 bckd; C:\Windows\System32\drivers\bckd.sys [126168 2014-01-24] (Blue Coat Systems, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20150706.001\BHDrvx64.sys [1648880 2015-07-11] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 ccSet_NSM; C:\Windows\system32\drivers\NSMx64\0302010.022\ccSetx64.sys [162392 2014-02-24] (Symantec Corporation)
S3 E100B; C:\Windows\system32\DRIVERS\efe5b32e.sys [182656 2013-06-18] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-24] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-24] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20150710.001\IDSVia64.sys [692984 2015-07-11] (Symantec Corporation)
R0 inic1620; C:\Windows\System32\drivers\inic1620.sys [36888 2010-07-21] (Initio Corp.)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150723.033\ENG64.SYS [138488 2015-07-24] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150723.033\EX64.SYS [2146040 2015-07-24] (Symantec Corporation)
R3 RTL8168; C:\Windows\system32\DRIVERS\rtlh64.sys [681688 2015-01-21] (Inventec                                            )
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605020.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-24] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
R3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}; C:\Windows\System32\Drivers\NSMx64\0302010.022\SymRdrS.SYS [245976 2014-10-03] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 cpuz137; \??\C:\Users\NORMU_~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-24 17:40 - 2015-07-24 17:41 - 00023667 _____ C:\Users\Anna\Downloads\FRST.txt
2015-07-24 17:38 - 2015-07-24 17:40 - 00000000 ____D C:\FRST
2015-07-24 17:37 - 2015-07-24 17:37 - 02135552 _____ (Farbar) C:\Users\Anna\Downloads\FRST64.exe
2015-07-24 17:08 - 2015-07-24 17:35 - 00000000 ____D C:\Users\Anna\Downloads\FS2Crew
2015-07-24 17:08 - 2015-07-24 17:08 - 00033166 _____ C:\Users\Anna\Downloads\[rutracker.org].t4662996.torrent
2015-07-24 17:06 - 2015-07-24 17:06 - 03580117 _____ C:\Users\Anna\Downloads\newpilot_001.zlb
2015-07-24 17:05 - 2015-07-24 17:05 - 01450429 _____ C:\Users\Anna\Downloads\newcopilot_001.zlb
2015-07-24 17:02 - 2015-07-24 17:07 - 178457006 _____ (TFDi Design) C:\Users\Anna\Downloads\RYR_ACARS_installer.exe
2015-07-24 17:01 - 2015-07-24 17:36 - 00000000 ____D C:\Users\Anna\AppData\Local\NPE
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2015-07-24 16:20 - 2015-07-24 16:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-07-24 15:06 - 2015-07-24 15:06 - 00007275 _____ C:\Users\Anna\Downloads\EHEH-EPKK.pln
2015-07-24 15:00 - 2015-07-24 15:00 - 00000000 ____D C:\Users\Anna\AppData\Local\HiFi
2015-07-24 14:49 - 2015-07-24 15:14 - 00000000 ____D C:\Users\Anna\AppData\Roaming\Virtuali
2015-07-24 14:49 - 2015-07-24 14:49 - 00000000 ____D C:\Users\Anna\AppData\Roaming\Lockheed Martin
2015-07-24 14:49 - 2015-07-24 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FsDreamTeam
2015-07-24 14:45 - 2014-12-23 13:15 - 00001084 _____ C:\Users\Anna\Desktop\Update.txt
2015-07-24 14:45 - 2014-11-11 17:33 - 00000000 ____D C:\Users\Anna\Desktop\sound
2015-07-24 14:42 - 2015-07-24 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PRO-ATC-X
2015-07-24 14:40 - 2015-07-24 17:31 - 00000000 ____D C:\PRO-ATC-X
2015-07-24 14:33 - 2015-07-24 14:33 - 00001132 _____ C:\Users\Anna\Desktop\Active Sky 2012.lnk
2015-07-24 14:33 - 2015-07-24 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiFi
2015-07-24 14:24 - 2015-07-24 14:25 - 00000000 ____D C:\Users\Anna\Downloads\[FSX] FSDreamTeam - Ground Service X  v.1.8
2015-07-24 14:21 - 2015-07-24 14:21 - 00000000 ____D C:\Users\Anna\AppData\Roaming\HiFi
2015-07-24 14:21 - 2015-07-24 14:21 - 00000000 ____D C:\Program Files (x86)\HiFi
2015-07-24 13:11 - 2015-07-24 16:20 - 00002280 _____ C:\Users\Public\Desktop\Norton 360 Premier.LNK
2015-07-24 12:54 - 2015-07-24 12:55 - 21009885 _____ C:\Users\Anna\Downloads\PMDG_737NGX_SP1c_Crack.rar
2015-07-24 12:37 - 2015-07-24 12:38 - 00000000 ____D C:\Users\Anna\Downloads\Pointsoft - Pro ATC-X
2015-07-24 12:36 - 2015-07-24 14:37 - 00000000 ____D C:\Users\Anna\Downloads\Active Sky 2012
2015-07-24 12:33 - 2015-07-24 12:48 - 154424748 _____ C:\Users\Anna\Downloads\PMDG_737_8900_NGX_3219_SP1c.ZIP
2015-07-24 12:25 - 2015-07-24 12:25 - 00000000 ____D C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
2015-07-24 12:09 - 2015-07-24 12:12 - 174091264 _____ C:\Users\Anna\Downloads\fsx_sp2_ENU.msi
2015-07-24 12:07 - 2015-07-24 12:11 - 218123672 _____ (Microsoft Corporation) C:\Users\Anna\Downloads\fsx_sp1_ENU.exe
2015-07-24 12:05 - 2015-07-24 12:05 - 00000712 _____ C:\Users\Anna\Documents\Desktop - Shortcut.lnk
2015-07-24 12:04 - 2015-07-24 12:04 - 00000000 ____D C:\ProgramData\InstallShield
2015-07-23 12:16 - 2015-07-23 12:46 - 1669147852 _____ C:\Users\Anna\Downloads\nadwcnicoleanistondanny_720p_000.mp4
2015-07-23 10:14 - 2015-07-23 10:14 - 10530443 _____ C:\Users\Anna\Downloads\Database Mod 2.2.2.rar
2015-07-23 10:13 - 2015-07-23 10:13 - 00166421 _____ C:\Users\Anna\Downloads\Enable Debugging Options v1.0.zip
2015-07-22 18:46 - 2015-07-22 18:46 - 00001100 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-07-22 18:46 - 2015-07-22 18:46 - 00000000 ____D C:\Users\Anna\AppData\Local\VS Revo Group
2015-07-22 18:46 - 2015-07-22 18:46 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-07-22 18:46 - 2015-07-22 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-07-22 18:46 - 2015-07-22 18:46 - 00000000 ____D C:\Program Files\VS Revo Group
2015-07-22 18:46 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2015-07-22 11:10 - 2015-07-22 11:10 - 00000000 ____D C:\Users\Anna\AppData\Local\CEF
2015-07-22 11:08 - 2015-07-22 11:09 - 28382694 _____ C:\Users\Anna\Downloads\Williams F1 Team Martini.zip
2015-07-21 10:44 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-07-21 10:44 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-07-21 10:44 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-07-21 10:44 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-07-20 17:14 - 2015-07-20 17:15 - 51190806 _____ C:\Users\Anna\Downloads\Tyres Edition 2014 HD (2).zip
2015-07-20 16:09 - 2015-07-20 16:09 - 00000222 _____ C:\Users\Anna\Desktop\F1 2014.url
2015-07-20 16:09 - 2015-07-20 16:09 - 00000000 ____D C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-20 13:53 - 2015-07-20 13:54 - 51190806 _____ C:\Users\Anna\Downloads\Tyres Edition 2014 HD (1).zip
2015-07-20 13:26 - 2015-07-20 13:26 - 00000000 ____D C:\Users\Anna\Documents\My Games
2015-07-20 13:23 - 2015-07-20 13:24 - 51190806 _____ C:\Users\Anna\Downloads\Tyres Edition 2014 HD.zip
2015-07-20 13:22 - 2015-07-20 13:22 - 00000000 ____D C:\Users\Anna\AppData\Local\Steam
2015-07-20 12:58 - 2015-07-20 12:58 - 01414589 _____ C:\Users\Anna\Downloads\veronique_2015-07-07_17-21-27.mp4
2015-07-18 22:43 - 2015-07-22 18:22 - 00000000 ____D C:\Users\Anna\Documents\Funnyjunk
2015-07-17 11:13 - 2015-07-17 11:47 - 00000000 ____D C:\Users\Anna\Documents\GTA San Andreas User Files
2015-07-17 11:03 - 2015-07-17 11:03 - 00001930 _____ C:\Users\Public\Desktop\GTA San Andreas.lnk
2015-07-17 11:03 - 2015-07-17 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-07-17 11:03 - 2015-07-17 11:03 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-07-17 11:01 - 2015-07-17 11:01 - 00040448 ___SH C:\Users\Anna\Documents\Thumbs.db
2015-07-15 22:50 - 2015-07-16 13:48 - 00000000 ____D C:\Users\Anna\Downloads\The Game Plan (2007)
2015-07-15 21:06 - 2015-07-15 21:06 - 00000000 ____D C:\Users\Anna\Downloads\xkoranate-0.3.3
2015-07-15 21:05 - 2011-12-24 22:02 - 00004096 ____H C:\Users\Anna\Documents\._autoracing_race.xml
2015-07-15 21:05 - 2011-12-24 22:02 - 00004096 ____H C:\Users\Anna\Documents\._autoracing_qualifying.xml
2015-07-15 21:05 - 2011-12-24 22:02 - 00004096 ____H C:\Users\Anna\Desktop\._autoracing_race.xml
2015-07-15 21:05 - 2011-12-24 22:02 - 00004096 ____H C:\Users\Anna\Desktop\._autoracing_qualifying.xml
2015-07-15 21:05 - 2011-09-08 00:08 - 00000687 _____ C:\Users\Anna\Documents\autoracing_qualifying.xml
2015-07-15 21:05 - 2011-09-08 00:08 - 00000687 _____ C:\Users\Anna\Desktop\autoracing_qualifying.xml
2015-07-15 21:05 - 2011-09-08 00:06 - 00000683 _____ C:\Users\Anna\Documents\autoracing_race.xml
2015-07-15 21:05 - 2011-09-08 00:06 - 00000683 _____ C:\Users\Anna\Desktop\autoracing_race.xml
2015-07-15 21:04 - 2011-12-24 22:02 - 00004096 ____H C:\Users\Anna\Downloads\._autoracing_race.xml
2015-07-15 21:03 - 2011-12-24 22:02 - 00004096 ____H C:\Users\Anna\Downloads\._autoracing
2015-07-15 21:01 - 2015-07-15 21:01 - 06859966 _____ C:\Users\Anna\Downloads\xkoranate-0.3.3 (1).zip
2015-07-15 16:01 - 2015-07-15 16:01 - 00003500 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-gigabyte-Anna
2015-07-15 16:00 - 2015-07-15 16:00 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2015-07-15 16:00 - 2015-07-15 16:00 - 00000000 ____D C:\Users\Anna\Documents\Adobe
2015-07-15 16:00 - 2015-07-15 16:00 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-07-15 15:56 - 2015-07-15 15:56 - 00001569 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-07-15 15:56 - 2015-07-15 15:56 - 00001557 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2015-07-15 15:56 - 2015-07-15 15:56 - 00000000 ____D C:\Program Files\Adobe
2015-07-15 15:55 - 2015-07-15 16:00 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-15 12:43 - 2011-08-05 22:04 - 679237578 _____ (Macrovision Corporation) C:\Users\Anna\Documents\PMDG 737 NGX.exe
2015-07-15 12:36 - 2015-07-15 12:36 - 00000000 ____D C:\Users\Anna\AppData\Roaming\InstallShield
2015-07-15 12:27 - 2015-07-15 12:32 - 673097415 _____ C:\Users\Anna\Downloads\PMDG 737 NGX SOSIMULADORES.rar
2015-07-15 12:24 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-07-15 12:24 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-07-15 12:24 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-07-15 12:24 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-07-15 12:24 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-07-15 12:24 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-07-15 12:24 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-07-15 12:24 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-07-15 12:24 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-07-15 12:24 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-07-15 12:24 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-07-15 12:24 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-07-15 12:24 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-07-15 12:24 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-07-15 12:24 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-07-15 12:24 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-07-15 12:24 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-07-15 12:24 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-07-15 12:24 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-07-15 12:23 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-07-15 12:23 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-07-15 12:23 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-07-15 12:23 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-07-15 12:23 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-07-15 12:23 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-07-15 12:23 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-07-15 12:23 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-07-15 12:23 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-07-15 12:23 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-07-15 12:23 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-07-15 12:23 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-07-15 12:23 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-07-15 12:23 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-07-15 12:23 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-07-15 12:23 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-07-15 12:23 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-07-15 12:23 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-07-15 12:23 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-07-15 12:23 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-07-15 12:23 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-07-15 12:23 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-07-15 12:23 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-07-15 12:23 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-07-15 12:23 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-07-15 12:23 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-07-15 12:23 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-07-15 12:23 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-07-15 12:23 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-07-15 12:23 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-07-15 12:23 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-07-15 12:23 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-07-15 12:23 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 12:23 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 12:23 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-07-15 12:23 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-07-15 12:23 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-07-15 12:23 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-07-15 12:23 - 2015-03-09 04:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys
2015-07-15 12:22 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-07-15 12:22 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-07-15 12:22 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-07-15 12:22 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-07-15 12:22 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-07-15 12:22 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-07-15 12:22 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-07-15 12:22 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-07-15 12:22 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-07-15 12:22 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-07-15 12:22 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-07-15 12:22 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-07-15 12:22 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-07-15 12:21 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-07-15 12:21 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-07-15 12:21 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-07-15 12:21 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-07-15 12:21 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-07-15 12:21 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-07-15 12:21 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-07-15 12:21 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-07-15 12:21 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-07-15 12:21 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-07-15 12:21 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-07-15 12:21 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-07-15 12:21 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-07-15 12:21 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-07-15 12:21 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-07-15 12:21 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-07-15 12:21 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-07-15 12:21 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-07-15 12:21 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-07-15 12:21 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-07-15 12:21 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-07-15 12:21 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-07-15 12:21 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-07-15 12:21 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-07-15 12:21 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-07-15 12:21 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-07-15 12:21 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-07-15 12:21 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-07-15 12:21 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-07-15 12:21 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-07-15 12:21 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-15 12:21 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-07-15 12:21 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-07-15 12:20 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2015-07-15 12:19 - 2015-07-15 12:20 - 00000000 ____D C:\Users\Anna\Documents\Flight Simulator X Files
2015-07-15 12:19 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-07-15 12:19 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-15 12:19 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-07-15 12:19 - 2015-05-02 01:33 - 00410739 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-07-15 12:19 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-07-15 12:19 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls
2015-07-15 12:18 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-07-15 12:18 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-07-15 12:17 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-07-15 12:17 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 12:16 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-07-15 12:16 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-07-15 12:16 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-07-14 16:33 - 2015-07-16 10:34 - 00000000 ____D C:\ProgramData\Adobe
2015-07-14 16:32 - 2015-07-24 11:44 - 00000000 ____D C:\Users\Anna\AppData\Local\Adobe
2015-07-12 16:44 - 2015-07-12 16:44 - 00000000 ____D C:\Users\Anna\AppData\Roaming\WinRAR
2015-07-12 16:43 - 2015-07-12 16:44 - 06859966 _____ C:\Users\Anna\Downloads\xkoranate-0.3.3.zip
2015-07-12 13:46 - 2015-07-12 13:47 - 00000000 ____D C:\Users\Anna\Documents\Keep this
2015-07-12 13:03 - 2015-07-12 13:03 - 00000000 ____D C:\Users\Toms\Downloads\Formula 1 - 1978 to 2014
2015-07-12 12:30 - 2015-07-12 12:31 - 00000000 ____D C:\Users\Toms\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitcoin Core
2015-07-12 12:30 - 2015-07-12 12:30 - 00000000 ____D C:\Program Files\Bitcoin
2015-07-12 12:11 - 2015-07-24 12:46 - 00000000 ____D C:\Users\Anna\AppData\Local\Spotify
2015-07-12 12:11 - 2015-07-12 12:11 - 00001854 _____ C:\Users\Anna\Desktop\Spotify.lnk
2015-07-12 12:11 - 2015-07-12 12:11 - 00001840 _____ C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-07-12 12:10 - 2015-07-24 16:25 - 00000000 ____D C:\Users\Anna\AppData\Roaming\Spotify
2015-07-11 14:09 - 2015-07-11 14:09 - 00000000 ____D C:\Users\Anna\Documents\New Star GP
2015-07-11 12:42 - 2015-07-11 12:42 - 00263680 _____ C:\Users\Anna\Downloads\Unconfirmed 520907.crdownload
2015-07-07 16:40 - 2015-07-07 16:42 - 186148113 _____ C:\Users\Anna\Downloads\bpov14403-480p.mp4
2015-07-01 16:17 - 2015-07-24 12:05 - 00000000 ____D C:\Users\Anna\AppData\Local\CrashDumps
2015-06-29 19:23 - 2015-07-23 13:06 - 00000000 ____D C:\Users\Anna\AppData\Roaming\vlc
2015-06-29 18:05 - 2015-07-24 17:41 - 00000000 ____D C:\Users\Anna\AppData\Roaming\uTorrent
2015-06-29 18:05 - 2015-06-29 18:05 - 01998432 _____ (BitTorrent Inc.) C:\Users\Anna\Downloads\uTorrent.exe
2015-06-29 18:05 - 2015-06-29 18:05 - 00001234 _____ C:\Users\Toms\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-06-29 17:52 - 2015-06-29 17:52 - 00000000 ____D C:\Users\Anna\AppData\Roaming\BitTorrent
2015-06-28 22:20 - 2015-06-28 22:20 - 00000000 ____D C:\Users\Anna\AppData\Local\GWX
2015-06-27 11:55 - 2015-06-27 12:23 - 1073106724 _____ C:\Users\Toms\Downloads\NBA Draft 2015. 720p.mkv
2015-06-27 11:08 - 2015-06-27 11:09 - 00861848 _____ C:\WINDOWS\Minidump\062715-51921-01.dmp
2015-06-27 11:08 - 2015-06-27 11:08 - 633661635 _____ C:\WINDOWS\MEMORY.DMP
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-24 17:40 - 2014-12-24 12:00 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4166853913-3560998128-3814506462-1009
2015-07-24 17:37 - 2014-09-07 16:45 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-07-24 17:35 - 2015-05-23 11:17 - 02043046 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-24 17:34 - 2014-09-03 15:59 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-24 17:32 - 2015-05-23 12:28 - 00018322 _____ C:\WINDOWS\setupact.log
2015-07-24 17:32 - 2015-05-01 22:37 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-07-24 17:32 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-24 17:16 - 2014-09-03 15:59 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-24 17:13 - 2015-02-08 17:06 - 00000360 _____ C:\WINDOWS\Tasks\bench-sys.job
2015-07-24 17:11 - 2014-08-16 11:39 - 00000000 ____D C:\ProgramData\Norton
2015-07-24 17:07 - 2014-08-18 20:48 - 00000000 ____D C:\ProgramData\firebird
2015-07-24 17:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-24 17:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-24 16:23 - 2015-05-24 09:24 - 00028596 _____ C:\WINDOWS\PFRO.log
2015-07-24 16:23 - 2014-12-24 11:54 - 00000000 ____D C:\Users\Anna
2015-07-24 16:23 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-07-24 16:21 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-24 16:20 - 2014-08-16 12:01 - 00003206 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-07-24 16:20 - 2014-08-16 12:01 - 00000000 ____D C:\WINDOWS\system32\Drivers\N360x64
2015-07-24 15:49 - 2014-12-24 11:55 - 00000000 ____D C:\Users\Anna\AppData\Local\VirtualStore
2015-07-24 15:46 - 2014-12-14 13:44 - 00000000 ____D C:\ProgramData\TEMP
2015-07-24 14:49 - 2014-12-14 12:52 - 00000000 ____D C:\ProgramData\Esellerate
2015-07-24 14:34 - 2015-05-23 18:13 - 00324851 _____ C:\WINDOWS\DirectX.log
2015-07-24 13:11 - 2014-08-16 12:01 - 00111344 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-07-24 13:11 - 2014-08-16 12:01 - 00008214 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2015-07-24 13:11 - 2014-08-16 12:01 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-24 13:09 - 2014-08-16 11:39 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-07-24 12:16 - 2015-02-08 17:06 - 00000360 _____ C:\WINDOWS\Tasks\bench-S-1-5-21-4166853913-3560998128-3814506462-1006.job
2015-07-24 12:00 - 2015-02-07 14:20 - 00002788 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-07-24 12:00 - 2015-02-07 14:20 - 00000841 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-24 12:00 - 2015-02-07 14:20 - 00000000 ____D C:\Program Files\CCleaner
2015-07-24 11:56 - 2014-09-11 17:01 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-24 11:46 - 2014-12-24 12:57 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F51A87E5-8E4A-419F-81B7-161D2FCDB991}
2015-07-22 21:29 - 2014-12-24 11:55 - 00000000 ____D C:\Users\Anna\AppData\Local\Packages
2015-07-22 11:02 - 2015-06-09 16:15 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-22 10:57 - 2013-08-22 16:44 - 00500112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-07-21 11:16 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-18 21:16 - 2014-09-03 16:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-18 21:15 - 2014-09-03 16:46 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-17 11:03 - 2014-08-16 14:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-17 08:09 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-07-16 17:32 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-07-16 17:30 - 2015-04-16 16:25 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-07-16 17:30 - 2015-04-05 12:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-07-16 17:30 - 2015-04-05 12:24 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-16 17:30 - 2014-12-08 11:30 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-07-16 17:30 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-16 17:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-07-16 17:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-07-16 17:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-07-15 16:01 - 2014-12-24 11:55 - 00000000 ____D C:\Users\Anna\AppData\Roaming\Adobe
2015-07-15 15:58 - 2014-09-06 17:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-15 14:20 - 2013-08-22 15:25 - 00000187 _____ C:\WINDOWS\win.ini
2015-07-15 14:18 - 2014-08-15 22:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-07-15 11:43 - 2014-08-16 13:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2015-07-13 23:10 - 2015-03-15 09:00 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2015-03-15 09:00 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-13 21:52 - 2014-08-16 18:10 - 00000000 ____D C:\Users\Toms
2015-07-12 22:32 - 2015-02-09 19:39 - 00000000 ____D C:\Users\Toms\AppData\Roaming\BitTorrent
2015-07-12 14:08 - 2014-08-16 18:15 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4166853913-3560998128-3814506462-1006
2015-07-12 13:46 - 2014-10-28 18:34 - 00000000 ____D C:\Users\Toms\AppData\Roaming\Bitcoin
2015-07-05 18:12 - 2014-08-16 19:24 - 00000000 ____D C:\Users\Toms\AppData\Local\CrashDumps
2015-07-05 17:40 - 2014-08-16 19:58 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{194D30C7-E754-49AD-8BCD-8329BC3E0A47}
2015-07-04 21:36 - 2014-08-16 18:10 - 00000000 ____D C:\Users\Toms\AppData\Local\Packages
2015-07-04 17:47 - 2014-08-24 19:46 - 00000000 ____D C:\Users\Toms\AppData\Roaming\Spotify
2015-07-04 11:37 - 2014-09-10 20:12 - 00000000 ____D C:\Users\Toms\AppData\Roaming\vlc
2015-07-04 11:37 - 2014-08-24 19:48 - 00000000 ____D C:\Users\Toms\AppData\Local\Spotify
2015-07-04 10:34 - 2014-08-16 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 08:43 - 2014-08-15 22:58 - 130333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-07-03 07:51 - 2014-03-18 17:25 - 00876144 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-02 19:40 - 2014-08-16 12:26 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Family
2015-07-02 19:40 - 2014-08-16 12:25 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSMx64
2015-07-02 19:40 - 2014-08-16 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Family
2015-06-29 18:06 - 2014-08-24 19:37 - 00000000 ____D C:\Users\Toms\AppData\Roaming\uTorrent
2015-06-28 14:47 - 2014-09-27 19:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-27 11:08 - 2015-05-08 19:49 - 00000000 ____D C:\WINDOWS\Minidump
 
==================== Files in the root of some directories =======
 
2014-11-11 14:54 - 2014-11-11 14:54 - 0002621 _____ () C:\ProgramData\regid.2010-12.com.tfdidesign_CAEAB1D0-AA72-DBE4-7D2D-8A28AB057354.swidtag
 
Some files in TEMP:
====================
C:\Users\Anna\AppData\Local\Temp\_is1EE7.exe
C:\Users\Anna\AppData\Local\Temp\_is4C9E.exe
C:\Users\Anna\AppData\Local\Temp\_is6C36.exe
C:\Users\Anna\AppData\Local\Temp\_isB020.exe
C:\Users\Anna\AppData\Local\Temp\_isB67D.exe
C:\Users\Anna\AppData\Local\Temp\_isD0EE.exe
C:\Users\Anna\AppData\Local\Temp\_isE988.exe
C:\Users\Anna\AppData\Local\Temp\_isF07D.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-18 17:56
 
==================== End of log ============================

  • 0

Advertisements


#2
twamstfi

twamstfi

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015

Ran by Anna at 2015-07-24 19:37:11
Running from C:\Users\Anna\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4166853913-3560998128-3814506462-500 - Administrator - Disabled)
Anna (S-1-5-21-4166853913-3560998128-3814506462-1009 - Administrator - Enabled) => C:\Users\Anna
ASPNET (S-1-5-21-4166853913-3560998128-3814506462-1007 - Limited - Enabled)
Guest (S-1-5-21-4166853913-3560998128-3814506462-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4166853913-3560998128-3814506462-1005 - Limited - Enabled)
Inese (S-1-5-21-4166853913-3560998128-3814506462-1008 - Limited - Enabled) => C:\Users\Inese
normu_000 (S-1-5-21-4166853913-3560998128-3814506462-1001 - Administrator - Enabled) => C:\Users\normu_000
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton 360 Premier (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Premier (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Premier (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
1Checker 2.1.4.0 (HKLM-x32\...\{2579BD20-98A3-44E4-BFDD-F75F02F4F5AD}_is1) (Version: 2.1.4.0 - Greedy Intelligence Ltd.)
64 Bit HP CIO Components Installer (Version: 16.2.1 - Hewlett-Packard) Hidden
Active Sky 2012 (HKLM-x32\...\{A9C7C8A6-22A5-2012-8E5A-F77D709A9489}_is1) (Version: 13.1.4826.8230 - HiFi Technologies, Inc.)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
Blue Coat K9 Web Protection (HKLM\...\Blue Coat K9 Web Protection) (Version: 4.4.276 - Blue Coat Systems, Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{4FCF716C-CEB4-499D-AFB8-A5375105EC2A}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.02 - NCH Software)
F1 2014 (HKLM-x32\...\Steam App 226580) (Version:  - Codemasters)
FM Genie Scout 15 version 1.0 15.3.2 beta 13 (HKLM-x32\...\FM Genie Scout 15_is1) (Version: 1.0 15.3.2 beta 13 - )
FMRTE 14.1.3.3 (HKLM\...\{D0E2EE37-5AA9-4B4F-8D3F-5D5459778864}_is1) (Version: 14.1.3.3 - Raul Bravo)
FMRTE 15.3.0.12 (HKLM\...\{6D986DE6-CA9D-4E83-B49C-18C0BFEB6AD6}_is1) (Version: 15.3.0.12 - FMRTE)
Football Manager 2015 (HKLM-x32\...\Steam App 295270) (Version:  - Sports Interactive)
Football Manager 2015 Editor (HKLM-x32\...\Steam App 295350) (Version:  - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FSDreamTeam GSX FSX (HKLM-x32\...\FSDreamTeam GSX FSX_is1) (Version: 1.8.4 - VIRTUALI s.a.s.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ESP SimConnect Client v1.0.20.0 (HKLM-x32\...\{C0A9FCC1-9725-4679-8AC2-FE501B139B63}) (Version: 1.0.20.0 - Microsoft Corporation)
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{4847BBB9-EADD-4C92-90BF-4223B0892FF6}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 lv) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 lv)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 11 (HKLM-x32\...\{B3CC1123-88CA-4FC4-B93C-CF40F435995A}) (Version: 11.0.15902 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 12.0.4000 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1006 - Nero AG)
Nero Prerequisite Installer 1.0 (HKLM-x32\...\{E4B86819-E9B8-4089-963B-DF5E70E7A05E}) (Version: 11.0.13100 - Nero AG)
New Star GP 1.34 (HKLM-x32\...\{2AC22CBC-1E34-4942-BC27-890E5DD3F8BC}}_is1) (Version:  - New Star Games Ltd)
Norton 360 Premier (HKLM-x32\...\N360) (Version: 22.5.2.15 - Symantec Corporation)
Norton Family (HKLM-x32\...\NSM) (Version: 3.2.1.34 - Symantec Corporation)
NVIDIA Graphics Driver 307.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.68 - NVIDIA Corporation)
NVIDIA nView 136.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.53 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenGL Extensions Viewer 3.0 (HKLM-x32\...\GLVIEW3) (Version: 408 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PMDG 737 8900 NGX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.00.2888 - PMDG Simulations, LLC.)
Prepar3D v2 Professional Bundle (x32 Version: 2.4.11570.0 - Lockheed Martin) Hidden
Prepar3D v2 Professional Plus Bundle (x32 Version: 2.5.12942.0 - Lockheed Martin) Hidden
PRO-ATC/X version 1.2.2.6 (HKLM-x32\...\PRO-ATC/X_is1) (Version: 1.2.2.6 - )
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
System Requirements Lab Detection (HKLM-x32\...\{6130C929-D9B0-4B66-87A7-64A6E3ECAA80}) (Version: 6.1.4.0 - Husdawg, LLC)
SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com)
Spotify (HKU\S-1-5-21-4166853913-3560998128-3814506462-1009\...\Spotify) (Version: 1.0.9.133.gcedaee38 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SubprogAppend (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{d65a1a66}) (Version:  - SubprogAppend) <==== ATTENTION
Thrustmaster Calibration Tool (HKLM-x32\...\{44B660BB-EAC5-4D4F-9890-C607DD5F7630}) (Version: 1.03.0000 - Thrustmaster)
Thrustmaster FFB Wheel driver (HKLM-x32\...\{57F9C8E9-A9B8-4E19-9AC2-F21EC5094B84}) (Version: 2.FFJ.2007 - Thrustmaster)
Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 2.FFD.2009 - Thrustmaster)
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version:  - Microsoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)
VirtualDJ 8 (HKLM-x32\...\{2697462E-3CD8-462A-A164-7E8F389FBF6C}) (Version: 8.0.2191.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
09-07-2015 17:32:51 Windows Update
15-07-2015 11:42:48 Installed Microsoft Flight Simulator X
17-07-2015 11:04:04 Installed GTA San Andreas
21-07-2015 11:15:46 Windows Update
22-07-2015 18:19:49 Removed PMDG 737 8900 NGX
22-07-2015 18:48:18 Revo Uninstaller Pro's restore point - PMDG 737 8900 NGX
22-07-2015 18:58:41 Revo Uninstaller Pro's restore point - PMDG 737 8900 NGX
24-07-2015 12:03:25 Removed PMDG 737 8900 NGX
24-07-2015 12:15:23 Installed Microsoft Flight Simulator X Service Pack 2
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {099A9D22-FD7D-4551-9F4D-702B13D188BE} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {124969D4-278F-41E1-ABF8-F2440878B1ED} - System32\Tasks\{31F32BDA-165D-4962-9882-37C0E52260D2} => pcalua.exe -a C:\Users\Toms\AppData\Roaming\mystartsearch\UninstallManager.exe -c  -ptid=epom
Task: {243E3900-D2D9-48AC-9E66-0A7D0C8E80AD} - System32\Tasks\Norton Family\Norton Error Analyzer => C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {29BFE2CB-251B-42A1-9145-F52AC841FFB9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-03] (Google Inc.)
Task: {2B4ED9DD-7A3F-401F-A509-4E3126E80D40} - System32\Tasks\Norton Family\Norton Error Processor => C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {32777B93-A642-4AC0-B3EE-015967C9E770} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {3C9A2DF8-DAAD-4A89-9565-89A30A525E8B} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {40F23155-064D-4E42-8CFB-BBFC81EE6C41} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {499ED5D6-0AF2-4B09-BBC1-97BC6B05C87D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {51C3331D-39A8-4752-B080-4D6F786D6698} - System32\Tasks\{703B60FE-53CD-4CEE-837C-B5A2A8131804} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe -c /M{9527A496-5DF9-412A-ADC7-168BA5379CA6}
Task: {54FAD703-E34E-4EB7-B5D2-3972AE4661DC} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-10-14] () <==== ATTENTION
Task: {5A68CE4D-6672-41BC-8D1F-8E8926315C93} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-03] (Google Inc.)
Task: {5A7B5D1B-744C-44C1-9A17-32F4E5246C7C} - System32\Tasks\AdobeAAMUpdater-1.0-gigabyte-Anna => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {5DB943C9-5CD0-4CE8-9502-4DE2C62C5579} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)
Task: {6C59D67C-23A3-4383-879D-9323955EB1B2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {776F840C-B4F7-4071-B884-611769FF532E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {88C54AC7-4767-41A0-BF64-D32ECC936A56} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {93221C20-41F5-4EE6-AF0A-80ACA4E6F83B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D0228A8A-2EAA-4AF3-BAC3-57F3165E7F1C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {E23A541B-489A-4780-AD0D-8069F00978FF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {F02039AA-B510-44B1-A75F-AF02352FE150} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {F11BDE53-D146-4E0E-B756-DE779ACABDDA} - System32\Tasks\bench-S-1-5-21-4166853913-3560998128-3814506462-1006 => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-10-14] () <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\bench-S-1-5-21-4166853913-3560998128-3814506462-1006.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-07-02 13:44 - 2013-08-21 04:06 - 00723272 ____R () C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\cfi.dll
2015-02-01 16:42 - 2015-01-27 05:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libglesv2.dll
2015-02-01 16:42 - 2015-01-27 05:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libegl.dll
2015-02-01 16:42 - 2015-01-27 05:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\pdf.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:74603393
AlternateDataStreams: C:\Users\normu_000\OneDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TampMon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TampMon => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4166853913-3560998128-3814506462-1009\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "Andy"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [TCP Query User{73DAD814-B9F3-4FD7-9AC2-6AD5BBE2ACD2}C:\users\toms\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\toms\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{651BEDEA-CDA4-4B5D-8BCD-5D329B4F9072}C:\users\toms\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\toms\appdata\roaming\spotify\spotify.exe
FirewallRules: [{580CCA7F-0A77-4B07-8546-09AB1B8A865D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1808296B-984F-4E9B-AB83-A3A5A4614D2D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{183A8CD4-5152-4A82-BC92-929FED85535C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D4883831-A579-4EBC-BA3A-B09BA33346EE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BA7CB72C-523D-46B2-BD78-2C796D80BC55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4CD5D424-9F50-4E56-BA3C-4711169533D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{852E7A43-4E4A-4732-B0B6-1BDC29D5E71B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{05A31993-292D-47F9-9C83-F2BF1179360B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{0BDFD077-A2D8-4D69-B59C-9DFEB6FDB350}C:\users\toms\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\toms\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [UDP Query User{ADAF3DA2-6ACC-48B2-A4D4-9C8269B46902}C:\users\toms\appdata\roaming\torrentstream\engine\tsengine.exe] => (Allow) C:\users\toms\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [{A6DAC966-77D2-4EDF-8E5C-12EEC6388DF5}] => (Block) C:\users\toms\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [{03820AA3-107F-458C-B49E-27F119A5B06F}] => (Block) C:\users\toms\appdata\roaming\torrentstream\engine\tsengine.exe
FirewallRules: [TCP Query User{760F16F5-48BA-4FA9-B35E-6B38232FC9BA}C:\users\toms\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\toms\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E24854E2-33A0-4E0B-83DE-E445A8D55BF0}C:\users\toms\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\toms\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3E60559A-7B73-4303-BFD0-2DA0663F3C92}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5C16C541-806C-4EDD-8A17-AD00BD96B42F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{FFE7D54C-0DA4-4969-BF5C-772E0F8FDF02}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{DC844200-A249-4A52-AEE2-4738A8E552CE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C2230C25-BC2D-4F5A-AB84-1BDBD2ADC5A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3D4116B1-B0DD-40BB-80BE-0F9895AAD885}] => (Allow) C:\Users\Toms\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{42D7FEBA-BE46-4F1A-9D23-DDB04F88DDA5}] => (Allow) C:\Users\Toms\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{2199A44B-2FE7-47BA-BE45-EC29F595BEEC}C:\users\toms\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\toms\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{88FBF942-0191-404A-92CB-394BEB504DDA}C:\users\toms\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\toms\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [{AB36B875-3163-43A7-8B78-E7C935A894ED}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{51658143-0978-4F4F-80C3-57CAC809BCCB}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{3AF5B168-3967-44FF-B315-E6A4808EE9C8}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{1FA68C1F-2070-47BC-A8DE-1F3300E279FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2015\fm.exe
FirewallRules: [{43262F20-110E-4EBF-A480-2CAEB04A224E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2015\fm.exe
FirewallRules: [{C26E4764-C518-49A4-B0C2-F474FBCE9601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2015 Editor\editor.exe
FirewallRules: [{E7CF50B4-0761-43A6-B99E-E4D7CEF64856}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2015 Editor\editor.exe
FirewallRules: [{6A02E75D-58AE-4754-B3BC-BC10F66551AB}] => (Allow) C:\Users\Anna\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0148F000-0970-4F18-86B5-189796BC1B60}] => (Allow) C:\Users\Anna\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FE038D1A-F0E1-4200-B3DE-A6A3C88FE9AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\F1 2014\F1_2014.exe
FirewallRules: [{C5A37ABD-D141-4FB5-B4A3-64A054B64F0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\F1 2014\F1_2014.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Intel® PRO/100+ Management Adapter with Alert On LAN*
Description: Intel® PRO/100+ Management Adapter with Alert On LAN*
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: E100B
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/24/2015 04:19:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.17667, time stamp: 0x54c6f7c2
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0xc06d007e
Fault offset: 0x0000000000008b9c
Faulting process ID: 0xde4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report ID: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5
 
Error: (07/24/2015 12:15:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (07/24/2015 12:05:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: _is4C9E.exe, version: 12.0.0.49974, time stamp: 0x4474907b
Faulting module name: ISRT.dll_unloaded, version: 12.0.0.49974, time stamp: 0x446a0c9c
Exception code: 0xc000041d
Fault offset: 0x00042ea0
Faulting process ID: 0x938
Faulting application start time: 0x_is4C9E.exe0
Faulting application path: _is4C9E.exe1
Faulting module path: _is4C9E.exe2
Report ID: _is4C9E.exe3
Faulting package full name: _is4C9E.exe4
Faulting package-relative application ID: _is4C9E.exe5
 
Error: (07/24/2015 12:05:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: _is4C9E.exe, version: 12.0.0.49974, time stamp: 0x4474907b
Faulting module name: ISRT.dll_unloaded, version: 12.0.0.49974, time stamp: 0x446a0c9c
Exception code: 0xc0000005
Fault offset: 0x00042ea0
Faulting process ID: 0x938
Faulting application start time: 0x_is4C9E.exe0
Faulting application path: _is4C9E.exe1
Faulting module path: _is4C9E.exe2
Report ID: _is4C9E.exe3
Faulting package full name: _is4C9E.exe4
Faulting package-relative application ID: _is4C9E.exe5
 
Error: (07/24/2015 12:03:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (07/24/2015 11:51:03 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
Error: (07/23/2015 09:59:30 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
Error: (07/22/2015 07:38:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program RevoUninPro.exe version 3.1.4.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 12c0
 
Start Time: 01d0c49fa2510b52
 
Termination Time: 12
 
Application Path: C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
 
Report Id: 6bf0a909-3098-11e5-bfa1-001a4d460874
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (07/22/2015 06:58:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (07/22/2015 06:53:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program RevoUninPro.exe version 3.1.4.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 14a0
 
Start Time: 01d0c49e276cd632
 
Termination Time: 6
 
Application Path: C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
 
Report Id: 2a0ca7c3-3092-11e5-bfa1-001a4d460874
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (07/24/2015 05:32:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BlueStacks Android Service service failed to start due to the following error: 
%%1053
 
Error: (07/24/2015 05:32:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the BlueStacks Android Service service to connect.
 
Error: (07/24/2015 04:53:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BlueStacks Android Service service failed to start due to the following error: 
%%1053
 
Error: (07/24/2015 04:53:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the BlueStacks Android Service service to connect.
 
Error: (07/24/2015 04:53:01 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 16:23:44 on ‎24/‎07/‎2015 was unexpected.
 
Error: (07/24/2015 04:17:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BlueStacks Android Service service failed to start due to the following error: 
%%1053
 
Error: (07/24/2015 04:17:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the BlueStacks Android Service service to connect.
 
Error: (07/24/2015 12:46:10 PM) (Source: DCOM) (EventID: 10010) (User: gigabyte)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (07/24/2015 12:45:40 PM) (Source: DCOM) (EventID: 10010) (User: gigabyte)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (07/24/2015 12:21:38 PM) (Source: DCOM) (EventID: 10010) (User: gigabyte)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
 
Microsoft Office:
=========================
Error: (07/24/2015 04:19:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2KERNELBASE.dll6.3.9600.1741554505737c06d007e0000000000008b9cde401d0c61ba5464d08C:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\KERNELBASE.dlledb95b95-320e-11e5-bfa3-001a4d460874
 
Error: (07/24/2015 12:15:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (07/24/2015 12:05:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: _is4C9E.exe12.0.0.499744474907bISRT.dll_unloaded12.0.0.49974446a0c9cc000041d00042ea093801d0c5f831e20268C:\Users\Anna\AppData\Local\Temp\_is4C9E.exeISRT.dll7d87a0a9-31eb-11e5-bfa2-001a4d460874
 
Error: (07/24/2015 12:05:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: _is4C9E.exe12.0.0.499744474907bISRT.dll_unloaded12.0.0.49974446a0c9cc000000500042ea093801d0c5f831e20268C:\Users\Anna\AppData\Local\Temp\_is4C9E.exeISRT.dll7b013acf-31eb-11e5-bfa2-001a4d460874
 
Error: (07/24/2015 12:03:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (07/24/2015 11:51:03 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
Error: (07/23/2015 09:59:30 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
Error: (07/22/2015 07:38:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: RevoUninPro.exe3.1.4.012c001d0c49fa2510b5212C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe6bf0a909-3098-11e5-bfa1-001a4d460874
 
Error: (07/22/2015 06:58:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (07/22/2015 06:53:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: RevoUninPro.exe3.1.4.014a001d0c49e276cd6326C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe2a0ca7c3-3092-11e5-bfa1-001a4d460874
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-05-19 19:29:48.375
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-19 19:21:46.497
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-29 19:41:33.021
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-29 18:50:10.842
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-08 15:55:37.841
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-08 13:55:47.159
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-08 11:45:09.797
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-08 11:32:48.344
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-08 11:23:22.721
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-08 11:10:29.037
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Quad CPU Q9300 @ 2.50GHz
Percentage of memory in use: 40%
Total physical RAM: 6142.49 MB
Available physical RAM: 3633.54 MB
Total Virtual: 12286.49 MB
Available Virtual: 9163.31 MB
 
==================== Drives ================================
 
Drive c: (Sys_8_1) (Fixed) (Total:698.48 GB) (Free:283.42 GB) NTFS
Drive d: (FSX DISK 2) (CDROM) (Total:4.05 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 519E9142)
Partition 1: (Active) - (Size=157 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
 
==================== End of log ============================

  • 0

#3
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hello twamstfi,

I apologize for the delay! If you still require assistance, kindly follow the below steps (we are in need of fresh logs):
  • Step 1

    If you haven't already, download 'Farbar Recovery Scan Tool by Farbar' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • The program will initialize. Press Yes to accept the disclaimer.
    • Put a check on Addition.
    • Press the Scan button after.
    • It will produce FRST.txt and Addition.txt on your desktop once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the logs in your next reply.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • Addition.txt (Farbar Recovery Scan Tool)
    • FRST.txt (Farbar Recovery Scan Tool)
Thank you.
  • 0

#4
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a new topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP