Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible virut infection, help needed!


  • Please log in to reply
3 replies to this topic

#1 Txanquility

Txanquility

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:56 PM

Posted 05 May 2015 - 12:07 PM

Hi guys, got a friends laptop here I think it may have the virut infection as he has said Norton popped up saying it was quarantined multiple times.

 

I also saw a weird mapped drive in chinese lettering that could not be un-mounted.

 

Here are my FRST logs, I've scanned with MBAR and the usual but found nothing.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2015
Ran by Carter (administrator) on CARTER-PC on 05-05-2015 17:03:22
Running from C:\Users\Carter\Desktop
Loaded Profiles: Carter (Available profiles: Carter)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\nav.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\nav.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\ehome\ehrec.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-27] (Google Inc.)
HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-13] (Valve Corporation)
HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [164752 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\progra~2\common~1\system\1044\biapp.dll => "c:\progra~2\common~1\system\1044\biapp.dll" File Not Found
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164752 2015-02-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NAV&pvid=21.1.0.18
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/
HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=nav&pvid=21.1.0.18
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1154380041-1407329815-1326168379-1001 -> {EB05852A-F14B-49FB-B305-311DBD9BDE45} URL = http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB885&p={SearchTerms}
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121009221043.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16] (Adobe Systems Incorporated)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121009221043.dll No File
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-03-30] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-01] (Google Inc.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-1154380041-1407329815-1326168379-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-1154380041-1407329815-1326168379-1001 -> Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-01] (Google Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{502EBB53-5BE6-4EE6-8A3B-63C2F729A964}: [NameServer] 208.122.23.22,208.122.23.23
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\Carter\AppData\Roaming\Mozilla\Firefox\Profiles\kzagwy51.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2012-10-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1154380041-1407329815-1326168379-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Carter\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1154380041-1407329815-1326168379-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-05-05] (The Happy Cloud)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2015-05-05]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Carter\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Profile: C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-29]
CHR Extension: (Google Drive) - C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-29]
CHR Extension: (YouTube) - C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-29]
CHR Extension: (Google Search) - C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-29]
CHR Extension: (BetaFish Adblocker) - C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-14]
CHR Extension: (Bookmark Manager) - C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23]
CHR Extension: (Norton Identity Safe) - C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-04-10]
CHR Extension: (Web Search) - C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlceijfdfeghdhmmbhbcffanmcggoojf [2014-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-29]
CHR Profile: C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Profile 1
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [bnfgnonpldgdciiifmhcmjjnmdpiokio] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4503\ch\MediaViewV1alpha4503.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jlceijfdfeghdhmmbhbcffanmcggoojf] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [107648 2012-03-30] (Atheros Commnucations) [File not signed]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\NAV.exe [262928 2015-03-07] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-03-30] (Atheros) [File not signed]
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-11] (Windows ® Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-11] (Windows ® Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20150418.001\BHDrvx64.sys [1639128 2015-04-08] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-26] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20150501.001\IDSvia64.sys [671448 2015-03-28] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20150501.001\ENG64.SYS [129752 2015-04-29] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20150501.001\EX64.SYS [2137304 2015-04-29] (Symantec Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299848 2015-02-05] (NVIDIA Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1507000.00B\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1507000.00B\SYMEFA64.SYS [1148120 2014-07-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-08-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1507000.00B\SYMNETS.SYS [593112 2014-07-23] (Symantec Corporation)
S0 45967259; system32\drivers\42229114.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-05 17:03 - 2015-05-05 17:03 - 00000000 ____D () C:\Users\Carter\Desktop\FRST-OlderVersion
2015-04-15 03:22 - 2015-04-15 03:22 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-14 22:25 - 2015-03-25 03:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 22:25 - 2015-03-25 03:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 22:25 - 2015-03-25 03:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 22:25 - 2015-03-25 03:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 22:25 - 2015-03-25 03:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 22:25 - 2015-03-25 03:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 22:25 - 2015-03-25 03:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 22:25 - 2015-03-25 03:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 22:25 - 2015-03-25 03:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 22:25 - 2015-03-25 03:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 22:25 - 2015-03-25 03:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 22:25 - 2015-03-25 03:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-14 22:25 - 2015-03-25 03:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-14 22:25 - 2015-03-25 03:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-14 22:25 - 2015-03-25 03:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-14 22:25 - 2015-03-25 03:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-14 22:25 - 2015-03-23 03:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 22:25 - 2015-03-23 03:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 22:25 - 2015-03-23 03:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 22:25 - 2015-03-23 03:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 22:25 - 2015-03-23 03:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 22:25 - 2015-03-23 03:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 22:25 - 2015-03-23 03:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 22:25 - 2015-03-23 03:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 22:25 - 2015-03-10 03:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 22:25 - 2015-03-10 03:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 22:25 - 2015-03-10 03:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-14 22:25 - 2015-03-10 03:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-14 22:25 - 2015-03-05 05:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 22:25 - 2015-03-05 04:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-14 22:25 - 2015-01-27 23:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-14 22:24 - 2015-04-02 00:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 22:24 - 2015-04-01 23:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-14 22:24 - 2015-03-17 05:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 22:24 - 2015-03-17 05:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 22:24 - 2015-03-17 05:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 22:24 - 2015-03-17 05:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 22:24 - 2015-03-17 05:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-14 22:24 - 2015-03-17 05:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-14 22:24 - 2015-03-17 05:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 22:24 - 2015-03-17 05:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 22:24 - 2015-03-17 05:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 22:24 - 2015-03-17 05:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-14 22:24 - 2015-03-17 05:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-14 22:24 - 2015-03-17 05:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 22:24 - 2015-03-17 05:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 22:24 - 2015-03-17 05:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 22:24 - 2015-03-17 05:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 05:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-14 22:24 - 2015-03-17 05:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-14 22:24 - 2015-03-17 04:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-14 22:24 - 2015-03-17 04:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-14 22:24 - 2015-03-17 04:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-14 22:24 - 2015-03-17 04:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-14 22:24 - 2015-03-17 04:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-14 22:24 - 2015-03-17 04:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-14 22:24 - 2015-03-17 04:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-14 22:24 - 2015-03-17 04:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-14 22:24 - 2015-03-17 04:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-14 22:24 - 2015-03-17 04:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-14 22:24 - 2015-03-17 04:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-14 22:24 - 2015-03-17 04:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-14 22:24 - 2015-03-17 04:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-14 22:24 - 2015-03-17 04:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-14 22:24 - 2015-03-17 04:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-14 22:24 - 2015-03-17 04:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-14 22:24 - 2015-03-17 04:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-14 22:24 - 2015-03-17 04:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-14 22:24 - 2015-03-17 04:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 04:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 03:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-14 22:24 - 2015-03-17 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-14 22:24 - 2015-03-17 03:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 03:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 03:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:24 - 2015-03-17 03:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:24 - 2015-03-13 04:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 22:24 - 2015-03-13 04:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 22:24 - 2015-03-13 04:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 22:24 - 2015-03-13 04:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 22:24 - 2015-03-13 04:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 22:24 - 2015-03-13 04:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 22:24 - 2015-03-13 04:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 22:24 - 2015-03-13 04:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 22:24 - 2015-03-13 04:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 22:24 - 2015-03-13 04:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 22:24 - 2015-03-13 03:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 22:24 - 2015-03-13 03:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 22:24 - 2015-03-13 03:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 22:24 - 2015-03-13 03:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 22:24 - 2015-03-13 03:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 22:24 - 2015-03-13 03:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 22:24 - 2015-03-13 03:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 22:24 - 2015-03-13 03:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-14 22:24 - 2015-03-13 03:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-14 22:24 - 2015-03-13 03:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 22:24 - 2015-03-13 03:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 22:24 - 2015-03-13 03:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-14 22:24 - 2015-03-13 03:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-14 22:24 - 2015-03-13 03:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-14 22:24 - 2015-03-13 03:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 22:24 - 2015-03-13 03:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-14 22:24 - 2015-03-13 03:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 22:24 - 2015-03-13 03:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-14 22:24 - 2015-03-13 03:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 22:24 - 2015-03-13 03:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-14 22:24 - 2015-03-13 03:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-14 22:24 - 2015-03-13 03:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-14 22:24 - 2015-03-13 03:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-14 22:24 - 2015-03-13 03:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-14 22:24 - 2015-03-13 03:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-14 22:24 - 2015-03-13 03:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 22:24 - 2015-03-13 03:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 22:24 - 2015-03-13 03:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-14 22:24 - 2015-03-13 03:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 22:24 - 2015-03-13 03:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 22:24 - 2015-03-13 03:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-14 22:24 - 2015-03-13 03:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 22:24 - 2015-03-13 02:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-14 22:24 - 2015-03-13 02:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-14 22:24 - 2015-03-13 02:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-14 22:24 - 2015-03-13 02:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-14 22:24 - 2015-03-13 02:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 22:24 - 2015-03-13 02:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-14 22:24 - 2015-03-13 02:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-14 22:24 - 2015-03-13 02:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-14 22:24 - 2015-03-13 02:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-14 22:24 - 2015-03-13 02:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 22:24 - 2015-03-13 02:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 22:24 - 2015-03-13 02:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-14 22:24 - 2015-03-13 02:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-14 22:24 - 2015-03-13 02:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-14 22:24 - 2015-02-25 03:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 22:23 - 2015-03-04 04:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 22:23 - 2015-03-04 04:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 22:23 - 2015-03-04 04:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-11 03:00 - 2015-04-11 03:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-11 03:00 - 2015-04-11 03:00 - 00000000 ___SD () C:\Windows\system32\GWX
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-05 17:04 - 2015-03-22 00:51 - 00027285 _____ () C:\Users\Carter\Desktop\FRST.txt
2015-05-05 17:03 - 2015-03-22 00:50 - 02101248 _____ (Farbar) C:\Users\Carter\Desktop\FRST64.exe
2015-05-05 17:03 - 2015-03-22 00:50 - 00000000 ____D () C:\FRST
2015-05-05 17:00 - 2009-07-14 05:13 - 00797568 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-05 16:57 - 2015-02-01 17:03 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-05 16:57 - 2012-02-24 02:29 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-05 16:55 - 2013-06-06 15:10 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2015-05-05 16:55 - 2013-06-03 16:08 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-05-05 16:55 - 2012-07-13 15:42 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-05-05 16:54 - 2015-02-17 21:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-05 16:54 - 2012-02-24 01:34 - 00368018 _____ () C:\Windows\PFRO.log
2015-05-05 16:54 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-05 16:54 - 2009-07-14 04:51 - 00120653 _____ () C:\Windows\setupact.log
2015-05-02 00:15 - 2012-02-24 02:29 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-01 21:36 - 2012-10-22 20:31 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1154380041-1407329815-1326168379-1001UA.job
2015-05-01 21:36 - 2012-10-22 20:31 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1154380041-1407329815-1326168379-1001Core.job
2015-05-01 13:43 - 2012-07-13 15:42 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-05-01 06:17 - 2014-08-19 20:29 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-29 21:49 - 2015-02-02 20:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-28 09:59 - 2012-07-13 15:36 - 01339674 _____ () C:\Windows\WindowsUpdate.log
2015-04-22 06:16 - 2015-02-02 20:03 - 00000973 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-22 06:16 - 2015-02-02 20:03 - 00000961 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-04-17 22:38 - 2009-07-14 04:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-17 22:38 - 2009-07-14 04:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-17 22:12 - 2009-07-14 05:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-17 22:12 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 04:02 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2015-04-15 03:22 - 2014-05-15 03:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 03:22 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 03:05 - 2012-02-24 02:28 - 00773982 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-14 22:21 - 2009-07-14 04:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
 
==================== Files in the root of some directories =======
 
2012-10-09 15:26 - 2014-08-17 17:33 - 0000380 _____ () C:\Users\Carter\AppData\Roaming\sp_data.sys
2013-01-29 19:57 - 2014-05-20 13:51 - 0007609 _____ () C:\Users\Carter\AppData\Local\Resmon.ResmonCfg
2012-02-24 02:42 - 2010-10-06 17:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
 
Some content of TEMP:
====================
C:\Users\Carter\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Carter\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Carter\AppData\Local\Temp\nvStInst.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-24 00:53
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-05-2015
Ran by Carter at 2015-05-05 17:04:50
Running from C:\Users\Carter\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1154380041-1407329815-1326168379-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1154380041-1407329815-1326168379-1005 - Limited - Enabled)
Carter (S-1-5-21-1154380041-1407329815-1326168379-1001 - Administrator - Enabled) => C:\Users\Carter
Guest (S-1-5-21-1154380041-1407329815-1326168379-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1154380041-1407329815-1326168379-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton AntiVirus (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
"The last Kingdom" (HKLM-x32\...\"The last Kingdom") (Version:  - )
"The last Kingdom" (HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\...\"The last Kingdom") (Version:  - )
µTorrent (HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\...\uTorrent) (Version: 3.4.2.36615 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
A Game of Dwarves (HKLM-x32\...\Steam App 200370) (Version:  - Zeal Game Studio)
ACW Brothers vs Brothers (HKLM-x32\...\ACW Brothers vs Brothers3.3) (Version: 3.3 - ACW mod Team)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.85.3 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0142.68441 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0142.68441 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.2 - ASUS)
ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.1 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Music Maker (HKLM-x32\...\MAGIX_MSI_mm17_silver_asus) (Version: 17.0.2.22 - MAGIX AG)
ASUS Music Maker (x32 Version: 17.0.2.22 - MAGIX AG) Hidden
ASUS N Series Demo (HKLM-x32\...\{246B4AFF-6540-4B72-93E8-B9EB86D37589}) (Version: 1.0.0001 - ASUS)
ASUS Photo Designer (HKLM-x32\...\MAGIX_{2B962F32-78E6-4585-AF24-073AD36B6590}) (Version: 7.0.1.2 - MAGIX AG)
ASUS Photo Designer (x32 Version: 7.0.1.2 - MAGIX AG) Hidden
ASUS Photo Manager (HKLM-x32\...\MAGIX_{2A3A883D-B2AB-427D-B094-27D6241E0944}) (Version: 8.0.3.217 - MAGIX AG)
ASUS Photo Manager (x32 Version: 8.0.3.217 - MAGIX AG) Hidden
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0041 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4711 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.4711 - CyberLink Corp.) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS Virtual Touch (HKLM-x32\...\{938CFBD4-0652-49E5-BB8B-153948865941}) (Version: 1.0.11 - ASUS)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.3622.52 - CyberLink Corp.) Hidden
AsusScr_N6 Series_ENG (HKLM-x32\...\AsusScr_N6 Series_ENG) (Version: 1.0.0003 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.130 - Atheros)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.12.13 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Black & White 2: Threat of the Creed (HKLM-x32\...\Black & White 2: Threat of the Creed) (Version:  - )
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Black & White® 2 Battle of the Gods (HKLM-x32\...\{10631C28-62E5-477C-9B40-40C5EA8219BE}) (Version: 1.00.0000 - Lionhead Studios)
Black and White (HKLM-x32\...\{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bubbletown (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}) (Version:  - Oberon Media)
Call of Warhammer: Øòîðì Õàîñà 1.5 ñ ìóçûêîé è îçâó÷êîé (HKLM-x32\...\Rage of Dark Gods. Battle for the Empire (Call o~CF6C5540_is1) (Version:  - Call of Warhammer Team. Ïîðòàë Ñi×ú Total WarS.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.2715_43927 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4702a - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deadtime Stories (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}) (Version:  - Oberon Media)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Dream Vacation Solitaire (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}) (Version:  - Oberon Media)
Driving Test Success - All Tests 2013 Edition (HKLM-x32\...\{EF570A1B-7593-4EDB-8AF0-8041F2A7A81B}_is1) (Version: 17.0 - Imagitech Ltd.)
EB Documentation 1.1 (HKLM-x32\...\EB Documentation_is1) (Version:  - Europa Barbarorum)
EB Trivial Script 0.125 (HKLM-x32\...\EB Trivial Script_is1) (Version:  - EuropaBarbarorum)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Falcom Total War 3 : The Total Conquest (HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\...\Falcom Total War 3 : The Total Conquest) (Version:  - )
Farm Frenzy 3 - Madagascar (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}) (Version:  - Oberon Media)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Go Go Gourmet Chef of the Year (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}) (Version:  - Oberon Media)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{8618AE04-1210-3C32-A8C3-45A5E44CD340}) (Version: 65.169.107 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
GSmartControl (HKLM-x32\...\GSmartControl) (Version: 0.8.7 - Alexander Shaduri)
Happy Cloud Client (HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.2 - ASUS)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mahjong Memoirs (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}) (Version:  - Oberon Media)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media View (HKLM-x32\...\MediaViewV1alpha4503) (Version: 1.1 - Media View) <==== ATTENTION
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
myBitCast 1.0.0.3 (HKLM\...\myBitCast) (Version: 1.0.0.3 - ASUS Cloud Corporation)
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.7.0.11 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.13.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Plants vs Zombies (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}) (Version:  - Oberon Media)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
RamCleaner (HKLM-x32\...\RamCleaner) (Version: 6.9 - Benutec Software, INC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6622 - Realtek Semiconductor Corp.)
Recruitment Viewer 0.9 (HKLM-x32\...\Recruitment Viewer_is1) (Version:  - EuropaBarbarorum)
Rome - Total War - Gold Edition (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.6 - The Creative Assembly)
Rome Total War - patch 1.3 (HKLM-x32\...\{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}) (Version: 1.3 - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
The Battle for Middle-earth ™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
THE SETTLERS - Rise of an Empire (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
The Sundering version 0.69 (HKLM-x32\...\{45C10D44-9918-4848-AE2F-2FA42E268F4B}_is1) (Version: 0.69 - The Sundering Team)
Third Age - Total War 3.0 (Part 1of2) (HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )
Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version:  - Creative Assembly)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version:  - Oberon Media)
Tyranid Mod 0.5b2 for Soulstorm (HKLM-x32\...\Tyranid Mod 0.5b2 for Soulstorm) (Version:  - )
Ultimate Apocalypse mod 1.73 (HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\...\Ultimate Apocalypse mod 1.73) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version:  - Oberon Media)
Συλλογή φωτογραφιών (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3528.0331 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
معرض الصور (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1154380041-1407329815-1326168379-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Carter\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1154380041-1407329815-1326168379-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Carter\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1154380041-1407329815-1326168379-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Carter\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1154380041-1407329815-1326168379-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Carter\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1154380041-1407329815-1326168379-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Carter\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
01-05-2015 01:06:11 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 02:34 - 2015-02-02 21:50 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0B3022E3-1822-42D2-853B-060D9B16FE85} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-19] (Google Inc.)
Task: {0BF4D4E0-09D0-4515-AD68-4D9BDA4606CB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {0C0265AB-10AB-413C-B289-E2941B9A282B} - System32\Tasks\{4EA9C165-49C2-4ADF-BF16-CCA5339D40DE} => pcalua.exe -a "C:\Program Files (x86)\RamCleaner\RamCleaner.exe" -d "C:\Program Files (x86)\RamCleaner"
Task: {0CEC31DE-B22C-4981-AA2B-39E94C09459E} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{05D173C9-10EE-42B2-BC33-D61E1E178400}.exe
Task: {10000B4A-4BDC-4E38-B4AD-7E4EA09082C6} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {1DD1E6B1-FAF6-4496-8AC5-7BBC0C0BDA6D} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {21D6B92F-F102-49C4-B200-D16F98205033} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {2D3353CD-62A3-466A-A826-836E32F2832A} - System32\Tasks\{6CAB8240-F266-457C-94CC-57BC6F94772F} => pcalua.exe -a C:\Users\Carter\Downloads\for_king_or_country_1_5.exe -d C:\Users\Carter\Downloads
Task: {2E85C8B2-AE5B-4CC1-A86A-C5ADAF9E9A16} - System32\Tasks\{AA2AFAF3-2F89-4D3F-A890-9A7CB4534E56} => pcalua.exe -a "C:\Program Files (x86)\Asus\Game Park\Dream Day First Home\Uninstall.exe" -c "C:\Program Files (x86)\Asus\Game Park\Dream Day First Home\install.log"
Task: {3147D6B3-85B6-47E8-A20F-240EABB0AD55} - \PCHB_Carter_PCHealthBoost_LG_DailyTask No Task File <==== ATTENTION
Task: {42745393-2E7E-4960-A698-8F7472BBD756} - \PCHB_Carter_PCHealthBoost_RS_DailyTask No Task File <==== ATTENTION
Task: {436E86CC-6D4A-4F4C-8C81-87AEE4D24397} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {449693AC-00C0-4BEE-A712-F2E3056730CA} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25] (ASUSTek Computer Inc.)
Task: {483BEA29-711A-411A-828D-644CFB40267B} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {486823E8-DEBA-42FE-9361-9621304C0BBB} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2012-03-09] (ASUSTek Computer Inc.)
Task: {53410775-8BA4-4FC5-BBAD-A255A18565D8} - \Idle~Crawler Runner No Task File <==== ATTENTION
Task: {564F6B2B-84B2-4331-A771-CD6DC726E2C1} - System32\Tasks\{F156D652-C09B-442D-B7B8-39E79A4A2DCC} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.5.0.158&amp;LastError=12002
Task: {571D3E80-A663-4F0D-8044-93008337F202} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {5C9A6B21-001A-4390-BD40-99FE195C961E} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-20] (ASUSTeK Computer Inc.)
Task: {5C9DFAC1-ADB0-47D3-B597-BDF3317B182C} - System32\Tasks\{0F3C6835-D8CD-4CBC-ABD4-8FC520BD3C0D} => pcalua.exe -a "C:\Program Files (x86)\Asus\Game Park\Farm Frenzy 3 - Madagascar\Uninstall.exe" -c "C:\Program Files (x86)\Asus\Game Park\Farm Frenzy 3 - Madagascar\install.log"
Task: {5F9AB885-0BFD-4C8E-B363-3B4392844BE1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1154380041-1407329815-1326168379-1001UA => C:\Users\Carter\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-22] (Facebook Inc.)
Task: {67339B6D-6DCF-4623-934B-6C147B9F3E4D} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {6E08D8D8-0E3B-4F8F-B7E1-EC08E00AE01F} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {6EC2EAE1-0775-41A1-9B38-2D42AEDA62D3} - System32\Tasks\{1B79067B-4A35-4FF8-BE8A-1A8A6B4DE747} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}\setup.exe"
Task: {7ABC4898-F617-4315-9037-5DCBF9DD87AE} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{089AD1E2-4EA1-4AE7-8828-90AD9E7A716F}.exe
Task: {8BDDB50A-894A-44C8-8F18-AC996B599520} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-19] (Google Inc.)
Task: {8C4359BB-EFFD-4F6B-BC10-1E0E6DCE5A94} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\WSystemArmor.exe <==== ATTENTION
Task: {913D1E3A-FC42-42E8-B64C-FA26C7AE213F} - System32\Tasks\{877F32AA-2DBA-49D2-A3F1-BFD32EC50B32} => pcalua.exe -a C:\Users\Carter\AppData\Roaming\istart123\UninstallManager.exe -c  -ptid=ymb
Task: {9DE0DF85-8BED-4A5C-96DF-FB494A9BBAA3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A0D297B3-D494-497A-9736-701E2DA8EBF0} - System32\Tasks\Browser Updater\Browser Updater => C:\Program Files (x86)\HomeTab\WPackageUpdater.exe <==== ATTENTION
Task: {AB58DB70-CFBC-4D48-B479-C58DADC63D37} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
Task: {AC871A7E-BD42-4DED-A920-72BC76DFA83F} - System32\Tasks\{145219F5-DE5C-42B5-99DD-21BF46EAECE2} => pcalua.exe -a "C:\Program Files (x86)\Asus\Game Park\Turbo Fiesta\Uninstall.exe" -c "C:\Program Files (x86)\Asus\Game Park\Turbo Fiesta\install.log"
Task: {B4B09CE1-3382-4F0C-BDCC-9ABD43CE438A} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files (x86)\HomeTab\WBrowserDirect.exe <==== ATTENTION
Task: {B51F1B7F-44B2-4401-A5FA-4555B934FF7C} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {B87D2E50-D05A-4A6A-ACCD-21D574E37AB3} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {BF28AECD-0917-44E7-8740-10BFA4617553} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {C299CE56-9D9B-4427-8337-3C3FFF76E98D} - \PCHB_Carter_PCHealthBoost_LogonTask No Task File <==== ATTENTION
Task: {C5BC30A9-6174-4EC5-B320-3CBAA11C9E7B} - System32\Tasks\{3D44F786-90F8-405C-94D4-E8360A963D0F} => pcalua.exe -a C:\Users\Carter\Downloads\Akthross_1.1_Total_War_Part_1.exe -d C:\Users\Carter\Downloads
Task: {CD6350CA-3115-4661-987F-98A3A8DA883D} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-16] (ASUS)
Task: {E47B6D15-F6C1-4D28-99B0-88704E053483} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {E9B343C6-68B1-4832-B5B9-68EBB60F6D16} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1154380041-1407329815-1326168379-1001Core => C:\Users\Carter\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-22] (Facebook Inc.)
Task: {EAD2F2FF-3BC4-485D-9E81-E33E14613BF7} - System32\Tasks\{60F31529-40E0-4A97-94F6-3E97ABEA6B2B} => pcalua.exe -a "C:\Program Files (x86)\Asus\Game Park\Plants vs Zombies\Uninstall.exe" -c "C:\Program Files (x86)\Asus\Game Park\Plants vs Zombies\install.log"
Task: {EC55ADF9-5EFB-4DE1-8ADA-671255C8A6EE} - \Microsoft\Windows\Maintenance\Idle~Crawler Update No Task File <==== ATTENTION
Task: {F1184CBE-BF8D-4B8A-8D9D-3A971D95A4F2} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {F7B40A4B-98EA-43F1-A9E9-8A29D1D444C8} - System32\Tasks\{D6EEC4DF-C7FF-4231-9FEC-D1D628DB9335} => pcalua.exe -a "C:\Program Files (x86)\Asus\Game Park\Bubbletown\Uninstall.exe" -c "C:\Program Files (x86)\Asus\Game Park\Bubbletown\install.log"
Task: {F82F5D19-E9E2-460B-A735-60CD3379D276} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {FD588C95-136D-48E1-9D86-F62A99F8CEFB} - \PCHB_Carter_PCHealthBoost_RS_WeeklyTask No Task File <==== ATTENTION
Task: C:\Windows\Tasks\ASUS SmartLogon Console Sensor.job => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{05D173C9-10EE-42B2-BC33-D61E1E178400}.exe <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{089AD1E2-4EA1-4AE7-8828-90AD9E7A716F}.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1154380041-1407329815-1326168379-1001Core.job => C:\Users\Carter\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1154380041-1407329815-1326168379-1001UA.job => C:\Users\Carter\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-02-17 21:27 - 2015-02-05 21:01 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-02-17 21:33 - 2015-02-05 19:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-07-14 23:11 - 2010-07-14 23:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-07-13 15:42 - 2012-02-21 19:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
2012-07-13 16:12 - 2009-04-17 10:01 - 00247152 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-17 21:27 - 2015-02-05 21:01 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-02-01 17:05 - 2015-03-10 06:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-02-01 17:05 - 2014-12-02 00:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-02-01 17:05 - 2014-12-02 00:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-02-01 17:05 - 2014-12-02 00:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-02-01 17:05 - 2015-04-13 23:44 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll
2015-02-01 17:05 - 2014-12-01 21:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-02-01 17:05 - 2014-12-01 21:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-02-01 17:05 - 2014-12-01 21:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-02-01 17:05 - 2014-12-01 21:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-02-01 17:05 - 2014-12-01 21:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-02-01 17:05 - 2015-04-13 23:44 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-02-01 17:05 - 2015-02-25 01:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-02-01 17:05 - 2015-02-25 01:58 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2012-07-13 15:41 - 2012-02-21 19:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-05-01 06:17 - 2015-04-28 02:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-05-01 06:17 - 2015-04-28 02:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-05-01 06:17 - 2015-04-28 02:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Carter\MediaFire:mf_x
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\03272942.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\45967259.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\03272942.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\45967259.sys => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Carter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.122.23.22 - 208.122.23.23
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS InstantKey => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: Bubble Dock => "C:\Users\Carter\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Carter\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Intermediate => "C:\Users\Carter\AppData\Roaming\Intermediate\Intermediate.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: OMESupervisor => C:\Users\Carter\AppData\Local\omesuperv.exe
MSCONFIG\startupreg: RamCleaner => C:\Program Files (x86)\RamCleaner\ramcore.exe -s
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SCheck => "C:\Users\Carter\AppData\Roaming\SCheck\SCheck.exe" check 
MSCONFIG\startupreg: Snoozer => "C:\Users\Carter\AppData\Roaming\Snz\Snz.exe"
MSCONFIG\startupreg: SSync => "C:\Users\Carter\AppData\Roaming\SSync\SSync.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
 
==================== FirewallRules (whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [{C023F1EB-1856-4D9E-8977-F39CCAD3281F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{AACEB797-6086-4507-9E6B-3B3FF98026BF}] => (Allow) C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{D68AEC3B-6EFC-448A-825D-80D34D153F9D}] => (Allow) C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{37CA58E4-790F-47A5-933C-6E6C24BDE762}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9C6432CF-65D5-404F-9217-386CB2663638}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{12ABD443-9798-4989-939A-42EF69954999}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{FA52D757-89F0-43B6-89C7-37B96F99589C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{7A3DCB91-480E-4C6A-A0EF-C85028133AFA}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{18CFAA82-C00E-4769-BC4B-6C69CAABBD07}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{FACF1AFB-C627-40B4-A4A2-B61B21C10ED5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4D63B3B9-22A1-4206-B2B8-36C78535A07F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{ACCDF0DF-2FA6-429D-B574-6FC02175D138}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7DE39099-3F01-427E-A589-9D8A4B790CAD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C72A82BC-044E-4036-8853-5A8C0628802D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A8BD2FF2-6BC2-4790-82C6-ED28F6D90ED7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F57EFCE5-7097-4AAA-A828-340C328CC28A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{ED8679A6-5E33-49AA-8AA2-DD83C636517A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1CF3C3FD-3858-44E3-8D97-0DDE9317F4F9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{42EBCC33-AEC4-462D-9644-37E56559FEF1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A303F73C-15B3-4578-BD4A-8D282993D51F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FB7F3FEE-DA2A-4597-981F-CA9C5A72D86B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A58B2DF1-04D6-411C-9C9B-4BA52A1A059D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{48D16B82-75C7-49E6-AA7D-EE46EE7B3E2B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1790C41B-8532-4375-8B72-8B8C5F571798}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5EA98851-633B-46EF-B4CB-0976EAB83D19}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8A082D88-51C2-4868-A961-67205776D36C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{62EE7F01-61C9-4C05-BA89-35A24E34141C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3DE4994B-7587-4B46-8784-4C57B989BD0A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FE9909B7-6F22-4B08-B8AB-E068C02D4D6B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3BA143A9-0BB6-4161-8BBB-1A3F32AF1AFC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{21CBF532-D427-4786-8379-6BB862F33F88}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{65C7BD2C-0A6A-4F5E-BA1B-1786D6BAFC27}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{18304BBB-D575-42E2-B9E3-2C7DAE0BF64D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{160E7976-85A1-4EE3-B03E-2AD6962E0C3D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9E2A41B4-B69C-4097-A480-E0E908D0EC88}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9F579501-877B-4311-A3B9-F6C6CBF737C8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C6977556-3A28-4033-8158-87679CC699B0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D5C01CE2-B9A6-44BC-BB58-C2E066CE0813}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{62404B34-DBC8-43A1-965E-4110E1DED581}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B179EAEF-7DDF-4B0E-820B-7332350AA538}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{56946C64-F2FF-4AA8-8706-F29F01570282}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6CF47EC9-D103-4B9A-A5EE-3344B33E3ECD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A8442E40-9202-4A8C-8D5E-84C858AF8069}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CD0DDDDE-72E1-40AC-A349-6E85FD4C1D0E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{29B26A50-3FD0-45CF-A495-07DFCBE72077}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{9439D221-9709-4624-B7DD-F20DC13873A5}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{4AFF1F77-EDB7-48A5-9120-5B40B01CDA60}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
FirewallRules: [{265B242E-A9FA-4697-9830-4C88EAD5A02C}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
FirewallRules: [{C902DEAC-FCEA-4FCB-B632-35439259C275}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{95E53851-2F45-4355-A6A8-C8792F6DBA84}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7BA43F80-3811-47BB-B3D7-A6C20A107ED0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4D9DAB2D-5E6D-4AF7-A7DF-507F80D8DF2A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{58B2C24A-F765-4F58-9958-5F97198814F4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2F923B54-8198-46BE-899B-A0F79BF0FF3C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A5FBF87B-7F6C-4959-834B-8BAD92A96202}] => (Allow) C:\Program Files (x86)\Ubisoft\THE SETTLERS - Rise of an Empire\base\bin\Settlers6.exe
FirewallRules: [{AD7E44D0-DBFF-4407-B6BF-4C805D206081}] => (Allow) C:\Program Files (x86)\Ubisoft\THE SETTLERS - Rise of an Empire\base\bin\Settlers6.exe
FirewallRules: [{73530B17-C4EA-462C-9666-6CDA6A934E95}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7CE391B7-4041-4A8D-9EB2-92DD8F22B45E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{15085CE3-629A-4183-B2FE-CF27D09EEA28}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0EC4A46C-1462-4BD4-BF7F-857804DD12BD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DFC2B006-9127-4CE0-A871-BA5D0FDB018A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F66FFE10-B973-4246-A763-4383F2578586}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B410B3D5-5CBD-42AD-81E5-B69AF03BFA97}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F40167DA-CC12-40E8-9D0B-63D667A0AB12}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{49C65BE3-B623-4DD4-A00F-514EC539710A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E5CB01C8-A450-4E6D-B298-867AE97F45AF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E955FD8A-40B2-4289-A9E8-DE3F18F044FB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8AF5AECB-52E9-4AEF-9957-C9A0081C007E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{52C2DD71-2B3F-4118-9199-C3C728A67656}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{13BF164A-6328-484D-8B3B-C7CC5F15EFF2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{39EEB860-1EC2-4CE9-8C0F-806B0DDB1237}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{00C89F97-C5AC-4285-AD47-9EFF2E2621A9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D2ABEBEF-F3DB-4FEF-82D0-01FAAA8EAD37}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F8984F38-6FD3-44B3-AE7C-CA7FA349267E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B4BACE66-EE87-4AE2-AA72-91EC218D8693}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{85DCC40E-955D-466E-B05F-2C7148F9DBCA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{224AC373-14A4-4E13-942E-3882B3672117}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\launcher\launcher.exe
FirewallRules: [{431B470A-26FB-4339-B983-38AA96BA33C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\launcher\launcher.exe
FirewallRules: [{BFC10776-7867-415E-B300-B72A52C50D4B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{260174F0-CA53-4859-B19A-D52684BE7F1C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E42A8A88-9F26-4F08-BDD4-63EA46A5F112}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6A5DC14B-2851-4BFC-8209-D6346F10E6B4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1954D1B4-6FF5-4BD5-963F-73E25037027E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B68306B9-31C2-496D-9960-406D58565129}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{70E490A6-528E-4059-AE49-B50DDFC4368E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{79886A51-1721-4CCC-9975-0D1AB6CDCC8F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{064BB182-70BA-43AC-B0A9-2BF4CC51665E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{562894D6-3AEB-456F-BA9D-C7402AF06846}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7220BE0A-2C35-4A3B-B72F-2F6205161F46}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{78319C34-7A1D-4A7D-82D0-0A53C90DDE4C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5B4A108B-93A2-405F-8164-35B6C333F681}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8488868B-16F5-4F13-932F-C230D664183E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4431E579-E464-4F31-B802-811BBE0E3C0A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{936A687A-5627-4295-BCF0-17EFCC9C5D3A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{43F94845-A4A0-4678-A900-6535B72A35F6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{69EC792F-63C3-4429-9D9D-2A6DDD200AC8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{932498FE-5F07-42AB-A29A-6CB51EAA1AA1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8014F9D4-E38E-44D0-A139-D72531A3BAC5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6F77C4D8-D18F-4544-A876-4E268698C3ED}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F60667DA-E19C-4C69-990E-E87A4D50425F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7A62B714-42B5-4098-8E35-8AF0661CC221}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4A22346D-F1EB-4A0A-9DE6-B212EBB0F43A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3A28FF50-A773-4433-9133-6CA127FD58FB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F359A582-DD5C-4DD8-8A00-DA0A2CC80FB6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D755E1E3-2021-41B1-8895-F036A28C6529}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{55731A2D-3F2D-4C65-A4A9-483D020CB99C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{B7EBDC16-C885-4E62-9E5E-D95F6F7A540F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{52AB20F1-0C76-456C-BE47-643EA2A5F30F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{835916DA-A99E-4180-94B3-7CCD2068EA21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{703CB7DE-FEF2-4E28-BA27-C58846B3D75A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{BC529F0A-AEFA-4E41-B7BC-26BD8662F4C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{4D0E3C50-8ACC-4472-B477-1D0572494C8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{D0C3C5A6-EC5E-43E9-91D3-92278547E657}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{35F87A85-D0E6-47B7-A831-AEE9960AEAAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{2DB1BB3B-7258-46CF-9766-AE4817292E30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{3F5533BE-1DAB-4846-80D4-7A8E36981D89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{92A00B79-70AA-478A-B416-46E321B6629B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{28E6A93C-3B10-41DF-8316-116E8F5A3B2B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{593DC3BE-2DF1-41EB-B97B-7ABF45B3742A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4390264F-4262-4E35-B254-4D2E94CA6F65}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AFFA16BF-7BB3-4E12-9813-1A1053A561C2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{929E491F-E01E-4B23-9444-44CC32839206}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D9504BFD-F0E7-4A1B-BB74-1D2AF567B724}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{42F25354-5B8C-4E2C-831A-DE22A291B052}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{978B4C1F-0A04-413C-B856-918854B513A4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C3327A0A-1F7E-477B-B4F3-29F43A6FB676}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{73E6904A-351E-4E32-B6CA-2E5556EC05F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{8E5056D0-3B30-48FB-80F1-7D2A45BE008B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{9DEB1866-EFCF-4132-A343-E25B9750D24E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{8574B1C5-587A-4BC1-B2E4-11E403F75C99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{04593BF7-E3FB-464B-A542-CEACBACDEEDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{53CA2070-905C-4E8C-AE32-57F3F298F206}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{19CCE5BF-E67F-49BB-8421-B1EA19CD0583}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{E0B81CEB-2276-4404-99F3-488B28A5FE90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{94012046-495D-4DB6-A206-E9569FCB43DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{6EB4EF70-A00D-4256-869D-A8224443AA01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{8762D296-273D-4CB7-B9A3-68E3245A97CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{C8B000B7-294F-4DFF-8810-584730F2EB5F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{ADA873E2-626B-4CCC-AFB2-C0559A462243}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E3761D3F-FE8F-4E49-B231-89382FAB30C8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3045A9BE-C2D5-4F76-94CD-DF91CD443F9F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{25CDA7D6-6990-478B-9EAD-8DBA23A7D85C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E979D1FF-BD00-43A5-8AB1-AE6026E41073}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{29D4406A-27C5-45A3-BC15-5E6FDE4F33AC}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{C58A4D8A-2941-4E85-B81F-0F8912878ECD}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{D83075FF-4180-4C2D-8A81-3BE63910C44F}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{57A42C72-F830-48CF-A3EF-708C9CCA694D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{537AA0DE-AEFA-4D73-9995-E157854048AF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6E70A269-8289-42C0-B4B0-2C242E80122F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CC29F1F4-CD24-40EE-A29F-C031E557055B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8115A978-8527-4838-BC3F-6055B4D12653}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E2B576B9-C636-4DD7-B723-19E631D6CCBB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B96E815C-D3F6-4D11-8675-21742E0565C9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A9A779EC-8DD4-4A88-B204-5A490F416181}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{576E26C0-AC78-4061-9380-59093D30AA83}] => (Allow) C:\Program Files (x86)\HomeTab\WSystemArmor.exe
FirewallRules: [{F391EC75-C26F-4B65-92E2-9902DCD6233D}] => (Allow) C:\Program Files (x86)\HomeTab\WSystemArmor.exe
FirewallRules: [{888F0C64-3E7A-4735-BD0F-EB5D93AA945F}] => (Allow) C:\Program Files (x86)\HomeTab\WPackageUpdater.exe
FirewallRules: [{1D18011D-AAE7-42DB-855E-40C87F505778}] => (Allow) C:\Program Files (x86)\HomeTab\WPackageUpdater.exe
FirewallRules: [{B15A9455-AD4E-4B2A-AA2B-D9CD796B7603}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserDirect.exe
FirewallRules: [{FD30B7E0-3709-4349-A28E-227EDB69552D}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserDirect.exe
FirewallRules: [{213F6EB5-FDCE-4322-9BCA-3A199E750F2A}] => (Allow) C:\SoloApp\SoloApp.exe
FirewallRules: [{D1572D08-D669-4BF3-B3C7-D9B46651E166}] => (Allow) C:\SoloApp\SoloApp.exe
FirewallRules: [{1A2FC1D6-C118-4206-BC29-156BAA5B8050}] => (Allow) C:\SoloApp\WebDriver.dll
FirewallRules: [{438824E1-1C33-409D-8EA8-D80459DBF49B}] => (Allow) C:\SoloApp\WebDriver.dll
FirewallRules: [{99D43CA4-7C13-4C41-8A0B-0047FD8020A6}] => (Allow) C:\SoloApp\chromedriver.exe
FirewallRules: [{562B7088-A7F8-4CA2-B502-6D9752822E2F}] => (Allow) C:\SoloApp\chromedriver.exe
FirewallRules: [{AB381C8D-AE44-4F52-901E-846B0BDC2255}] => (Allow) C:\SoloApp\IEDriverServer.exe
FirewallRules: [{ED325FE8-68E7-48F3-80BD-7A2E7E749427}] => (Allow) C:\SoloApp\IEDriverServer.exe
FirewallRules: [{040A8C58-80FE-4913-B7F7-867675F9E2C1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{091223E5-83D7-4744-824E-32F9608899A1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4BF3AE3D-2584-48A1-A1F7-C18F4CF96499}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B0553901-60B8-4151-98F1-45B3A034E814}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B82A19E9-9244-4AC3-85EF-411A92031288}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4FB8D4EB-A72D-4FC8-B993-19A5E3F5DE76}] => (Allow) C:\Program Files (x86)\HomeTab\WSystemArmor.exe
FirewallRules: [{8241CB84-650B-4D40-B554-737BE07C1264}] => (Allow) C:\Program Files (x86)\HomeTab\WSystemArmor.exe
FirewallRules: [{346ECB1B-7444-470A-B399-B8E163E4B698}] => (Allow) C:\Program Files (x86)\HomeTab\WPackageUpdater.exe
FirewallRules: [{9D35A403-AB8D-414D-A8B6-6443BFF64413}] => (Allow) C:\Program Files (x86)\HomeTab\WPackageUpdater.exe
FirewallRules: [{951DF558-57E6-4441-A557-E94AF7DECB2B}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserDirect.exe
FirewallRules: [{DE270C5B-35DA-4C52-B67A-ADB0963805D8}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserDirect.exe
FirewallRules: [{70184BAC-17FE-402D-BBE3-6FD8C87E762F}] => (Allow) C:\SoloApp\SoloApp.exe
FirewallRules: [{C7704EAF-E7A9-4A71-985A-43F4D0C1CBA6}] => (Allow) C:\SoloApp\SoloApp.exe
FirewallRules: [{6A821C83-1BAB-4058-92F0-8074C5701312}] => (Allow) C:\SoloApp\WebDriver.dll
FirewallRules: [{12060E8B-440C-4951-967A-7FDCD6FF8554}] => (Allow) C:\SoloApp\WebDriver.dll
FirewallRules: [{34277238-160B-4221-B4FE-2B7D42D5BB6A}] => (Allow) C:\SoloApp\chromedriver.exe
FirewallRules: [{F720F587-E06F-4F4A-958C-5CFF15AC41D7}] => (Allow) C:\SoloApp\chromedriver.exe
FirewallRules: [{6555BB85-BD4F-494D-AA18-BD20EDF81E21}] => (Allow) C:\SoloApp\IEDriverServer.exe
FirewallRules: [{9968B6CE-C9FB-4239-8A36-AFD3FC7854D9}] => (Allow) C:\SoloApp\IEDriverServer.exe
FirewallRules: [{20D51FB4-5F77-43AC-9AFF-445BEB97C48B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AC556417-D57C-4983-8B79-14487006CF2E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AE93EF5B-3C97-46F0-A168-84D67819BC87}] => (Allow) C:\Program Files (x86)\Ubisoft\THE SETTLERS - Rise of an Empire\base\bin\Settlers6.exe
FirewallRules: [{0E1A573B-E1AF-4D01-AD97-04A40C112341}] => (Allow) C:\Program Files (x86)\Ubisoft\THE SETTLERS - Rise of an Empire\base\bin\Settlers6.exe
FirewallRules: [{2B4114CC-32E2-479B-9E64-A8F790ADCEA7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{96441360-B702-4561-954D-FA219A848A9A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{782ED081-63E8-4B41-B61D-4905646CF8D4}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\lotroclient.exe
FirewallRules: [{E0687AFD-D1C2-44CD-B808-834620AEF114}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\lotroclient.exe
FirewallRules: [{183ECF0D-0B1E-48EA-A34F-27BC348E38BC}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\TurbineLauncher.exe
FirewallRules: [{D88AACAC-3B86-4647-BFB1-650DCD597CB0}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\TurbineLauncher.exe
FirewallRules: [{70B31373-ED41-496C-A8C4-493C20357FA5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3F0F3A35-0C36-4D73-A16D-E336B2C952EC}] => (Allow) D:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth ™ II\game.dat
FirewallRules: [{AF7CC689-DCCF-495B-95B4-E7A2D2E8A6AA}] => (Allow) D:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth ™ II\game.dat
FirewallRules: [{70123759-4746-458C-B83E-212F2EE426DC}] => (Allow) C:\Program Files (x86)\HomeTab\WSystemArmor.exe
FirewallRules: [{658D68BA-8BCC-4C79-AEC2-0C91EA3728A6}] => (Allow) C:\Program Files (x86)\HomeTab\WSystemArmor.exe
FirewallRules: [{454C81E8-87E9-4FC1-9AA0-F64FA43AD77A}] => (Allow) C:\Program Files (x86)\HomeTab\WPackageUpdater.exe
FirewallRules: [{598A7B1A-8D4A-4298-840A-4CFE02C7F341}] => (Allow) C:\Program Files (x86)\HomeTab\WPackageUpdater.exe
FirewallRules: [{5AEEE33C-D593-4A7E-8DA6-F8C8B5CE1AAE}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserDirect.exe
FirewallRules: [{EC4D3EC7-CB05-4A1A-9555-77D6B8095865}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserDirect.exe
FirewallRules: [{683536CB-3B7C-4087-977B-5B06B4A359FB}] => (Allow) C:\SoloApp\SoloApp.exe
FirewallRules: [{666AE00E-24BC-4A08-97BB-199EDE39B983}] => (Allow) C:\SoloApp\SoloApp.exe
FirewallRules: [{3CE5489D-D40B-4BF7-B90A-AE8CEFD707AE}] => (Allow) C:\SoloApp\WebDriver.dll
FirewallRules: [{F5428884-8585-4B12-8E1A-70653A8E57EA}] => (Allow) C:\SoloApp\WebDriver.dll
FirewallRules: [{E29B2216-5922-4CA9-9930-C871A97E8ABC}] => (Allow) C:\SoloApp\chromedriver.exe
FirewallRules: [{700FBFEE-E59F-4374-AF16-0C4906EB78C0}] => (Allow) C:\SoloApp\chromedriver.exe
FirewallRules: [{3FB22D8D-2FA5-4C1E-84C6-FAE19E296E4F}] => (Allow) C:\SoloApp\IEDriverServer.exe
FirewallRules: [{3D66943D-3C9A-48BD-BFA8-FC2CDD909EAE}] => (Allow) C:\SoloApp\IEDriverServer.exe
FirewallRules: [{9E98FDEA-A13B-43BD-B9B0-E0B0E42E7DA9}] => (Allow) D:\SteamLibrary\SteamApps\common\Dawn of War Gold\W40k.exe
FirewallRules: [{C8C9EC06-85F1-4F55-9D2E-F6DF4AB38F3A}] => (Allow) D:\SteamLibrary\SteamApps\common\Dawn of War Gold\W40k.exe
FirewallRules: [{CAF90246-647F-46B6-85D1-E79E86297F55}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3079DC4C-091C-4133-B067-39E94B423B51}] => (Allow) D:\SteamLibrary\SteamApps\common\Dawn of War Gold\W40kWA.exe
FirewallRules: [{C91DE527-F2F5-4AA2-A794-92FFC0C4A5D3}] => (Allow) D:\SteamLibrary\SteamApps\common\Dawn of War Gold\W40kWA.exe
FirewallRules: [{FFBAB3F8-E1A5-4D31-841E-552D45590388}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D896283F-6CE9-4770-8AA0-3CD7382C0096}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{78EE1F32-DE30-40FF-824B-A95C8BEDF998}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{BD0E4EAB-4981-41DA-8F33-09225938699A}] => (Allow) D:\SteamLibrary\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{54A87D6F-835D-49C3-8CD8-E176210F388A}] => (Allow) D:\SteamLibrary\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{909D0064-371E-48FA-BDED-626C5441693E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9AA8EBDB-19F9-4B3E-B0AF-DA7F6D3EEC35}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{CB9B8A82-87D8-4845-A4A8-BCABE963DFA5}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{06165A1A-BB6D-4790-9FF9-6BF55CDEFFA3}] => (Allow) C:\Program Files (x86)\HomeTab\WSystemArmor.exe
FirewallRules: [{714CC0CB-4989-4447-B303-D68E757FF6EB}] => (Allow) C:\Program Files (x86)\HomeTab\WSystemArmor.exe
FirewallRules: [{CCA372B8-E2BA-4A5C-B5BB-8ED52B81415B}] => (Allow) C:\Program Files (x86)\HomeTab\WPackageUpdater.exe
FirewallRules: [{8062D5FC-6C14-4C50-A964-58DB429970A9}] => (Allow) C:\Program Files (x86)\HomeTab\WPackageUpdater.exe
FirewallRules: [{B429FFC5-3DC3-4264-BD7D-B6D6C6601E09}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserDirect.exe
FirewallRules: [{5E8FD145-19BB-475F-B510-7923B02563B7}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserDirect.exe
FirewallRules: [{02CE2ECC-4627-4101-90AB-54B4F5D98F1C}] => (Allow) C:\SoloApp\SoloApp.exe
FirewallRules: [{5AC8B2F8-98D3-421C-80B9-C1BDC43252E0}] => (Allow) C:\SoloApp\SoloApp.exe
FirewallRules: [{3CEE5509-C18B-488F-ADC9-56AEA7C21152}] => (Allow) C:\SoloApp\WebDriver.dll
FirewallRules: [{315574BF-15D6-493A-830A-5DB3A4E86631}] => (Allow) C:\SoloApp\WebDriver.dll
FirewallRules: [{CF4BB685-B2EE-4E9C-AFFF-23AC8A5EBB95}] => (Allow) C:\SoloApp\chromedriver.exe
FirewallRules: [{8EE53E14-0783-4206-849D-ECDE75D1FEAD}] => (Allow) C:\SoloApp\chromedriver.exe
FirewallRules: [{CCEBA09C-1F40-44CA-9A5F-53E1900763A1}] => (Allow) C:\SoloApp\IEDriverServer.exe
FirewallRules: [{102E9EC6-7235-4687-AA7C-C19BDC7D955F}] => (Allow) C:\SoloApp\IEDriverServer.exe
FirewallRules: [{04E54DD5-F087-4EF4-AABA-FF55D6FFEC26}] => (Allow) D:\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{7939BBC9-A317-4BD5-984D-962B0A398C6B}] => (Allow) D:\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{03AD09B7-03DB-44E9-8180-6FB99BA25D38}] => (Allow) D:\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{49807C3E-87FD-4F86-96EC-15A5C92A3784}] => (Allow) D:\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{ABE7F5B1-1819-4135-82C0-38444C10B728}] => (Allow) D:\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{BA2054B0-0E41-4C81-AEC3-EEC97965ADCD}] => (Allow) D:\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{F01919E5-0BE8-4758-88EC-AF72FBE84311}] => (Allow) C:\Program Files (x86)\HomeTab\WSystemArmor.exe
FirewallRules: [{100509E2-1B67-45D7-8087-FF18EA32D309}] => (Allow) C:\Program Files (x86)\HomeTab\WSystemArmor.exe
FirewallRules: [{9BCD95CD-0B5B-4321-8838-CD631D5D16AA}] => (Allow) C:\Program Files (x86)\HomeTab\WPackageUpdater.exe
FirewallRules: [{07388DDD-A3A5-49FC-A3E5-537562A2F99A}] => (Allow) C:\Program Files (x86)\HomeTab\WPackageUpdater.exe
FirewallRules: [{1632CB1F-2B82-4033-8B9A-B1F4F509195E}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserDirect.exe
FirewallRules: [{D4419747-A5A5-4808-AE25-F653C9129BD7}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserDirect.exe
FirewallRules: [{F1FCF9D8-6273-4F14-83D8-451846A24126}] => (Allow) C:\SoloApp\SoloApp.exe
FirewallRules: [{29595251-684B-45EA-90C9-D123AD961BB1}] => (Allow) C:\SoloApp\SoloApp.exe
FirewallRules: [{F3BA17EE-FBF1-4C97-995A-5C79597F42DA}] => (Allow) C:\SoloApp\WebDriver.dll
FirewallRules: [{1F150463-EF9D-4054-8F88-DE031BF31EDD}] => (Allow) C:\SoloApp\WebDriver.dll
FirewallRules: [{07C50A12-8BE6-474F-AE1F-4287BAEFC40E}] => (Allow) C:\SoloApp\chromedriver.exe
FirewallRules: [{10CF7898-0710-4596-BF8B-0F8B80DE4D2F}] => (Allow) C:\SoloApp\chromedriver.exe
FirewallRules: [{8001BFF8-3D70-49CD-B162-98DF638C1DC9}] => (Allow) C:\SoloApp\IEDriverServer.exe
FirewallRules: [{617D632E-E244-4A45-AE89-94A02D814388}] => (Allow) C:\SoloApp\IEDriverServer.exe
FirewallRules: [{11418D81-8A6C-4F87-A763-D3B986292028}] => (Allow) C:\Users\Carter\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{660589AC-934E-42EE-8571-3F8B37EC69C6}] => (Allow) C:\Program Files (x86)\HomeTab\WSystemArmor.exe
FirewallRules: [{DFC8782C-7CD1-464D-A6B1-8D91E844FDFA}] => (Allow) C:\Program Files (x86)\HomeTab\WSystemArmor.exe
FirewallRules: [{1D4C1CA5-ED15-4003-84DF-5C094DDC2EAE}] => (Allow) C:\Program Files (x86)\HomeTab\WPackageUpdater.exe
FirewallRules: [{6E81E810-C1D9-4EF9-AAAF-126952E79AD7}] => (Allow) C:\Program Files (x86)\HomeTab\WPackageUpdater.exe
FirewallRules: [{04B4C974-C7F1-4F96-BC0C-1627DB854AC2}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserDirect.exe
FirewallRules: [{D9DDCCF9-B410-497E-9662-0A7C38F25E0A}] => (Allow) C:\Program Files (x86)\HomeTab\WBrowserDirect.exe
FirewallRules: [{519A3819-AE91-4D32-87B8-1377D35F8495}] => (Allow) C:\SoloApp\SoloApp.exe
FirewallRules: [{6ADCC607-1B6E-4617-BC3F-286BB8891897}] => (Allow) C:\SoloApp\SoloApp.exe
FirewallRules: [{B4D61A16-1E00-4969-8E67-6B4BF6D41525}] => (Allow) C:\SoloApp\WebDriver.dll
FirewallRules: [{84361056-3B9F-4E60-B6DA-2556E78F8EDB}] => (Allow) C:\SoloApp\WebDriver.dll
FirewallRules: [{5E3C1EC3-2711-4C0D-A26F-11EA9593E4C4}] => (Allow) C:\SoloApp\chromedriver.exe
FirewallRules: [{3FA287DB-484B-4949-A1FC-E4A29C9F2678}] => (Allow) C:\SoloApp\chromedriver.exe
FirewallRules: [{AD78B7A3-8C58-4137-869C-70A93A1F20E0}] => (Allow) C:\SoloApp\IEDriverServer.exe
FirewallRules: [{C2A36C98-9350-4B00-86F4-E1D846DC4EB8}] => (Allow) C:\SoloApp\IEDriverServer.exe
FirewallRules: [{F2A67737-76B8-42C0-AF5B-B505E2AE9BFA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7DB8D193-EA63-4E74-B1C3-243CAFD73F09}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{03003BC1-FAFA-4D10-9A24-F6AD92647031}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{F3745EAD-9CED-450A-83C8-3FC95FDE3A7C}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{548B2F4B-112B-4C1B-B430-23898FDCC087}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{386050EA-DF7C-4618-BF4E-F338DEB619F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{1ACE2F9A-248A-4FB7-A88E-2539351F3388}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{A4F32ACD-B495-46B9-AD74-D902744DAF9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{C2BF81BB-877E-49AA-9F1B-8FCC30528DC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{64535279-3E44-4EEB-8AF1-38C8925A5D09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [TCP Query User{408B5E67-2C2B-45DE-962A-3AE47ABBC0A4}D:\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) D:\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{D968CC1D-8E00-4C28-81A7-EBCAAD262BCD}D:\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) D:\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [{13095973-AF25-4AFC-BDD6-3B3B6C0DEC61}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{82E3AF93-1860-4478-A7C6-99A503ABE1FE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{0BA91537-377B-4808-B638-233F0B68F332}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{B55AA3F3-D2CE-4FA1-93C7-FE51FFCE4FBF}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{21FB22E9-0E99-4FDA-B9BE-D79629C30EE5}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{2FBFA8B1-91C2-4B3C-B217-0D98CAE39B7C}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{5AEF96FD-CF31-4BA9-84C4-FB0A8674C5B2}] => (Allow) D:\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{E12107A8-1ABC-4E42-B914-BF3B003EFEC5}] => (Allow) D:\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{186ABE73-7EC5-4564-879E-1B0EC4E05149}] => (Allow) D:\StarCraft II\Versions\Base28667\SC2.exe
FirewallRules: [{AE647E84-4A60-410B-955B-31F3A02926F8}] => (Allow) D:\StarCraft II\Versions\Base28667\SC2.exe
FirewallRules: [{55E1B37B-2C7E-4341-A006-4165C6478AD0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{2D80BD2A-3164-4503-A1D1-A9AAE2F26D20}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{A1001BA5-FF09-4D06-A35C-332ABC40E75A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{B147ABAD-BF39-4CC8-A96C-2A577211645F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{9F435585-6AC8-4971-9133-6AB54007FDC4}] => (Allow) C:\Users\Carter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FDCBBCB4-235E-49A2-A16B-24481F52A6B2}] => (Allow) C:\Users\Carter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E4944B5A-5B57-44EA-B883-5D8723BFDDAD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D11A3321-F9A6-4F87-A7CC-DE214A3F4E53}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ED627F70-E977-47DA-8D11-25BBB99017B8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D4A49152-6C8A-4F6D-A797-74C77E8A11DA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{247EE8CC-193A-4EB8-AAC8-96226F939179}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{410E08ED-630E-4ABC-8A25-046069382405}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Game of Dwarves\A Game Of Dwarves.exe
FirewallRules: [{0F8F925A-0475-4953-907F-7B5EB565B7D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Game of Dwarves\A Game Of Dwarves.exe
FirewallRules: [{51665BDC-B300-456D-83D0-5D2EF978576D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{BAA20BDD-87E4-4B85-9F39-59A20BC06B03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{BD50FDB3-1A2A-42D0-BC24-3ACA99CC8D92}] => (Allow) C:\Users\Carter\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{B133F89B-AAA1-4FB8-BBC6-8B309FA2D63D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5ED2F78F-A975-4727-B0DD-32820E572353}] => (Allow) LPort=2869
FirewallRules: [{058CE32C-8907-4D9F-9325-2987ADCE7EA4}] => (Allow) LPort=1900
FirewallRules: [{12B9171D-8A9A-4CD7-A744-991A6B7FAFDA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{0FC08BBD-CC0D-4046-AB29-4413A06B5160}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{C48772CF-748C-4084-9742-E0A766393F48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{BFD523CA-DEA5-4597-ACB0-5524D08D398C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{076E17E0-50D9-4785-8B00-C403B431F7DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{679A307F-21B0-48A1-B1BC-24A63381130C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{6B7967E8-07AC-481B-BD02-514860CEBDEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [TCP Query User{C3814DDC-598B-4EF3-9F97-60B8D6CD7BFD}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{A6AE3652-AF1B-4782-B61E-905256275277}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [{BEEC17A9-0BA9-4E73-928E-9DF51B413D80}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8E902407-FB7C-4FCB-8F14-8CE747F79C9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{59E16A4A-632B-489C-B4F8-4DBFAA81CB9F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F40613B2-F633-427E-918D-6E87281DD609}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AFEC8C95-5498-4272-A050-A9C9792918E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{1A1189BC-3712-4984-885A-D3CD95E28B63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{6D7B71DC-255D-4C8B-A673-DCCAFA81CFA2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth module
Description: Bluetooth module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/05/2015 04:50:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19872655
 
Error: (05/05/2015 04:50:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19872655
 
Error: (05/05/2015 04:50:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/05/2015 04:50:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19871657
 
Error: (05/05/2015 04:50:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19871657
 
Error: (05/05/2015 04:50:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/05/2015 04:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19870659
 
Error: (05/05/2015 04:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19870659
 
Error: (05/05/2015 04:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/05/2015 04:50:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19869645
 
 
System errors:
=============
Error: (05/05/2015 04:56:26 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Error: (05/05/2015 04:56:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
45967259
 
Error: (05/05/2015 04:54:45 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 16:50:14 on ‎05/‎05/‎2015 was unexpected.
 
Error: (05/02/2015 10:12:24 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 70. The internal error state is 105.
 
Error: (05/02/2015 10:12:22 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 70. The internal error state is 105.
 
Error: (05/01/2015 05:15:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 80.
 
Error: (05/01/2015 05:15:07 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 80.
 
Error: (04/30/2015 06:26:06 AM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
 
Error: (04/29/2015 03:54:56 AM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
 
Error: (04/27/2015 08:37:06 PM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
 
 
Microsoft Office Sessions:
=========================
Error: (05/05/2015 04:50:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19872655
 
Error: (05/05/2015 04:50:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19872655
 
Error: (05/05/2015 04:50:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/05/2015 04:50:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19871657
 
Error: (05/05/2015 04:50:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19871657
 
Error: (05/05/2015 04:50:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/05/2015 04:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19870659
 
Error: (05/05/2015 04:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19870659
 
Error: (05/05/2015 04:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/05/2015 04:50:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19869645
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 34%
Total physical RAM: 8077.86 MB
Available physical RAM: 5331.07 MB
Total Pagefile: 16153.91 MB
Available Pagefile: 13244.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:31.37 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:393.86 GB) (Free:288.29 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: C3664E96)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:56 PM

Posted 09 May 2015 - 07:32 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Remove this program in bold using the Add/Remove Programs appler
Media View (HKLM-x32\...\MediaViewV1alpha4503) (Version: 1.1 - Media View) <==== ATTENTION
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

CreateRestorePoint:
CloseProcesses:

AppInit_DLLs-x32: , c:\progra~2\common~1\system\1044\biapp.dll => "c:\progra~2\common~1\system\1044\biapp.dll" File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121009221043.dll No File
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121009221043.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Extension: (Web Search) - C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlceijfdfeghdhmmbhbcffanmcggoojf [2014-04-15]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bnfgnonpldgdciiifmhcmjjnmdpiokio] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4503\ch\MediaViewV1alpha4503.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jlceijfdfeghdhmmbhbcffanmcggoojf] - https://clients2.google.com/service/update2/crx
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
S0 45967259; system32\drivers\42229114.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlceijfdfeghdhmmbhbcffanmcggoojf
C:\Users\Carter\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Carter\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Carter\AppData\Local\Temp\nvStInst.exe
Task: {3147D6B3-85B6-47E8-A20F-240EABB0AD55} - \PCHB_Carter_PCHealthBoost_LG_DailyTask No Task File <==== ATTENTION
Task: {42745393-2E7E-4960-A698-8F7472BBD756} - \PCHB_Carter_PCHealthBoost_RS_DailyTask No Task File <==== ATTENTION
Task: {53410775-8BA4-4FC5-BBAD-A255A18565D8} - \Idle~Crawler Runner No Task File <==== ATTENTION
Task: {8C4359BB-EFFD-4F6B-BC10-1E0E6DCE5A94} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\WSystemArmor.exe <==== ATTENTION
Task: {A0D297B3-D494-497A-9736-701E2DA8EBF0} - System32\Tasks\Browser Updater\Browser Updater => C:\Program Files (x86)\HomeTab\WPackageUpdater.exe <==== ATTENTION
Task: {B4B09CE1-3382-4F0C-BDCC-9ABD43CE438A} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files (x86)\HomeTab\WBrowserDirect.exe <==== ATTENTION
Task: {C299CE56-9D9B-4427-8337-3C3FFF76E98D} - \PCHB_Carter_PCHealthBoost_LogonTask No Task File <==== ATTENTION
Task: {EC55ADF9-5EFB-4DE1-8ADA-671255C8A6EE} - \Microsoft\Windows\Maintenance\Idle~Crawler Update No Task File <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{05D173C9-10EE-42B2-BC33-D61E1E178400}.exe <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{089AD1E2-4EA1-4AE7-8828-90AD9E7A716F}.exe <==== ATTENTION
AlternateDataStreams: C:\Users\Carter\MediaFire:mf_x

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

How is the computer running now?

#3 Txanquility

Txanquility
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:56 PM

Posted 10 May 2015 - 04:10 PM

Hello, thanks for your help!

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2015
Ran by Carter at 2015-05-10 21:00:43 Run:1
Running from C:\Users\Carter\Desktop
Loaded Profiles: Carter (Available profiles: Carter)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
CreateRestorePoint:
CloseProcesses:
 
AppInit_DLLs-x32: , c:\progra~2\common~1\system\1044\biapp.dll => "c:\progra~2\common~1\system\1044\biapp.dll" File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121009221043.dll No File
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121009221043.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Extension: (Web Search) - C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlceijfdfeghdhmmbhbcffanmcggoojf [2014-04-15]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bnfgnonpldgdciiifmhcmjjnmdpiokio] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4503\ch\MediaViewV1alpha4503.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jlceijfdfeghdhmmbhbcffanmcggoojf] - https://clients2.google.com/service/update2/crx
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
S0 45967259; system32\drivers\42229114.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlceijfdfeghdhmmbhbcffanmcggoojf
C:\Users\Carter\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Carter\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Carter\AppData\Local\Temp\nvStInst.exe
Task: {3147D6B3-85B6-47E8-A20F-240EABB0AD55} - \PCHB_Carter_PCHealthBoost_LG_DailyTask No Task File <==== ATTENTION
Task: {42745393-2E7E-4960-A698-8F7472BBD756} - \PCHB_Carter_PCHealthBoost_RS_DailyTask No Task File <==== ATTENTION
Task: {53410775-8BA4-4FC5-BBAD-A255A18565D8} - \Idle~Crawler Runner No Task File <==== ATTENTION
Task: {8C4359BB-EFFD-4F6B-BC10-1E0E6DCE5A94} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\WSystemArmor.exe <==== ATTENTION
Task: {A0D297B3-D494-497A-9736-701E2DA8EBF0} - System32\Tasks\Browser Updater\Browser Updater => C:\Program Files (x86)\HomeTab\WPackageUpdater.exe <==== ATTENTION
Task: {B4B09CE1-3382-4F0C-BDCC-9ABD43CE438A} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files (x86)\HomeTab\WBrowserDirect.exe <==== ATTENTION
Task: {C299CE56-9D9B-4427-8337-3C3FFF76E98D} - \PCHB_Carter_PCHealthBoost_LogonTask No Task File <==== ATTENTION
Task: {EC55ADF9-5EFB-4DE1-8ADA-671255C8A6EE} - \Microsoft\Windows\Maintenance\Idle~Crawler Update No Task File <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{05D173C9-10EE-42B2-BC33-D61E1E178400}.exe <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{089AD1E2-4EA1-4AE7-8828-90AD9E7A716F}.exe <==== ATTENTION
AlternateDataStreams: C:\Users\Carter\MediaFire:mf_x
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
", c:\progra~2\common~1\system\1044\biapp.dll" => Value Data removed successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1154380041-1407329815-1326168379-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}" => Key deleted successfully.
"HKCR\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skype4com" => Key deleted successfully.
HKCR\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => Key not found. 
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll not found.
C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll not found.
C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll not found.
C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll not found.
c:\progra~2\mcafee\msc\npmcsn~1.dll not found.
C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlceijfdfeghdhmmbhbcffanmcggoojf => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bnfgnonpldgdciiifmhcmjjnmdpiokio" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jlceijfdfeghdhmmbhbcffanmcggoojf" => Key deleted successfully.
MozillaMaintenance => Service deleted successfully.
45967259 => Service deleted successfully.
taphss6 => Service deleted successfully.
"C:\Users\Carter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlceijfdfeghdhmmbhbcffanmcggoojf" => File/Directory not found.
C:\Users\Carter\AppData\Local\Temp\nvSCPAPI64.dll => Moved successfully.
C:\Users\Carter\AppData\Local\Temp\nvStereoApiI64.dll => Moved successfully.
C:\Users\Carter\AppData\Local\Temp\nvStInst.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3147D6B3-85B6-47E8-A20F-240EABB0AD55}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3147D6B3-85B6-47E8-A20F-240EABB0AD55}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCHB_Carter_PCHealthBoost_LG_DailyTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42745393-2E7E-4960-A698-8F7472BBD756}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42745393-2E7E-4960-A698-8F7472BBD756}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCHB_Carter_PCHealthBoost_RS_DailyTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{53410775-8BA4-4FC5-BBAD-A255A18565D8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53410775-8BA4-4FC5-BBAD-A255A18565D8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Idle~Crawler Runner" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8C4359BB-EFFD-4F6B-BC10-1E0E6DCE5A94}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C4359BB-EFFD-4F6B-BC10-1E0E6DCE5A94}" => Key deleted successfully.
C:\Windows\System32\Tasks\ProtectedSearch\Protected Search => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProtectedSearch\Protected Search" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A0D297B3-D494-497A-9736-701E2DA8EBF0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0D297B3-D494-497A-9736-701E2DA8EBF0}" => Key deleted successfully.
C:\Windows\System32\Tasks\Browser Updater\Browser Updater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater\Browser Updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B4B09CE1-3382-4F0C-BDCC-9ABD43CE438A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4B09CE1-3382-4F0C-BDCC-9ABD43CE438A}" => Key deleted successfully.
C:\Windows\System32\Tasks\SystemSockets\SystemSockets => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemSockets\SystemSockets" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C299CE56-9D9B-4427-8337-3C3FFF76E98D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C299CE56-9D9B-4427-8337-3C3FFF76E98D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCHB_Carter_PCHealthBoost_LogonTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC55ADF9-5EFB-4DE1-8ADA-671255C8A6EE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC55ADF9-5EFB-4DE1-8ADA-671255C8A6EE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\Idle~Crawler Update" => Key deleted successfully.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => Moved successfully.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => Moved successfully.
"C:\Users\Carter\MediaFire" => ":mf_x" ADS not found.
 
 
The system needed a reboot. 
 
==== End of Fixlog 21:01:44 ====
 
Nothing in ADWCleaner either :(
 
# AdwCleaner v4.203 - Logfile created 10/05/2015 at 21:07:27
# Updated 30/04/2015 by Xplode
# Database : 2015-05-09.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Carter - CARTER-PC
# Running from : C:\Users\Carter\Downloads\adwcleaner_4.203.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17728
 
 
-\\ Mozilla Firefox v31.0 (x86 en-US)
 
 
-\\ Google Chrome v42.0.2311.135
 
 
-\\ Chromium v
 
 
-\\ Comodo Dragon v
 
 
-\\ Chrome Canary v
 
 
*************************
 
AdwCleaner[R0].txt - [9258 bytes] - [02/02/2015 20:10:29]
AdwCleaner[R1].txt - [2719 bytes] - [22/03/2015 01:08:06]
AdwCleaner[R2].txt - [13447 bytes] - [05/05/2015 19:49:43]
AdwCleaner[R3].txt - [912 bytes] - [10/05/2015 21:07:27]
AdwCleaner[S0].txt - [9177 bytes] - [02/02/2015 20:12:22]
AdwCleaner[S1].txt - [2051 bytes] - [05/05/2015 19:52:36]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1088 bytes] ##########
 
Still painfully slow loading anything, could this be something else?
 
Thank you


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:56 PM

Posted 11 May 2015 - 10:26 AM


There could be some remnant items.

Run an online scan with Eset (easiest with Internet Explorer): http://www.eset.com/onlinescan/
To shorten the scanning time disable your antivirus program while scanning.

Select Enable detection of potentially unwanted applications.
Click Advanced Settings.

Deselect Remove found threats.

Select:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology


Click Start.

When the scan is finished, click on List of found threats and then Export to text file. Copy the content of the text file and paste its content in your reply.
<<<>>>

How is the computer running now?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users