I downloaded something that has turned my system into a nightmare!
Whenever i browse online now, I get the little popup window which never fails to scare me with the voice!!!
Viewing this forums latest thread, I found this: http://www.geekstogo...reats-detected/
I am now attaching my FRST.txt and Addition.txt
Thanks in advance!
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014 Ran by joe at 2014-12-30 22:36:08 Running from C:\Users\joe\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden 7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia) Car Mechanic Simulator 2014 (HKLM-x32\...\Steam App 270850) (Version: - PlayWay S.A.) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Cisco Unified CME Telephone Service Provider (HKLM-x32\...\{535BFE49-6BC3-4442-B94A-F5B7EC91FB9A}) (Version: 2.2.0.5 - Cisco Systems) Cisco Unified CME Telephone Service Provider (x32 Version: 2.2.0.5 - Cisco Systems) Hidden Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology) Construction Simulator 2015 (HKLM-x32\...\Construction Simulator 2015_is1) (Version: - ) Construction-Simulator 2015 (HKLM-x32\...\Steam App 289950) (Version: - weltenbauer. Software Entwicklung GmbH) CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden Dropbox (HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.) Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation) Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) Euro Truck Simulator 2 Multiplayer 0.1.2 R2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.2 R2 Alpha - ETS2MP Team) Farming Simulator 15 (HKLM-x32\...\Steam App 313160) (Version: - Giants Software) FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse) FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.) Git version 1.9.0-preview20140217 (HKLM-x32\...\Git_is1) (Version: 1.9.0-preview20140217 - The Git Development Community) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.) Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - ) IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle) Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation) Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation) join.me (HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\JoinMe) (Version: 1.18.0.189 - LogMeIn, Inc.) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden Logitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) MechWarrior Online (HKLM-x32\...\{73bcb521-8936-42d7-ad00-ec2bb399e26c}) (Version: 1.4.3.0 - Piranha Games Inc.) MechWarrior Online (x32 Version: 1.4.3.0 - Piranha Games Inc.) Hidden Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Advertising SDK for Windows Phone - ENU (HKLM-x32\...\{690C08C1-3233-49E3-9E6A-5850B452A78A}) (Version: 5.2.1027.0 - Microsoft Corporation) Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation) Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation) Microsoft Expression Blend 3 SDK (HKLM-x32\...\{256E7DAC-9BE8-494E-8DE7-7857BF96B774}) (Version: 1.0.1343.0 - Microsoft Corporation) Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.30816.0) (Version: 4.0.30816.0 - Microsoft Corporation) Microsoft Expression Blend 4 Add-in for Adobe FXG Import (HKLM-x32\...\{EFBBD030-48F0-43B3-A8AD-789894DAD0B5}) (Version: 1.0.20817.0 - Microsoft Corporation) Microsoft Expression Blend SDK for .NET 4 (HKLM-x32\...\{9B3A1C97-A361-463E-8817-444F9F88CDFE}) (Version: 2.0.20525.0 - Microsoft Corporation) Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}) (Version: 2.0.20525.0 - Microsoft Corporation) Microsoft Expression Blend SDK for Windows Phone 7 (HKLM-x32\...\{69E11501-75F7-4ACE-8103-52513DDCFE26}) (Version: 2.0.20901.0 - Microsoft Corporation) Microsoft Expression Blend SDK for Windows Phone OS 7.1 (HKLM-x32\...\{12B8E200-99CC-4203-A8D1-4145FC4D0192}) (Version: 2.0.30816.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation) Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation) Microsoft Project Professional 2013 (HKLM\...\Office15.PRJPROR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation) Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation) Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31007 - Microsoft Corporation) Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{c268086c-18ee-4c0d-b057-1f49530d413a}) (Version: 11.0.50727.26 - Microsoft Corporation) Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation) Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation) Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Microsoft XNA Game Studio 4.0 Refresh (HKLM-x32\...\XNA Game Studio 4.0) (Version: 4.0.30901.0 - Microsoft Corporation) Microsoft XNA Game Studio Platform Tools (HKLM-x32\...\{89690B51-2E21-4E93-914E-F9CAC5B24A84}) (Version: 1.4.0.0 - Microsoft Corporation) NeuroSolutions 4 (HKLM-x32\...\{3A935DC1-0BA6-11D4-AE7C-00E098090559}) (Version: 4.0 - ) Nmap 5.61-Spiceworks (HKLM-x32\...\Spiceworks-Nmap) (Version: - ) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) Oculus Display Driver (Install Only) (HKLM\...\{838E19D4-E96F-4A26-B75F-5644E8AC80E6}) (Version: 1.1.9.0 - Oculus VR, LLC) Oculus Positional Tracker Driver (Install Only) (HKLM\...\{53CBAB0B-4713-4743-B62F-325ED1B6869F}) (Version: 0.0.1.7 - Oculus VR, LLC) Oculus Runtime (HKLM-x32\...\Oculus Runtime 0.4.3 Rev 1) (Version: 0.4.3 Rev 1 - Oculus VR, LLC) Office 15 Click-to-Run Extensibility Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Oracle VM VirtualBox 4.3.16 (HKLM\...\{D7FAEA32-7CE3-4D9F-9139-F7B87BCC50AF}) (Version: 4.3.16 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden paint.net (HKLM\...\{141BA46D-2D1F-4DA6-9448-B847334585C0}) (Version: 4.0.4 - dotPDN LLC) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software) PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound) Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.02 - Razer Inc.) Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.) Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation) Ship Simulator Extremes (HKLM-x32\...\Steam App 48800) (Version: - VStep) SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.100 - Skype Technologies S.A.) Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion) SourceTree (HKLM-x32\...\SourceTree 1.4.1) (Version: 1.4.1 - Atlassian) SourceTree (x32 Version: 1.4.1 - Atlassian) Hidden Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version: - Yager) Spiceworks (HKLM-x32\...\Spiceworks) (Version: 7.2.00207 - Spiceworks, Inc.) Spintires (HKLM-x32\...\Steam App 263280) (Version: - Oovee® Game Studios) Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) SWAT 4 (HKLM-x32\...\InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}) (Version: 1.0.31763 - Sierra Entertainment, Inc.) SWAT 4 (x32 Version: 1.0.31763 - Sierra Entertainment, Inc.) Hidden swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer) TortoiseGit 1.8.11.0 (64 bit) (HKLM\...\{56AB2BBB-7F02-4F4E-8FE2-8E83857E2E4B}) (Version: 1.8.11.0 - TortoiseGit) Unity Web Player (HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) VB Decompiler Lite (HKLM-x32\...\VB Decompiler Lite_is1) (Version: - DotFix Software) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation) Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.) WampServer 2.2 (HKLM-x32\...\WampServer 2_is1) (Version: - Hervé Leclerc (HeL)) War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment) Warface (HKLM-x32\...\Steam App 291480) (Version: - Crytek) WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden WCF Data Services SDK for Windows Phone (HKLM-x32\...\{6F33C2E2-5E02-4344-90BC-ED55C48341D2}) (Version: 4.7.6.0 - Microsoft Corporation) WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Phone Emulator x64 - ENU (HKLM\...\{C9AEABC2-1DD6-3280-9A1A-11E1E8D34AAD}) (Version: 10.0.40219 - Microsoft Corporation) Windows Phone SDK 7.1 - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU) (Version: 10.1.40219 - Microsoft Corporation) Windows Phone SDK 7.1 Add-in for Visual Studio 2010 - ENU (HKLM-x32\...\{A721BC43-E63E-3531-B1BF-6A405F9530BD}) (Version: 10.0.40219 - Microsoft Corporation) Windows Phone SDK 7.1 Extensions for XNA Game Studio 4.0 (HKLM-x32\...\{A4CC18F6-DB05-4B03-B724-4128322FA85F}) (Version: 4.0.30901.0 - Microsoft Corporation) WinPcap 4.1.2-Spiceworks (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.10 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.3 - win.rar GmbH) WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation) XChat 2 (remove only) (HKLM-x32\...\xchat) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll () CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 25-12-2014 23:16:02 Installed DirectX 30-12-2014 15:19:41 avast! antivirus system restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 13:25 - 2014-06-22 14:13 - 00000851 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0B45FDA5-1B0A-425B-983F-4F5ADB47F751} - System32\Tasks\avastBCLRestartS-1-5-21-2566896282-1077780563-609952791-1001 => Chrome.exe Task: {1BB058F1-6277-4705-83A9-9330019D4D97} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation) Task: {22FDD237-29D1-49D1-A662-D4EF55096950} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {2A60B426-70C7-4DF8-A48D-C1E593F4CC71} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation) Task: {381C6348-B81A-4743-803D-D0CDCABD52B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {399A6047-FA14-475F-BC9D-193C149E3AC6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-10] (Microsoft Corporation) Task: {4D41822D-D07F-43A0-AA46-880BA5A6F5B6} - System32\Tasks\{40F25481-009F-4335-8EE3-670300C8537B} => Chrome.exe http://ui.skype.com/ui/0/6.21.60.104/en/go/help.faq.installer?LastError=1603 Task: {557DD657-ED49-4C8F-927C-2D14964D7670} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001Core => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe Task: {75C3A83D-D114-49C2-8FAD-98C853D3B20A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JoePC-joe JoePC => C:\Program Files\Microsoft Office 15\root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation) Task: {87DB3C1F-4893-456C-A6D2-4F647B2D3E68} - System32\Tasks\{4910726B-2E21-4B85-84A8-5B361DBDFD70} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/en/go/help.faq.installer?LastError=1603 Task: {8B11A2AA-2B86-4C11-9554-9E989816DBC8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation) Task: {A26F8839-1022-4CAF-8D84-47C305783BBD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {BECB07AE-0037-4072-B56D-FEEB5FF3AFEC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001UA => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe Task: {DA1F627F-FB69-4E3A-85F4-C23903A96583} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated) Task: {F275C14D-E81F-411E-A408-226F5651CA47} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-30] (AVAST Software) Task: {FDC0E24C-FE74-4E8B-9027-9D70BE63A1C9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001Core.job => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001UA.job => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-11-18 08:25 - 2014-09-23 13:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll 2014-08-22 16:06 - 2014-08-22 16:06 - 00792424 _____ () C:\Program Files\TortoiseGit\bin\libgit2_tgit.dll 2014-08-22 16:06 - 2014-08-22 16:06 - 00087400 _____ () C:\Program Files\TortoiseGit\bin\zlib1_tgit.dll 2014-03-15 17:59 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-11-04 17:36 - 2014-10-23 22:42 - 00230416 _____ () C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe 2014-11-17 02:39 - 2014-11-17 02:39 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2014-11-04 17:36 - 2014-10-23 22:42 - 01108496 _____ () C:\Program Files (x86)\Oculus\Service\OVRServer_x64.exe 2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-12-30 20:40 - 2014-12-30 20:40 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14123001\algo.dll 2014-11-18 08:25 - 2014-09-23 11:43 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-08-22 15:51 - 2014-08-22 15:51 - 00592232 _____ () C:\Program Files\TortoiseGit\bin\libgit232_tgit.dll 2014-08-22 15:51 - 2014-08-22 15:51 - 00076648 _____ () C:\Program Files\TortoiseGit\bin\zlib132_tgit.dll 2014-05-27 18:04 - 2014-05-27 18:04 - 00011776 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\encdb.so 2014-05-27 18:04 - 2014-05-27 18:04 - 00009216 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\iso_8859_1.so 2014-05-27 18:04 - 2014-05-27 18:04 - 00013312 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\trans\transdb.so 2014-05-27 18:13 - 2014-05-27 18:13 - 00015360 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\racc\cparse.so 2014-05-27 18:12 - 2014-05-27 18:12 - 00019456 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\iconv.so 2014-05-27 17:59 - 2014-05-27 17:59 - 00864768 _____ () C:\Program Files (x86)\Spiceworks\bin\iconv.dll 2014-05-27 18:05 - 2014-05-27 18:05 - 00094720 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\trans\single_byte.so 2014-05-27 18:13 - 2014-05-27 18:13 - 00022528 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\stringio.so 2014-05-27 18:13 - 2014-05-27 18:13 - 00078336 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\syck.so 2014-05-27 18:11 - 2014-05-27 18:11 - 00109056 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\date_core.so 2014-05-27 18:14 - 2014-05-27 18:14 - 00053248 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\efs.so 2014-05-27 17:55 - 2014-05-27 17:55 - 00168960 _____ () C:\Program Files (x86)\Spiceworks\bin\qdbm.dll 2014-05-27 18:13 - 2014-05-27 18:13 - 00080384 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\zlib.so 2014-05-27 18:04 - 2014-05-27 18:04 - 00009216 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_16le.so 2014-05-27 18:05 - 2014-05-27 18:05 - 00013312 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\trans\utf_16_32.so 2014-05-27 18:12 - 2014-05-27 18:12 - 00008704 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\etc.so 2014-05-27 18:12 - 2014-05-27 18:12 - 00008192 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\monitor_mixin.so 2014-05-27 18:12 - 2014-05-27 18:12 - 00047104 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\dl.so 2014-05-27 18:13 - 2014-05-27 18:13 - 00017408 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\strscan.so 2014-05-27 18:19 - 2014-05-27 18:19 - 00025600 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\sqlite3-1.3.8\lib\sqlite3\sqlite3_native.so 2014-05-27 17:55 - 2014-05-27 17:55 - 00427520 _____ () C:\Program Files (x86)\Spiceworks\bin\sqlite3.dll 2014-05-27 18:13 - 2014-05-27 18:13 - 00177664 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\openssl.so 2014-05-27 17:55 - 2014-05-27 17:55 - 00067584 _____ () C:\Program Files (x86)\Spiceworks\bin\zlib1.dll 2014-05-27 18:11 - 2014-05-27 18:11 - 00012288 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest.so 2014-05-27 18:12 - 2014-05-27 18:12 - 00007680 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\fcntl.so 2014-05-27 18:13 - 2014-05-27 18:13 - 00022016 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\pathname.so 2014-05-27 18:14 - 2014-05-27 18:14 - 00011776 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\service.so 2014-05-27 18:04 - 2014-05-27 18:04 - 00009216 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_16be.so 2014-05-27 18:13 - 2014-05-27 18:13 - 00086016 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\socket.so 2014-05-27 18:11 - 2014-05-27 18:11 - 00053248 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\bigdecimal.so 2014-05-27 18:12 - 2014-05-27 18:12 - 00171520 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\nkf.so 2014-05-27 18:04 - 2014-05-27 18:04 - 00011264 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\euc_jp.so 2014-05-27 18:04 - 2014-05-27 18:04 - 00010752 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\shift_jis.so 2014-05-27 18:04 - 2014-05-27 18:04 - 00008192 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_32be.so 2014-05-27 18:18 - 2014-05-27 18:18 - 00028672 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\json-1.8.1\lib\json\ext\parser.so 2014-05-27 18:04 - 2014-05-27 18:04 - 00008192 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_32le.so 2014-05-27 18:18 - 2014-05-27 18:18 - 00028160 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\json-1.8.1\lib\json\ext\generator.so 2014-05-27 18:11 - 2014-05-27 18:11 - 00010240 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest\md5.so 2014-05-27 18:11 - 2014-05-27 18:11 - 00012800 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest\sha1.so 2014-05-27 18:18 - 2014-05-27 18:18 - 00052224 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\nokogiri-1.4.1\lib\nokogiri\nokogiri.so 2014-05-27 18:03 - 2014-05-27 18:03 - 00061440 _____ () C:\Program Files (x86)\Spiceworks\bin\libexslt.dll 2014-05-27 18:03 - 2014-05-27 18:03 - 00171008 _____ () C:\Program Files (x86)\Spiceworks\bin\libxslt.dll 2014-05-27 18:02 - 2014-05-27 18:02 - 00996352 _____ () C:\Program Files (x86)\Spiceworks\bin\libxml2.dll 2014-05-27 18:18 - 2014-05-27 18:18 - 00011776 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\image_science-1.2.1\lib\image_science.so 2014-05-27 18:12 - 2014-05-27 18:12 - 00015872 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest\sha2.so 2014-05-27 18:15 - 2014-05-27 18:15 - 00045568 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\bits.so 2014-05-27 18:13 - 2014-05-27 18:13 - 00075776 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\win32ole.so 2014-05-27 18:15 - 2014-05-27 18:15 - 00026112 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\async_ping.so 2014-05-27 18:14 - 2014-05-27 18:14 - 00101376 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\event_log.so 2014-05-27 18:18 - 2014-05-27 18:18 - 00027648 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\net-snmp-0.2.5\lib\netsnmp_api.so 2014-05-27 18:01 - 2014-05-27 18:01 - 00397312 _____ () C:\Program Files (x86)\Spiceworks\bin\netsnmp.dll 2014-05-27 18:18 - 2014-05-27 18:18 - 00060416 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\curb-0.7.12\lib\curb_core.so 2014-05-27 18:19 - 2014-05-27 18:19 - 00025088 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\win32-api-1.4.8\lib\win32\api.so 2014-05-27 17:55 - 2014-05-27 17:55 - 00067584 _____ () C:\Program Files (x86)\Spiceworks\httpd\bin\zlib1.dll 2014-09-14 17:24 - 2014-12-01 21:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2014-09-14 17:24 - 2014-12-01 21:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2014-09-14 17:24 - 2014-12-01 21:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2014-09-14 17:24 - 2014-12-01 21:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2014-03-15 18:04 - 2014-11-11 18:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2014-12-04 23:20 - 2014-12-02 00:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll 2014-05-21 20:01 - 2014-12-19 23:38 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll 2014-12-04 23:20 - 2014-12-02 00:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2014-12-04 23:20 - 2014-12-02 00:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2014-09-14 17:24 - 2014-12-01 21:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2014-03-15 18:04 - 2014-12-19 23:38 - 00696000 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2014-11-10 19:56 - 2014-12-23 09:45 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll 2014-11-10 19:55 - 2014-12-23 09:45 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll 2014-11-10 19:55 - 2014-12-23 09:45 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll 2014-11-10 19:55 - 2014-12-23 09:45 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll 2014-11-10 19:55 - 2014-12-23 09:45 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll 2014-11-10 19:55 - 2014-12-23 09:45 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll 2014-11-10 19:55 - 2014-12-23 09:45 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll 2014-11-10 19:55 - 2014-12-23 09:45 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll 2014-03-15 18:04 - 2014-12-19 23:38 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2014-10-22 00:22 - 2014-10-22 00:22 - 00750080 _____ () C:\Users\joe\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2014-12-30 22:22 - 2014-12-30 22:22 - 00043008 _____ () c:\users\joe\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_7mawk.dll 2014-10-22 00:22 - 2014-10-22 00:22 - 00047616 _____ () C:\Users\joe\AppData\Roaming\Dropbox\bin\libEGL.dll 2014-10-22 00:22 - 2014-10-22 00:22 - 00863744 _____ () C:\Users\joe\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2014-10-22 00:22 - 2014-10-22 00:22 - 00200704 _____ () C:\Users\joe\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2014-12-30 15:20 - 2014-12-30 15:20 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-10-16 09:15 - 2014-10-16 09:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2014-05-24 16:41 - 2014-05-24 16:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll 2014-05-24 16:41 - 2014-05-24 16:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll 2014-09-14 17:28 - 2014-09-04 03:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll 2014-09-14 17:28 - 2014-09-04 03:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll 2014-09-14 17:28 - 2014-09-04 03:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll 2014-09-14 17:28 - 2014-09-04 03:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll 2014-09-14 17:28 - 2014-09-04 03:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll 2014-09-14 17:28 - 2014-09-04 03:01 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\joe\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-2566896282-1077780563-609952791-500 - Administrator - Disabled) Guest (S-1-5-21-2566896282-1077780563-609952791-501 - Limited - Disabled) joe (S-1-5-21-2566896282-1077780563-609952791-1001 - Administrator - Enabled) => C:\Users\joe joem (S-1-5-21-2566896282-1077780563-609952791-1007 - Administrator - Enabled) ==================== Faulty Device Manager Devices ============= Name: SM Bus Controller Description: SM Bus Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI Simple Communications Controller Description: PCI Simple Communications Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (12/30/2014 04:45:56 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (12/30/2014 03:19:47 PM) (Source: VSS) (EventID: 12305) (User: ) Description: Volume Shadow Copy Service error: Volume/disk not connected or not found. Error context: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy7 - 00000000000001AC,0x00530194,0000000000000000,0,00000087A8641090,4096,[0]). Operation: Query Shadow Copies Error: (12/30/2014 03:19:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (12/30/2014 01:30:57 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program javaw.exe version 8.0.25.18 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 49e0 Start Time: 01d023be2e53dc3a Termination Time: 4294967295 Application Path: C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe Report Id: 78a9fb26-8fc3-11e4-82a1-94de8078bb23 Faulting package full name: Faulting package-relative application ID: Error: (12/29/2014 10:37:54 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program javaw.exe version 8.0.25.18 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1c58 Start Time: 01d023b4b0faed01 Termination Time: 4294967295 Application Path: C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe Report Id: 424cfdd4-8fab-11e4-82a1-94de8078bb23 Faulting package full name: Faulting package-relative application ID: Error: (12/29/2014 03:26:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: OUTLOOK.EXE, version: 15.0.4675.1003, time stamp: 0x548bae55 Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e Exception code: 0x80000003 Fault offset: 0x00000000000da26a Faulting process ID: 0xbe4 Faulting application start time: 0xOUTLOOK.EXE0 Faulting application path: OUTLOOK.EXE1 Faulting module path: OUTLOOK.EXE2 Report ID: OUTLOOK.EXE3 Faulting package full name: OUTLOOK.EXE4 Faulting package-relative application ID: OUTLOOK.EXE5 Error: (12/29/2014 01:38:39 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program 1198D42.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 5378 Start Time: 01d023080a25902e Termination Time: 4294967295 Application Path: C:\Users\joe\AppData\Local\Temp\1198D42.exe Report Id: 6919926f-8efb-11e4-82a1-94de8078bb23 Faulting package full name: Faulting package-relative application ID: Error: (12/28/2014 09:37:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: OUTLOOK.EXE, version: 15.0.4675.1003, time stamp: 0x548bae55 Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e Exception code: 0x80000003 Fault offset: 0x00000000000da26a Faulting process ID: 0x6b78 Faulting application start time: 0xOUTLOOK.EXE0 Faulting application path: OUTLOOK.EXE1 Faulting module path: OUTLOOK.EXE2 Report ID: OUTLOOK.EXE3 Faulting package full name: OUTLOOK.EXE4 Faulting package-relative application ID: OUTLOOK.EXE5 Error: (12/28/2014 07:14:23 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY) Description: There was an error with the Windows Location Provider database Error: (12/28/2014 01:47:36 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 System errors: ============= Error: (12/30/2014 10:24:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Google Update Service (gupdate) service failed to start due to the following error: %%2 Error: (12/30/2014 10:21:43 PM) (Source: DCOM) (EventID: 10010) (User: JoePC) Description: {CEFF45EE-C862-41DE-AEE2-A022C81EDA92} Error: (12/30/2014 04:51:11 PM) (Source: DCOM) (EventID: 10010) (User: JoePC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (12/30/2014 04:50:41 PM) (Source: DCOM) (EventID: 10010) (User: JoePC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (12/30/2014 04:42:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Google Update Service (gupdate) service failed to start due to the following error: %%2 Error: (12/30/2014 04:40:10 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The HitmanPro 3.7 Crusader (Boot) service terminated with the following service-specific error: %%0 Error: (12/30/2014 04:32:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Google Update Service (gupdate) service failed to start due to the following error: %%2 Error: (12/30/2014 04:31:18 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 252. Error: (12/30/2014 04:31:17 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 252. Error: (12/30/2014 04:30:32 PM) (Source: DCOM) (EventID: 10016) (User: JoePC) Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}JoePCjoeS-1-5-21-2566896282-1077780563-609952791-1001LocalHost (Using LRPC)UnavailableUnavailable Microsoft Office Sessions: ========================= Error: (12/30/2014 04:45:56 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (12/30/2014 03:19:47 PM) (Source: VSS) (EventID: 12305) (User: ) Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy7 - 00000000000001AC,0x00530194,0000000000000000,0,00000087A8641090,4096,[0]) Operation: Query Shadow Copies Error: (12/30/2014 03:19:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. Error: (12/30/2014 01:30:57 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: javaw.exe8.0.25.1849e001d023be2e53dc3a4294967295C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe78a9fb26-8fc3-11e4-82a1-94de8078bb23 Error: (12/29/2014 10:37:54 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: javaw.exe8.0.25.181c5801d023b4b0faed014294967295C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe424cfdd4-8fab-11e4-82a1-94de8078bb23 Error: (12/29/2014 03:26:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: OUTLOOK.EXE15.0.4675.1003548bae55KERNELBASE.dll6.3.9600.1727853eebf2e8000000300000000000da26abe401d0237bc0bdbad0C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXEC:\Windows\system32\KERNELBASE.dll0779765e-8f6f-11e4-82a1-94de8078bb23 Error: (12/29/2014 01:38:39 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: 1198D42.exe0.0.0.0537801d023080a25902e4294967295C:\Users\joe\AppData\Local\Temp\1198D42.exe6919926f-8efb-11e4-82a1-94de8078bb23 Error: (12/28/2014 09:37:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: OUTLOOK.EXE15.0.4675.1003548bae55KERNELBASE.dll6.3.9600.1727853eebf2e8000000300000000000da26a6b7801d022e6854d472cC:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXEC:\Windows\system32\KERNELBASE.dllc797c089-8ed9-11e4-82a1-94de8078bb23 Error: (12/28/2014 07:14:23 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY) Description: -2147024883 Error: (12/28/2014 01:47:36 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 CodeIntegrity Errors: =================================== Date: 2014-12-15 05:48:36.956 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-10 04:05:22.221 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-06 02:54:12.945 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-23 04:17:52.329 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-21 06:14:13.406 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-19 07:25:13.237 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-18 08:24:09.605 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-13 10:49:26.678 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-05 17:49:09.383 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-04 22:35:20.432 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz Percentage of memory in use: 20% Total physical RAM: 16271.93 MB Available physical RAM: 12956.27 MB Total Pagefile: 32655.93 MB Available Pagefile: 28588.91 MB Total Virtual: 131072 MB Available Virtual: 131071.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.54 GB) (Free:21.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (1Tb) (Fixed) (Total:931.41 GB) (Free:172.22 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive g: (15.0.4420.1017) (CDROM) (Total:0.79 GB) (Free:0 GB) UDF Drive h: (VS2010Express) (CDROM) (Total:0.68 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 17F5E65F) Partition 1: (Active) - (Size=232.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 16B190B3) Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Active) - (Size=931.4 GB) - (Type=07 NTFS) ==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014 Ran by joe (administrator) on JOEPC on 30-12-2014 22:35:46 Running from C:\Users\joe\Downloads Loaded Profile: joe (Available profiles: joe) Platform: Windows 8.1 Pro (X64) OS Language: English (United Kingdom) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe () C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe () C:\Windows\System32\PnkBstrA.exe () C:\Program Files (x86)\Oculus\Service\OVRServer_x64.exe (Spiceworks, Inc.) C:\Program Files (x86)\Spiceworks\bin\spiceworks.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Apache Software Foundation) C:\Program Files (x86)\Spiceworks\httpd\bin\spiceworks-httpd.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Apache Software Foundation) C:\Program Files (x86)\Spiceworks\httpd\bin\spiceworks-httpd.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe (http://tortoisegit.org/) C:\Program Files\TortoiseGit\bin\TGitCache.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (Oculus VR, LLC) C:\Program Files (x86)\Oculus\Tools\OculusConfigUtil.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Dropbox, Inc.) C:\Users\joe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-27] (Logitech Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585048 2014-04-17] (Razer Inc.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-30] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872160 2014-12-03] (Skype Technologies S.A.) HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1941696 2014-12-19] (Valve Corporation) HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-23] (Electronic Arts) HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\MountPoints2: {2a78f0b1-ac71-11e3-824f-94de8078bb23} - "G:\SETUP.EXE" HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\MountPoints2: {2a78f7f3-ac71-11e3-824f-94de8078bb23} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL H:\setup.hta HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\MountPoints2: {2a7910cb-ac71-11e3-824f-94de8078bb23} - "F:\LaunchU3.exe" -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OculusConfigUtil.lnk ShortcutTarget: OculusConfigUtil.lnk -> C:\Program Files (x86)\Oculus\Tools\OculusConfigUtil.exe (Oculus VR, LLC) Startup: C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\joe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms} HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/en-gb/?pc=UP97&ocid=UP97DHP HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/ HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB) FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.) FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\joe\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @talk.google.com/O1DPlugin -> C:\Users\joe\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @tools.google.com/Google Update;version=3 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @tools.google.com/Google Update;version=9 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\joe\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll No File FF Plugin ProgramFiles/Appdata: C:\Users\joe\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\joe\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-30] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Entanglement Web App) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-03-15] CHR Extension: (Google Docs) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-15] CHR Extension: (Docs Offline Background Page) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-15] CHR Extension: (YouTube) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-15] CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-08-20] CHR Extension: (Adblock Plus) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-15] CHR Extension: (Google Search) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-15] CHR Extension: (ZenMate) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-06-16] CHR Extension: (AdBlock) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-15] CHR Extension: (Avast Online Security) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-30] CHR Extension: (Mibbit webchat) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbadbkkklnhamjjeagmknajgmbgcmnpi [2014-03-15] CHR Extension: (Poppit!) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-03-15] CHR Extension: (Google Wallet) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-15] CHR Extension: (Hover Zoom+) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2014-12-06] CHR Extension: (Gmail) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-15] CHR Extension: (uuNisales) - C:\ProgramData\glblpgpkemjcgoomdngfhlojlkfmafog\ [2014-03-15] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-30] CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [Not Found] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-30] (AVAST Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-12-15] (EasyAntiCheat Ltd) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed] R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-23] (Electronic Arts) R2 OVRService; C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe [230416 2014-10-23] () [File not signed] R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-17] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-11-10] () R2 spiceworks; C:\Program Files (x86)\Spiceworks\bin\spiceworks.exe [47424 2014-06-14] (Spiceworks, Inc.) S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation) S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed] S3 wampapache; c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe [18432 2012-05-13] (Apache Software Foundation) [File not signed] S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [8177664 2012-04-19] () [File not signed] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-30] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-30] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-30] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-30] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-30] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-30] () R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-15] (Disc Soft Ltd) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2014-12-30] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-30] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2012-05-03] (CACE Technologies, Inc.) S3 OCUSBVID; C:\Windows\system32\DRIVERS\OCUSBVID.sys [47560 2014-10-23] (Oculus VR, LLC) R1 RiftEnabler; C:\Windows\system32\DRIVERS\RiftEnabler.sys [53704 2014-10-23] (Oculus VR, LLC) R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2014-05-19] (Razer Inc) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation) S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-30 22:35 - 2014-12-30 22:35 - 02123264 _____ (Farbar) C:\Users\joe\Downloads\FRST64.exe 2014-12-30 22:35 - 2014-12-30 22:35 - 00027275 _____ () C:\Users\joe\Downloads\FRST.txt 2014-12-30 22:29 - 2014-12-30 22:29 - 05604036 _____ (Swearware) C:\Users\joe\Downloads\ComboFix.exe 2014-12-30 22:29 - 2014-12-30 22:29 - 05604036 _____ (Swearware) C:\Users\joe\Desktop\ComboFix.exe 2014-12-30 16:40 - 2014-12-30 16:40 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys 2014-12-30 16:39 - 2014-12-30 16:39 - 00003080 _____ () C:\Windows\system32\.crusader 2014-12-30 16:34 - 2014-12-30 16:39 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-12-30 16:33 - 2014-12-30 16:34 - 11222744 _____ (SurfRight B.V.) C:\Users\joe\Downloads\HitmanPro_x64.exe 2014-12-30 16:33 - 2014-12-30 16:33 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-12-30 16:25 - 2014-12-30 16:29 - 00000000 ____D () C:\AdwCleaner 2014-12-30 16:25 - 2014-12-30 16:25 - 02173952 _____ () C:\Users\joe\Downloads\adwcleaner_4.106.exe 2014-12-30 15:28 - 2014-12-30 15:28 - 00003266 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-2566896282-1077780563-609952791-1001 2014-12-30 15:26 - 2014-12-30 15:26 - 00000000 ____D () C:\Users\joe\AppData\Roaming\AVAST Software 2014-12-30 15:20 - 2014-12-30 15:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-12-30 15:20 - 2014-12-30 15:20 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-12-30 15:20 - 2014-12-30 15:20 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-12-30 15:20 - 2014-12-30 15:20 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-12-30 15:20 - 2014-12-30 15:20 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-12-30 15:20 - 2014-12-30 15:20 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-12-30 15:20 - 2014-12-30 15:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-12-30 15:20 - 2014-12-30 15:20 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-12-30 15:20 - 2014-12-30 15:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-12-30 15:20 - 2014-12-30 15:20 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-12-30 15:20 - 2014-12-30 15:20 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-12-30 15:20 - 2014-12-30 15:20 - 00001940 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2014-12-30 15:20 - 2014-12-30 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2014-12-30 15:19 - 2014-12-30 15:19 - 05006864 _____ (AVAST Software) C:\Users\joe\Downloads\avast_free_antivirus_setup_online.exe 2014-12-30 15:19 - 2014-12-30 15:19 - 00000000 ____D () C:\Program Files\AVAST Software 2014-12-29 23:16 - 2014-12-29 23:16 - 00120575 _____ () C:\Users\joe\Downloads\jarjar-1.4.jar 2014-12-29 23:11 - 2014-12-29 23:11 - 00124725 _____ () C:\Users\joe\Desktop\testing.jar 2014-12-29 22:39 - 2014-12-29 22:39 - 22826996 _____ () C:\Users\joe\Downloads\spigot-1.8-R0.1-SNAPSHOT (1).jar 2014-12-29 22:11 - 2014-12-29 22:11 - 20610577 _____ () C:\Users\joe\Downloads\spigot-1.7.10-SNAPSHOT-b1657.jar 2014-12-29 22:07 - 2014-12-29 22:07 - 19578647 _____ () C:\Users\joe\Downloads\spigot-1.6.4-R2.1-1138.jar 2014-12-29 16:32 - 2014-12-29 16:32 - 01862383 _____ () C:\Users\joe\Downloads\MassiveCore-2.7.5.zip 2014-12-29 16:20 - 2014-12-29 16:20 - 00296044 _____ () C:\Users\joe\Downloads\Vault.jar 2014-12-29 15:54 - 2014-12-29 15:55 - 22826996 _____ () C:\Users\joe\Downloads\spigot-1.8-R0.1-SNAPSHOT.jar 2014-12-29 15:50 - 2014-12-29 16:04 - 00000000 ____D () C:\Users\joe\Desktop\DaegonnersPlugins 2014-12-29 15:49 - 2014-12-29 15:50 - 00468788 _____ () C:\Users\joe\Desktop\DaegonnersPlugins.zip 2014-12-29 01:38 - 2014-12-30 01:40 - 00000000 ____D () C:\Program Files (x86)\uuNisales 2014-12-29 01:38 - 2014-12-30 01:40 - 00000000 ____D () C:\Program Files (x86)\unnISaaLes 2014-12-29 01:38 - 2014-12-29 01:38 - 00000000 ____D () C:\ProgramData\glblpgpkemjcgoomdngfhlojlkfmafog 2014-12-28 21:56 - 2014-12-28 21:56 - 00556538 _____ () C:\Users\joe\Downloads\latest.log 2014-12-27 22:05 - 2014-12-27 22:05 - 02667105 _____ () C:\Users\joe\Downloads\Hub (1).jar 2014-12-25 23:16 - 2014-12-25 23:18 - 00000000 ____D () C:\Users\joe\Documents\ShipSimExtremes Userdata 2014-12-25 23:16 - 2014-12-25 23:16 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Quest3D 2014-12-24 22:06 - 2014-12-24 22:06 - 00003608 _____ () C:\Users\joe\Downloads\Construction_Simulator_2015-CODEX.torrent 2014-12-24 21:20 - 2014-12-24 21:20 - 00000000 ____D () C:\Users\joe\Downloads\teamspeak3-server_win64-3.0.11.2 2014-12-24 21:19 - 2014-12-24 21:19 - 04523318 _____ () C:\Users\joe\Downloads\teamspeak3-server_win64-3.0.11.2.zip 2014-12-23 13:10 - 2014-12-23 13:10 - 00010095 _____ () C:\Users\joe\Downloads\zzzzzzzzzzzzzzXP,Economy and Police.scs 2014-12-23 13:07 - 2014-12-23 13:07 - 00005968 _____ () C:\Users\joe\Downloads\iniciocom99999999999999999euros_bymodsmj.rar 2014-12-23 13:02 - 2014-12-23 13:02 - 03853552 _____ () C:\Users\joe\Downloads\ets2mp_client (1).zip 2014-12-23 12:50 - 2014-12-23 12:52 - 00000000 ____D () C:\Users\joe\AppData\Local\Temporary Projects 2014-12-23 12:43 - 2014-12-23 12:43 - 00036864 _____ () C:\Users\joe\Downloads\DW spreadsheet.xls 2014-12-23 11:52 - 2014-12-23 11:52 - 00065024 _____ () C:\Users\joe\Downloads\Group & Dist. Exec. Directory -18.11.2014 (2).xls 2014-12-22 20:59 - 2014-12-22 20:59 - 00000000 ____D () C:\Users\joe\AppData\Local\Blizzard Entertainment 2014-12-22 20:58 - 2014-12-29 01:42 - 00000000 ____D () C:\Users\joe\AppData\Local\Battle.net 2014-12-22 20:58 - 2014-12-22 20:59 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Battle.net 2014-12-22 20:58 - 2014-12-22 20:58 - 00001156 _____ () C:\Users\Public\Desktop\Battle.net.lnk 2014-12-22 20:58 - 2014-12-22 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2014-12-22 20:58 - 2014-12-22 20:58 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment 2014-12-22 20:58 - 2014-12-22 20:58 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-12-22 20:53 - 2014-12-22 20:53 - 00000000 ____D () C:\ProgramData\Battle.net 2014-12-22 20:52 - 2014-12-22 20:53 - 02868792 _____ (Blizzard Entertainment) C:\Users\joe\Downloads\Battle.net-Setup-enGB.exe 2014-12-21 05:01 - 2014-12-21 05:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-12-21 05:01 - 2014-12-21 05:01 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi 2014-12-20 16:37 - 2014-12-20 16:37 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Autodesk 2014-12-20 16:37 - 2014-12-20 16:37 - 00000000 ____D () C:\ProgramData\Autodesk 2014-12-20 16:22 - 2014-12-20 16:34 - 2467047156 _____ (Autodesk, Inc.) C:\Users\joe\Downloads\Autodesk_Revit_2015_English_Win_64bit_R2_dlm.sfx.exe 2014-12-20 16:20 - 2014-12-20 16:20 - 09642336 _____ () C:\Users\joe\Downloads\Autodesk_Revit_2015_English_Win_64bit_R2_wi_en-US_Setup (1).exe 2014-12-20 16:19 - 2014-12-20 16:19 - 09642336 _____ () C:\Users\joe\Downloads\Autodesk_Revit_2015_English_Win_64bit_R2_wi_en-US_Setup.exe 2014-12-19 19:21 - 2014-10-30 22:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2014-12-19 19:21 - 2014-10-30 22:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2014-12-19 03:37 - 2014-12-19 03:37 - 00852392 _____ () C:\Users\joe\Downloads\imm4833.pdf.bin 2014-12-18 23:16 - 2014-12-18 23:16 - 00937984 _____ () C:\Users\joe\Downloads\project.ppt 2014-12-18 21:58 - 2014-12-18 21:58 - 00008192 _____ () C:\Users\joe\Downloads\compass.csv 2014-12-18 21:52 - 2014-12-18 21:52 - 00137728 _____ () C:\Users\joe\Downloads\Compass-Youth-Data-Import-Template-Office-97-2003-version-12-Sept-2014.xls 2014-12-18 21:51 - 2014-12-18 21:51 - 00023219 _____ () C:\Users\joe\Downloads\compass-1.xlsx 2014-12-18 10:26 - 2014-12-18 10:26 - 00019392 _____ () C:\Users\joe\Downloads\Home_Alone_1_and_2_Pack_1080p_HD.torrent 2014-12-18 01:14 - 2014-12-18 01:14 - 00013336 _____ () C:\Users\joe\Desktop\excetesting.xlsx 2014-12-17 22:52 - 2014-12-17 23:00 - 00004784 _____ () C:\Users\joe\Desktop\testing.txt 2014-12-17 22:44 - 2014-12-17 22:44 - 00002011 _____ () C:\Users\Public\Desktop\NeuroSolutions 4.lnk 2014-12-17 22:44 - 2014-12-17 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeuroSolutions 4 2014-12-17 22:44 - 2014-12-17 22:44 - 00000000 ____D () C:\Program Files (x86)\NeuroSolutions 4 2014-12-17 22:44 - 2000-10-23 14:41 - 00069632 _____ () C:\Windows\SysWOW64\NeuroSolutionsOL.dll 2014-12-17 22:44 - 2000-05-22 01:00 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX 2014-12-17 22:44 - 2000-05-22 01:00 - 00209608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx 2014-12-17 22:44 - 2000-01-21 12:19 - 00040960 _____ () C:\Windows\SysWOW64\NSSYMBOL.DLL 2014-12-17 22:44 - 1999-10-15 13:50 - 01056768 _____ (Blue Sky Software Corporation.) C:\Windows\SysWOW64\Roboex32.dll 2014-12-17 22:44 - 1999-05-07 01:00 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Comdlg32.ocx 2014-12-17 22:44 - 1998-06-18 00:00 - 00089360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL 2014-12-17 22:44 - 1997-01-31 10:07 - 00048640 _____ (Blue Sky Software) C:\Windows\SysWOW64\inetwh32.dll 2014-12-17 22:40 - 2014-12-17 22:43 - 27108144 _____ (NeuroDimension, Inc. ) C:\Users\joe\Downloads\nsinstall_432 (1).exe 2014-12-17 15:32 - 2014-12-17 15:32 - 00000000 __SHD () C:\Users\joe\AppData\Local\EmieBrowserModeList 2014-12-17 14:20 - 2014-12-17 14:20 - 00236289 _____ () C:\Users\joe\Downloads\basic.ics 2014-12-16 12:27 - 2014-12-16 12:27 - 00000000 ____D () C:\Users\joe\AppData\Local\NeuroSolutions 2014-12-15 21:57 - 2014-12-15 21:57 - 03024587 _____ () C:\Users\joe\Downloads\BuildTools (2).jar 2014-12-15 21:57 - 2014-12-15 21:57 - 03024587 _____ () C:\Users\joe\Downloads\BuildTools (1).jar 2014-12-15 19:45 - 2014-12-15 19:40 - 00174112 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe 2014-12-14 16:50 - 2014-12-14 16:51 - 370481677 _____ () C:\Users\joe\Downloads\jmonkeyplatform-windows-x64.exe 2014-12-14 00:18 - 2014-12-14 00:18 - 00000000 ____D () C:\Users\joe\Downloads\BanManager 2014-12-14 00:17 - 2014-12-14 00:17 - 00473291 _____ () C:\Users\joe\Downloads\BanManager.zip 2014-12-13 18:07 - 2014-12-13 18:07 - 01287944 _____ (Mojang) C:\Users\joe\Downloads\Minecraft (1).exe 2014-12-13 18:07 - 2014-12-13 18:07 - 00000000 ____D () C:\Users\joe\Desktop\New folder 2014-12-13 17:01 - 2014-12-13 17:01 - 00045112 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys 2014-12-12 21:55 - 2014-12-12 21:55 - 01534736 _____ () C:\Users\joe\Downloads\battlelog-web-plugins_2.6.2_154.exe 2014-12-11 21:53 - 2014-12-11 21:53 - 00003907 _____ () C:\Users\joe\Desktop\tweets.json 2014-12-09 21:20 - 2014-11-10 02:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll 2014-12-09 21:20 - 2014-11-10 01:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll 2014-12-09 21:20 - 2014-10-30 23:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-12-09 21:20 - 2014-10-30 23:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-12-09 21:11 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-09 21:11 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-09 21:11 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-09 21:11 - 2014-11-22 02:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-12-09 21:11 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-09 21:11 - 2014-11-22 02:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-12-09 21:11 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-09 21:11 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-12-09 21:11 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-09 21:11 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-12-09 21:11 - 2014-11-22 02:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-12-09 21:11 - 2014-11-22 02:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-12-09 21:11 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-09 21:11 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-12-09 21:11 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-12-09 21:11 - 2014-11-22 01:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2014-12-09 21:11 - 2014-11-22 01:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-12-09 21:11 - 2014-11-22 01:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-12-09 21:11 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-09 21:11 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-09 21:11 - 2014-11-22 01:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-09 21:11 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-09 21:11 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-09 21:11 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-12-09 21:11 - 2014-11-22 01:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-12-09 21:11 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-12-09 21:11 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-12-09 21:11 - 2014-11-22 01:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2014-12-09 21:11 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-09 21:11 - 2014-11-22 01:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-12-09 21:11 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-12-09 21:11 - 2014-11-22 01:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-12-09 21:11 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-12-09 21:11 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-09 21:11 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-12-09 21:11 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-09 21:11 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-12-09 21:11 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-12-09 21:11 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-12-09 21:11 - 2014-11-07 04:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-09 21:11 - 2014-11-07 03:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-12-09 21:11 - 2014-10-31 23:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2014-12-09 21:11 - 2014-10-31 23:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll 2014-12-09 21:11 - 2014-10-13 02:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2014-12-09 21:11 - 2014-10-13 02:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2014-12-09 21:11 - 2014-10-13 02:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2014-12-09 21:11 - 2014-10-13 02:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys 2014-12-09 14:13 - 2014-12-09 14:13 - 03763514 _____ () C:\Users\joe\Downloads\ets2mp_client.zip 2014-12-08 16:47 - 2014-12-08 16:47 - 02810360 _____ () C:\Users\joe\Downloads\OneScreenOfBurgersWindows.zip 2014-12-08 16:47 - 2014-12-08 16:47 - 00419677 _____ () C:\Users\joe\Downloads\OneScreenOfBurgersSource.zip 2014-12-07 21:57 - 2014-12-07 21:57 - 00084917 _____ () C:\Users\joe\Downloads\bluescreenview-x64.zip 2014-12-07 21:24 - 2014-12-07 21:24 - 00009141 _____ () C:\Users\joe\Downloads\NoPvpLog.jar 2014-12-07 21:20 - 2014-12-07 21:20 - 11241080 _____ () C:\Users\joe\Downloads\join.me.exe 2014-12-07 21:00 - 2014-12-07 21:00 - 00152944 _____ () C:\Users\joe\Downloads\SilkSpawners.jar 2014-12-07 20:48 - 2014-12-07 20:48 - 00006316 _____ () C:\Users\joe\Downloads\spawnjoin.jar 2014-12-07 19:40 - 2014-12-07 19:40 - 00088477 _____ () C:\Users\joe\Downloads\CommandSigns.jar 2014-12-07 00:37 - 2014-12-07 00:37 - 00337004 _____ () C:\Users\joe\Downloads\Vault-1.4.1 (1).jar 2014-12-07 00:35 - 2014-12-07 00:35 - 00265122 _____ () C:\Users\joe\Downloads\askyblock.jar 2014-12-07 00:32 - 2014-12-07 00:32 - 01647028 _____ () C:\Users\joe\Downloads\Multiverse-Core-2.5 (1).jar 2014-12-07 00:29 - 2014-12-07 00:29 - 00003948 _____ () C:\Users\joe\Downloads\VoidWorld.jar 2014-12-06 23:56 - 2014-12-06 23:56 - 00005166 _____ () C:\Users\joe\Downloads\SW8PTower.schematic 2014-12-06 20:44 - 2014-12-06 20:44 - 00321700 _____ () C:\Users\joe\Downloads\MinigamesLib-1.11.0.jar 2014-12-06 20:44 - 2014-12-06 20:44 - 00023123 _____ () C:\Users\joe\Downloads\MGSkyWars.jar 2014-12-06 19:24 - 2014-12-06 19:24 - 00004775 _____ () C:\Users\joe\Downloads\fix-worldedit-cui-1.0.jar 2014-12-06 02:26 - 2014-12-06 02:26 - 00000000 ____D () C:\Users\joe\AppData\Roaming\java 2014-12-06 02:05 - 2014-12-06 02:05 - 00285808 _____ () C:\Windows\Minidump\120614-9968-01.dmp 2014-12-05 23:11 - 2014-12-05 23:11 - 00682854 _____ () C:\Users\joe\Desktop\Object Orientated Systems Coursework.zip 2014-12-05 19:49 - 2014-12-05 19:49 - 00000000 ___SD () C:\Users\joe\Documents\My Shapes 2014-12-05 15:48 - 2014-12-05 15:49 - 44833376 _____ (Skype Technologies S.A.) C:\Users\joe\Downloads\SkypeSetupFull.exe 2014-12-05 15:23 - 2014-12-05 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2014-12-05 15:21 - 2014-12-05 15:22 - 177856928 _____ (Oracle Corporation) C:\Users\joe\Downloads\jdk-8u25-windows-x64.exe 2014-12-05 15:18 - 2014-12-05 15:18 - 04697748 _____ () C:\Users\joe\Downloads\blerg (1).jar 2014-12-05 15:12 - 2014-12-05 15:13 - 92658088 _____ (Oracle Corporation) C:\Users\joe\Downloads\jre-8u25-windows-x64.exe 2014-12-05 15:09 - 2014-12-05 15:09 - 04697748 _____ () C:\Users\joe\Downloads\blerg.jar 2014-12-05 14:08 - 2014-12-05 14:15 - 961208085 _____ () C:\Users\joe\Downloads\agitarOne-windows-64.zip 2014-12-05 14:00 - 2014-12-05 14:00 - 00000000 ____D () C:\Users\joe\Downloads\apache-tomcat-8.0.15 2014-12-05 13:59 - 2014-12-05 13:59 - 09801252 _____ () C:\Users\joe\Downloads\apache-tomcat-8.0.15.zip 2014-12-05 13:58 - 2014-12-05 13:58 - 04803703 _____ () C:\Users\joe\Downloads\demo.zip 2014-12-05 01:18 - 2014-12-05 01:18 - 00009169 _____ () C:\Users\joe\Desktop\Book1.xlsx 2014-12-04 21:46 - 2014-12-04 21:46 - 18242102 _____ () C:\Users\joe\Downloads\totalbeginnerlesson04.zip 2014-12-04 21:33 - 2014-12-04 21:33 - 09624329 _____ () C:\Users\joe\Downloads\Assignment.zip 2014-12-04 21:33 - 2014-12-04 21:33 - 00000000 ____D () C:\Users\joe\Downloads\Assignment 2014-12-04 16:19 - 2014-12-04 16:19 - 05112776 _____ () C:\Users\joe\Downloads\Java-Assignment-master (2).zip 2014-12-04 02:32 - 2014-12-04 02:32 - 00002879 _____ () C:\Users\joe\Downloads\FullHunger.jar 2014-12-04 02:20 - 2014-12-04 02:20 - 00046813 _____ () C:\Users\joe\Downloads\HubEssentials (1).jar 2014-12-03 13:19 - 2014-12-04 21:33 - 13589871 _____ () C:\SentiWordNet_3.0.0.txt 2014-12-03 13:19 - 2014-12-04 21:33 - 00003907 _____ () C:\tweets.txt 2014-12-03 13:07 - 2014-12-03 13:07 - 00000000 ____D () C:\Users\joe\Downloads\Java-Assignment-master (1) 2014-12-02 22:10 - 2014-12-02 22:11 - 05322187 _____ () C:\Users\joe\Downloads\Java-Assignment-master (1).zip 2014-12-02 19:29 - 2014-12-02 19:30 - 19503909 _____ () C:\Users\joe\Downloads\spigot1658.jar 2014-12-02 01:54 - 2014-12-02 01:54 - 00305351 _____ () C:\Users\joe\Downloads\ServerListPlusUniversal-3.3.2.jar 2014-12-02 01:43 - 2014-12-02 01:43 - 00002014 _____ () C:\Users\joe\Downloads\SWN3.java 2014-12-02 01:23 - 2014-12-02 01:23 - 00453530 _____ () C:\Users\joe\Downloads\SkyWars.jar 2014-12-02 00:47 - 2014-12-02 00:47 - 00778914 _____ () C:\Users\joe\Downloads\NoCheatPlus.jar 2014-12-02 00:37 - 2014-12-02 00:37 - 00498159 _____ () C:\Users\joe\Downloads\BungeeAdminTools-1.2.8.jar 2014-12-02 00:16 - 2014-12-02 00:16 - 00276898 _____ () C:\Users\joe\Downloads\EnjinMinecraftPlugin (1).jar 2014-12-01 23:53 - 2014-12-01 23:58 - 00000000 ____D () C:\Users\joe\AppData\Local\paint.net 2014-12-01 23:53 - 2014-12-01 23:53 - 00001160 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2014-12-01 23:53 - 2014-12-01 23:53 - 00000000 ____D () C:\Program Files\paint.net 2014-12-01 23:48 - 2014-12-01 23:48 - 06529561 _____ () C:\Users\joe\Downloads\paint.net.4.0.4.install.zip 2014-12-01 01:39 - 2014-12-01 01:39 - 00318834 _____ () C:\Users\joe\Downloads\Factions (2).jar 2014-12-01 01:38 - 2014-12-01 01:38 - 01344243 _____ () C:\Users\joe\Downloads\MassiveCore (1).jar 2014-12-01 01:36 - 2014-12-01 01:36 - 00318909 _____ () C:\Users\joe\Downloads\Factions (1).jar 2014-12-01 01:16 - 2014-12-01 01:16 - 01344767 _____ () C:\Users\joe\Downloads\MassiveCore.jar 2014-11-30 19:54 - 2014-11-30 19:54 - 00181717 _____ () C:\Users\joe\Downloads\BungeeTabListPlus.zip 2014-11-30 19:54 - 2014-11-30 19:54 - 00043993 _____ () C:\Users\joe\Downloads\Yamler-Bungee-2.2.3-SNAPSHOT.jar 2014-11-30 19:46 - 2014-11-30 19:46 - 00000926 _____ () C:\Users\joe\Downloads\install spigot.sh 2014-11-30 18:31 - 2014-11-30 18:31 - 00318834 _____ () C:\Users\joe\Downloads\Factions.jar 2014-11-30 16:58 - 2014-11-30 16:58 - 00410426 _____ () C:\Users\joe\Downloads\FactionServer.rar 2014-11-30 15:48 - 2014-11-30 15:48 - 00160851 _____ () C:\Users\joe\Downloads\PlotMe (1).jar 2014-11-30 15:47 - 2014-11-30 15:47 - 01647028 _____ () C:\Users\joe\Downloads\Multiverse-Core-2.5.jar 2014-11-30 11:45 - 2014-11-30 11:50 - 1028653056 _____ () C:\Users\joe\Downloads\ubuntu-14.04.1-desktop-amd64.iso 2014-11-30 11:44 - 2014-11-30 11:44 - 01088893 _____ (pendrivelinux.com) C:\Users\joe\Downloads\Universal-USB-Installer-1.9.5.8.exe 2014-11-30 02:56 - 2014-11-30 02:56 - 00072015 _____ () C:\Users\joe\Downloads\Shop.jar 2014-11-30 02:54 - 2014-11-30 02:54 - 00642501 _____ () C:\Users\joe\Downloads\ChestShop.jar 2014-11-30 02:49 - 2014-11-30 02:49 - 00048999 _____ () C:\Users\joe\Downloads\ChestShop-WoodyCraft.jar 2014-11-30 02:38 - 2014-11-30 02:38 - 00028463 _____ () C:\Users\joe\Downloads\BuyRegion.jar ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-30 22:35 - 2014-09-21 08:24 - 00000000 ____D () C:\FRST 2014-12-30 22:33 - 2014-09-21 23:04 - 00004954 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JoePC-joe JoePC 2014-12-30 22:33 - 2014-03-15 17:42 - 01717722 _____ () C:\Windows\WindowsUpdate.log 2014-12-30 22:28 - 2014-03-15 17:48 - 00955428 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-30 22:24 - 2014-03-15 17:50 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Skype 2014-12-30 22:23 - 2014-11-10 19:55 - 00000000 ____D () C:\ProgramData\Origin 2014-12-30 22:23 - 2014-03-15 22:15 - 00000000 ___RD () C:\Users\joe\Dropbox 2014-12-30 22:23 - 2014-03-15 22:14 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Dropbox 2014-12-30 22:22 - 2014-11-17 21:07 - 00000000 ____D () C:\Users\joe\AppData\Local\LogMeIn Hamachi 2014-12-30 22:22 - 2014-11-10 19:55 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-12-30 22:22 - 2014-05-21 20:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-12-30 22:22 - 2014-03-31 18:54 - 00000000 ____D () C:\Users\joe\AppData\Local\TGitCache 2014-12-30 22:22 - 2014-03-15 18:03 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-12-30 22:22 - 2014-03-15 17:47 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-30 22:22 - 2014-03-15 17:41 - 00268554 _____ () C:\Windows\PFRO.log 2014-12-30 22:22 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-30 22:08 - 2014-03-15 17:47 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-30 22:05 - 2014-03-15 22:59 - 00000000 ____D () C:\Users\joe\AppData\Roaming\.minecraft 2014-12-30 22:04 - 2014-03-15 19:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-12-30 22:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru 2014-12-30 21:48 - 2014-03-25 21:27 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001UA.job 2014-12-30 20:28 - 2014-03-15 17:46 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5BB247E6-8C32-4749-BD87-1FB5D1E278E5} 2014-12-30 16:50 - 2014-03-15 17:50 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2566896282-1077780563-609952791-1001 2014-12-30 16:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\vpnplugins 2014-12-30 16:39 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-12-30 16:33 - 2014-05-21 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-12-30 16:33 - 2014-05-21 20:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-12-30 16:30 - 2014-03-15 22:42 - 00000000 ___RD () C:\Windows\BrowserChoice 2014-12-30 16:30 - 2013-08-22 14:44 - 00505568 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-30 15:19 - 2014-10-02 12:07 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-12-29 23:11 - 2014-07-01 21:48 - 00000000 ____D () C:\Users\joe\Desktop\jd-gui-0.3.6.windows (1) 2014-12-29 23:09 - 2014-03-25 15:54 - 00000000 ____D () C:\Users\joe\workspace 2014-12-29 22:41 - 2014-03-27 23:19 - 00000000 ____D () C:\Users\joe\AppData\Local\Eclipse 2014-12-29 22:40 - 2014-05-27 16:13 - 00000000 ____D () C:\Users\joe\Desktop\Email test server 2014-12-29 01:46 - 2014-11-17 20:35 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Azureus 2014-12-28 10:48 - 2014-03-25 21:27 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001Core.job 2014-12-26 20:56 - 2014-04-26 17:52 - 00096811 _____ () C:\Windows\DirectX.log 2014-12-26 00:45 - 2014-03-15 18:19 - 00000000 ____D () C:\Users\joe\AppData\Roaming\FileZilla 2014-12-25 23:52 - 2014-03-16 12:11 - 00000600 _____ () C:\Users\joe\AppData\Local\PUTTY.RND 2014-12-25 20:19 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness 2014-12-24 22:27 - 2014-03-15 18:00 - 00000000 ____D () C:\Users\joe\AppData\Roaming\TS3Client 2014-12-24 21:20 - 2014-09-21 23:15 - 00000000 ____D () C:\ProgramData\boost_interprocess 2014-12-23 13:33 - 2014-03-15 19:04 - 00000000 ____D () C:\Users\joe\Documents\Euro Truck Simulator 2 2014-12-23 13:08 - 2014-09-28 18:53 - 00000000 ____D () C:\Users\joe\Documents\ETS2MP 2014-12-23 13:08 - 2014-05-05 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer 2014-12-23 13:08 - 2014-05-05 13:04 - 00000000 ____D () C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer 2014-12-23 12:52 - 2014-03-15 19:00 - 00000000 ____D () C:\Users\joe\Documents\Visual Studio 2012 2014-12-23 12:48 - 2014-03-15 17:44 - 00000000 ____D () C:\Users\joe\AppData\Local\Packages 2014-12-23 09:56 - 2014-03-15 17:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-12-22 21:00 - 2014-03-15 18:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs 2014-12-22 00:03 - 2014-03-16 19:14 - 00000000 ____D () C:\Users\joe\AppData\Local\join.me 2014-12-21 21:31 - 2014-04-02 16:43 - 00002240 ____H () C:\Users\joe\Documents\Default.rdp 2014-12-20 21:54 - 2014-09-30 14:59 - 00000000 ____D () C:\Users\joe\.VirtualBox 2014-12-20 12:21 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp 2014-12-17 22:47 - 2014-03-15 17:44 - 00000000 ____D () C:\Users\joe\AppData\Local\VirtualStore 2014-12-17 22:44 - 2014-03-15 17:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-12-15 05:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache 2014-12-14 18:40 - 2014-10-11 12:13 - 00000000 ____D () C:\Users\joe\AppData\Roaming\TeamViewer 2014-12-13 09:39 - 2014-03-15 22:14 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-12-13 09:37 - 2014-03-15 17:44 - 00000000 ____D () C:\Users\joe 2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB 2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS 2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS 2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\en-GB 2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-12-12 22:00 - 2014-11-10 22:23 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-12-12 21:57 - 2014-11-10 22:23 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-12-12 21:55 - 2014-11-10 22:24 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-12-10 04:07 - 2014-03-15 19:48 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-10 04:06 - 2014-03-15 19:48 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-12-09 18:04 - 2014-03-15 19:31 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-12-07 21:57 - 2014-03-15 19:02 - 00000000 ____D () C:\Users\joe\Documents\Visual Studio 2010 2014-12-06 14:39 - 2014-03-15 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2014-12-06 14:39 - 2014-03-15 18:18 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client 2014-12-06 02:05 - 2014-06-08 21:27 - 00000000 ____D () C:\Windows\Minidump 2014-12-05 23:31 - 2014-11-11 21:25 - 00000000 ____D () C:\Users\joe\Desktop\Java Assignment 2014-12-05 19:48 - 2014-04-24 13:36 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-12-05 19:48 - 2014-03-15 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-12-05 19:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-12-05 15:49 - 2014-03-15 17:50 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-12-05 15:49 - 2014-03-15 17:50 - 00000000 ____D () C:\ProgramData\Skype 2014-12-05 15:28 - 2014-05-30 11:19 - 00000544 _____ () C:\Users\joe\Desktop\jd-gui.cfg 2014-12-05 15:23 - 2014-09-22 15:44 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-12-05 15:23 - 2014-03-15 17:50 - 00000000 ____D () C:\Program Files\Java 2014-12-05 15:13 - 2014-09-14 17:45 - 00000000 ____D () C:\ProgramData\Oracle 2014-11-30 11:49 - 2013-08-22 14:46 - 00018025 _____ () C:\Windows\setupact.log Some content of TEMP: ==================== C:\Users\joe\AppData\Local\Temp\AcDeltree.exe C:\Users\joe\AppData\Local\Temp\BingBarSetup-Partner.exe C:\Users\joe\AppData\Local\Temp\chdfeixn.dll C:\Users\joe\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_7mawk.dll C:\Users\joe\AppData\Local\Temp\hidapi-jni-644987893280966263044.dll C:\Users\joe\AppData\Local\Temp\hidapi-jni-645400543683360961838.dll C:\Users\joe\AppData\Local\Temp\hidapi-jni-647075923408829857210.dll C:\Users\joe\AppData\Local\Temp\hidapi-jni-647486976906760669132.dll C:\Users\joe\AppData\Local\Temp\i4jdel0.exe C:\Users\joe\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.3-11-g08fad7a-b3036jnks.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.3-2-g85f5776-b3023jnks.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.1-6-g4d832c3-b3090jnks.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-164-236.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-164-256.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-164-265.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-1.7.9-R0.2-208-ge0f2e95.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-1138.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-1370.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-1816771516222114456.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-1826948781968532888.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-2312002570477382589.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-3207609863237593084.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-349165095664393517.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-4487527742030782428.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-7705220188456773110.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-7724671186143475875.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-8854048780822756448.dll C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-1649.dll C:\Users\joe\AppData\Local\Temp\OpenComputersMod-1.3.1.516-native.64.dll C:\Users\joe\AppData\Local\Temp\OpenComputersMod-1.3.2.525-native.64.dll C:\Users\joe\AppData\Local\Temp\Quarantine.exe C:\Users\joe\AppData\Local\Temp\shutdown1396716642.exe C:\Users\joe\AppData\Local\Temp\shutdown1415122645.exe C:\Users\joe\AppData\Local\Temp\SIntf16.dll C:\Users\joe\AppData\Local\Temp\SIntf32.dll C:\Users\joe\AppData\Local\Temp\SIntfNT.dll C:\Users\joe\AppData\Local\Temp\SkypeSetup.exe C:\Users\joe\AppData\Local\Temp\sonarinst.exe C:\Users\joe\AppData\Local\Temp\spiceworks_redist.exe C:\Users\joe\AppData\Local\Temp\spiceworks_redist_10.exe C:\Users\joe\AppData\Local\Temp\sqlite3.dll C:\Users\joe\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\joe\AppData\Local\Temp\System.Data.SQLite39299.dll C:\Users\joe\AppData\Local\Temp\System.Data.SQLite75841.dll C:\Users\joe\AppData\Local\Temp\xmlUpdater.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-27 11:25 ==================== End Of Log ============================