Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Multiple Chrome.exe *32


  • Please log in to reply

#1
Operose

Operose

    Member

  • Member
  • PipPip
  • 22 posts

Brief Intro - this is my first post here and I am doing my best to follow your protocols - thanks in advance for any time or help you can give.  I am not a power user but can follow instructions pretty well.  During the last month I have moved house, held family Christmas and fought with the isp for a connection.  Most of this time I have been using a wifi hotspot to get online and having not used one before wasn't sure how much (if any) of my problems were caused by it, the move etc.

 

Over the past month my pc has been running erratically.  Will behave well for up to a week then suddenly start freezing while running applications I use daily (well ok, games...).  When I try to reboot it will often fail to reboot - lights will come on keyboard and mouse.  Monitor will have power but no signal.  Have had to resort to pulling power cord from power point and giving it 5 minutes to boot back up - not that this is always successful.  

 

Have noticed unusual warning from Windows telling me that I am running low on computer resources and suggesting I change my colour scheme to a less demanding one.

 

Software runs with occasional pauses as if another task is running.

 

I paid for a professional technician (from Geeks2u - any relation??) who ensured all drivers were uptodate, CMOS battery was a little loose, he monitored temperature and found it was running 'cool'.  A week after he was here the freezing during gaming sessions is back - as is the rebooting problem.  

 

Following up on the computer resources clue from MicroSoft I brought up the task manager this morning and was horrified to see numerous Chrome.exe *32's hogging a lot of memory.  When CPU Usage is 0% I am still using 25% of memory.  Google led me to a few sites and suggestions - none of which worked - but I eventually landed here and have fingers crossed that you guys can help.

 

I now think I have a malware problem (well duh).  This has taken me by surprise as I use Avast - and have done for years without any type of problem.  I am normally very careful not to get caught with the sneaky 'free' stuff some installers try to dump on you but I vaguely recall going too fast a while back and saying yes to Bing (don't use it and not seen it since).  Sorry I don't have more clues as to how I got in this mess - will be reading up on how to stay out of it for sure.

 

 

 

 

Attached File  OTL.Txt   113.88KB   255 downloads

 

Thanks again - I didn't realise that there were even sites out there that offered this kind of help - it's very heartening to know.

 

Cheers


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
We never charge so no relation other than the similar name.
 
I don't see any malware.  Have you run a boot-time scan with Avast?  It takes forever so I usually let it run at night while I sleep:
 

 
First mute the speakers so it won't wake you up when Windows loads.  Click on the Orange ball.  Click on Scans.  Change Quickscan to Boot-time Scan.  Click on Settings.  Where it says Heuristic Sensitivity click on the last rectangle so that all of them are  orange and it says High.  Check both boxes.  Then change When a threat is found ... to:  Move to Chest.  OK.  Now click on Start.  Close the Avast window and then reboot.  The scan will start.  It will tell you where it will save the report.  Usually it's 
C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.  When Windows loads Click on the Orange Ball then Scan, Then Scan History (at the bottom of the page). Click on the last scan and then Detailed Report.  If it found anything then open the aswBoot.txt file and copy and paste it.  If you can't find it then take a screen shot of the Detailed Report:
 

 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    Please download Farbar Recovery Scan Tool and save it to your Desktop. 
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 
     
    •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 
  •  
     
    Now let's look for non-malware problems:
     
     
    Get the free version of Speccy:
     
    http://www.filehippo...download_speccy  (Look in the upper right for the Download
    Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.) Attach the file to your next post.  Uninstall Speccy.
     
     

    Get Process Explorer
     
    Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
     
    View, Select Column, check Verified Signer, OK
    Options, Verify Image Signatures
     
     
    Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
     
    Wait a full minute then:
     
    File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
     
     

     
    Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
     
    Reboot. 
     
    Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
    sfc  /scannow
     
    (This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
     
    Copy the next two lines:
     
    findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
    notepad \windows\logs\cbs\junk.txt 
     
    Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
    Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
     
     
    1. Please download the Event Viewer Tool by Vino Rosso
    and save it to your Desktop:
    2. Right-click VEW.exe and Run AS Administrator
    3. Under 'Select log to query', select:
     
    * System
    4. Under 'Select type to list', select:
    * Error
    * Warning
     
     
    Then use the 'Number of events' as follows:
     
     
    1. Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button.
    Notepad will open with the output log.
     
     
    Please post the Output log in your next reply then repeat but select Application.
     

    • 0

    #3
    Operose

    Operose

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    Results of Avast's boot-time scan:

     

    01/03/2015 11:12
    Scan of C:
     
    Scan of *STARTUP
     
    File C:\BigFishCache\AssetDownloads\assets_en.zip|>default\javascript\bfg\screen\site_output.js Error 42125 {ZIP archive is corrupted.}
    File C:\Users\Sonya Macey\AppData\Local\Unity\WebPlayer\Uninstall.exe is infected by Win32:Malware-gen, Moved to chest
    File C:\Users\Sonya Macey\AppData\Local\Microsoft\Windows Live Mail\Bigpond (fo 5ff\Inbox\1D5F6787-000007BF.eml|>UPS_Document.zip#2883747588|>UPS mail.exe is infected by Win32:Malware-gen, Moved to chest
    File C:\Users\Sonya Macey\AppData\Local\Microsoft\Windows Live Mail\Bigpond (fo 813\Inbox\7B450FFD-000007CF.eml|>UPS_Document.zip#2883747588|>UPS mail.exe is infected by Win32:Malware-gen, Moved to chest
    File C:\Users\Sonya Macey\AppData\Local\Microsoft\Windows Live Mail\Bigpond (fo 813\Junk E-mail\3D6C2CD6-0000008B.eml|>Document.zip#2150160188|>document.exe is infected by Win32:Trojan-gen, Moved to chest
    File C:\Users\Sonya Macey\AppData\Local\Microsoft\Windows Live Mail\Bigpond (fo 813\Junk E-mail\3D6C2CD6-0000008F.eml|>Document.zip#792287476|>document.exe is infected by Win32:Trojan-gen, Moved to chest
    File C:\Users\Sonya Macey\AppData\Roaming\Mozilla\Firefox\Profiles\t9xx8yyq.default\TestPilotExperimentFiles\study.demographics.20121218.jar|>demographics.js Error 42125 {ZIP archive is corrupted.}
    File C:\Users\Sonya Macey\Documents\Documents\My Received Files\UO\Setup-uokr-2.45.4.2-enu(3).zip|>Setup-uokr-2.45.4.2-enu\data11.cab Error 42125 {ZIP archive is corrupted.}
    File C:\Users\Sonya Macey\Documents\Documents\My Received Files\UO\Setup-uokr-2.45.4.2-enu(3).zip|>Setup-uokr-2.45.4.2-enu\data2.cab Error 42125 {ZIP archive is corrupted.}
    File C:\Users\Sonya Macey\Documents\Documents\My Received Files\UO\Setup-uokr-2.45.4.2-enu(3).zip|>Setup-uokr-2.45.4.2-enu\data6.cab Error 42125 {ZIP archive is corrupted.}
    File C:\Users\Sonya Macey\Documents\Documents\My Received Files\UO\Setup-uokr-2.45.4.2-enu(3).zip|>Setup-uokr-2.45.4.2-enu\data7.cab Error 42125 {ZIP archive is corrupted.}
    File C:\Users\Sonya Macey\Documents\Documents\My Received Files\UO\Setup-uokr-2.45.4.2-enu.zip.dlmpartial|>Setup-uokr-2.45.4.2-enu\data10.cab Error 42125 {ZIP archive is corrupted.}
    File C:\Users\Sonya Macey\Downloads\Setup (1).exe is infected by Win32:Installer-J [PUP], Moved to chest
    File C:\Users\Sonya Macey\Downloads\setup (2).exe is infected by Win32:Installer-I [PUP], Moved to chest
    File C:\Users\Sonya Macey\Downloads\Setup.exe is infected by Win32:Installer-J [PUP], Moved to chest
    Number of searched folders: 37618
    Number of tested files: 1598309
    Number of infected files: 8

    • 0

    #4
    Operose

    Operose

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    AdwCleaner Report:

     

    # AdwCleaner v4.106 - Report created 03/01/2015 at 13:36:01
    # Updated 21/12/2014 by Xplode
    # Database : 2015-01-01.1 [Live]
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Sonya Macey - SONYAMACEY-PC
    # Running from : C:\Users\Sonya Macey\Downloads\AdwCleaner.exe
    # Option : Clean
     
    ***** [ Services ] *****
     
     
    ***** [ Files / Folders ] *****
     
     
    ***** [ Scheduled Tasks ] *****
     
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Registry ] *****
     
     
    ***** [ Browsers ] *****
     
    -\\ Internet Explorer v11.0.9600.17496
     
     
    -\\ Mozilla Firefox v22.0 (en-US)
     
     
    -\\ Google Chrome v
     
     
    -\\ Chromium v
     
     
    *************************
     
    AdwCleaner[R0].txt - [5589 octets] - [01/01/2015 13:23:54]
    AdwCleaner[R1].txt - [930 octets] - [03/01/2015 13:31:25]
    AdwCleaner[S0].txt - [5700 octets] - [01/01/2015 13:32:57]
    AdwCleaner[S1].txt - [852 octets] - [03/01/2015 13:36:01]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [911 octets] ##########

    • 0

    #5
    Operose

    Operose

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    Junkware Removal report:

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.1 (12.28.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by Sonya Macey on Sat 03/01/2015 at 13:44:39.08
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    ~~~ Services
     
     
     
    ~~~ Registry Values
     
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4148502270-941430265-2651384031-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
     
     
     
    ~~~ Registry Keys
     
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}
     
     
     
    ~~~ Files
     
     
     
    ~~~ Folders
     
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{02098AC6-C70E-4626-AF2F-9FFB336C5454}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{047A86FA-80AC-4A10-9CB8-4528DA8AF4AB}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{060F490F-2674-46A9-A668-E5CFD74DFD5F}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{0749FA31-1EC2-4646-9F9D-B03FB2FCCB3A}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{0C4CBFFD-E6B8-4E5E-8E49-75686FA31F8A}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{0C765644-C4FF-4E40-A5F8-B4C655732EF3}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{0CCCA528-86AC-4B9F-9D15-6881BF43C7C0}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{0FA9A3EC-4364-4846-82CC-0910EFABF972}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{10021486-634B-43D0-9774-07637F5C4911}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{12E0A414-8CC9-47B4-A6C7-5529EC946B51}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{147A5DD0-0B1C-45F6-BA8A-0FDAA14E48C9}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{16403248-EE84-498F-8532-228C09CB8153}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{19DBBE24-3855-46FF-99BC-4853E7539882}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{1BD0843F-8F13-4D68-8714-AED9E4D0A73C}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{23515CCE-D947-437D-BC47-C94BDADC41B4}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{27BCFE75-0BAB-4B68-A194-C218D96A7222}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{2DCDA4F4-30E4-4BB6-BFD7-D83CC845D77A}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{2E6CF57B-1439-4868-981B-0D31A462758E}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{34B44A67-7778-4D30-96A1-2477B1B08277}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{3632365C-8118-4483-9B0F-5F375DD0F32F}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{38E1F210-BF5D-4CA8-AB0C-60CD17197C1C}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{3950D6B1-E99A-4756-838A-D7AD34B337BA}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{39D9DC86-26E8-4E46-8E6E-570770F753B5}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{3AE095ED-0426-4C2A-A44A-7C02E50C4C1C}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{49272207-DF67-42CB-8F75-E4CD917B6791}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{4D0B90A4-9779-4F46-A2CE-0FD4CFA0DC27}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{4DC1953C-95F0-4753-8014-FF93E97A8DF3}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{5701AEF8-313F-43E8-886A-2FD59E5C55CD}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{58275F49-8979-4962-871C-DC58C539BDB4}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{59CE1221-87F9-4D38-9BE5-5C4286BA6D94}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{5D634774-B0F6-455D-A6EF-DC3A0CA2C343}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{630690FB-BDFC-4DA5-AABF-3156907681B2}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{6F26EE17-9454-4BDE-9F14-E2A57D09E31C}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{719AB38A-0FDD-4516-8CA4-9BA41848981A}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{78A533A9-803A-4E57-87B1-85432CF6F6FF}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{7CB876E4-25F5-450E-A7DA-536C4E3E6839}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{7D287EC4-2DCB-4EC7-856E-8D45E12D601B}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{800378B9-7504-4A07-9CBC-90CD6C9459ED}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{80ED20C2-98BD-4C80-A8AD-3B88E7762D8A}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{84FD6264-F079-4CFE-A444-B6B764E4B674}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{85079BFB-9278-44AA-88CF-081AFCB02459}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{873751AA-A5FB-4244-BC80-29A06312300C}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{8740F1D5-1F21-4DF0-8B71-E8B0BBE9ADCB}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{87F08076-4EEA-4F6D-8094-9477AD609FCA}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{883BDD85-E989-41B0-9AE8-0B1AD53B5507}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{8932A216-E87E-4BD9-85D5-1A762814101F}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{8BCABB09-9957-46CC-AD54-CD4B1326AC3B}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{8C6FB092-3D25-4D54-A286-00FA9AE55A6B}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{90BAD0BE-D1C7-4A9F-AF75-AFBD84F583CD}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{916B7005-D116-4818-878C-5B68878F1EFC}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{92098F89-354F-4D2C-97CD-3A27902AF749}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{92558B3F-E6F1-4CC2-84BA-3791AD4BE9FB}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{946D6FC1-B89B-41C0-9007-5AA343F5DC1D}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{9866E6E5-700C-49FA-A6C2-45BC7264E3D7}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{996BC7B7-1B4E-4F2B-A2D3-9E0C5A889930}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{9CF6B7CF-CC05-4962-9382-987FB4A69B7E}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{9E7C6115-E80B-49EE-A20D-3EF0BD84B2B2}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{9E7F9BD4-9EC7-4F4F-960E-F66C40811B3E}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{9F0010AF-4639-4D88-B5CB-F7F481211A17}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{A47CFDA2-EB1B-4CCF-AEC5-22B35B1D6FD1}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{A56632F4-ECBB-4D0B-8C52-170B8A89DB6E}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{AE2849BA-91C5-4023-B340-A8295E992EB2}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{B50C7B1F-75E4-4DC0-B20B-84C7119D6787}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{B8D9FEB4-50EA-4ED5-BF99-052EEF3BB83F}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{B8F969A5-D5C7-4CBC-B2AB-B82A307DDD61}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{BC6B1EF0-3BE1-4C81-A6E2-E6EEEA177958}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{BF920624-2E60-4A9F-8990-451BDEC83DCF}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{C5A8BCC4-E0A6-4372-AC2D-D16B76A20B7A}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{CC21535B-C261-45C8-B95C-BAD3FEF20C60}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{CF503222-C1D3-412D-AFF2-0C8BC2C6DC87}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{CFAA2ACD-52D9-4B96-B1B1-9A813DECE7BC}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{D0254071-F014-46A1-858E-BC33F5CD9E4B}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{D1E5CC43-55B5-4F79-B2E9-F7C74B6A764C}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{D5474CFF-5BD9-4785-9D76-8F5A97DA82B6}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{D8F947B5-03C6-458F-922F-36EE2F85A43C}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{DBB6BB9E-4E6A-4E79-8940-72E896A65B9E}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{DC17E7DC-E4C7-49A5-9ECD-2E2EF039B07E}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{DFD60D50-034D-4C50-9E0E-0819DF28181C}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{E4C12DD5-DF5F-478A-BE2C-0846A2524FAA}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{E683B85E-E49A-4AE4-B374-5287B743E857}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{E82F87FF-0CF1-455F-BB41-B84BE76E7EB5}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{EB2083C3-7EF1-483D-8392-61B661321BEB}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{EBDEED97-1181-4360-8233-AAC5B480ACCE}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{EC4F6951-549B-4BA2-B2E0-58078DA6480E}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{EE93C310-3DDC-4435-99E2-7775C39BE113}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{F356D106-5F78-4ADA-A33B-C26492FB1664}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{F4A2A2D2-E9AA-4FE4-8378-6C4993180EC8}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{F5A79E6F-0017-419A-AF9F-FBF1C8CD8D3D}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{F8833401-F63F-4C85-B564-795F2D60F7C9}
    Successfully deleted: [Empty Folder] C:\Users\Sonya Macey\appdata\local\{FD29F399-857B-43F2-A015-CCAD7E43106E}
     
     
     
    ~~~ FireFox
     
    Successfully deleted the following from C:\Users\Sonya Macey\AppData\Roaming\mozilla\firefox\profiles\t9xx8yyq.default\prefs.js
     
    user_pref("browser.startup.homepage", "hxxp://www.news.net/index.php?referid=134");
    user_pref("browser.newtab.url", "hxxp://www.news.net/index.php?referid=134");
     
     
     
    ~~~ Event Viewer Logs were cleared
     
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sat 03/01/2015 at 13:48:40.84
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    • 0

    #6
    Operose

    Operose

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    Farbar Report:

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-01-2015
    Ran by Sonya Macey (administrator) on SONYAMACEY-PC on 03-01-2015 13:53:20
    Running from C:\Users\Sonya Macey\Downloads
    Loaded Profile: Sonya Macey (Available profiles: Sonya Macey)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    (Akamai Technologies, Inc.) C:\Users\Sonya Macey\AppData\Local\Akamai\netsession_win.exe
    (Akamai Technologies, Inc.) C:\Users\Sonya Macey\AppData\Local\Akamai\netsession_win.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    () C:\Users\Sonya Macey\Desktop\TSMApplication.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
    (Curse) C:\Users\Sonya Macey\AppData\Local\Apps\2.0\D9M32OV9.6OY\HXA1L5RH.OJB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
    (Microsoft Corporation) C:\Windows\System32\Locator.exe
    (Dropbox, Inc.) C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
    (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    (Microsoft Corporation) C:\Windows\System32\alg.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Google Inc.) C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
    (Farbar) C:\Users\Sonya Macey\Downloads\FRST64 (1).exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
    HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-15] (Logitech Inc.)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
    HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
    HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-13] (AVAST Software)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
    HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Sonya Macey\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30878816 2014-12-11] (Skype Technologies S.A.)
    HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\Run: [TSMApplication] => C:\Users\Sonya Macey\Desktop\TSMApplication.exe [16861696 2014-10-13] ()
    HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\MountPoints2: {43263683-6a0c-11e3-84a3-005056c00008} - E:\AutoRun.exe
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
    Startup: C:\Users\Sonya Macey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
    Startup: C:\Users\Sonya Macey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\Sonya Macey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
    ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKU\S-1-5-21-4148502270-941430265-2651384031-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
    BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll No File
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Sonya Macey\AppData\Roaming\Mozilla\Firefox\Profiles\t9xx8yyq.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
    FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Sonya Macey\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
    FF Plugin-x32: @TRENDnet.com/CameraPlugin -> C:\Program Files (x86)\TRENDnet\npcamstreamctrl.dll (TRENDnet)
    FF Plugin-x32: @trendnet.com/trendnetcloud -> C:\Program Files (x86)\TRENDnet\npTRENDnetCloud.dll (TRENDnet)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
    FF Plugin HKU\S-1-5-21-4148502270-941430265-2651384031-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Sonya Macey\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-4148502270-941430265-2651384031-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Sonya Macey\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-4148502270-941430265-2651384031-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sonya Macey\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKU\S-1-5-21-4148502270-941430265-2651384031-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
    FF SearchPlugin: C:\Users\Sonya Macey\AppData\Roaming\Mozilla\Firefox\Profiles\t9xx8yyq.default\searchplugins\eq2-at-zam.xml
    FF Extension: OneGreatFamily GenealogyBrowser Launcher Extension - C:\Users\Sonya Macey\AppData\Roaming\Mozilla\Firefox\Profiles\t9xx8yyq.default\Extensions\[email protected] [2011-12-27]
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-06-10]
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-06-19]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-04-06]
    FF HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
     
    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://www.google.com
    CHR StartupUrls: Default -> "hxxp://www.news.net/index.php?referid=134", "hxxp://www.google.com"
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (RootsSearch) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aolcffalbhpnojekmimmelebjchjmmgn [2014-07-21]
    CHR Extension: (WiBit) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejaaogemoligmkbmeafkhnaegkggihf [2012-05-06]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-19]
    CHR Extension: (YouTube) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-06]
    CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2012-08-02]
    CHR Extension: (Google Search) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-06]
    CHR Extension: (OneGreatFamily GenealogyBrowser Launcher) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilhejcnckbfckogclhepclefjbhhldi [2013-11-15]
    CHR Extension: (Avast Online Security) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-13]
    CHR Extension: (Pin It Button) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-12-21]
    CHR Extension: (TinEye Reverse Image Search) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2012-05-06]
    CHR Extension: (Ancestry Family Search Extension) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\iahjgikepkkgkinlhipagkkdgfbobphh [2014-07-21]
    CHR Extension: (Clearly) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2012-05-13]
    CHR Extension: (Love Smoke) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgibfhhccaknggplelmbaepoikkcnllb [2012-05-10]
    CHR Extension: (Load today's links) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\keepgbcgekdilbnpklfknmkfmehppaag [2012-05-06]
    CHR Extension: (Google Wallet) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-13]
    CHR Extension: (Evernote Web Clipper) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2012-05-13]
    CHR Extension: (Gmail) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-06]
    CHR Extension: (RSS Feed Reader) - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2012-11-08]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-18]
    CHR StartMenuInternet: Google Chrome - C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\chrome.exe
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-18] (AVAST Software)
    R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-18] (Avast Software)
    R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-18] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-18] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-18] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-18] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-18] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-18] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-18] ()
    R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-31] (Logitech Inc.)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
    S3 RTL8187; C:\Windows\System32\DRIVERS\wg111v2.sys [340992 2007-12-26] (NETGEAR Inc.)
    R3 skfiltv; C:\Windows\System32\drivers\skfiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
    R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-18] (Avast Software)
    S3 cpuz130; \??\C:\Users\SONYAM~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
    S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S3 gdrv; \??\C:\Windows\gdrv.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-01-03 13:51 - 2015-01-03 13:52 - 02123264 _____ (Farbar) C:\Users\Sonya Macey\Downloads\FRST64 (1).exe
    2015-01-03 13:49 - 2015-01-03 13:49 - 01360233 _____ (Thisisu) C:\Users\Sonya Macey\Downloads\JRT (1).exe
    2015-01-03 13:48 - 2015-01-03 13:48 - 00012356 _____ () C:\Users\Sonya Macey\Desktop\JRT.txt
    2015-01-03 13:44 - 2015-01-03 13:44 - 00000000 ____D () C:\Windows\ERUNT
    2015-01-03 13:42 - 2015-01-03 13:42 - 01707939 _____ (Thisisu) C:\Users\Sonya Macey\Downloads\JRT.exe
    2015-01-03 13:41 - 2015-01-03 13:41 - 00000197 _____ () C:\Windows\system32\2015-01-03-02-41-28.041-AvastVBoxSVC.exe-5892.log
    2015-01-03 13:15 - 2015-01-03 13:15 - 00000197 _____ () C:\Windows\system32\2015-01-03-02-15-39.079-AvastVBoxSVC.exe-1120.log
    2015-01-03 10:43 - 2015-01-03 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    2015-01-02 15:58 - 2015-01-02 15:58 - 00000197 _____ () C:\Windows\system32\2015-01-02-04-58-03.098-AvastVBoxSVC.exe-4336.log
    2015-01-02 15:06 - 2015-01-02 15:06 - 00000197 _____ () C:\Windows\system32\2015-01-02-04-06-54.018-AvastVBoxSVC.exe-3076.log
    2015-01-02 14:59 - 2015-01-02 14:59 - 00036305 _____ () C:\Users\Sonya Macey\Downloads\Addition.txt
    2015-01-02 14:58 - 2015-01-03 13:53 - 00022588 _____ () C:\Users\Sonya Macey\Downloads\FRST.txt
    2015-01-02 14:58 - 2015-01-03 13:53 - 00000000 ____D () C:\FRST
    2015-01-02 14:57 - 2015-01-02 14:58 - 02123264 _____ (Farbar) C:\Users\Sonya Macey\Downloads\FRST64.exe
    2015-01-01 14:01 - 2015-01-01 14:01 - 00094884 _____ () C:\Users\Sonya Macey\Downloads\Extras.Txt
    2015-01-01 14:00 - 2015-01-01 14:19 - 00116610 _____ () C:\Users\Sonya Macey\Downloads\OTL.Txt
    2015-01-01 13:36 - 2015-01-01 13:36 - 00000197 _____ () C:\Windows\system32\2015-01-01-02-36-34.069-AvastVBoxSVC.exe-3108.log
    2015-01-01 13:23 - 2015-01-03 13:36 - 00000000 ____D () C:\AdwCleaner
    2015-01-01 13:22 - 2015-01-01 13:22 - 02173952 _____ () C:\Users\Sonya Macey\Downloads\AdwCleaner.exe
    2015-01-01 13:17 - 2015-01-01 13:17 - 00000197 _____ () C:\Windows\system32\2015-01-01-02-17-09.078-AvastVBoxSVC.exe-3708.log
    2015-01-01 13:09 - 2015-01-01 13:09 - 00000000 ____D () C:\_OTL
    2015-01-01 13:07 - 2015-01-01 13:07 - 00602112 _____ (OldTimer Tools) C:\Users\Sonya Macey\Downloads\OTL.exe
    2015-01-01 12:45 - 2015-01-01 12:45 - 00000197 _____ () C:\Windows\system32\2015-01-01-01-45-21.021-AvastVBoxSVC.exe-3016.log
    2015-01-01 12:38 - 2015-01-01 12:38 - 02755786 _____ () C:\Users\Sonya Macey\Documents\AutoRuns.arn
    2015-01-01 12:29 - 2014-09-11 08:57 - 00593080 _____ (Sysinternals - www.sysinternals.com) C:\Users\Sonya Macey\Desktop\autoruns.exe
    2015-01-01 12:29 - 2014-09-11 08:57 - 00505536 _____ (Sysinternals - www.sysinternals.com) C:\Users\Sonya Macey\Desktop\autorunsc.exe
    2015-01-01 12:29 - 2014-08-05 08:20 - 00049518 _____ () C:\Users\Sonya Macey\Desktop\autoruns.chm
    2015-01-01 12:29 - 2014-08-05 08:20 - 00007005 _____ () C:\Users\Sonya Macey\Desktop\Eula.txt
    2015-01-01 12:24 - 2015-01-01 12:24 - 00511633 _____ () C:\Users\Sonya Macey\Downloads\Autoruns.zip
    2015-01-01 07:55 - 2015-01-01 07:55 - 00000197 _____ () C:\Windows\system32\2014-12-31-20-55-16.096-AvastVBoxSVC.exe-2372.log
    2014-12-31 13:01 - 2014-12-31 13:01 - 00000197 _____ () C:\Windows\system32\2014-12-31-02-01-42.057-AvastVBoxSVC.exe-6160.log
    2014-12-31 12:01 - 2014-12-31 12:01 - 00000197 _____ () C:\Windows\system32\2014-12-31-01-01-22.074-AvastVBoxSVC.exe-2864.log
    2014-12-31 11:27 - 2014-12-31 11:27 - 00000197 _____ () C:\Windows\system32\2014-12-31-00-27-12.072-AvastVBoxSVC.exe-2684.log
    2014-12-31 11:05 - 2014-12-31 11:05 - 00000197 _____ () C:\Windows\system32\2014-12-31-00-05-47.098-AvastVBoxSVC.exe-1576.log
    2014-12-31 10:19 - 2014-12-31 10:19 - 00003322 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-4148502270-941430265-2651384031-1000
    2014-12-30 21:03 - 2014-12-30 21:03 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Roaming\dvdcss
    2014-12-30 16:05 - 2014-12-30 16:05 - 00000197 _____ () C:\Windows\system32\2014-12-30-05-05-02.004-AvastVBoxSVC.exe-2120.log
    2014-12-29 11:52 - 2014-12-29 12:16 - 00000000 ____D () C:\Program Files (x86)\PingPlotter Freeware
    2014-12-29 11:52 - 2014-12-29 11:52 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PingPlotter Freeware
    2014-12-29 11:50 - 2014-12-29 11:50 - 00819000 _____ (Nessoft, LLC) C:\Users\Sonya Macey\Downloads\pngplt_1.exe
    2014-12-29 09:42 - 2014-12-29 09:42 - 00000197 _____ () C:\Windows\system32\2014-12-28-22-42-31.096-AvastVBoxSVC.exe-2776.log
    2014-12-28 18:07 - 2014-12-28 18:07 - 00010614 _____ () C:\Users\Sonya Macey\Documents\Guppy.ods
    2014-12-28 17:37 - 2014-12-28 17:37 - 00000000 ____D () C:\ProgramData\Splashtop
    2014-12-27 15:42 - 2014-12-27 15:42 - 01164056 _____ (Logitech Inc.) C:\Users\Sonya Macey\Downloads\G602Flash.exe
    2014-12-26 16:56 - 2014-12-26 16:57 - 00000197 _____ () C:\Windows\system32\2014-12-26-05-56-43.058-AvastVBoxSVC.exe-3188.log
    2014-12-25 12:00 - 2014-12-25 12:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
    2014-12-25 09:54 - 2014-12-25 09:55 - 00000197 _____ () C:\Windows\system32\2014-12-24-22-54-54.087-AvastVBoxSVC.exe-2428.log
    2014-12-24 22:06 - 2014-12-13 11:47 - 00620176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
    2014-12-24 22:04 - 2014-12-13 21:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 18594432 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2014-12-24 22:04 - 2014-12-13 21:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 00178632 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
    2014-12-24 22:04 - 2014-12-13 21:08 - 00165760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
    2014-12-24 22:04 - 2014-10-10 04:02 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
    2014-12-24 22:04 - 2014-10-10 04:02 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
    2014-12-24 22:04 - 2014-10-09 18:17 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
    2014-12-24 21:59 - 2014-11-22 21:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
    2014-12-24 21:59 - 2014-11-22 21:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
    2014-12-24 11:48 - 2014-12-24 11:48 - 00000197 _____ () C:\Windows\system32\2014-12-24-00-48-50.021-AvastVBoxSVC.exe-5540.log
    2014-12-24 11:39 - 2011-07-28 00:55 - 02604376 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
    2014-12-24 11:39 - 2011-07-08 14:34 - 00065432 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
    2014-12-24 11:39 - 2011-06-14 11:13 - 00177088 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
    2014-12-24 11:39 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
    2014-12-24 11:39 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
    2014-12-24 11:39 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
    2014-12-24 11:39 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
    2014-12-24 11:39 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
    2014-12-24 11:39 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
    2014-12-24 11:38 - 2011-12-13 18:27 - 04718952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
    2014-12-24 11:38 - 2011-12-13 16:58 - 01560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
    2014-12-24 11:38 - 2011-12-13 16:25 - 00200468 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
    2014-12-24 11:38 - 2011-12-12 17:20 - 00100456 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
    2014-12-24 11:38 - 2011-12-09 16:42 - 02684416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
    2014-12-24 11:38 - 2011-12-08 17:28 - 01969768 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
    2014-12-24 11:38 - 2011-12-08 16:27 - 03744872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
    2014-12-24 11:38 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
    2014-12-24 11:38 - 2011-11-22 11:36 - 02615400 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
    2014-12-24 11:38 - 2011-11-18 16:40 - 00219752 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
    2014-12-24 11:38 - 2011-10-18 13:55 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
    2014-12-24 11:38 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
    2014-12-24 11:38 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
    2014-12-24 11:38 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
    2014-12-24 11:38 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
    2014-12-24 11:38 - 2011-08-06 01:29 - 00527872 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
    2014-12-24 11:38 - 2011-08-06 01:29 - 00515584 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
    2014-12-24 11:38 - 2011-08-06 01:29 - 00439808 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
    2014-12-24 11:38 - 2011-07-28 00:55 - 02132824 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
    2014-12-24 11:38 - 2011-07-22 19:35 - 01247848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
    2014-12-24 11:38 - 2011-06-27 14:45 - 03768152 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
    2014-12-24 11:38 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
    2014-12-24 11:38 - 2011-05-05 15:24 - 02085440 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
    2014-12-24 11:38 - 2011-05-02 14:27 - 03308376 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
    2014-12-24 11:38 - 2011-05-02 14:27 - 00426328 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
    2014-12-24 11:38 - 2011-05-02 14:27 - 00136024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
    2014-12-24 11:38 - 2011-05-02 14:27 - 00118104 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
    2014-12-24 11:38 - 2011-05-02 14:27 - 00074072 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
    2014-12-24 11:38 - 2010-11-29 14:36 - 00702808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
    2014-12-24 11:38 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
    2014-12-24 11:38 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
    2014-12-24 11:38 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
    2014-12-24 11:38 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
    2014-12-24 11:38 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
    2014-12-24 11:38 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
    2014-12-24 11:38 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
    2014-12-24 11:38 - 2010-10-03 13:46 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
    2014-12-24 11:38 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
    2014-12-24 11:38 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
    2014-12-24 11:38 - 2010-05-06 17:34 - 00334680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
    2014-12-24 11:37 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
    2014-12-24 11:37 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
    2014-12-24 11:37 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
    2014-12-24 11:37 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
    2014-12-24 11:37 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
    2014-12-24 11:37 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
    2014-12-24 11:37 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
    2014-12-24 11:37 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
    2014-12-24 11:37 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
    2014-12-24 11:37 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
    2014-12-24 11:37 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
    2014-12-24 11:37 - 2010-07-22 16:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
    2014-12-24 11:37 - 2009-11-17 18:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
    2014-12-24 11:27 - 2014-12-24 11:27 - 00000197 _____ () C:\Windows\system32\2014-12-24-00-27-58.045-AvastVBoxSVC.exe-3472.log
    2014-12-24 11:22 - 2013-11-27 16:50 - 00000000 ____D () C:\Users\Sonya Macey\Downloads\HECI
    2014-12-24 11:05 - 2013-11-27 16:47 - 00000000 ____D () C:\Users\Sonya Macey\Downloads\INFUpdate
    2014-12-24 11:04 - 2014-12-24 11:20 - 60061952 _____ (Igor Pavlov) C:\Users\Sonya Macey\Downloads\mb_driver_intel_me_6series.exe
    2014-12-24 11:04 - 2014-12-24 11:05 - 01302384 _____ (Igor Pavlov) C:\Users\Sonya Macey\Downloads\mb_driver_chipset_intel_6series.exe
    2014-12-24 10:55 - 2014-12-24 10:55 - 00000892 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
    2014-12-24 10:55 - 2014-12-24 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
    2014-12-24 10:55 - 2014-12-24 10:55 - 00000000 ____D () C:\Program Files\CPUID
    2014-12-24 10:54 - 2014-12-24 10:54 - 01190544 _____ ( ) C:\Users\Sonya Macey\Downloads\hwmonitor_1.26-setup.exe
    2014-12-24 10:51 - 2014-12-24 10:51 - 00000197 _____ () C:\Windows\system32\2014-12-23-23-51-57.069-AvastVBoxSVC.exe-4856.log
    2014-12-24 06:57 - 2014-12-24 06:57 - 00786963 ____N () C:\Windows\Minidump\122414-22900-01.dmp
    2014-12-22 18:06 - 2014-12-22 18:06 - 00000197 _____ () C:\Windows\system32\2014-12-22-07-06-09.083-AvastVBoxSVC.exe-3776.log
    2014-12-22 17:29 - 2014-12-22 17:29 - 00000197 _____ () C:\Windows\system32\2014-12-22-06-29-46.018-AvastVBoxSVC.exe-3200.log
    2014-12-22 17:19 - 2014-12-22 17:19 - 00000197 _____ () C:\Windows\system32\2014-12-22-06-19-57.008-AvastVBoxSVC.exe-2504.log
    2014-12-22 17:13 - 2014-12-22 17:13 - 00000197 _____ () C:\Windows\system32\2014-12-22-06-13-30.082-AvastVBoxSVC.exe-1780.log
    2014-12-22 07:57 - 2014-12-22 07:57 - 00000197 _____ () C:\Windows\system32\2014-12-21-20-57-00.088-AvastVBoxSVC.exe-2952.log
    2014-12-22 07:49 - 2014-12-22 07:49 - 03297294 _____ () C:\Users\Sonya Macey\Downloads\memtest86-usb.zip
    2014-12-21 10:27 - 2014-12-21 10:27 - 00000197 _____ () C:\Windows\system32\2014-12-20-23-27-45.067-AvastVBoxSVC.exe-6340.log
    2014-12-21 09:48 - 2014-12-21 09:49 - 00000197 _____ () C:\Windows\system32\2014-12-20-22-48-30.007-AvastVBoxSVC.exe-1852.log
    2014-12-20 22:01 - 2014-12-20 22:01 - 00000197 _____ () C:\Windows\system32\2014-12-20-11-01-47.001-AvastVBoxSVC.exe-2564.log
    2014-12-19 05:53 - 2014-12-19 05:53 - 00000197 _____ () C:\Windows\system32\2014-12-18-18-53-18.077-AvastVBoxSVC.exe-3572.log
    2014-12-19 05:34 - 2014-12-19 05:35 - 00000197 _____ () C:\Windows\system32\2014-12-18-18-34-58.061-AvastVBoxSVC.exe-3660.log
    2014-12-19 05:11 - 2014-12-19 05:30 - 00498140 ____N () C:\Windows\Minidump\121914-20607-01.dmp
    2014-12-18 21:08 - 2014-12-18 21:08 - 00000197 _____ () C:\Windows\system32\2014-12-18-10-08-26.000-AvastVBoxSVC.exe-3788.log
    2014-12-18 21:00 - 2014-12-18 21:01 - 00000197 _____ () C:\Windows\system32\2014-12-18-10-00-59.059-AvastVBoxSVC.exe-3584.log
    2014-12-18 20:55 - 2014-12-18 20:55 - 00000197 _____ () C:\Windows\system32\2014-12-18-09-55-21.062-AvastVBoxSVC.exe-2808.log
    2014-12-18 19:54 - 2014-12-18 19:55 - 00000197 _____ () C:\Windows\system32\2014-12-18-08-54-58.015-AvastVBoxSVC.exe-3168.log
    2014-12-18 19:18 - 2014-12-18 19:18 - 00000197 _____ () C:\Windows\system32\2014-12-18-08-18-23.060-AvastVBoxSVC.exe-2952.log
    2014-12-18 05:30 - 2014-12-13 16:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-12-18 05:30 - 2014-12-13 14:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-12-17 18:43 - 2014-12-17 18:43 - 00000197 _____ () C:\Windows\system32\2014-12-17-07-43-20.055-AvastVBoxSVC.exe-5744.log
    2014-12-17 18:17 - 2014-12-17 18:17 - 00000197 _____ () C:\Windows\system32\2014-12-17-07-17-51.060-AvastVBoxSVC.exe-3340.log
    2014-12-17 10:43 - 2014-12-17 10:43 - 00000197 _____ () C:\Windows\system32\2014-12-16-23-43-14.001-AvastVBoxSVC.exe-3376.log
    2014-12-16 21:51 - 2014-12-16 21:52 - 00000000 ____D () C:\DynastyAddons
    2014-12-16 21:49 - 2014-12-16 21:49 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dynasty Addons
    2014-12-16 21:49 - 2014-12-16 21:49 - 00000000 ____D () C:\Program Files (x86)\Dynasty Addons Updater
    2014-12-16 21:48 - 2014-12-16 21:48 - 01379114 _____ () C:\Users\Sonya Macey\Downloads\InstallDynastyAddonsUpdater.exe
    2014-12-16 11:52 - 2014-12-16 13:24 - 00012150 _____ () C:\Users\Sonya Macey\Documents\tolerance.odt
    2014-12-15 19:19 - 2014-12-15 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    2014-12-14 16:22 - 2014-12-14 16:22 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Roaming\Oracle
    2014-12-14 16:22 - 2014-09-26 18:42 - 00883624 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
    2014-12-14 16:22 - 2014-09-26 18:42 - 00806824 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
    2014-12-14 16:11 - 2014-09-26 18:42 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-12-14 16:10 - 2014-12-14 16:11 - 00004308 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
    2014-12-14 16:06 - 2014-12-14 16:06 - 00000197 _____ () C:\Windows\system32\2014-12-14-05-06-50.005-AvastVBoxSVC.exe-2092.log
    2014-12-14 15:52 - 2014-12-14 15:52 - 00000197 _____ () C:\Windows\system32\2014-12-14-04-52-47.059-AvastVBoxSVC.exe-5412.log
    2014-12-14 15:35 - 2014-12-14 15:35 - 00000197 _____ () C:\Windows\system32\2014-12-14-04-35-14.054-AvastVBoxSVC.exe-3532.log
    2014-12-14 14:57 - 2014-12-14 14:57 - 00001299 _____ () C:\Users\Sonya Macey\Desktop\FurMark.lnk
    2014-12-14 14:57 - 2014-12-14 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
    2014-12-14 14:57 - 2014-12-14 14:57 - 00000000 ____D () C:\Program Files (x86)\Geeks3D
    2014-12-14 14:53 - 2014-12-14 14:54 - 05407758 _____ (Geeks3D ) C:\Users\Sonya Macey\Downloads\FurMark_1.15.1.0_Setup.exe
    2014-12-14 14:50 - 2014-12-31 22:39 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Roaming\vlc
    2014-12-14 14:48 - 2014-12-30 21:08 - 00001068 _____ () C:\Users\Public\Desktop\VLC media player.lnk
    2014-12-14 14:48 - 2014-12-14 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2014-12-14 14:47 - 2014-12-14 14:47 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
    2014-12-14 14:45 - 2014-12-14 14:45 - 24489269 _____ () C:\Users\Sonya Macey\Downloads\setup_free.exe
    2014-12-14 14:42 - 2014-12-14 14:42 - 00801952 _____ ( ) C:\Users\Sonya Macey\Downloads\Free_Download_Setup.exe
    2014-12-14 14:21 - 2014-12-14 14:21 - 00000197 _____ () C:\Windows\system32\2014-12-14-03-21-10.074-AvastVBoxSVC.exe-6128.log
    2014-12-14 11:35 - 2014-12-14 11:35 - 00000197 _____ () C:\Windows\system32\2014-12-14-00-35-25.042-AvastVBoxSVC.exe-5376.log
    2014-12-14 10:57 - 2014-12-14 10:57 - 00000197 _____ () C:\Windows\system32\2014-12-13-23-57-31.020-AvastVBoxSVC.exe-6904.log
    2014-12-14 10:49 - 2014-12-14 10:49 - 00000000 __SHD () C:\found.000
    2014-12-14 08:12 - 2014-12-14 08:13 - 00000197 _____ () C:\Windows\system32\2014-12-13-21-12-47.000-AvastVBoxSVC.exe-6176.log
    2014-12-14 07:27 - 2014-12-14 07:27 - 00000197 _____ () C:\Windows\system32\2014-12-13-20-27-52.025-AvastVBoxSVC.exe-2260.log
    2014-12-13 22:36 - 2014-12-13 22:36 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
    2014-12-13 22:34 - 2014-11-13 11:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
    2014-12-13 22:34 - 2014-11-13 11:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
    2014-12-13 21:40 - 2014-12-13 21:40 - 00000197 _____ () C:\Windows\system32\2014-12-13-10-40-54.004-AvastVBoxSVC.exe-5364.log
    2014-12-13 21:34 - 2014-12-14 15:58 - 00754950 ____N () C:\Windows\Minidump\121414-22183-01.dmp
    2014-12-13 21:34 - 2014-12-13 21:34 - 00291112 _____ () C:\Windows\Minidump\121314-22386-01.dmp
    2014-12-13 21:13 - 2014-12-13 21:13 - 00000197 _____ () C:\Windows\system32\2014-12-13-10-13-33.099-AvastVBoxSVC.exe-6092.log
    2014-12-12 15:36 - 2014-12-12 15:36 - 00041310 _____ () C:\TSMMABUGGUSA141212153632.zip
    2014-12-12 15:36 - 2014-12-12 15:36 - 00008112 _____ () C:\TSMAMBOLANCE141212153632.zip
    2014-12-12 15:36 - 2014-12-12 15:36 - 00005371 _____ () C:\TSM301287988#1141212153632.zip
    2014-12-12 15:36 - 2014-12-12 15:36 - 00000022 _____ () C:\TSMSOLLUD141212153632.zip
    2014-12-12 15:36 - 2014-12-12 15:36 - 00000022 _____ () C:\TSM141212153632.zip
    2014-12-12 15:32 - 2014-12-12 15:32 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Roaming\TradeSkillMaster
    2014-12-12 14:55 - 2014-10-13 22:23 - 16861696 _____ () C:\Users\Sonya Macey\Desktop\TSMApplication.exe
    2014-12-12 14:54 - 2014-12-12 14:54 - 07672770 _____ () C:\Users\Sonya Macey\Downloads\TSMApplication.zip
    2014-12-12 14:52 - 2014-12-12 14:52 - 04698374 _____ () C:\Users\Sonya Macey\Downloads\tsm_wowuction.lua
    2014-12-12 12:20 - 2014-12-12 12:20 - 00000197 _____ () C:\Windows\system32\2014-12-12-01-20-11.033-AvastVBoxSVC.exe-2352.log
    2014-12-11 20:59 - 2014-12-11 20:59 - 00000197 _____ () C:\Windows\system32\2014-12-11-09-59-04.047-AvastVBoxSVC.exe-4836.log
    2014-12-11 12:27 - 2014-12-11 12:27 - 00000197 _____ () C:\Windows\system32\2014-12-11-01-27-15.018-AvastVBoxSVC.exe-2800.log
    2014-12-11 12:01 - 2014-10-18 13:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2014-12-11 12:01 - 2014-10-18 12:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2014-12-11 12:01 - 2014-07-07 13:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2014-12-11 12:01 - 2014-07-07 13:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
    2014-12-11 12:01 - 2014-07-07 13:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
    2014-12-11 12:01 - 2014-07-07 13:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
    2014-12-11 12:01 - 2014-07-07 12:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2014-12-11 12:01 - 2014-07-07 12:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
    2014-12-11 12:01 - 2014-07-07 12:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
    2014-12-11 12:01 - 2014-07-07 12:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
    2014-12-11 06:17 - 2014-11-11 14:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-12-11 06:17 - 2014-11-11 13:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-12-11 06:17 - 2014-11-11 12:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2014-12-11 06:16 - 2014-11-27 12:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-12-11 06:16 - 2014-11-27 12:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-12-11 06:16 - 2014-11-22 14:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-12-11 06:16 - 2014-11-22 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-12-11 06:16 - 2014-11-22 14:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-12-11 06:16 - 2014-11-22 13:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-12-11 06:16 - 2014-11-22 13:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-12-11 06:16 - 2014-11-22 13:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-12-11 06:16 - 2014-11-22 13:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-12-11 06:16 - 2014-11-22 13:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-12-11 06:16 - 2014-11-22 13:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-12-11 06:16 - 2014-11-22 13:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-12-11 06:16 - 2014-11-22 13:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-12-11 06:16 - 2014-11-22 13:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-12-11 06:16 - 2014-11-22 13:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-12-11 06:16 - 2014-11-22 13:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-12-11 06:16 - 2014-11-22 13:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-12-11 06:16 - 2014-11-22 13:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-12-11 06:16 - 2014-11-22 13:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-12-11 06:16 - 2014-11-22 13:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-12-11 06:16 - 2014-11-22 13:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-12-11 06:16 - 2014-11-22 13:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-12-11 06:16 - 2014-11-22 13:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-12-11 06:16 - 2014-11-22 13:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-12-11 06:16 - 2014-11-22 13:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-12-11 06:16 - 2014-11-22 13:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-12-11 06:16 - 2014-11-22 13:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-12-11 06:16 - 2014-11-22 13:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-12-11 06:16 - 2014-11-22 13:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-12-11 06:16 - 2014-11-22 12:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-12-11 06:16 - 2014-11-22 12:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-12-11 06:16 - 2014-11-22 12:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-12-11 06:16 - 2014-11-22 12:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-12-11 06:16 - 2014-11-22 12:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-12-11 06:16 - 2014-11-22 12:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-12-11 06:16 - 2014-11-22 12:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-12-11 06:16 - 2014-11-22 12:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-12-11 06:16 - 2014-11-22 12:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-12-11 06:16 - 2014-11-22 12:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-12-11 06:16 - 2014-11-22 12:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-12-11 06:16 - 2014-11-22 12:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-12-11 06:16 - 2014-11-22 12:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-12-11 06:16 - 2014-11-22 12:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-12-11 06:16 - 2014-11-22 12:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-12-11 06:16 - 2014-11-22 12:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-12-11 06:16 - 2014-11-22 12:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-12-11 06:16 - 2014-11-22 12:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-12-11 06:16 - 2014-11-22 12:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-12-11 06:16 - 2014-11-22 12:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-12-11 06:16 - 2014-11-22 12:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-12-11 06:16 - 2014-11-22 12:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-12-11 06:16 - 2014-11-22 12:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-12-11 06:16 - 2014-11-22 11:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-12-11 06:16 - 2014-11-22 11:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-12-11 06:15 - 2014-11-08 14:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-12-11 06:15 - 2014-11-08 13:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2014-12-11 06:15 - 2014-10-30 13:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
    2014-12-11 06:15 - 2014-10-30 12:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
    2014-12-11 06:15 - 2014-10-03 13:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2014-12-11 06:15 - 2014-10-03 13:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
    2014-12-11 06:15 - 2014-10-03 13:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2014-12-11 06:15 - 2014-10-03 13:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
    2014-12-11 06:15 - 2014-10-03 13:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
    2014-12-11 06:15 - 2014-10-03 12:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2014-12-11 06:15 - 2014-10-03 12:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
    2014-12-11 06:15 - 2014-10-03 12:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2014-12-11 06:15 - 2014-10-03 12:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
    2014-12-11 06:15 - 2014-10-03 12:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
    2014-12-10 14:36 - 2014-12-10 14:36 - 00000197 _____ () C:\Windows\system32\2014-12-10-03-36-24.005-AvastVBoxSVC.exe-1428.log
    2014-12-08 13:37 - 2014-12-08 13:37 - 00000197 _____ () C:\Windows\system32\2014-12-08-02-37-41.008-AvastVBoxSVC.exe-4796.log
    2014-12-08 13:16 - 2014-12-08 13:17 - 00000197 _____ () C:\Windows\system32\2014-12-08-02-16-59.026-AvastVBoxSVC.exe-3940.log
    2014-12-07 22:32 - 2014-12-07 22:32 - 00000197 _____ () C:\Windows\system32\2014-12-07-11-32-18.017-AvastVBoxSVC.exe-3104.log
    2014-12-07 22:03 - 2014-12-07 22:03 - 00000197 _____ () C:\Windows\system32\2014-12-07-11-03-17.075-AvastVBoxSVC.exe-3584.log
    2014-12-07 12:12 - 2014-12-07 12:12 - 00000197 _____ () C:\Windows\system32\2014-12-07-01-12-01.046-AvastVBoxSVC.exe-4876.log
    2014-12-07 12:05 - 2014-12-07 12:05 - 00646736 ____N () C:\Windows\Minidump\120714-19562-01.dmp
    2014-12-07 10:31 - 2014-12-07 10:31 - 00000197 _____ () C:\Windows\system32\2014-12-06-23-31-29.081-AvastVBoxSVC.exe-1524.log
    2014-12-06 11:22 - 2014-12-06 11:22 - 00000197 _____ () C:\Windows\system32\2014-12-06-00-22-00.062-AvastVBoxSVC.exe-3068.log
    2014-12-06 11:17 - 2014-12-06 11:17 - 00000000 ____D () C:\Program Files (x86)\Belkin
    2014-12-06 11:16 - 2014-12-06 11:16 - 00000000 ____D () C:\Windows\{26F3D17D-4FF9-46D5-9255-A1F9FF6BD7E4}
    2014-12-06 10:36 - 2014-12-06 10:36 - 00000197 _____ () C:\Windows\system32\2014-12-05-23-36-40.067-AvastVBoxSVC.exe-3012.log
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-01-03 13:46 - 2009-07-14 15:45 - 00015344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-01-03 13:46 - 2009-07-14 15:45 - 00015344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-01-03 13:39 - 2014-02-12 05:13 - 00000000 ___RD () C:\Users\Sonya Macey\Dropbox
    2015-01-03 13:39 - 2014-02-10 17:15 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Roaming\Dropbox
    2015-01-03 13:39 - 2013-12-23 22:15 - 00000439 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
    2015-01-03 13:39 - 2011-11-14 05:55 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Roaming\Skype
    2015-01-03 13:39 - 2011-04-12 17:15 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Local\Deployment
    2015-01-03 13:38 - 2013-06-10 16:05 - 00055261 _____ () C:\Windows\setupact.log
    2015-01-03 13:37 - 2011-04-01 14:29 - 00000000 ____D () C:\ProgramData\NVIDIA
    2015-01-03 13:37 - 2009-07-14 16:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-01-03 13:36 - 2013-11-13 16:45 - 00910122 _____ () C:\Windows\PFRO.log
    2015-01-03 13:36 - 2011-04-01 13:09 - 01940560 _____ () C:\Windows\WindowsUpdate.log
    2015-01-03 13:14 - 2012-05-06 12:03 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4148502270-941430265-2651384031-1000UA.job
    2015-01-03 11:12 - 2012-08-07 17:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-01-03 10:50 - 2014-11-16 08:17 - 00001070 _____ () C:\Users\Public\Desktop\WinRAR.lnk
    2015-01-03 10:50 - 2014-11-16 08:17 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2015-01-03 10:50 - 2014-11-16 08:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2015-01-03 10:50 - 2014-11-16 08:17 - 00000000 ____D () C:\Program Files\WinRAR
    2015-01-03 10:49 - 2012-08-07 17:35 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-01-03 10:49 - 2012-08-07 17:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-01-03 10:49 - 2011-05-26 17:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-01-03 10:43 - 2013-06-08 13:45 - 00000000 ____D () C:\Program Files (x86)\7-Zip
    2015-01-03 02:00 - 2011-04-29 17:34 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Local\Adobe
    2015-01-02 21:02 - 2013-11-15 14:20 - 00000144 _____ () C:\Windows\Z.ini
    2015-01-02 15:01 - 2014-11-30 19:10 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Local\Battle.net
    2015-01-01 12:43 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\tracing
    2015-01-01 12:41 - 2014-11-30 19:18 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
    2015-01-01 08:28 - 2013-08-05 13:13 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Roaming\TS3Client
    2015-01-01 08:28 - 2011-11-13 19:43 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-12-31 12:59 - 2012-07-07 17:33 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2014-12-31 11:11 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\system32\NDF
    2014-12-29 22:17 - 2011-04-01 13:08 - 00000000 ____D () C:\Users\Sonya Macey
    2014-12-28 17:39 - 2014-07-26 01:08 - 00001122 _____ () C:\SSUUpdater.log
    2014-12-24 22:07 - 2012-11-20 05:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2014-12-24 11:48 - 2012-05-21 14:49 - 00000000 ____D () C:\Users\Sonya Macey\Documents\WePrint
    2014-12-24 11:42 - 2011-04-01 13:27 - 00000000 ___HD () C:\Program Files (x86)\Temp
    2014-12-24 11:39 - 2012-05-19 10:39 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
    2014-12-24 11:23 - 2011-04-01 13:29 - 00000000 ____D () C:\ProgramData\InstallShield
    2014-12-24 11:23 - 2011-04-01 13:27 - 00000000 ____D () C:\Program Files (x86)\Intel
    2014-12-24 10:47 - 2011-04-24 11:08 - 00000000 ____D () C:\Windows\Minidump
    2014-12-21 09:57 - 2011-11-14 05:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2014-12-21 09:57 - 2011-11-14 05:55 - 00000000 ____D () C:\ProgramData\Skype
    2014-12-18 20:39 - 2009-07-14 16:08 - 00032642 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-12-17 10:51 - 2014-02-12 05:13 - 00001044 _____ () C:\Users\Sonya Macey\Desktop\Dropbox.lnk
    2014-12-17 10:51 - 2014-02-10 17:16 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2014-12-15 21:42 - 2009-07-14 16:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-12-15 06:50 - 2014-11-30 19:10 - 00000000 ____D () C:\Program Files (x86)\Battle.net
    2014-12-14 16:22 - 2012-05-06 10:53 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-12-14 16:21 - 2014-01-23 21:59 - 00000000 ____D () C:\ProgramData\Oracle
    2014-12-13 22:34 - 2011-04-01 14:28 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2014-12-13 21:08 - 2014-01-27 18:14 - 16040184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2014-12-13 21:08 - 2013-12-04 05:22 - 17264312 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2014-12-13 21:08 - 2012-10-10 21:22 - 14128496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
    2014-12-13 21:08 - 2011-04-01 14:28 - 03293136 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2014-12-13 21:08 - 2011-04-01 14:28 - 00027983 _____ () C:\Windows\system32\nvinfo.pb
    2014-12-13 21:08 - 2011-02-23 09:28 - 02897824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2014-12-13 20:18 - 2014-05-18 17:23 - 00000000 ____D () C:\Program Files (x86)\Glyph
    2014-12-13 19:03 - 2012-05-17 20:33 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2014-12-13 19:03 - 2011-01-07 20:49 - 06859408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2014-12-13 19:03 - 2011-01-07 20:49 - 03513488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2014-12-13 19:03 - 2011-01-07 20:48 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    2014-12-13 19:03 - 2011-01-07 20:48 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2014-12-13 19:03 - 2011-01-07 20:48 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2014-12-13 11:12 - 2014-11-30 19:41 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
    2014-12-13 11:12 - 2014-11-30 19:41 - 01291464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
    2014-12-13 11:12 - 2013-12-04 05:08 - 02824504 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
    2014-12-13 11:12 - 2013-12-04 05:08 - 02210040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
    2014-12-13 10:11 - 2012-05-17 20:33 - 04151176 _____ () C:\Windows\system32\nvcoproc.bin
    2014-12-12 12:54 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\rescache
    2014-12-11 12:23 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-12-11 12:07 - 2013-08-15 13:00 - 00000000 ____D () C:\Windows\system32\MRT
    2014-12-11 12:02 - 2011-04-04 17:08 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-12-11 06:08 - 2014-05-18 17:17 - 00000000 ____D () C:\Users\Sonya Macey\Documents\ArcheAge
    2014-12-10 15:15 - 2012-05-06 12:05 - 00002403 _____ () C:\Users\Sonya Macey\Desktop\Google Chrome.lnk
    2014-12-10 14:40 - 2014-11-30 18:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2014-12-07 12:33 - 2014-11-30 19:10 - 00000000 ____D () C:\Users\Sonya Macey\AppData\Roaming\Battle.net
    2014-12-06 11:17 - 2011-04-01 13:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-12-06 10:35 - 2014-06-27 15:42 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
    2014-12-06 10:35 - 2014-06-27 15:42 - 00001164 _____ () C:\Windows\LkmdfCoInst.log
     
    Some content of TEMP:
    ====================
    C:\Users\Sonya Macey\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpq4mnht.dll
    C:\Users\Sonya Macey\AppData\Local\Temp\Quarantine.exe
    C:\Users\Sonya Macey\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2014-12-26 18:08
     
    ==================== End Of Log ============================
     
     
    Addition Report:
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2015
    Ran by Sonya Macey at 2015-01-02 14:59:24
    Running from C:\Users\Sonya Macey\Downloads
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Akamai NetSession Interface (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    Belkin USB Wireless Adaptor (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.10 - Belkin)
    Belkin USB Wireless Adaptor (x32 Version: 1.0.0.10 - Belkin) Hidden
    CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
    Curse Client (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
    Dragons Prophet (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\SOE-Dragons Prophet) (Version: 1.0.3.183 - Sony Online Entertainment)
    Dropbox (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
    Dynasty Addons--Install/Update your Dynasty Addons with this updater (HKLM-x32\...\DynastyAddonsUpdater) (Version:  - )
    EverQuest II (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\SOE-EverQuest II) (Version:  - Sony Online Entertainment)
    Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
    Google Chrome (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Happy Cloud Client (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)
    iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    JB Stock Market Price Data (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\DataUpdater) (Version:  - Norgate Investor Services Pty Ltd)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
    My Photo Box V3 (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\My Photo Box V3) (Version: My Photo Box V3 3.1.2 - My Photo Box)
    NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
    NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    PingPlotter Freeware (HKLM-x32\...\{8C99C3CB-763F-4D87-8ACA-81B6899207B1}) (Version: 1.30.0.11 - Nessoft, LLC)
    ProfitUI Reborn Updater (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\ProfitUI Reborn Updater) (Version:  - Kaldran - EQ2 Valor Server)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
    RIFT (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\RIFT) (Version:  - Trion Worlds, Inc.)
    SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
    Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
    Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
    Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.2.4 - Splashtop Inc.)
    TERA (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\teraenmasse) (Version:  - )
    Unity Web Player (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
    Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{95f75d8b-fb63-43f3-8106-4360c82ced17}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
     
    ==================== Restore Points  =========================
     
    16-11-2014 12:00:24 Windows Update
    18-11-2014 18:25:29 avast! antivirus system restore point
    20-11-2014 12:00:13 Windows Update
    30-11-2014 11:00:32 Scheduled Checkpoint
    30-11-2014 19:41:08 Installed DirectX
    06-12-2014 11:16:44 Installed Belkin USB Wireless Adaptor
    10-12-2014 12:00:11 Windows Update
    11-12-2014 12:00:15 Windows Update
    12-12-2014 12:00:11 Windows Update
    14-12-2014 16:10:04 Installed Java 7 Update 71
    18-12-2014 12:00:11 Windows Update
    25-12-2014 12:00:10 Windows Update
    29-12-2014 11:52:16 Installed PingPlotter Freeware
    01-01-2015 13:10:08 OTL Restore Point - 1/01/2015 1:10:07 PM
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-14 13:34 - 2015-01-01 13:10 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1       localhost
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {046EEDE8-667D-4580-80B4-CA20CED1ABA9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {0E5ADDE5-59D2-451B-B266-61953E49FF08} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
    Task: {230BA4FD-D19F-4B87-8AF1-253292A1383F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4148502270-941430265-2651384031-1000UA => C:\Users\Sonya Macey\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-06] (Google Inc.)
    Task: {2B26BFC2-C406-45DE-9F3C-7584F3B7BC7F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-18] (AVAST Software)
    Task: {3A8B092F-7E26-4B51-A397-DB464C1E29EF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-26] (Piriform Ltd)
    Task: {65617EFD-A3E8-46CE-BF9D-828BE7A4C3F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4148502270-941430265-2651384031-1000Core => C:\Users\Sonya Macey\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-06] (Google Inc.)
    Task: {76CEB712-4107-43B8-9838-8D286C9E2E45} - System32\Tasks\AdobeAAMUpdater-1.0-SonyaMacey-PC-Sonya Macey => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-12-15] (Adobe Systems Incorporated)
    Task: {7DBA9902-E3D8-483A-B76D-A0190F0C90D1} - System32\Tasks\avastBCLRestartS-1-5-21-4148502270-941430265-2651384031-1000 => Chrome.exe 
    Task: {C8F7E8A0-A8A1-4926-8744-3EC04E075FDC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-19] (Adobe Systems Incorporated)
    Task: {EE8347B5-541F-41F0-B04A-A6DB1BDF1628} - System32\Tasks\{36270B3A-E540-4E39-A448-79EAEC359BF7} => pcalua.exe -a D:\BigPondADSL.exe -d D:\
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4148502270-941430265-2651384031-1000Core.job => C:\Users\Sonya Macey\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4148502270-941430265-2651384031-1000UA.job => C:\Users\Sonya Macey\AppData\Local\Google\Update\GoogleUpdate.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2012-05-17 20:33 - 2014-12-13 19:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2014-11-18 18:28 - 2014-11-18 18:28 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
    2014-11-18 18:28 - 2014-11-18 18:28 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
    2014-02-12 05:21 - 2014-02-12 05:21 - 00860160 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
    2014-02-12 05:22 - 2014-02-12 05:22 - 01043968 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
    2014-02-12 05:21 - 2014-02-12 05:21 - 00052736 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
    2014-02-12 05:22 - 2014-02-12 05:22 - 00236032 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
    2014-12-12 14:55 - 2014-10-13 22:23 - 16861696 _____ () C:\Users\Sonya Macey\Desktop\TSMApplication.exe
    2014-11-16 08:06 - 2014-11-16 08:06 - 00016384 ____N () C:\Users\Sonya Macey\AppData\Local\Apps\2.0\D9M32OV9.6OY\HXA1L5RH.OJB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.WowDb.dll
    2014-01-11 08:16 - 2014-01-11 08:14 - 00035840 _____ () C:\Users\Sonya Macey\AppData\Local\Apps\2.0\D9M32OV9.6OY\HXA1L5RH.OJB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.Advertising.dll
    2014-11-16 08:06 - 2014-11-16 08:06 - 00099840 ____N () C:\Users\Sonya Macey\AppData\Local\Apps\2.0\D9M32OV9.6OY\HXA1L5RH.OJB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.CMOD2.dll
    2015-01-01 07:55 - 2015-01-01 07:55 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14123101\algo.dll
    2014-11-18 18:28 - 2014-11-18 18:28 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
    2015-01-02 09:35 - 2015-01-02 09:35 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010101\algo.dll
    2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-11-18 18:28 - 2014-11-18 18:28 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-10-22 11:22 - 2014-10-22 11:22 - 00750080 _____ () C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\libGLESv2.dll
    2015-01-01 13:36 - 2015-01-01 13:36 - 00043008 _____ () c:\Users\Sonya Macey\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzcvzfi.dll
    2014-10-22 11:22 - 2014-10-22 11:22 - 00047616 _____ () C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\libEGL.dll
    2014-10-22 11:22 - 2014-10-22 11:22 - 00863744 _____ () C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
    2014-10-22 11:22 - 2014-10-22 11:22 - 00200704 _____ () C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
    2012-09-08 14:16 - 2012-09-08 14:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
    2012-09-08 14:16 - 2012-09-08 14:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
    2014-12-10 15:15 - 2014-12-06 12:50 - 09009480 _____ () C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll
    2014-12-10 15:15 - 2014-12-06 12:50 - 01677128 _____ () C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\libcef.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\libGLESv2.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00907776 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\platforms\qwindows.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\libEGL.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qgif.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qico.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qjpeg.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qmng.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qsvg.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qtiff.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQuick.2\qtquick2plugin.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQml\Models.2\modelsplugin.dll
    2013-05-15 17:22 - 2013-05-15 17:22 - 16033160 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
    2014-12-10 15:15 - 2014-12-06 12:50 - 01077064 _____ () C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
    2014-12-10 15:15 - 2014-12-06 12:50 - 00211272 _____ () C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\39.0.2171.95\libegl.dll
    2014-12-10 15:15 - 2014-12-06 12:50 - 14913352 _____ () C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
    AlternateDataStreams: C:\ProgramData\TEMP:7D288858
    AlternateDataStreams: C:\ProgramData\TEMP:D7DA89B1
    AlternateDataStreams: C:\Users\Sonya Macey\AppData\Roaming\default.rss:OECustomProperty
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: BITS => 3
    MSCONFIG\Services: Browser => 3
    MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 2
    MSCONFIG\Services: SSUService => 2
    MSCONFIG\Services: WerSvc => 3
    MSCONFIG\Services: WinDefend => 2
    MSCONFIG\Services: WMPNetworkSvc => 2
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    MSCONFIG\startupreg: Google Update => "C:\Users\Sonya Macey\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
     
    ========================= Accounts: ==========================
     
    Administrator (S-1-5-21-4148502270-941430265-2651384031-500 - Administrator - Disabled)
    Guest (S-1-5-21-4148502270-941430265-2651384031-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-4148502270-941430265-2651384031-1002 - Limited - Enabled)
    Sonya Macey (S-1-5-21-4148502270-941430265-2651384031-1000 - Administrator - Enabled) => C:\Users\Sonya Macey
    __vmware_user__ (S-1-5-21-4148502270-941430265-2651384031-1004 - Limited - Enabled)
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (01/02/2015 00:40:19 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
    Error: (01/02/2015 00:40:19 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
    Error: (01/01/2015 01:34:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
    Description: NvStreamSvcNvVAD initialization failed [6]
     
    Error: (01/01/2015 01:34:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
     
    Error: (01/01/2015 01:34:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
    Description: NvStreamSvcNvVAD endpoint registration failed [0]
     
    Error: (01/01/2015 00:28:38 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
    Error: (01/01/2015 10:53:33 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
    Error: (01/01/2015 10:53:33 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
    Error: (01/01/2015 08:24:13 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
    Error: (01/01/2015 08:24:13 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
     
    System errors:
    =============
    Error: (01/02/2015 02:59:21 PM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 02:47:14 PM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 01:31:50 PM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 01:19:43 PM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 00:17:01 PM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 00:04:54 PM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 11:52:21 AM) (Source: ipnathlp) (EventID: 31004) (User: )
    Description: 0
     
    Error: (01/02/2015 11:28:03 AM) (Source: ipnathlp) (EventID: 31004) (User: )
    Description: 0
     
    Error: (01/02/2015 08:56:24 AM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 08:44:16 AM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
     
    Microsoft Office Sessions:
    =========================
    Error: (01/02/2015 00:40:19 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest
     
    Error: (01/02/2015 00:40:19 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnap.exe.Manifest
     
    Error: (01/01/2015 01:34:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
    Description: NvStreamSvcNvVAD initialization failed [6]
     
    Error: (01/01/2015 01:34:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
     
    Error: (01/01/2015 01:34:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
    Description: NvStreamSvcNvVAD endpoint registration failed [0]
     
    Error: (01/01/2015 00:28:38 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest
     
    Error: (01/01/2015 10:53:33 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest
     
    Error: (01/01/2015 10:53:33 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnap.exe.Manifest
     
    Error: (01/01/2015 08:24:13 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest
     
    Error: (01/01/2015 08:24:13 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnap.exe.Manifest
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™ i5-2300 CPU @ 2.80GHz
    Percentage of memory in use: 35%
    Total physical RAM: 12271.43 MB
    Available physical RAM: 7948.96 MB
    Total Pagefile: 24531.61 MB
    Available Pagefile: 19629.05 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB
     
    ==================== Drives ================================
     
    Drive c: (OS) (Fixed) (Total:931.41 GB) (Free:513.86 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6144DA91)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================

    • 0

    #7
    Operose

    Operose

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    Speccy Report:

     

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2015
    Ran by Sonya Macey at 2015-01-02 14:59:24
    Running from C:\Users\Sonya Macey\Downloads
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Akamai NetSession Interface (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    Belkin USB Wireless Adaptor (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.10 - Belkin)
    Belkin USB Wireless Adaptor (x32 Version: 1.0.0.10 - Belkin) Hidden
    CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
    Curse Client (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
    Dragons Prophet (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\SOE-Dragons Prophet) (Version: 1.0.3.183 - Sony Online Entertainment)
    Dropbox (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
    Dynasty Addons--Install/Update your Dynasty Addons with this updater (HKLM-x32\...\DynastyAddonsUpdater) (Version:  - )
    EverQuest II (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\SOE-EverQuest II) (Version:  - Sony Online Entertainment)
    Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
    Google Chrome (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Happy Cloud Client (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)
    iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    JB Stock Market Price Data (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\DataUpdater) (Version:  - Norgate Investor Services Pty Ltd)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
    My Photo Box V3 (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\My Photo Box V3) (Version: My Photo Box V3 3.1.2 - My Photo Box)
    NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
    NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    PingPlotter Freeware (HKLM-x32\...\{8C99C3CB-763F-4D87-8ACA-81B6899207B1}) (Version: 1.30.0.11 - Nessoft, LLC)
    ProfitUI Reborn Updater (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\ProfitUI Reborn Updater) (Version:  - Kaldran - EQ2 Valor Server)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
    RIFT (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\RIFT) (Version:  - Trion Worlds, Inc.)
    SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
    Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
    Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
    Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.2.4 - Splashtop Inc.)
    TERA (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\teraenmasse) (Version:  - )
    Unity Web Player (HKU\S-1-5-21-4148502270-941430265-2651384031-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
    Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{95f75d8b-fb63-43f3-8106-4360c82ced17}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4148502270-941430265-2651384031-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sonya Macey\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
     
    ==================== Restore Points  =========================
     
    16-11-2014 12:00:24 Windows Update
    18-11-2014 18:25:29 avast! antivirus system restore point
    20-11-2014 12:00:13 Windows Update
    30-11-2014 11:00:32 Scheduled Checkpoint
    30-11-2014 19:41:08 Installed DirectX
    06-12-2014 11:16:44 Installed Belkin USB Wireless Adaptor
    10-12-2014 12:00:11 Windows Update
    11-12-2014 12:00:15 Windows Update
    12-12-2014 12:00:11 Windows Update
    14-12-2014 16:10:04 Installed Java 7 Update 71
    18-12-2014 12:00:11 Windows Update
    25-12-2014 12:00:10 Windows Update
    29-12-2014 11:52:16 Installed PingPlotter Freeware
    01-01-2015 13:10:08 OTL Restore Point - 1/01/2015 1:10:07 PM
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-14 13:34 - 2015-01-01 13:10 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1       localhost
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {046EEDE8-667D-4580-80B4-CA20CED1ABA9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {0E5ADDE5-59D2-451B-B266-61953E49FF08} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
    Task: {230BA4FD-D19F-4B87-8AF1-253292A1383F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4148502270-941430265-2651384031-1000UA => C:\Users\Sonya Macey\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-06] (Google Inc.)
    Task: {2B26BFC2-C406-45DE-9F3C-7584F3B7BC7F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-18] (AVAST Software)
    Task: {3A8B092F-7E26-4B51-A397-DB464C1E29EF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-26] (Piriform Ltd)
    Task: {65617EFD-A3E8-46CE-BF9D-828BE7A4C3F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4148502270-941430265-2651384031-1000Core => C:\Users\Sonya Macey\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-06] (Google Inc.)
    Task: {76CEB712-4107-43B8-9838-8D286C9E2E45} - System32\Tasks\AdobeAAMUpdater-1.0-SonyaMacey-PC-Sonya Macey => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-12-15] (Adobe Systems Incorporated)
    Task: {7DBA9902-E3D8-483A-B76D-A0190F0C90D1} - System32\Tasks\avastBCLRestartS-1-5-21-4148502270-941430265-2651384031-1000 => Chrome.exe 
    Task: {C8F7E8A0-A8A1-4926-8744-3EC04E075FDC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-19] (Adobe Systems Incorporated)
    Task: {EE8347B5-541F-41F0-B04A-A6DB1BDF1628} - System32\Tasks\{36270B3A-E540-4E39-A448-79EAEC359BF7} => pcalua.exe -a D:\BigPondADSL.exe -d D:\
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4148502270-941430265-2651384031-1000Core.job => C:\Users\Sonya Macey\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4148502270-941430265-2651384031-1000UA.job => C:\Users\Sonya Macey\AppData\Local\Google\Update\GoogleUpdate.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2012-05-17 20:33 - 2014-12-13 19:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2014-11-18 18:28 - 2014-11-18 18:28 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
    2014-11-18 18:28 - 2014-11-18 18:28 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
    2014-02-12 05:21 - 2014-02-12 05:21 - 00860160 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
    2014-02-12 05:22 - 2014-02-12 05:22 - 01043968 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
    2014-02-12 05:21 - 2014-02-12 05:21 - 00052736 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
    2014-02-12 05:22 - 2014-02-12 05:22 - 00236032 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
    2014-12-12 14:55 - 2014-10-13 22:23 - 16861696 _____ () C:\Users\Sonya Macey\Desktop\TSMApplication.exe
    2014-11-16 08:06 - 2014-11-16 08:06 - 00016384 ____N () C:\Users\Sonya Macey\AppData\Local\Apps\2.0\D9M32OV9.6OY\HXA1L5RH.OJB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.WowDb.dll
    2014-01-11 08:16 - 2014-01-11 08:14 - 00035840 _____ () C:\Users\Sonya Macey\AppData\Local\Apps\2.0\D9M32OV9.6OY\HXA1L5RH.OJB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.Advertising.dll
    2014-11-16 08:06 - 2014-11-16 08:06 - 00099840 ____N () C:\Users\Sonya Macey\AppData\Local\Apps\2.0\D9M32OV9.6OY\HXA1L5RH.OJB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.CMOD2.dll
    2015-01-01 07:55 - 2015-01-01 07:55 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14123101\algo.dll
    2014-11-18 18:28 - 2014-11-18 18:28 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
    2015-01-02 09:35 - 2015-01-02 09:35 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010101\algo.dll
    2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-11-18 18:28 - 2014-11-18 18:28 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-10-22 11:22 - 2014-10-22 11:22 - 00750080 _____ () C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\libGLESv2.dll
    2015-01-01 13:36 - 2015-01-01 13:36 - 00043008 _____ () c:\Users\Sonya Macey\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzcvzfi.dll
    2014-10-22 11:22 - 2014-10-22 11:22 - 00047616 _____ () C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\libEGL.dll
    2014-10-22 11:22 - 2014-10-22 11:22 - 00863744 _____ () C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
    2014-10-22 11:22 - 2014-10-22 11:22 - 00200704 _____ () C:\Users\Sonya Macey\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
    2012-09-08 14:16 - 2012-09-08 14:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
    2012-09-08 14:16 - 2012-09-08 14:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
    2014-12-10 15:15 - 2014-12-06 12:50 - 09009480 _____ () C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll
    2014-12-10 15:15 - 2014-12-06 12:50 - 01677128 _____ () C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\libcef.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\libGLESv2.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00907776 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\platforms\qwindows.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\libEGL.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qgif.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qico.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qjpeg.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qmng.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qsvg.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qtiff.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQuick.2\qtquick2plugin.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
    2014-12-11 06:08 - 2014-12-11 06:08 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQml\Models.2\modelsplugin.dll
    2013-05-15 17:22 - 2013-05-15 17:22 - 16033160 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
    2014-12-10 15:15 - 2014-12-06 12:50 - 01077064 _____ () C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
    2014-12-10 15:15 - 2014-12-06 12:50 - 00211272 _____ () C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\39.0.2171.95\libegl.dll
    2014-12-10 15:15 - 2014-12-06 12:50 - 14913352 _____ () C:\Users\Sonya Macey\AppData\Local\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
    AlternateDataStreams: C:\ProgramData\TEMP:7D288858
    AlternateDataStreams: C:\ProgramData\TEMP:D7DA89B1
    AlternateDataStreams: C:\Users\Sonya Macey\AppData\Roaming\default.rss:OECustomProperty
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: BITS => 3
    MSCONFIG\Services: Browser => 3
    MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 2
    MSCONFIG\Services: SSUService => 2
    MSCONFIG\Services: WerSvc => 3
    MSCONFIG\Services: WinDefend => 2
    MSCONFIG\Services: WMPNetworkSvc => 2
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    MSCONFIG\startupreg: Google Update => "C:\Users\Sonya Macey\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
     
    ========================= Accounts: ==========================
     
    Administrator (S-1-5-21-4148502270-941430265-2651384031-500 - Administrator - Disabled)
    Guest (S-1-5-21-4148502270-941430265-2651384031-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-4148502270-941430265-2651384031-1002 - Limited - Enabled)
    Sonya Macey (S-1-5-21-4148502270-941430265-2651384031-1000 - Administrator - Enabled) => C:\Users\Sonya Macey
    __vmware_user__ (S-1-5-21-4148502270-941430265-2651384031-1004 - Limited - Enabled)
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (01/02/2015 00:40:19 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
    Error: (01/02/2015 00:40:19 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
    Error: (01/01/2015 01:34:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
    Description: NvStreamSvcNvVAD initialization failed [6]
     
    Error: (01/01/2015 01:34:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
     
    Error: (01/01/2015 01:34:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
    Description: NvStreamSvcNvVAD endpoint registration failed [0]
     
    Error: (01/01/2015 00:28:38 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
    Error: (01/01/2015 10:53:33 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
    Error: (01/01/2015 10:53:33 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
    Error: (01/01/2015 08:24:13 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
    Error: (01/01/2015 08:24:13 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
     
     
    System errors:
    =============
    Error: (01/02/2015 02:59:21 PM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 02:47:14 PM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 01:31:50 PM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 01:19:43 PM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 00:17:01 PM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 00:04:54 PM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 11:52:21 AM) (Source: ipnathlp) (EventID: 31004) (User: )
    Description: 0
     
    Error: (01/02/2015 11:28:03 AM) (Source: ipnathlp) (EventID: 31004) (User: )
    Description: 0
     
    Error: (01/02/2015 08:56:24 AM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
    Error: (01/02/2015 08:44:16 AM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description: 
     
     
    Microsoft Office Sessions:
    =========================
    Error: (01/02/2015 00:40:19 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest
     
    Error: (01/02/2015 00:40:19 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnap.exe.Manifest
     
    Error: (01/01/2015 01:34:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
    Description: NvStreamSvcNvVAD initialization failed [6]
     
    Error: (01/01/2015 01:34:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
     
    Error: (01/01/2015 01:34:25 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
    Description: NvStreamSvcNvVAD endpoint registration failed [0]
     
    Error: (01/01/2015 00:28:38 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest
     
    Error: (01/01/2015 10:53:33 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest
     
    Error: (01/01/2015 10:53:33 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnap.exe.Manifest
     
    Error: (01/01/2015 08:24:13 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest
     
    Error: (01/01/2015 08:24:13 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnap.exe.Manifest
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™ i5-2300 CPU @ 2.80GHz
    Percentage of memory in use: 35%
    Total physical RAM: 12271.43 MB
    Available physical RAM: 7948.96 MB
    Total Pagefile: 24531.61 MB
    Available Pagefile: 19629.05 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB
     
    ==================== Drives ================================
     
    Drive c: (OS) (Fixed) (Total:931.41 GB) (Free:513.86 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6144DA91)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================

    • 0

    #8
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,701 posts
    • MVP

    Not seeing anything so far.  You posted the Addition log twice instead of Speccy.  (You probably need to attach the speccy log.  Click on More Reply Options, Choose File, Open, Attach File.


    • 0

    #9
    Operose

    Operose

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    Process Explorer report:

     

    Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
    System Idle Process 95.93 0 K 24 K 0
    procexp64.exe 0.96 35,972 K 61,240 K 2900 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
    Skype.exe 0.85 159,152 K 183,080 K 2904 Skype Skype Technologies S.A. (Verified) Skype Software Sarl
    chrome.exe 0.55 246,016 K 275,196 K 6000 Google Chrome Google Inc. (Verified) Google Inc
    Interrupts 0.38 0 K 0 K n/a Hardware Interrupts and DPCs
    CurseClient.exe 0.18 109,392 K 4,988 K 3252 Curse Client Curse (No signature was present in the subject) Curse
    chrome.exe 0.16 124,960 K 181,252 K 8188 Google Chrome Google Inc. (Verified) Google Inc
    netsession_win.exe 0.14 7,476 K 15,812 K 2716 Akamai NetSession Client Akamai Technologies, Inc. (Verified) Akamai Technologies
    System 0.13 2,276 K 105,356 K 4
    dwm.exe 0.13 36,960 K 38,000 K 1536 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 0.08 31,296 K 49,648 K 688 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    chrome.exe 0.08 93,456 K 144,996 K 7520 Google Chrome Google Inc. (Verified) Google Inc
    csrss.exe 0.07 3,808 K 11,684 K 592 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
    AvastSvc.exe 0.04 81,628 K 40,960 K 1364 avast! Service AVAST Software (Verified) AVAST Software a.s.
    chrome.exe 0.04 72,040 K 95,352 K 8000 Google Chrome Google Inc. (Verified) Google Inc
    nvstreamsvc.exe 0.03 3,756 K 9,228 K 3832 NVIDIA Streamer Service NVIDIA Corporation (Verified) NVIDIA Corporation
    AppleMobileDeviceService.exe 0.03 3,140 K 9,508 K 1980 MobileDeviceService Apple Inc. (Verified) Apple Inc.
    svchost.exe 0.02 27,152 K 26,112 K 316 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    nvstreamsvc.exe 0.02 6,772 K 15,108 K 3856 NVIDIA Streamer Service NVIDIA Corporation (Verified) NVIDIA Corporation
    LCDClock.exe 0.02 5,756 K 10,932 K 3236 Logitech LCD Clock/Performance Monitor Logitech Inc. (Verified) Logitech
    LCore.exe 0.02 32,104 K 46,124 K 2520 Logitech Gaming Framework Logitech Inc. (Verified) Logitech
    nvstreamsvc.exe 0.02 4,492 K 11,268 K 3352 NVIDIA Streamer Service NVIDIA Corporation (Verified) NVIDIA Corporation
    SRServer.exe 0.01 7,636 K 18,040 K 3724 Splashtop® Streamer Splashtop Inc. (Verified) Splashtop Inc.
    svchost.exe 0.01 18,260 K 19,612 K 1184 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    explorer.exe 0.01 54,540 K 83,012 K 4716 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
    avastui.exe 0.01 14,984 K 18,708 K 3172 avast! Antivirus AVAST Software (Verified) AVAST Software a.s.
    LCDMedia.exe 0.01 8,016 K 10,192 K 3156 Logitech G-series Media Display Logitech Inc. (Verified) Logitech
    lsass.exe 0.01 7,524 K 15,736 K 716 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 0.01 15,920 K 23,116 K 536 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    iPodService.exe 0.01 2,472 K 6,720 K 5452 iPodService Module (64-bit) Apple Inc. (Verified) Apple Inc.
    TSMApplication.exe < 0.01 10,216 K 20,160 K 3068 (No signature was present in the subject)
    svchost.exe < 0.01 7,432 K 13,352 K 6180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    Dropbox.exe < 0.01 71,424 K 93,788 K 3668 Dropbox Dropbox, Inc. (Verified) Dropbox
    NvBackend.exe < 0.01 14,868 K 20,784 K 2512 NVIDIA GeForce Experience Backend NVIDIA Corporation (Verified) NVIDIA Corporation
    WLIDSVC.EXE < 0.01 7,344 K 14,748 K 3816 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
    svchost.exe < 0.01 12,028 K 15,488 K 7132 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    lsm.exe < 0.01 2,820 K 4,636 K 724 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
    SRFeature.exe < 0.01 7,156 K 14,900 K 4368 Splashtop® Streamer Feature Splashtop Inc. (Verified) Splashtop Inc.
    SSUService.exe < 0.01 2,792 K 6,164 K 3912 Splashtop Software Updater Service Splashtop Inc. (Verified) Splashtop Inc.
    taskhost.exe < 0.01 13,892 K 14,412 K 2028 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
    csrss.exe < 0.01 2,420 K 4,848 K 532 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
    EvernoteClipper.exe < 0.01 1,960 K 6,520 K 3708 Evernote Clipper Evernote Corp., 305 Walnut Street, Redwood City, CA 94063 (Certificate expired) Evernote Corp., 305 Walnut Street, Redwood City, CA 94063
    LCDPOP3.exe < 0.01 4,336 K 10,004 K 3304 Logitech G-series POP3 Monitor Logitech Inc. (Verified) Logitech
    chrome.exe < 0.01 44,252 K 69,812 K 5104 Google Chrome Google Inc. (Verified) Google Inc
    BingDesktopUpdater.exe < 0.01 3,916 K 8,528 K 2188 Bing Desktop updating service Microsoft Corp. (Verified) Microsoft Corporation
    nvvsvc.exe < 0.01 5,440 K 13,184 K 1432 NVIDIA Driver Helper Service, Version 347.09 NVIDIA Corporation (Verified) NVIDIA Corporation
    svchost.exe < 0.01 6,232 K 9,852 K 984 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    WmiPrvSE.exe < 0.01 19,820 K 25,500 K 3736 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
    iTunesHelper.exe < 0.01 3,988 K 11,724 K 3188 iTunesHelper Apple Inc. (Verified) Apple Inc.
    AvastVBoxSVC.exe < 0.01 9,204 K 15,952 K 5892 AvastVirtualBox Interface Avast Software (Verified) AVAST Software a.s.
    SRService.exe < 0.01 3,296 K 9,340 K 3676 Splashtop® Streamer Service Splashtop Inc. (Verified) Splashtop Inc.
    netsession_win.exe < 0.01 2,996 K 8,184 K 2584 Akamai NetSession Client Akamai Technologies, Inc. (Verified) Akamai Technologies
    NvNetworkService.exe < 0.01 1,920 K 5,664 K 2368 NVIDIA Network Service NVIDIA Corporation (Verified) NVIDIA Corporation
    nvSCPAPISvr.exe < 0.01 2,624 K 5,836 K 940 Stereo Vision Control Panel API Server NVIDIA Corporation (Verified) NVIDIA Corporation
    WmiPrvSE.exe 8,932 K 16,640 K 4316 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
    WLIDSVCM.EXE 1,500 K 3,504 K 3844 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
    winlogon.exe 3,312 K 7,740 K 648 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
    wininit.exe 1,636 K 4,624 K 600 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
    VSSVC.exe 2,332 K 6,968 K 5508 Microsoft® Volume Shadow Copy Service Microsoft Corporation (Verified) Microsoft Windows
    unsecapp.exe 2,324 K 6,164 K 5040 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
    taskeng.exe 2,296 K 6,232 K 2508 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 190,956 K 202,632 K 440 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 1,952 K 5,572 K 3940 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 4,912 K 10,336 K 840 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 25,064 K 28,012 K 1956 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 2,664 K 6,076 K 5696 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 1,840 K 5,228 K 4052 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 1,660 K 4,404 K 7448 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 2,776 K 5,940 K 1068 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    spoolsv.exe 9,308 K 15,812 K 1892 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
    smss.exe 536 K 1,224 K 360 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
    services.exe 8,448 K 14,256 K 700 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
    SearchIndexer.exe 47,548 K 42,008 K 5708 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
    RAVCpl64.exe 9,812 K 11,736 K 2568 Realtek HD Audio Manager Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
    procexp.exe 2,428 K 7,380 K 6940 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
    NvXDSync.exe 8,420 K 19,836 K 1424 NVIDIA User Experience Driver Component NVIDIA Corporation (Verified) NVIDIA Corporation
    nvvsvc.exe 3,156 K 7,960 K 916 NVIDIA Driver Helper Service, Version 347.09 NVIDIA Corporation (Verified) NVIDIA Corporation
    nvtray.exe 5,636 K 12,804 K 2556 NVIDIA Settings NVIDIA Corporation (Verified) NVIDIA Corporation
    nusb3mon.exe 1,760 K 5,324 K 3108 USB 3.0 Monitor Renesas Electronics Corporation (Verified) Renesas Electronics Corporation
    ngservice.exe 1,348 K 3,548 K 6156 avast! NG service AVAST Software (Verified) AVAST Software a.s.
    mDNSResponder.exe 2,548 K 5,984 K 2960 Bonjour Service Apple Inc. (Verified) Apple Inc.
    Locator.exe 916 K 2,252 K 3464 Rpc Locator Microsoft Corporation (Verified) Microsoft Windows
    LCDRSS.exe 7,828 K 16,716 K 3380 Logitech G-series LCD RSS Logitech Inc. (Verified) Logitech
    LCDCountdown.exe 5,752 K 10,300 K 3180 Logitech G-series LCD Countdown Timer Logitech Inc. (Verified) Logitech
    iCloudServices.exe 12,332 K 26,584 K 7844 iCloud Apple Inc. (Verified) Apple Inc.
    GfExperienceService.exe 2,216 K 6,304 K 3028 NVIDIA GeForce Experience Service NVIDIA Corporation (Verified) NVIDIA Corporation
    dllhost.exe 2,784 K 7,328 K 7676 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
    conhost.exe 1,660 K 4,824 K 3968 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
    conhost.exe 1,200 K 3,084 K 3864 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
    chrome.exe 32,460 K 52,792 K 7608 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 28,256 K 48,920 K 7952 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 25,088 K 48,360 K 7556 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 30,428 K 49,564 K 7616 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 25,224 K 48,220 K 416 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 26,492 K 49,972 K 5020 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 35,076 K 54,400 K 6688 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 34,216 K 53,372 K 7404 Google Chrome Google Inc. (Verified) Google Inc
    armsvc.exe 1,204 K 3,916 K 1688 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
    APSDaemon.exe 4,320 K 12,936 K 4172 Apple Push Apple Inc. (Verified) Apple Inc.
    ApplePhotoStreamsDownloader.exe 13,176 K 27,760 K 7796 iCloud Photos Downloader Apple Inc. (Verified) Apple Inc.
    ApplePhotoStreams.exe 15,968 K 32,476 K 2576 iCloud Photos Apple Inc. (Verified) Apple Inc.
    alg.exe 1,448 K 4,328 K 5720 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows

    • 0

    #10
    Operose

    Operose

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    Have replaced the second addition report with the Speccy report (I think)


    • 0

    Advertisements


    #11
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,701 posts
    • MVP

    No Speccy should start like:

     

    Summary
    Operating System
    Windows 7 Home Premium 64-bit SP1
    CPU
    AMD E-450
    40nm Technology
    RAM
    4.00GB DDR3 @ 540MHz (7-7-7-20)
    Motherboard
    Acer Aspire X1430G (CPU 1) 63 °C
    Graphics
    Acer P216HL (1920x1080@60Hz)
    512MB ATI AMD Radeon HD 6300 series Graphics (Acer Incorporated [ALI]) 65 °C
    Storage
    931GB Western Digital WDC WD10 EADX-22TDHB0 SATA Disk Device (SATA) 40 °C
    465GB Maxtor OneTouch USB Device (USB (SATA)) 37 °C
    3GB Generic Flash Disk USB Device (USB)
    Optical Drives
    HL-DT-ST DVDRAM GH70N SATA CdRom Device
    Audio
    Realtek High Definition Audio
    Operating System
    Windows 7 Home Premium 64-bit SP1

     

     


    • 0

    #12
    Operose

    Operose

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

     Hmm okies while hunting the elusive Speccy report, have run the sfc /scannow - verification 100% complete - Windows Resource Protection did not find any integrity violations.


    • 0

    #13
    Operose

    Operose

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    Sorry about the problems with Speccy - got it this time!! (I think)

    Attached Files


    • 0

    #14
    Operose

    Operose

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    Event Viewer 'system' report:

     

    Vino's Event Viewer v01c run on Windows 2008 in English
    Report run at 03/01/2015 2:58:56 PM
     
    Note: All dates below are in the format dd/mm/yyyy
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 03/01/2015 3:33:51 AM
    Type: Error Category: 0
    Event: 34001 Source: Microsoft-Windows-SharedAccess_NAT
    The ICS_IPV6 failed to configure IPv6 stack.
     
    Log: 'System' Date/Time: 03/01/2015 3:30:16 AM
    Type: Error Category: 0
    Event: 7034 Source: Service Control Manager
    The VMware NAT Service service terminated unexpectedly.  It has done this 1 time(s).
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 03/01/2015 3:30:26 AM
    Type: Warning Category: 0
    Event: 34005 Source: Microsoft-Windows-SharedAccess_NAT
    The ICS_IPV6 was unable to allocate bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
     
    Log: 'System' Date/Time: 03/01/2015 3:28:46 AM
    Type: Warning Category: 0
    Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN AutoConfig service has successfully stopped. 

    • 0

    #15
    Operose

    Operose

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    Vino's Event Viewer 'applications' report:

     

    Vino's Event Viewer v01c run on Windows 2008 in English
    Report run at 03/01/2015 3:03:58 PM
     
    Note: All dates below are in the format dd/mm/yyyy
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'Application' Date/Time: 03/01/2015 3:30:08 AM
    Type: Error Category: 0
    Event: 2001 Source: NvStreamSvc
    The event description cannot be found.
     
    Log: 'Application' Date/Time: 03/01/2015 3:30:08 AM
    Type: Error Category: 0
    Event: 2001 Source: NvStreamSvc
    The event description cannot be found.
     
    Log: 'Application' Date/Time: 03/01/2015 3:30:08 AM
    Type: Error Category: 0
    Event: 2001 Source: NvStreamSvc
    The event description cannot be found.
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP