Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Url:mal threats detected [Closed]

Virus Malware Malwarebytes Avast

  • This topic is locked This topic is locked

#1
jkm9694

jkm9694

    New Member

  • Member
  • Pip
  • 2 posts

I downloaded something that has turned my system into a nightmare! 

 

Whenever i browse online now, I get the little popup window which never fails to scare me with the voice!!!  

 

Viewing this forums latest thread, I found this: http://www.geekstogo...reats-detected/

 

I am now attaching my FRST.txt and Addition.txt

 

Thanks in advance!

 

 

Addition.txt: 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by joe at 2014-12-30 22:36:08
Running from C:\Users\joe\Downloads
Boot Mode: Normal
==========================================================




==================== Security Center ========================


(If an entry is included in the fixlist, it will be removed.)


AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}


==================== Installed Programs ======================


(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)


 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Car Mechanic Simulator 2014 (HKLM-x32\...\Steam App 270850) (Version:  - PlayWay S.A.)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cisco Unified CME Telephone Service Provider (HKLM-x32\...\{535BFE49-6BC3-4442-B94A-F5B7EC91FB9A}) (Version: 2.2.0.5 - Cisco Systems)
Cisco Unified CME Telephone Service Provider (x32 Version: 2.2.0.5 - Cisco Systems) Hidden
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
Construction Simulator 2015 (HKLM-x32\...\Construction Simulator 2015_is1) (Version:  - )
Construction-Simulator 2015 (HKLM-x32\...\Steam App 289950) (Version:  - weltenbauer. Software Entwicklung GmbH)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.2 R2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.2 R2 Alpha - ETS2MP Team)
Farming Simulator 15 (HKLM-x32\...\Steam App 313160) (Version:  - Giants Software)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Git version 1.9.0-preview20140217 (HKLM-x32\...\Git_is1) (Version: 1.9.0-preview20140217 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
join.me (HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\JoinMe) (Version: 1.18.0.189 - LogMeIn, Inc.)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Logitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MechWarrior Online (HKLM-x32\...\{73bcb521-8936-42d7-ad00-ec2bb399e26c}) (Version: 1.4.3.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.3.0 - Piranha Games Inc.) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Advertising SDK for Windows Phone - ENU (HKLM-x32\...\{690C08C1-3233-49E3-9E6A-5850B452A78A}) (Version: 5.2.1027.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Expression Blend 3 SDK (HKLM-x32\...\{256E7DAC-9BE8-494E-8DE7-7857BF96B774}) (Version: 1.0.1343.0 - Microsoft Corporation)
Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.30816.0) (Version: 4.0.30816.0 - Microsoft Corporation)
Microsoft Expression Blend 4 Add-in for Adobe FXG Import (HKLM-x32\...\{EFBBD030-48F0-43B3-A8AD-789894DAD0B5}) (Version: 1.0.20817.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for .NET 4 (HKLM-x32\...\{9B3A1C97-A361-463E-8817-444F9F88CDFE}) (Version: 2.0.20525.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}) (Version: 2.0.20525.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Windows Phone 7 (HKLM-x32\...\{69E11501-75F7-4ACE-8103-52513DDCFE26}) (Version: 2.0.20901.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Windows Phone OS 7.1 (HKLM-x32\...\{12B8E200-99CC-4203-A8D1-4145FC4D0192}) (Version: 2.0.30816.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM\...\Office15.PRJPROR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31007 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{c268086c-18ee-4c0d-b057-1f49530d413a}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 Refresh (HKLM-x32\...\XNA Game Studio 4.0) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft XNA Game Studio Platform Tools (HKLM-x32\...\{89690B51-2E21-4E93-914E-F9CAC5B24A84}) (Version: 1.4.0.0 - Microsoft Corporation)
NeuroSolutions 4 (HKLM-x32\...\{3A935DC1-0BA6-11D4-AE7C-00E098090559}) (Version: 4.0 - )
Nmap 5.61-Spiceworks (HKLM-x32\...\Spiceworks-Nmap) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Oculus Display Driver (Install Only) (HKLM\...\{838E19D4-E96F-4A26-B75F-5644E8AC80E6}) (Version: 1.1.9.0 - Oculus VR, LLC)
Oculus Positional Tracker Driver (Install Only) (HKLM\...\{53CBAB0B-4713-4743-B62F-325ED1B6869F}) (Version: 0.0.1.7 - Oculus VR, LLC)
Oculus Runtime (HKLM-x32\...\Oculus Runtime 0.4.3 Rev 1) (Version: 0.4.3 Rev 1 - Oculus VR, LLC)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Oracle VM VirtualBox 4.3.16 (HKLM\...\{D7FAEA32-7CE3-4D9F-9139-F7B87BCC50AF}) (Version: 4.3.16 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{141BA46D-2D1F-4DA6-9448-B847334585C0}) (Version: 4.0.4 - dotPDN LLC)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.02 - Razer Inc.)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Ship Simulator Extremes (HKLM-x32\...\Steam App 48800) (Version:  - VStep)
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.100 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
SourceTree (HKLM-x32\...\SourceTree 1.4.1) (Version: 1.4.1 - Atlassian)
SourceTree (x32 Version: 1.4.1 - Atlassian) Hidden
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager)
Spiceworks (HKLM-x32\...\Spiceworks) (Version: 7.2.00207 - Spiceworks, Inc.)
Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SWAT 4 (HKLM-x32\...\InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}) (Version: 1.0.31763 - Sierra Entertainment, Inc.)
SWAT 4 (x32 Version: 1.0.31763 - Sierra Entertainment, Inc.) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TortoiseGit 1.8.11.0 (64 bit) (HKLM\...\{56AB2BBB-7F02-4F4E-8FE2-8E83857E2E4B}) (Version: 1.8.11.0 - TortoiseGit)
Unity Web Player (HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VB Decompiler Lite (HKLM-x32\...\VB Decompiler Lite_is1) (Version:  - DotFix Software)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.)
WampServer 2.2 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warface (HKLM-x32\...\Steam App 291480) (Version:  - Crytek)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services SDK for Windows Phone (HKLM-x32\...\{6F33C2E2-5E02-4344-90BC-ED55C48341D2}) (Version: 4.7.6.0 - Microsoft Corporation)
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Phone Emulator x64 - ENU (HKLM\...\{C9AEABC2-1DD6-3280-9A1A-11E1E8D34AAD}) (Version: 10.0.40219 - Microsoft Corporation)
Windows Phone SDK 7.1 - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU) (Version: 10.1.40219 - Microsoft Corporation)
Windows Phone SDK 7.1 Add-in for Visual Studio 2010 - ENU (HKLM-x32\...\{A721BC43-E63E-3531-B1BF-6A405F9530BD}) (Version: 10.0.40219 - Microsoft Corporation)
Windows Phone SDK 7.1 Extensions for XNA Game Studio 4.0 (HKLM-x32\...\{A4CC18F6-DB05-4B03-B724-4128322FA85F}) (Version: 4.0.30901.0 - Microsoft Corporation)
WinPcap 4.1.2-Spiceworks (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.10 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.3 - win.rar GmbH)
WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation)
XChat 2 (remove only) (HKLM-x32\...\xchat) (Version:  - )


==================== Custom CLSID (selected items): ==========================


(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\joe\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File


==================== Restore Points  =========================


25-12-2014 23:16:02 Installed DirectX
30-12-2014 15:19:41 avast! antivirus system restore point


==================== Hosts content: ==========================


(If needed Hosts: directive could be included in the fixlist to reset Hosts.)


2013-08-22 13:25 - 2014-06-22 14:13 - 00000851 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost


==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)


Task: {0B45FDA5-1B0A-425B-983F-4F5ADB47F751} - System32\Tasks\avastBCLRestartS-1-5-21-2566896282-1077780563-609952791-1001 => Chrome.exe 
Task: {1BB058F1-6277-4705-83A9-9330019D4D97} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {22FDD237-29D1-49D1-A662-D4EF55096950} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {2A60B426-70C7-4DF8-A48D-C1E593F4CC71} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {381C6348-B81A-4743-803D-D0CDCABD52B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {399A6047-FA14-475F-BC9D-193C149E3AC6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {4D41822D-D07F-43A0-AA46-880BA5A6F5B6} - System32\Tasks\{40F25481-009F-4335-8EE3-670300C8537B} => Chrome.exe http://ui.skype.com/ui/0/6.21.60.104/en/go/help.faq.installer?LastError=1603
Task: {557DD657-ED49-4C8F-927C-2D14964D7670} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001Core => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {75C3A83D-D114-49C2-8FAD-98C853D3B20A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JoePC-joe JoePC => C:\Program Files\Microsoft Office 15\root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {87DB3C1F-4893-456C-A6D2-4F647B2D3E68} - System32\Tasks\{4910726B-2E21-4B85-84A8-5B361DBDFD70} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/en/go/help.faq.installer?LastError=1603
Task: {8B11A2AA-2B86-4C11-9554-9E989816DBC8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {A26F8839-1022-4CAF-8D84-47C305783BBD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {BECB07AE-0037-4072-B56D-FEEB5FF3AFEC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001UA => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {DA1F627F-FB69-4E3A-85F4-C23903A96583} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {F275C14D-E81F-411E-A408-226F5651CA47} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-30] (AVAST Software)
Task: {FDC0E24C-FE74-4E8B-9027-9D70BE63A1C9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001Core.job => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001UA.job => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe


==================== Loaded Modules (whitelisted) =============


2014-11-18 08:25 - 2014-09-23 13:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2014-08-22 16:06 - 2014-08-22 16:06 - 00792424 _____ () C:\Program Files\TortoiseGit\bin\libgit2_tgit.dll
2014-08-22 16:06 - 2014-08-22 16:06 - 00087400 _____ () C:\Program Files\TortoiseGit\bin\zlib1_tgit.dll
2014-03-15 17:59 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-04 17:36 - 2014-10-23 22:42 - 00230416 _____ () C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe
2014-11-17 02:39 - 2014-11-17 02:39 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-11-04 17:36 - 2014-10-23 22:42 - 01108496 _____ () C:\Program Files (x86)\Oculus\Service\OVRServer_x64.exe
2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-30 20:40 - 2014-12-30 20:40 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14123001\algo.dll
2014-11-18 08:25 - 2014-09-23 11:43 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-08-22 15:51 - 2014-08-22 15:51 - 00592232 _____ () C:\Program Files\TortoiseGit\bin\libgit232_tgit.dll
2014-08-22 15:51 - 2014-08-22 15:51 - 00076648 _____ () C:\Program Files\TortoiseGit\bin\zlib132_tgit.dll
2014-05-27 18:04 - 2014-05-27 18:04 - 00011776 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\encdb.so
2014-05-27 18:04 - 2014-05-27 18:04 - 00009216 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\iso_8859_1.so
2014-05-27 18:04 - 2014-05-27 18:04 - 00013312 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\trans\transdb.so
2014-05-27 18:13 - 2014-05-27 18:13 - 00015360 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\racc\cparse.so
2014-05-27 18:12 - 2014-05-27 18:12 - 00019456 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\iconv.so
2014-05-27 17:59 - 2014-05-27 17:59 - 00864768 _____ () C:\Program Files (x86)\Spiceworks\bin\iconv.dll
2014-05-27 18:05 - 2014-05-27 18:05 - 00094720 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\trans\single_byte.so
2014-05-27 18:13 - 2014-05-27 18:13 - 00022528 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\stringio.so
2014-05-27 18:13 - 2014-05-27 18:13 - 00078336 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\syck.so
2014-05-27 18:11 - 2014-05-27 18:11 - 00109056 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\date_core.so
2014-05-27 18:14 - 2014-05-27 18:14 - 00053248 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\efs.so
2014-05-27 17:55 - 2014-05-27 17:55 - 00168960 _____ () C:\Program Files (x86)\Spiceworks\bin\qdbm.dll
2014-05-27 18:13 - 2014-05-27 18:13 - 00080384 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\zlib.so
2014-05-27 18:04 - 2014-05-27 18:04 - 00009216 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_16le.so
2014-05-27 18:05 - 2014-05-27 18:05 - 00013312 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\trans\utf_16_32.so
2014-05-27 18:12 - 2014-05-27 18:12 - 00008704 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\etc.so
2014-05-27 18:12 - 2014-05-27 18:12 - 00008192 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\monitor_mixin.so
2014-05-27 18:12 - 2014-05-27 18:12 - 00047104 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\dl.so
2014-05-27 18:13 - 2014-05-27 18:13 - 00017408 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\strscan.so
2014-05-27 18:19 - 2014-05-27 18:19 - 00025600 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\sqlite3-1.3.8\lib\sqlite3\sqlite3_native.so
2014-05-27 17:55 - 2014-05-27 17:55 - 00427520 _____ () C:\Program Files (x86)\Spiceworks\bin\sqlite3.dll
2014-05-27 18:13 - 2014-05-27 18:13 - 00177664 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\openssl.so
2014-05-27 17:55 - 2014-05-27 17:55 - 00067584 _____ () C:\Program Files (x86)\Spiceworks\bin\zlib1.dll
2014-05-27 18:11 - 2014-05-27 18:11 - 00012288 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest.so
2014-05-27 18:12 - 2014-05-27 18:12 - 00007680 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\fcntl.so
2014-05-27 18:13 - 2014-05-27 18:13 - 00022016 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\pathname.so
2014-05-27 18:14 - 2014-05-27 18:14 - 00011776 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\service.so
2014-05-27 18:04 - 2014-05-27 18:04 - 00009216 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_16be.so
2014-05-27 18:13 - 2014-05-27 18:13 - 00086016 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\socket.so
2014-05-27 18:11 - 2014-05-27 18:11 - 00053248 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\bigdecimal.so
2014-05-27 18:12 - 2014-05-27 18:12 - 00171520 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\nkf.so
2014-05-27 18:04 - 2014-05-27 18:04 - 00011264 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\euc_jp.so
2014-05-27 18:04 - 2014-05-27 18:04 - 00010752 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\shift_jis.so
2014-05-27 18:04 - 2014-05-27 18:04 - 00008192 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_32be.so
2014-05-27 18:18 - 2014-05-27 18:18 - 00028672 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\json-1.8.1\lib\json\ext\parser.so
2014-05-27 18:04 - 2014-05-27 18:04 - 00008192 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_32le.so
2014-05-27 18:18 - 2014-05-27 18:18 - 00028160 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\json-1.8.1\lib\json\ext\generator.so
2014-05-27 18:11 - 2014-05-27 18:11 - 00010240 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest\md5.so
2014-05-27 18:11 - 2014-05-27 18:11 - 00012800 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest\sha1.so
2014-05-27 18:18 - 2014-05-27 18:18 - 00052224 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\nokogiri-1.4.1\lib\nokogiri\nokogiri.so
2014-05-27 18:03 - 2014-05-27 18:03 - 00061440 _____ () C:\Program Files (x86)\Spiceworks\bin\libexslt.dll
2014-05-27 18:03 - 2014-05-27 18:03 - 00171008 _____ () C:\Program Files (x86)\Spiceworks\bin\libxslt.dll
2014-05-27 18:02 - 2014-05-27 18:02 - 00996352 _____ () C:\Program Files (x86)\Spiceworks\bin\libxml2.dll
2014-05-27 18:18 - 2014-05-27 18:18 - 00011776 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\image_science-1.2.1\lib\image_science.so
2014-05-27 18:12 - 2014-05-27 18:12 - 00015872 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest\sha2.so
2014-05-27 18:15 - 2014-05-27 18:15 - 00045568 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\bits.so
2014-05-27 18:13 - 2014-05-27 18:13 - 00075776 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\win32ole.so
2014-05-27 18:15 - 2014-05-27 18:15 - 00026112 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\async_ping.so
2014-05-27 18:14 - 2014-05-27 18:14 - 00101376 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\event_log.so
2014-05-27 18:18 - 2014-05-27 18:18 - 00027648 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\net-snmp-0.2.5\lib\netsnmp_api.so
2014-05-27 18:01 - 2014-05-27 18:01 - 00397312 _____ () C:\Program Files (x86)\Spiceworks\bin\netsnmp.dll
2014-05-27 18:18 - 2014-05-27 18:18 - 00060416 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\curb-0.7.12\lib\curb_core.so
2014-05-27 18:19 - 2014-05-27 18:19 - 00025088 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\win32-api-1.4.8\lib\win32\api.so
2014-05-27 17:55 - 2014-05-27 17:55 - 00067584 _____ () C:\Program Files (x86)\Spiceworks\httpd\bin\zlib1.dll
2014-09-14 17:24 - 2014-12-01 21:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-14 17:24 - 2014-12-01 21:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-14 17:24 - 2014-12-01 21:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-14 17:24 - 2014-12-01 21:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-03-15 18:04 - 2014-11-11 18:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-04 23:20 - 2014-12-02 00:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-21 20:01 - 2014-12-19 23:38 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-04 23:20 - 2014-12-02 00:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-04 23:20 - 2014-12-02 00:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-09-14 17:24 - 2014-12-01 21:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-03-15 18:04 - 2014-12-19 23:38 - 00696000 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-11-10 19:56 - 2014-12-23 09:45 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-11-10 19:55 - 2014-12-23 09:45 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-11-10 19:55 - 2014-12-23 09:45 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-11-10 19:55 - 2014-12-23 09:45 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-11-10 19:55 - 2014-12-23 09:45 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-11-10 19:55 - 2014-12-23 09:45 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-11-10 19:55 - 2014-12-23 09:45 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-11-10 19:55 - 2014-12-23 09:45 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-03-15 18:04 - 2014-12-19 23:38 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-10-22 00:22 - 2014-10-22 00:22 - 00750080 _____ () C:\Users\joe\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-30 22:22 - 2014-12-30 22:22 - 00043008 _____ () c:\users\joe\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_7mawk.dll
2014-10-22 00:22 - 2014-10-22 00:22 - 00047616 _____ () C:\Users\joe\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 00:22 - 2014-10-22 00:22 - 00863744 _____ () C:\Users\joe\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 00:22 - 2014-10-22 00:22 - 00200704 _____ () C:\Users\joe\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-12-30 15:20 - 2014-12-30 15:20 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-16 09:15 - 2014-10-16 09:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 16:41 - 2014-05-24 16:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 16:41 - 2014-05-24 16:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-09-14 17:28 - 2014-09-04 03:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-14 17:28 - 2014-09-04 03:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-14 17:28 - 2014-09-04 03:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-14 17:28 - 2014-09-04 03:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-14 17:28 - 2014-09-04 03:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-09-14 17:28 - 2014-09-04 03:01 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll


==================== Alternate Data Streams (whitelisted) =========


(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


AlternateDataStreams: C:\Users\joe\SkyDrive:ms-properties


==================== Safe Mode (whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"


==================== EXE Association (whitelisted) =============


(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)




==================== MSCONFIG/TASK MANAGER disabled items =========


(Currently there is no automatic fix for this section.)




========================= Accounts: ==========================


Administrator (S-1-5-21-2566896282-1077780563-609952791-500 - Administrator - Disabled)
Guest (S-1-5-21-2566896282-1077780563-609952791-501 - Limited - Disabled)
joe (S-1-5-21-2566896282-1077780563-609952791-1001 - Administrator - Enabled) => C:\Users\joe
joem (S-1-5-21-2566896282-1077780563-609952791-1007 - Administrator - Enabled)


==================== Faulty Device Manager Devices =============


Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.




==================== Event log errors: =========================


Application errors:
==================
Error: (12/30/2014 04:45:56 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4


Error: (12/30/2014 03:19:47 PM) (Source: VSS) (EventID: 12305) (User: )
Description: Volume Shadow Copy Service error: Volume/disk not connected or not found.
Error context: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy7 - 00000000000001AC,0x00530194,0000000000000000,0,00000087A8641090,4096,[0]).




Operation:
   Query Shadow Copies


Error: (12/30/2014 03:19:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.




Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.


System Error:
Access is denied.
.


Error: (12/30/2014 01:30:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program javaw.exe version 8.0.25.18 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.


Process ID: 49e0


Start Time: 01d023be2e53dc3a


Termination Time: 4294967295


Application Path: C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe


Report Id: 78a9fb26-8fc3-11e4-82a1-94de8078bb23


Faulting package full name: 


Faulting package-relative application ID:


Error: (12/29/2014 10:37:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program javaw.exe version 8.0.25.18 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.


Process ID: 1c58


Start Time: 01d023b4b0faed01


Termination Time: 4294967295


Application Path: C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe


Report Id: 424cfdd4-8fab-11e4-82a1-94de8078bb23


Faulting package full name: 


Faulting package-relative application ID:


Error: (12/29/2014 03:26:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OUTLOOK.EXE, version: 15.0.4675.1003, time stamp: 0x548bae55
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0x80000003
Fault offset: 0x00000000000da26a
Faulting process ID: 0xbe4
Faulting application start time: 0xOUTLOOK.EXE0
Faulting application path: OUTLOOK.EXE1
Faulting module path: OUTLOOK.EXE2
Report ID: OUTLOOK.EXE3
Faulting package full name: OUTLOOK.EXE4
Faulting package-relative application ID: OUTLOOK.EXE5


Error: (12/29/2014 01:38:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program 1198D42.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.


Process ID: 5378


Start Time: 01d023080a25902e


Termination Time: 4294967295


Application Path: C:\Users\joe\AppData\Local\Temp\1198D42.exe


Report Id: 6919926f-8efb-11e4-82a1-94de8078bb23


Faulting package full name: 


Faulting package-relative application ID:


Error: (12/28/2014 09:37:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OUTLOOK.EXE, version: 15.0.4675.1003, time stamp: 0x548bae55
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0x80000003
Fault offset: 0x00000000000da26a
Faulting process ID: 0x6b78
Faulting application start time: 0xOUTLOOK.EXE0
Faulting application path: OUTLOOK.EXE1
Faulting module path: OUTLOOK.EXE2
Report ID: OUTLOOK.EXE3
Faulting package full name: OUTLOOK.EXE4
Faulting package-relative application ID: OUTLOOK.EXE5


Error: (12/28/2014 07:14:23 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database


Error: (12/28/2014 01:47:36 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4




System errors:
=============
Error: (12/30/2014 10:24:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2


Error: (12/30/2014 10:21:43 PM) (Source: DCOM) (EventID: 10010) (User: JoePC)
Description: {CEFF45EE-C862-41DE-AEE2-A022C81EDA92}


Error: (12/30/2014 04:51:11 PM) (Source: DCOM) (EventID: 10010) (User: JoePC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Error: (12/30/2014 04:50:41 PM) (Source: DCOM) (EventID: 10010) (User: JoePC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Error: (12/30/2014 04:42:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2


Error: (12/30/2014 04:40:10 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service terminated with the following service-specific error: 
%%0


Error: (12/30/2014 04:32:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2


Error: (12/30/2014 04:31:18 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 252.


Error: (12/30/2014 04:31:17 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 252.


Error: (12/30/2014 04:30:32 PM) (Source: DCOM) (EventID: 10016) (User: JoePC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}JoePCjoeS-1-5-21-2566896282-1077780563-609952791-1001LocalHost (Using LRPC)UnavailableUnavailable




Microsoft Office Sessions:
=========================
Error: (12/30/2014 04:45:56 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4


Error: (12/30/2014 03:19:47 PM) (Source: VSS) (EventID: 12305) (User: )
Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy7 - 00000000000001AC,0x00530194,0000000000000000,0,00000087A8641090,4096,[0])


Operation:
   Query Shadow Copies


Error: (12/30/2014 03:19:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.


System Error:
Access is denied.


Error: (12/30/2014 01:30:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.25.1849e001d023be2e53dc3a4294967295C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe78a9fb26-8fc3-11e4-82a1-94de8078bb23


Error: (12/29/2014 10:37:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.25.181c5801d023b4b0faed014294967295C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe424cfdd4-8fab-11e4-82a1-94de8078bb23


Error: (12/29/2014 03:26:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OUTLOOK.EXE15.0.4675.1003548bae55KERNELBASE.dll6.3.9600.1727853eebf2e8000000300000000000da26abe401d0237bc0bdbad0C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXEC:\Windows\system32\KERNELBASE.dll0779765e-8f6f-11e4-82a1-94de8078bb23


Error: (12/29/2014 01:38:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: 1198D42.exe0.0.0.0537801d023080a25902e4294967295C:\Users\joe\AppData\Local\Temp\1198D42.exe6919926f-8efb-11e4-82a1-94de8078bb23


Error: (12/28/2014 09:37:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OUTLOOK.EXE15.0.4675.1003548bae55KERNELBASE.dll6.3.9600.1727853eebf2e8000000300000000000da26a6b7801d022e6854d472cC:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXEC:\Windows\system32\KERNELBASE.dllc797c089-8ed9-11e4-82a1-94de8078bb23


Error: (12/28/2014 07:14:23 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883


Error: (12/28/2014 01:47:36 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4




CodeIntegrity Errors:
===================================
  Date: 2014-12-15 05:48:36.956
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


  Date: 2014-12-10 04:05:22.221
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


  Date: 2014-12-06 02:54:12.945
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


  Date: 2014-11-23 04:17:52.329
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


  Date: 2014-11-21 06:14:13.406
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


  Date: 2014-11-19 07:25:13.237
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


  Date: 2014-11-18 08:24:09.605
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


  Date: 2014-11-13 10:49:26.678
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


  Date: 2014-11-05 17:49:09.383
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


  Date: 2014-11-04 22:35:20.432
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.




==================== Memory info =========================== 


Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 20%
Total physical RAM: 16271.93 MB
Available physical RAM: 12956.27 MB
Total Pagefile: 32655.93 MB
Available Pagefile: 28588.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB


==================== Drives ================================


Drive c: () (Fixed) (Total:232.54 GB) (Free:21.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (1Tb) (Fixed) (Total:931.41 GB) (Free:172.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (15.0.4420.1017) (CDROM) (Total:0.79 GB) (Free:0 GB) UDF
Drive h: (VS2010Express) (CDROM) (Total:0.68 GB) (Free:0 GB) UDF


==================== MBR & Partition Table ==================


========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 17F5E65F)
Partition 1: (Active) - (Size=232.5 GB) - (Type=07 NTFS)


========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 16B190B3)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=931.4 GB) - (Type=07 NTFS)


==================== End Of Log ============================
 
 
 
FRST.txt
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by joe (administrator) on JOEPC on 30-12-2014 22:35:46
Running from C:\Users\joe\Downloads
Loaded Profile: joe (Available profiles: joe)
Platform: Windows 8.1 Pro (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/


==================== Processes (Whitelisted) =================


(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files (x86)\Oculus\Service\OVRServer_x64.exe
(Spiceworks, Inc.) C:\Program Files (x86)\Spiceworks\bin\spiceworks.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Apache Software Foundation) C:\Program Files (x86)\Spiceworks\httpd\bin\spiceworks-httpd.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Apache Software Foundation) C:\Program Files (x86)\Spiceworks\httpd\bin\spiceworks-httpd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(http://tortoisegit.org/) C:\Program Files\TortoiseGit\bin\TGitCache.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Oculus VR, LLC) C:\Program Files (x86)\Oculus\Tools\OculusConfigUtil.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Dropbox, Inc.) C:\Users\joe\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe




==================== Registry (Whitelisted) ==================


(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-27] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585048 2014-04-17] (Razer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-30] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872160 2014-12-03] (Skype Technologies S.A.)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1941696 2014-12-19] (Valve Corporation)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-23] (Electronic Arts)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\MountPoints2: {2a78f0b1-ac71-11e3-824f-94de8078bb23} - "G:\SETUP.EXE" 
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\MountPoints2: {2a78f7f3-ac71-11e3-824f-94de8078bb23} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL H:\setup.hta
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\MountPoints2: {2a7910cb-ac71-11e3-824f-94de8078bb23} - "F:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OculusConfigUtil.lnk
ShortcutTarget: OculusConfigUtil.lnk -> C:\Program Files (x86)\Oculus\Tools\OculusConfigUtil.exe (Oculus VR, LLC)
Startup: C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\joe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION


==================== Internet (Whitelisted) ====================


(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)


HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/en-gb/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254


FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\joe\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @talk.google.com/O1DPlugin -> C:\Users\joe\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @tools.google.com/Google Update;version=3 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @tools.google.com/Google Update;version=9 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\joe\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\joe\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\joe\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-30]


Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-03-15]
CHR Extension: (Google Docs) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-15]
CHR Extension: (Docs Offline Background Page) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-15]
CHR Extension: (YouTube) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-15]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-08-20]
CHR Extension: (Adblock Plus) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-15]
CHR Extension: (Google Search) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-15]
CHR Extension: (ZenMate) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-06-16]
CHR Extension: (AdBlock) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-15]
CHR Extension: (Avast Online Security) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-30]
CHR Extension: (Mibbit webchat) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbadbkkklnhamjjeagmknajgmbgcmnpi [2014-03-15]
CHR Extension: (Poppit!) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-03-15]
CHR Extension: (Google Wallet) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-15]
CHR Extension: (Hover Zoom+) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2014-12-06]
CHR Extension: (Gmail) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-15]
CHR Extension: (uuNisales) - C:\ProgramData\glblpgpkemjcgoomdngfhlojlkfmafog\ [2014-03-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-30]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [Not Found]


==================== Services (Whitelisted) =================


(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)


R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-30] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-12-15] (EasyAntiCheat Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-23] (Electronic Arts)
R2 OVRService; C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe [230416 2014-10-23] () [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-17] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-11-10] ()
R2 spiceworks; C:\Program Files (x86)\Spiceworks\bin\spiceworks.exe [47424 2014-06-14] (Spiceworks, Inc.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S3 wampapache; c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe [18432 2012-05-13] (Apache Software Foundation) [File not signed]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [8177664 2012-04-19] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]


==================== Drivers (Whitelisted) ====================


(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)


S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-30] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-15] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2014-12-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2012-05-03] (CACE Technologies, Inc.)
S3 OCUSBVID; C:\Windows\system32\DRIVERS\OCUSBVID.sys [47560 2014-10-23] (Oculus VR, LLC)
R1 RiftEnabler; C:\Windows\system32\DRIVERS\RiftEnabler.sys [53704 2014-10-23] (Oculus VR, LLC)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)


==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)




==================== One Month Created Files and Folders ========


(If an entry is included in the fixlist, the file\folder will be moved.)


2014-12-30 22:35 - 2014-12-30 22:35 - 02123264 _____ (Farbar) C:\Users\joe\Downloads\FRST64.exe
2014-12-30 22:35 - 2014-12-30 22:35 - 00027275 _____ () C:\Users\joe\Downloads\FRST.txt
2014-12-30 22:29 - 2014-12-30 22:29 - 05604036 _____ (Swearware) C:\Users\joe\Downloads\ComboFix.exe
2014-12-30 22:29 - 2014-12-30 22:29 - 05604036 _____ (Swearware) C:\Users\joe\Desktop\ComboFix.exe
2014-12-30 16:40 - 2014-12-30 16:40 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-12-30 16:39 - 2014-12-30 16:39 - 00003080 _____ () C:\Windows\system32\.crusader
2014-12-30 16:34 - 2014-12-30 16:39 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-12-30 16:33 - 2014-12-30 16:34 - 11222744 _____ (SurfRight B.V.) C:\Users\joe\Downloads\HitmanPro_x64.exe
2014-12-30 16:33 - 2014-12-30 16:33 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-30 16:25 - 2014-12-30 16:29 - 00000000 ____D () C:\AdwCleaner
2014-12-30 16:25 - 2014-12-30 16:25 - 02173952 _____ () C:\Users\joe\Downloads\adwcleaner_4.106.exe
2014-12-30 15:28 - 2014-12-30 15:28 - 00003266 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-2566896282-1077780563-609952791-1001
2014-12-30 15:26 - 2014-12-30 15:26 - 00000000 ____D () C:\Users\joe\AppData\Roaming\AVAST Software
2014-12-30 15:20 - 2014-12-30 15:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-30 15:20 - 2014-12-30 15:20 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-30 15:20 - 2014-12-30 15:20 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-30 15:20 - 2014-12-30 15:20 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00001940 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-30 15:20 - 2014-12-30 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-30 15:19 - 2014-12-30 15:19 - 05006864 _____ (AVAST Software) C:\Users\joe\Downloads\avast_free_antivirus_setup_online.exe
2014-12-30 15:19 - 2014-12-30 15:19 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-29 23:16 - 2014-12-29 23:16 - 00120575 _____ () C:\Users\joe\Downloads\jarjar-1.4.jar
2014-12-29 23:11 - 2014-12-29 23:11 - 00124725 _____ () C:\Users\joe\Desktop\testing.jar
2014-12-29 22:39 - 2014-12-29 22:39 - 22826996 _____ () C:\Users\joe\Downloads\spigot-1.8-R0.1-SNAPSHOT (1).jar
2014-12-29 22:11 - 2014-12-29 22:11 - 20610577 _____ () C:\Users\joe\Downloads\spigot-1.7.10-SNAPSHOT-b1657.jar
2014-12-29 22:07 - 2014-12-29 22:07 - 19578647 _____ () C:\Users\joe\Downloads\spigot-1.6.4-R2.1-1138.jar
2014-12-29 16:32 - 2014-12-29 16:32 - 01862383 _____ () C:\Users\joe\Downloads\MassiveCore-2.7.5.zip
2014-12-29 16:20 - 2014-12-29 16:20 - 00296044 _____ () C:\Users\joe\Downloads\Vault.jar
2014-12-29 15:54 - 2014-12-29 15:55 - 22826996 _____ () C:\Users\joe\Downloads\spigot-1.8-R0.1-SNAPSHOT.jar
2014-12-29 15:50 - 2014-12-29 16:04 - 00000000 ____D () C:\Users\joe\Desktop\DaegonnersPlugins
2014-12-29 15:49 - 2014-12-29 15:50 - 00468788 _____ () C:\Users\joe\Desktop\DaegonnersPlugins.zip
2014-12-29 01:38 - 2014-12-30 01:40 - 00000000 ____D () C:\Program Files (x86)\uuNisales
2014-12-29 01:38 - 2014-12-30 01:40 - 00000000 ____D () C:\Program Files (x86)\unnISaaLes
2014-12-29 01:38 - 2014-12-29 01:38 - 00000000 ____D () C:\ProgramData\glblpgpkemjcgoomdngfhlojlkfmafog
2014-12-28 21:56 - 2014-12-28 21:56 - 00556538 _____ () C:\Users\joe\Downloads\latest.log
2014-12-27 22:05 - 2014-12-27 22:05 - 02667105 _____ () C:\Users\joe\Downloads\Hub (1).jar
2014-12-25 23:16 - 2014-12-25 23:18 - 00000000 ____D () C:\Users\joe\Documents\ShipSimExtremes Userdata
2014-12-25 23:16 - 2014-12-25 23:16 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Quest3D
2014-12-24 22:06 - 2014-12-24 22:06 - 00003608 _____ () C:\Users\joe\Downloads\Construction_Simulator_2015-CODEX.torrent
2014-12-24 21:20 - 2014-12-24 21:20 - 00000000 ____D () C:\Users\joe\Downloads\teamspeak3-server_win64-3.0.11.2
2014-12-24 21:19 - 2014-12-24 21:19 - 04523318 _____ () C:\Users\joe\Downloads\teamspeak3-server_win64-3.0.11.2.zip
2014-12-23 13:10 - 2014-12-23 13:10 - 00010095 _____ () C:\Users\joe\Downloads\zzzzzzzzzzzzzzXP,Economy and Police.scs
2014-12-23 13:07 - 2014-12-23 13:07 - 00005968 _____ () C:\Users\joe\Downloads\iniciocom99999999999999999euros_bymodsmj.rar
2014-12-23 13:02 - 2014-12-23 13:02 - 03853552 _____ () C:\Users\joe\Downloads\ets2mp_client (1).zip
2014-12-23 12:50 - 2014-12-23 12:52 - 00000000 ____D () C:\Users\joe\AppData\Local\Temporary Projects
2014-12-23 12:43 - 2014-12-23 12:43 - 00036864 _____ () C:\Users\joe\Downloads\DW spreadsheet.xls
2014-12-23 11:52 - 2014-12-23 11:52 - 00065024 _____ () C:\Users\joe\Downloads\Group & Dist. Exec. Directory -18.11.2014 (2).xls
2014-12-22 20:59 - 2014-12-22 20:59 - 00000000 ____D () C:\Users\joe\AppData\Local\Blizzard Entertainment
2014-12-22 20:58 - 2014-12-29 01:42 - 00000000 ____D () C:\Users\joe\AppData\Local\Battle.net
2014-12-22 20:58 - 2014-12-22 20:59 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Battle.net
2014-12-22 20:58 - 2014-12-22 20:58 - 00001156 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-12-22 20:58 - 2014-12-22 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-22 20:58 - 2014-12-22 20:58 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-12-22 20:58 - 2014-12-22 20:58 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-22 20:53 - 2014-12-22 20:53 - 00000000 ____D () C:\ProgramData\Battle.net
2014-12-22 20:52 - 2014-12-22 20:53 - 02868792 _____ (Blizzard Entertainment) C:\Users\joe\Downloads\Battle.net-Setup-enGB.exe
2014-12-21 05:01 - 2014-12-21 05:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-21 05:01 - 2014-12-21 05:01 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-20 16:37 - 2014-12-20 16:37 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Autodesk
2014-12-20 16:37 - 2014-12-20 16:37 - 00000000 ____D () C:\ProgramData\Autodesk
2014-12-20 16:22 - 2014-12-20 16:34 - 2467047156 _____ (Autodesk, Inc.) C:\Users\joe\Downloads\Autodesk_Revit_2015_English_Win_64bit_R2_dlm.sfx.exe
2014-12-20 16:20 - 2014-12-20 16:20 - 09642336 _____ () C:\Users\joe\Downloads\Autodesk_Revit_2015_English_Win_64bit_R2_wi_en-US_Setup (1).exe
2014-12-20 16:19 - 2014-12-20 16:19 - 09642336 _____ () C:\Users\joe\Downloads\Autodesk_Revit_2015_English_Win_64bit_R2_wi_en-US_Setup.exe
2014-12-19 19:21 - 2014-10-30 22:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-19 19:21 - 2014-10-30 22:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-19 03:37 - 2014-12-19 03:37 - 00852392 _____ () C:\Users\joe\Downloads\imm4833.pdf.bin
2014-12-18 23:16 - 2014-12-18 23:16 - 00937984 _____ () C:\Users\joe\Downloads\project.ppt
2014-12-18 21:58 - 2014-12-18 21:58 - 00008192 _____ () C:\Users\joe\Downloads\compass.csv
2014-12-18 21:52 - 2014-12-18 21:52 - 00137728 _____ () C:\Users\joe\Downloads\Compass-Youth-Data-Import-Template-Office-97-2003-version-12-Sept-2014.xls
2014-12-18 21:51 - 2014-12-18 21:51 - 00023219 _____ () C:\Users\joe\Downloads\compass-1.xlsx
2014-12-18 10:26 - 2014-12-18 10:26 - 00019392 _____ () C:\Users\joe\Downloads\Home_Alone_1_and_2_Pack_1080p_HD.torrent
2014-12-18 01:14 - 2014-12-18 01:14 - 00013336 _____ () C:\Users\joe\Desktop\excetesting.xlsx
2014-12-17 22:52 - 2014-12-17 23:00 - 00004784 _____ () C:\Users\joe\Desktop\testing.txt
2014-12-17 22:44 - 2014-12-17 22:44 - 00002011 _____ () C:\Users\Public\Desktop\NeuroSolutions 4.lnk
2014-12-17 22:44 - 2014-12-17 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeuroSolutions 4
2014-12-17 22:44 - 2014-12-17 22:44 - 00000000 ____D () C:\Program Files (x86)\NeuroSolutions 4
2014-12-17 22:44 - 2000-10-23 14:41 - 00069632 _____ () C:\Windows\SysWOW64\NeuroSolutionsOL.dll
2014-12-17 22:44 - 2000-05-22 01:00 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2014-12-17 22:44 - 2000-05-22 01:00 - 00209608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx
2014-12-17 22:44 - 2000-01-21 12:19 - 00040960 _____ () C:\Windows\SysWOW64\NSSYMBOL.DLL
2014-12-17 22:44 - 1999-10-15 13:50 - 01056768 _____ (Blue Sky Software Corporation.) C:\Windows\SysWOW64\Roboex32.dll
2014-12-17 22:44 - 1999-05-07 01:00 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Comdlg32.ocx
2014-12-17 22:44 - 1998-06-18 00:00 - 00089360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2014-12-17 22:44 - 1997-01-31 10:07 - 00048640 _____ (Blue Sky Software) C:\Windows\SysWOW64\inetwh32.dll
2014-12-17 22:40 - 2014-12-17 22:43 - 27108144 _____ (NeuroDimension, Inc. ) C:\Users\joe\Downloads\nsinstall_432 (1).exe
2014-12-17 15:32 - 2014-12-17 15:32 - 00000000 __SHD () C:\Users\joe\AppData\Local\EmieBrowserModeList
2014-12-17 14:20 - 2014-12-17 14:20 - 00236289 _____ () C:\Users\joe\Downloads\basic.ics
2014-12-16 12:27 - 2014-12-16 12:27 - 00000000 ____D () C:\Users\joe\AppData\Local\NeuroSolutions
2014-12-15 21:57 - 2014-12-15 21:57 - 03024587 _____ () C:\Users\joe\Downloads\BuildTools (2).jar
2014-12-15 21:57 - 2014-12-15 21:57 - 03024587 _____ () C:\Users\joe\Downloads\BuildTools (1).jar
2014-12-15 19:45 - 2014-12-15 19:40 - 00174112 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2014-12-14 16:50 - 2014-12-14 16:51 - 370481677 _____ () C:\Users\joe\Downloads\jmonkeyplatform-windows-x64.exe
2014-12-14 00:18 - 2014-12-14 00:18 - 00000000 ____D () C:\Users\joe\Downloads\BanManager
2014-12-14 00:17 - 2014-12-14 00:17 - 00473291 _____ () C:\Users\joe\Downloads\BanManager.zip
2014-12-13 18:07 - 2014-12-13 18:07 - 01287944 _____ (Mojang) C:\Users\joe\Downloads\Minecraft (1).exe
2014-12-13 18:07 - 2014-12-13 18:07 - 00000000 ____D () C:\Users\joe\Desktop\New folder
2014-12-13 17:01 - 2014-12-13 17:01 - 00045112 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-12-12 21:55 - 2014-12-12 21:55 - 01534736 _____ () C:\Users\joe\Downloads\battlelog-web-plugins_2.6.2_154.exe
2014-12-11 21:53 - 2014-12-11 21:53 - 00003907 _____ () C:\Users\joe\Desktop\tweets.json
2014-12-09 21:20 - 2014-11-10 02:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-09 21:20 - 2014-11-10 01:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-09 21:20 - 2014-10-30 23:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-09 21:20 - 2014-10-30 23:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-09 21:11 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 21:11 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 21:11 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 21:11 - 2014-11-22 02:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-09 21:11 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 21:11 - 2014-11-22 02:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-09 21:11 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 21:11 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 21:11 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 21:11 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 21:11 - 2014-11-22 02:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-09 21:11 - 2014-11-22 02:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-09 21:11 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 21:11 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 21:11 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 21:11 - 2014-11-22 01:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-09 21:11 - 2014-11-22 01:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-09 21:11 - 2014-11-22 01:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-09 21:11 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 21:11 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 21:11 - 2014-11-22 01:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 21:11 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 21:11 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 21:11 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 21:11 - 2014-11-22 01:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-09 21:11 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 21:11 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 21:11 - 2014-11-22 01:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-09 21:11 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 21:11 - 2014-11-22 01:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-09 21:11 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 21:11 - 2014-11-22 01:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 21:11 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 21:11 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 21:11 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 21:11 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 21:11 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 21:11 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 21:11 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 21:11 - 2014-11-07 04:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 21:11 - 2014-11-07 03:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 21:11 - 2014-10-31 23:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-09 21:11 - 2014-10-31 23:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-09 21:11 - 2014-10-13 02:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-12-09 21:11 - 2014-10-13 02:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-12-09 21:11 - 2014-10-13 02:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-12-09 21:11 - 2014-10-13 02:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-12-09 14:13 - 2014-12-09 14:13 - 03763514 _____ () C:\Users\joe\Downloads\ets2mp_client.zip
2014-12-08 16:47 - 2014-12-08 16:47 - 02810360 _____ () C:\Users\joe\Downloads\OneScreenOfBurgersWindows.zip
2014-12-08 16:47 - 2014-12-08 16:47 - 00419677 _____ () C:\Users\joe\Downloads\OneScreenOfBurgersSource.zip
2014-12-07 21:57 - 2014-12-07 21:57 - 00084917 _____ () C:\Users\joe\Downloads\bluescreenview-x64.zip
2014-12-07 21:24 - 2014-12-07 21:24 - 00009141 _____ () C:\Users\joe\Downloads\NoPvpLog.jar
2014-12-07 21:20 - 2014-12-07 21:20 - 11241080 _____ () C:\Users\joe\Downloads\join.me.exe
2014-12-07 21:00 - 2014-12-07 21:00 - 00152944 _____ () C:\Users\joe\Downloads\SilkSpawners.jar
2014-12-07 20:48 - 2014-12-07 20:48 - 00006316 _____ () C:\Users\joe\Downloads\spawnjoin.jar
2014-12-07 19:40 - 2014-12-07 19:40 - 00088477 _____ () C:\Users\joe\Downloads\CommandSigns.jar
2014-12-07 00:37 - 2014-12-07 00:37 - 00337004 _____ () C:\Users\joe\Downloads\Vault-1.4.1 (1).jar
2014-12-07 00:35 - 2014-12-07 00:35 - 00265122 _____ () C:\Users\joe\Downloads\askyblock.jar
2014-12-07 00:32 - 2014-12-07 00:32 - 01647028 _____ () C:\Users\joe\Downloads\Multiverse-Core-2.5 (1).jar
2014-12-07 00:29 - 2014-12-07 00:29 - 00003948 _____ () C:\Users\joe\Downloads\VoidWorld.jar
2014-12-06 23:56 - 2014-12-06 23:56 - 00005166 _____ () C:\Users\joe\Downloads\SW8PTower.schematic
2014-12-06 20:44 - 2014-12-06 20:44 - 00321700 _____ () C:\Users\joe\Downloads\MinigamesLib-1.11.0.jar
2014-12-06 20:44 - 2014-12-06 20:44 - 00023123 _____ () C:\Users\joe\Downloads\MGSkyWars.jar
2014-12-06 19:24 - 2014-12-06 19:24 - 00004775 _____ () C:\Users\joe\Downloads\fix-worldedit-cui-1.0.jar
2014-12-06 02:26 - 2014-12-06 02:26 - 00000000 ____D () C:\Users\joe\AppData\Roaming\java
2014-12-06 02:05 - 2014-12-06 02:05 - 00285808 _____ () C:\Windows\Minidump\120614-9968-01.dmp
2014-12-05 23:11 - 2014-12-05 23:11 - 00682854 _____ () C:\Users\joe\Desktop\Object Orientated Systems Coursework.zip
2014-12-05 19:49 - 2014-12-05 19:49 - 00000000 ___SD () C:\Users\joe\Documents\My Shapes
2014-12-05 15:48 - 2014-12-05 15:49 - 44833376 _____ (Skype Technologies S.A.) C:\Users\joe\Downloads\SkypeSetupFull.exe
2014-12-05 15:23 - 2014-12-05 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-12-05 15:21 - 2014-12-05 15:22 - 177856928 _____ (Oracle Corporation) C:\Users\joe\Downloads\jdk-8u25-windows-x64.exe
2014-12-05 15:18 - 2014-12-05 15:18 - 04697748 _____ () C:\Users\joe\Downloads\blerg (1).jar
2014-12-05 15:12 - 2014-12-05 15:13 - 92658088 _____ (Oracle Corporation) C:\Users\joe\Downloads\jre-8u25-windows-x64.exe
2014-12-05 15:09 - 2014-12-05 15:09 - 04697748 _____ () C:\Users\joe\Downloads\blerg.jar
2014-12-05 14:08 - 2014-12-05 14:15 - 961208085 _____ () C:\Users\joe\Downloads\agitarOne-windows-64.zip
2014-12-05 14:00 - 2014-12-05 14:00 - 00000000 ____D () C:\Users\joe\Downloads\apache-tomcat-8.0.15
2014-12-05 13:59 - 2014-12-05 13:59 - 09801252 _____ () C:\Users\joe\Downloads\apache-tomcat-8.0.15.zip
2014-12-05 13:58 - 2014-12-05 13:58 - 04803703 _____ () C:\Users\joe\Downloads\demo.zip
2014-12-05 01:18 - 2014-12-05 01:18 - 00009169 _____ () C:\Users\joe\Desktop\Book1.xlsx
2014-12-04 21:46 - 2014-12-04 21:46 - 18242102 _____ () C:\Users\joe\Downloads\totalbeginnerlesson04.zip
2014-12-04 21:33 - 2014-12-04 21:33 - 09624329 _____ () C:\Users\joe\Downloads\Assignment.zip
2014-12-04 21:33 - 2014-12-04 21:33 - 00000000 ____D () C:\Users\joe\Downloads\Assignment
2014-12-04 16:19 - 2014-12-04 16:19 - 05112776 _____ () C:\Users\joe\Downloads\Java-Assignment-master (2).zip
2014-12-04 02:32 - 2014-12-04 02:32 - 00002879 _____ () C:\Users\joe\Downloads\FullHunger.jar
2014-12-04 02:20 - 2014-12-04 02:20 - 00046813 _____ () C:\Users\joe\Downloads\HubEssentials (1).jar
2014-12-03 13:19 - 2014-12-04 21:33 - 13589871 _____ () C:\SentiWordNet_3.0.0.txt
2014-12-03 13:19 - 2014-12-04 21:33 - 00003907 _____ () C:\tweets.txt
2014-12-03 13:07 - 2014-12-03 13:07 - 00000000 ____D () C:\Users\joe\Downloads\Java-Assignment-master (1)
2014-12-02 22:10 - 2014-12-02 22:11 - 05322187 _____ () C:\Users\joe\Downloads\Java-Assignment-master (1).zip
2014-12-02 19:29 - 2014-12-02 19:30 - 19503909 _____ () C:\Users\joe\Downloads\spigot1658.jar
2014-12-02 01:54 - 2014-12-02 01:54 - 00305351 _____ () C:\Users\joe\Downloads\ServerListPlusUniversal-3.3.2.jar
2014-12-02 01:43 - 2014-12-02 01:43 - 00002014 _____ () C:\Users\joe\Downloads\SWN3.java
2014-12-02 01:23 - 2014-12-02 01:23 - 00453530 _____ () C:\Users\joe\Downloads\SkyWars.jar
2014-12-02 00:47 - 2014-12-02 00:47 - 00778914 _____ () C:\Users\joe\Downloads\NoCheatPlus.jar
2014-12-02 00:37 - 2014-12-02 00:37 - 00498159 _____ () C:\Users\joe\Downloads\BungeeAdminTools-1.2.8.jar
2014-12-02 00:16 - 2014-12-02 00:16 - 00276898 _____ () C:\Users\joe\Downloads\EnjinMinecraftPlugin (1).jar
2014-12-01 23:53 - 2014-12-01 23:58 - 00000000 ____D () C:\Users\joe\AppData\Local\paint.net
2014-12-01 23:53 - 2014-12-01 23:53 - 00001160 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-12-01 23:53 - 2014-12-01 23:53 - 00000000 ____D () C:\Program Files\paint.net
2014-12-01 23:48 - 2014-12-01 23:48 - 06529561 _____ () C:\Users\joe\Downloads\paint.net.4.0.4.install.zip
2014-12-01 01:39 - 2014-12-01 01:39 - 00318834 _____ () C:\Users\joe\Downloads\Factions (2).jar
2014-12-01 01:38 - 2014-12-01 01:38 - 01344243 _____ () C:\Users\joe\Downloads\MassiveCore (1).jar
2014-12-01 01:36 - 2014-12-01 01:36 - 00318909 _____ () C:\Users\joe\Downloads\Factions (1).jar
2014-12-01 01:16 - 2014-12-01 01:16 - 01344767 _____ () C:\Users\joe\Downloads\MassiveCore.jar
2014-11-30 19:54 - 2014-11-30 19:54 - 00181717 _____ () C:\Users\joe\Downloads\BungeeTabListPlus.zip
2014-11-30 19:54 - 2014-11-30 19:54 - 00043993 _____ () C:\Users\joe\Downloads\Yamler-Bungee-2.2.3-SNAPSHOT.jar
2014-11-30 19:46 - 2014-11-30 19:46 - 00000926 _____ () C:\Users\joe\Downloads\install spigot.sh
2014-11-30 18:31 - 2014-11-30 18:31 - 00318834 _____ () C:\Users\joe\Downloads\Factions.jar
2014-11-30 16:58 - 2014-11-30 16:58 - 00410426 _____ () C:\Users\joe\Downloads\FactionServer.rar
2014-11-30 15:48 - 2014-11-30 15:48 - 00160851 _____ () C:\Users\joe\Downloads\PlotMe (1).jar
2014-11-30 15:47 - 2014-11-30 15:47 - 01647028 _____ () C:\Users\joe\Downloads\Multiverse-Core-2.5.jar
2014-11-30 11:45 - 2014-11-30 11:50 - 1028653056 _____ () C:\Users\joe\Downloads\ubuntu-14.04.1-desktop-amd64.iso
2014-11-30 11:44 - 2014-11-30 11:44 - 01088893 _____ (pendrivelinux.com) C:\Users\joe\Downloads\Universal-USB-Installer-1.9.5.8.exe
2014-11-30 02:56 - 2014-11-30 02:56 - 00072015 _____ () C:\Users\joe\Downloads\Shop.jar
2014-11-30 02:54 - 2014-11-30 02:54 - 00642501 _____ () C:\Users\joe\Downloads\ChestShop.jar
2014-11-30 02:49 - 2014-11-30 02:49 - 00048999 _____ () C:\Users\joe\Downloads\ChestShop-WoodyCraft.jar
2014-11-30 02:38 - 2014-11-30 02:38 - 00028463 _____ () C:\Users\joe\Downloads\BuyRegion.jar


==================== One Month Modified Files and Folders =======


(If an entry is included in the fixlist, the file\folder will be moved.)


2014-12-30 22:35 - 2014-09-21 08:24 - 00000000 ____D () C:\FRST
2014-12-30 22:33 - 2014-09-21 23:04 - 00004954 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JoePC-joe JoePC
2014-12-30 22:33 - 2014-03-15 17:42 - 01717722 _____ () C:\Windows\WindowsUpdate.log
2014-12-30 22:28 - 2014-03-15 17:48 - 00955428 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-30 22:24 - 2014-03-15 17:50 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Skype
2014-12-30 22:23 - 2014-11-10 19:55 - 00000000 ____D () C:\ProgramData\Origin
2014-12-30 22:23 - 2014-03-15 22:15 - 00000000 ___RD () C:\Users\joe\Dropbox
2014-12-30 22:23 - 2014-03-15 22:14 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Dropbox
2014-12-30 22:22 - 2014-11-17 21:07 - 00000000 ____D () C:\Users\joe\AppData\Local\LogMeIn Hamachi
2014-12-30 22:22 - 2014-11-10 19:55 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-30 22:22 - 2014-05-21 20:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-30 22:22 - 2014-03-31 18:54 - 00000000 ____D () C:\Users\joe\AppData\Local\TGitCache
2014-12-30 22:22 - 2014-03-15 18:03 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-30 22:22 - 2014-03-15 17:47 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 22:22 - 2014-03-15 17:41 - 00268554 _____ () C:\Windows\PFRO.log
2014-12-30 22:22 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-30 22:08 - 2014-03-15 17:47 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-30 22:05 - 2014-03-15 22:59 - 00000000 ____D () C:\Users\joe\AppData\Roaming\.minecraft
2014-12-30 22:04 - 2014-03-15 19:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-30 22:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-30 21:48 - 2014-03-25 21:27 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001UA.job
2014-12-30 20:28 - 2014-03-15 17:46 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5BB247E6-8C32-4749-BD87-1FB5D1E278E5}
2014-12-30 16:50 - 2014-03-15 17:50 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2566896282-1077780563-609952791-1001
2014-12-30 16:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\vpnplugins
2014-12-30 16:39 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-30 16:33 - 2014-05-21 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-30 16:33 - 2014-05-21 20:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-30 16:30 - 2014-03-15 22:42 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-12-30 16:30 - 2013-08-22 14:44 - 00505568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-30 15:19 - 2014-10-02 12:07 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-29 23:11 - 2014-07-01 21:48 - 00000000 ____D () C:\Users\joe\Desktop\jd-gui-0.3.6.windows (1)
2014-12-29 23:09 - 2014-03-25 15:54 - 00000000 ____D () C:\Users\joe\workspace
2014-12-29 22:41 - 2014-03-27 23:19 - 00000000 ____D () C:\Users\joe\AppData\Local\Eclipse
2014-12-29 22:40 - 2014-05-27 16:13 - 00000000 ____D () C:\Users\joe\Desktop\Email test server
2014-12-29 01:46 - 2014-11-17 20:35 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Azureus
2014-12-28 10:48 - 2014-03-25 21:27 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001Core.job
2014-12-26 20:56 - 2014-04-26 17:52 - 00096811 _____ () C:\Windows\DirectX.log
2014-12-26 00:45 - 2014-03-15 18:19 - 00000000 ____D () C:\Users\joe\AppData\Roaming\FileZilla
2014-12-25 23:52 - 2014-03-16 12:11 - 00000600 _____ () C:\Users\joe\AppData\Local\PUTTY.RND
2014-12-25 20:19 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-24 22:27 - 2014-03-15 18:00 - 00000000 ____D () C:\Users\joe\AppData\Roaming\TS3Client
2014-12-24 21:20 - 2014-09-21 23:15 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-12-23 13:33 - 2014-03-15 19:04 - 00000000 ____D () C:\Users\joe\Documents\Euro Truck Simulator 2
2014-12-23 13:08 - 2014-09-28 18:53 - 00000000 ____D () C:\Users\joe\Documents\ETS2MP
2014-12-23 13:08 - 2014-05-05 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer
2014-12-23 13:08 - 2014-05-05 13:04 - 00000000 ____D () C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer
2014-12-23 12:52 - 2014-03-15 19:00 - 00000000 ____D () C:\Users\joe\Documents\Visual Studio 2012
2014-12-23 12:48 - 2014-03-15 17:44 - 00000000 ____D () C:\Users\joe\AppData\Local\Packages
2014-12-23 09:56 - 2014-03-15 17:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-22 21:00 - 2014-03-15 18:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-12-22 00:03 - 2014-03-16 19:14 - 00000000 ____D () C:\Users\joe\AppData\Local\join.me
2014-12-21 21:31 - 2014-04-02 16:43 - 00002240 ____H () C:\Users\joe\Documents\Default.rdp
2014-12-20 21:54 - 2014-09-30 14:59 - 00000000 ____D () C:\Users\joe\.VirtualBox
2014-12-20 12:21 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-17 22:47 - 2014-03-15 17:44 - 00000000 ____D () C:\Users\joe\AppData\Local\VirtualStore
2014-12-17 22:44 - 2014-03-15 17:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-15 05:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
2014-12-14 18:40 - 2014-10-11 12:13 - 00000000 ____D () C:\Users\joe\AppData\Roaming\TeamViewer
2014-12-13 09:39 - 2014-03-15 22:14 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-13 09:37 - 2014-03-15 17:44 - 00000000 ____D () C:\Users\joe
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 22:00 - 2014-11-10 22:23 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-12-12 21:57 - 2014-11-10 22:23 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-12-12 21:55 - 2014-11-10 22:24 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-10 04:07 - 2014-03-15 19:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 04:06 - 2014-03-15 19:48 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 18:04 - 2014-03-15 19:31 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-07 21:57 - 2014-03-15 19:02 - 00000000 ____D () C:\Users\joe\Documents\Visual Studio 2010
2014-12-06 14:39 - 2014-03-15 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-12-06 14:39 - 2014-03-15 18:18 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-12-06 02:05 - 2014-06-08 21:27 - 00000000 ____D () C:\Windows\Minidump
2014-12-05 23:31 - 2014-11-11 21:25 - 00000000 ____D () C:\Users\joe\Desktop\Java Assignment
2014-12-05 19:48 - 2014-04-24 13:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-05 19:48 - 2014-03-15 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-12-05 19:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-05 15:49 - 2014-03-15 17:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-05 15:49 - 2014-03-15 17:50 - 00000000 ____D () C:\ProgramData\Skype
2014-12-05 15:28 - 2014-05-30 11:19 - 00000544 _____ () C:\Users\joe\Desktop\jd-gui.cfg
2014-12-05 15:23 - 2014-09-22 15:44 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-12-05 15:23 - 2014-03-15 17:50 - 00000000 ____D () C:\Program Files\Java
2014-12-05 15:13 - 2014-09-14 17:45 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-30 11:49 - 2013-08-22 14:46 - 00018025 _____ () C:\Windows\setupact.log


Some content of TEMP:
====================
C:\Users\joe\AppData\Local\Temp\AcDeltree.exe
C:\Users\joe\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\joe\AppData\Local\Temp\chdfeixn.dll
C:\Users\joe\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_7mawk.dll
C:\Users\joe\AppData\Local\Temp\hidapi-jni-644987893280966263044.dll
C:\Users\joe\AppData\Local\Temp\hidapi-jni-645400543683360961838.dll
C:\Users\joe\AppData\Local\Temp\hidapi-jni-647075923408829857210.dll
C:\Users\joe\AppData\Local\Temp\hidapi-jni-647486976906760669132.dll
C:\Users\joe\AppData\Local\Temp\i4jdel0.exe
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.3-11-g08fad7a-b3036jnks.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.3-2-g85f5776-b3023jnks.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.1-6-g4d832c3-b3090jnks.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-164-236.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-164-256.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-164-265.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-1.7.9-R0.2-208-ge0f2e95.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-1138.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-1370.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-1816771516222114456.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-1826948781968532888.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-2312002570477382589.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-3207609863237593084.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-349165095664393517.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-4487527742030782428.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-7705220188456773110.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-7724671186143475875.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-13716d9-bd703b8-8854048780822756448.dll
C:\Users\joe\AppData\Local\Temp\jansi-64-git-Spigot-1649.dll
C:\Users\joe\AppData\Local\Temp\OpenComputersMod-1.3.1.516-native.64.dll
C:\Users\joe\AppData\Local\Temp\OpenComputersMod-1.3.2.525-native.64.dll
C:\Users\joe\AppData\Local\Temp\Quarantine.exe
C:\Users\joe\AppData\Local\Temp\shutdown1396716642.exe
C:\Users\joe\AppData\Local\Temp\shutdown1415122645.exe
C:\Users\joe\AppData\Local\Temp\SIntf16.dll
C:\Users\joe\AppData\Local\Temp\SIntf32.dll
C:\Users\joe\AppData\Local\Temp\SIntfNT.dll
C:\Users\joe\AppData\Local\Temp\SkypeSetup.exe
C:\Users\joe\AppData\Local\Temp\sonarinst.exe
C:\Users\joe\AppData\Local\Temp\spiceworks_redist.exe
C:\Users\joe\AppData\Local\Temp\spiceworks_redist_10.exe
C:\Users\joe\AppData\Local\Temp\sqlite3.dll
C:\Users\joe\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\joe\AppData\Local\Temp\System.Data.SQLite39299.dll
C:\Users\joe\AppData\Local\Temp\System.Data.SQLite75841.dll
C:\Users\joe\AppData\Local\Temp\xmlUpdater.exe




==================== Bamital & volsnap Check =================


(There is no automatic fix for files that do not pass verification.)


C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed




LastRegBack: 2014-12-27 11:25


==================== End Of Log ============================

 


  • 0

Advertisements


#2
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
Hello and Welcome to GeeksToGo jkm9694,

my Name is Machiavelli and I will assist you with your problem.  :alarm:  The fixes are specific to your problem and should only be used for the issue on your machine!  :alarm: 
 
I'm in the 'Malware Staff Team' and will provide you with advice:
To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.
 
You must reply to posts within days. If you haven't replied within 4 days your topic will be closed. If you go away for some time please let me know. Communication is an important part here! If you are unsure about something - STOP - and ask me. No need to be afraid of asking - better ask than doing a mistake. Mistakes can lead to an unbootable PC! I would recommend to follow the topic by clicking on the Follow this topic button - you will get notified when I have replied to your topic.
 

:alarm: Below are a few tips  :alarm:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 
Part I: Warnings
 
 
  • Warning I: Wrong File Location
  • You have FRST saved under your Downloads Folder. We need all files on your Desktop. So please move FRST to your Desktop.
  • Warning II: Low Disc Space
  • That is another reason for the slowness of your computer. Because of that I recommend uninstalling software which you don't use at all.
  • Warning III: Chrome Reset
  • We have to reset your Chrome Browser. Please follow these instructions here to reset chrome.
  • Warning IV: Combofix scan
  • Do you have logs of ComboFix? If yes please post them!
 
Part II: Action
 
 

Step 1: FRST Fix
 
We need to run a fix with FRST:
  • Please download the attached fixlist.txt file and save it to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: Adwarecleaner
 
Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here:C:\AdwCleaner\
 
Step 3: Junkware Removal Tool

 
thisisujrt.gifPlease download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
 
 
Part III: Logs request
 
 
 
For the next time I need to see following logs:-
  • FRST Log
  • Junkware Removal Tool log
  • Adwarecleaner Log
  • FRST fixlog
Please also tell me how your computer is running currently. If you have any issues please tell me which.

Attached Files


  • 0

#3
jkm9694

jkm9694

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Hello Machiavelli, 
 
 

Please find attached the logs requested.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by joe (administrator) on JOEPC on 31-12-2014 19:40:51
Running from C:\Users\joe\Desktop
Loaded Profile: joe (Available profiles: joe)
Platform: Windows 8.1 Pro (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe
() C:\Program Files (x86)\Oculus\Service\OVRServer_x64.exe
() C:\Windows\System32\PnkBstrA.exe
(Spiceworks, Inc.) C:\Program Files (x86)\Spiceworks\bin\spiceworks.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Apache Software Foundation) C:\Program Files (x86)\Spiceworks\httpd\bin\spiceworks-httpd.exe
(Apache Software Foundation) C:\Program Files (x86)\Spiceworks\httpd\bin\spiceworks-httpd.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Oculus VR, LLC) C:\Program Files (x86)\Oculus\Tools\OculusConfigUtil.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Users\joe\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(http://tortoisegit.org/) C:\Program Files\TortoiseGit\bin\TGitCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\joe\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-27] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585048 2014-04-17] (Razer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-30] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872160 2014-12-03] (Skype Technologies S.A.)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1941696 2014-12-19] (Valve Corporation)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-23] (Electronic Arts)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\MountPoints2: {2a78f0b1-ac71-11e3-824f-94de8078bb23} - "G:\SETUP.EXE" 
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\MountPoints2: {2a78f7f3-ac71-11e3-824f-94de8078bb23} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL H:\setup.hta
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OculusConfigUtil.lnk
ShortcutTarget: OculusConfigUtil.lnk -> C:\Program Files (x86)\Oculus\Tools\OculusConfigUtil.exe (Oculus VR, LLC)
Startup: C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\joe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/en-gb/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\joe\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @talk.google.com/O1DPlugin -> C:\Users\joe\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @tools.google.com/Google Update;version=3 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @tools.google.com/Google Update;version=9 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\joe\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\joe\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\joe\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-30]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-03-15]
CHR Extension: (Google Docs) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-15]
CHR Extension: (Docs Offline Background Page) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-15]
CHR Extension: (YouTube) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-15]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-08-20]
CHR Extension: (Adblock Plus) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-15]
CHR Extension: (Google Search) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-15]
CHR Extension: (ZenMate) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-06-16]
CHR Extension: (AdBlock) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-15]
CHR Extension: (Avast Online Security) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-30]
CHR Extension: (Mibbit webchat) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbadbkkklnhamjjeagmknajgmbgcmnpi [2014-03-15]
CHR Extension: (Poppit!) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-03-15]
CHR Extension: (Google Wallet) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-15]
CHR Extension: (Hover Zoom+) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2014-12-06]
CHR Extension: (Gmail) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-15]
CHR Extension: (uuNisales) - C:\ProgramData\glblpgpkemjcgoomdngfhlojlkfmafog\ [2014-03-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-30]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-30] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-30] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-12-15] (EasyAntiCheat Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-23] (Electronic Arts)
R2 OVRService; C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe [230416 2014-10-23] () [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-17] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-11-10] ()
R2 spiceworks; C:\Program Files (x86)\Spiceworks\bin\spiceworks.exe [47424 2014-06-14] (Spiceworks, Inc.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S3 wampapache; c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe [18432 2012-05-13] (Apache Software Foundation) [File not signed]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [8177664 2012-04-19] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-30] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-15] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2014-12-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2012-05-03] (CACE Technologies, Inc.)
S3 OCUSBVID; C:\Windows\system32\DRIVERS\OCUSBVID.sys [47560 2014-10-23] (Oculus VR, LLC)
R1 RiftEnabler; C:\Windows\system32\DRIVERS\RiftEnabler.sys [53704 2014-10-23] (Oculus VR, LLC)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-30] (Avast Software)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-31 19:40 - 2014-12-31 19:41 - 00026953 _____ () C:\Users\joe\Desktop\FRST.txt
2014-12-31 19:39 - 2014-12-31 19:40 - 00000616 _____ () C:\Users\joe\Desktop\JRT.txt
2014-12-31 19:35 - 2014-12-31 19:35 - 00000247 _____ () C:\Windows\system32\2014-12-31-19-35-38.013-aswFe.exe-9336.log
2014-12-31 19:34 - 2014-12-31 19:34 - 00000000 ____D () C:\Windows\ERUNT
2014-12-31 19:33 - 2014-12-31 19:35 - 00000247 _____ () C:\Windows\system32\2014-12-31-19-33-51.031-aswFe.exe-4088.log
2014-12-31 19:33 - 2014-12-31 19:33 - 01707939 _____ (Thisisu) C:\Users\joe\Downloads\JRT.exe
2014-12-31 19:33 - 2014-12-31 19:33 - 01707939 _____ (Thisisu) C:\Users\joe\Desktop\JRT.exe
2014-12-31 19:33 - 2014-12-31 19:33 - 00002315 _____ () C:\Users\joe\Desktop\AdwCleaner[S3].txt
2014-12-31 19:33 - 2014-12-31 19:33 - 00000197 _____ () C:\Windows\system32\2014-12-31-19-33-50.017-AvastVBoxSVC.exe-4144.log
2014-12-31 19:30 - 2014-12-31 19:30 - 00000247 _____ () C:\Windows\system32\2014-12-31-19-30-43.046-aswFe.exe-9116.log
2014-12-31 19:30 - 2014-12-31 19:30 - 00000197 _____ () C:\Windows\system32\2014-12-31-19-30-42.027-AvastVBoxSVC.exe-7748.log
2014-12-31 19:29 - 2014-12-31 19:29 - 02173952 _____ () C:\Users\joe\Downloads\AdwCleaner.exe
2014-12-31 19:29 - 2014-12-31 19:29 - 02173952 _____ () C:\Users\joe\Desktop\AdwCleaner.exe
2014-12-31 19:28 - 2014-12-31 19:28 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-31 19:28 - 2014-12-31 19:28 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-31 19:25 - 2014-12-31 19:25 - 00002230 _____ () C:\Users\joe\Downloads\fixlist.txt
2014-12-31 19:24 - 2014-12-31 19:24 - 02123264 _____ (Farbar) C:\Users\joe\Downloads\FRST64 (1).exe
2014-12-31 19:24 - 2014-12-31 19:24 - 02123264 _____ (Farbar) C:\Users\joe\Desktop\FRST64 (1).exe
2014-12-30 22:36 - 2014-12-30 22:36 - 00059687 _____ () C:\Users\joe\Downloads\Addition.txt
2014-12-30 22:35 - 2014-12-30 22:36 - 00064037 _____ () C:\Users\joe\Downloads\FRST.txt
2014-12-30 22:35 - 2014-12-30 22:35 - 02123264 _____ (Farbar) C:\Users\joe\Downloads\FRST64.exe
2014-12-30 22:29 - 2014-12-30 22:29 - 05604036 _____ (Swearware) C:\Users\joe\Downloads\ComboFix.exe
2014-12-30 22:29 - 2014-12-30 22:29 - 05604036 _____ (Swearware) C:\Users\joe\Desktop\ComboFix.exe
2014-12-30 16:40 - 2014-12-30 16:40 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-12-30 16:39 - 2014-12-30 16:39 - 00003080 _____ () C:\Windows\system32\.crusader
2014-12-30 16:34 - 2014-12-30 16:39 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-12-30 16:33 - 2014-12-30 16:34 - 11222744 _____ (SurfRight B.V.) C:\Users\joe\Downloads\HitmanPro_x64.exe
2014-12-30 16:33 - 2014-12-30 16:33 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-30 16:25 - 2014-12-31 19:31 - 00000000 ____D () C:\AdwCleaner
2014-12-30 16:25 - 2014-12-30 16:25 - 02173952 _____ () C:\Users\joe\Downloads\adwcleaner_4.106.exe
2014-12-30 15:28 - 2014-12-30 15:28 - 00003266 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-2566896282-1077780563-609952791-1001
2014-12-30 15:26 - 2014-12-30 15:26 - 00000000 ____D () C:\Users\joe\AppData\Roaming\AVAST Software
2014-12-30 15:20 - 2014-12-30 15:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-30 15:20 - 2014-12-30 15:20 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-30 15:20 - 2014-12-30 15:20 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-30 15:20 - 2014-12-30 15:20 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00001940 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-30 15:20 - 2014-12-30 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-30 15:19 - 2014-12-30 15:19 - 05006864 _____ (AVAST Software) C:\Users\joe\Downloads\avast_free_antivirus_setup_online.exe
2014-12-30 15:19 - 2014-12-30 15:19 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-29 23:16 - 2014-12-29 23:16 - 00120575 _____ () C:\Users\joe\Downloads\jarjar-1.4.jar
2014-12-29 23:11 - 2014-12-29 23:11 - 00124725 _____ () C:\Users\joe\Desktop\testing.jar
2014-12-29 22:39 - 2014-12-29 22:39 - 22826996 _____ () C:\Users\joe\Downloads\spigot-1.8-R0.1-SNAPSHOT (1).jar
2014-12-29 22:11 - 2014-12-29 22:11 - 20610577 _____ () C:\Users\joe\Downloads\spigot-1.7.10-SNAPSHOT-b1657.jar
2014-12-29 22:07 - 2014-12-29 22:07 - 19578647 _____ () C:\Users\joe\Downloads\spigot-1.6.4-R2.1-1138.jar
2014-12-29 16:32 - 2014-12-29 16:32 - 01862383 _____ () C:\Users\joe\Downloads\MassiveCore-2.7.5.zip
2014-12-29 16:20 - 2014-12-29 16:20 - 00296044 _____ () C:\Users\joe\Downloads\Vault.jar
2014-12-29 15:54 - 2014-12-29 15:55 - 22826996 _____ () C:\Users\joe\Downloads\spigot-1.8-R0.1-SNAPSHOT.jar
2014-12-29 15:50 - 2014-12-29 16:04 - 00000000 ____D () C:\Users\joe\Desktop\DaegonnersPlugins
2014-12-29 15:49 - 2014-12-29 15:50 - 00468788 _____ () C:\Users\joe\Desktop\DaegonnersPlugins.zip
2014-12-29 01:38 - 2014-12-30 01:40 - 00000000 ____D () C:\Program Files (x86)\uuNisales
2014-12-29 01:38 - 2014-12-30 01:40 - 00000000 ____D () C:\Program Files (x86)\unnISaaLes
2014-12-29 01:38 - 2014-12-29 01:38 - 00000000 ____D () C:\ProgramData\glblpgpkemjcgoomdngfhlojlkfmafog
2014-12-28 21:56 - 2014-12-28 21:56 - 00556538 _____ () C:\Users\joe\Downloads\latest.log
2014-12-27 22:05 - 2014-12-27 22:05 - 02667105 _____ () C:\Users\joe\Downloads\Hub (1).jar
2014-12-25 23:16 - 2014-12-25 23:18 - 00000000 ____D () C:\Users\joe\Documents\ShipSimExtremes Userdata
2014-12-25 23:16 - 2014-12-25 23:16 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Quest3D
2014-12-24 22:06 - 2014-12-24 22:06 - 00003608 _____ () C:\Users\joe\Downloads\Construction_Simulator_2015-CODEX.torrent
2014-12-24 21:20 - 2014-12-24 21:20 - 00000000 ____D () C:\Users\joe\Downloads\teamspeak3-server_win64-3.0.11.2
2014-12-24 21:19 - 2014-12-24 21:19 - 04523318 _____ () C:\Users\joe\Downloads\teamspeak3-server_win64-3.0.11.2.zip
2014-12-23 13:10 - 2014-12-23 13:10 - 00010095 _____ () C:\Users\joe\Downloads\zzzzzzzzzzzzzzXP,Economy and Police.scs
2014-12-23 13:07 - 2014-12-23 13:07 - 00005968 _____ () C:\Users\joe\Downloads\iniciocom99999999999999999euros_bymodsmj.rar
2014-12-23 13:02 - 2014-12-23 13:02 - 03853552 _____ () C:\Users\joe\Downloads\ets2mp_client (1).zip
2014-12-23 12:50 - 2014-12-23 12:52 - 00000000 ____D () C:\Users\joe\AppData\Local\Temporary Projects
2014-12-23 12:43 - 2014-12-23 12:43 - 00036864 _____ () C:\Users\joe\Downloads\DW spreadsheet.xls
2014-12-23 11:52 - 2014-12-23 11:52 - 00065024 _____ () C:\Users\joe\Downloads\Group & Dist. Exec. Directory -18.11.2014 (2).xls
2014-12-22 20:59 - 2014-12-22 20:59 - 00000000 ____D () C:\Users\joe\AppData\Local\Blizzard Entertainment
2014-12-22 20:58 - 2014-12-29 01:42 - 00000000 ____D () C:\Users\joe\AppData\Local\Battle.net
2014-12-22 20:58 - 2014-12-22 20:59 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Battle.net
2014-12-22 20:58 - 2014-12-22 20:58 - 00001156 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-12-22 20:58 - 2014-12-22 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-22 20:58 - 2014-12-22 20:58 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-12-22 20:58 - 2014-12-22 20:58 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-22 20:53 - 2014-12-22 20:53 - 00000000 ____D () C:\ProgramData\Battle.net
2014-12-22 20:52 - 2014-12-22 20:53 - 02868792 _____ (Blizzard Entertainment) C:\Users\joe\Downloads\Battle.net-Setup-enGB.exe
2014-12-21 05:01 - 2014-12-21 05:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-21 05:01 - 2014-12-21 05:01 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-20 16:37 - 2014-12-20 16:37 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Autodesk
2014-12-20 16:37 - 2014-12-20 16:37 - 00000000 ____D () C:\ProgramData\Autodesk
2014-12-20 16:22 - 2014-12-20 16:34 - 2467047156 _____ (Autodesk, Inc.) C:\Users\joe\Downloads\Autodesk_Revit_2015_English_Win_64bit_R2_dlm.sfx.exe
2014-12-20 16:20 - 2014-12-20 16:20 - 09642336 _____ () C:\Users\joe\Downloads\Autodesk_Revit_2015_English_Win_64bit_R2_wi_en-US_Setup (1).exe
2014-12-20 16:19 - 2014-12-20 16:19 - 09642336 _____ () C:\Users\joe\Downloads\Autodesk_Revit_2015_English_Win_64bit_R2_wi_en-US_Setup.exe
2014-12-19 19:21 - 2014-10-30 22:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-19 19:21 - 2014-10-30 22:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-19 03:37 - 2014-12-19 03:37 - 00852392 _____ () C:\Users\joe\Downloads\imm4833.pdf.bin
2014-12-18 23:16 - 2014-12-18 23:16 - 00937984 _____ () C:\Users\joe\Downloads\project.ppt
2014-12-18 21:58 - 2014-12-18 21:58 - 00008192 _____ () C:\Users\joe\Downloads\compass.csv
2014-12-18 21:52 - 2014-12-18 21:52 - 00137728 _____ () C:\Users\joe\Downloads\Compass-Youth-Data-Import-Template-Office-97-2003-version-12-Sept-2014.xls
2014-12-18 21:51 - 2014-12-18 21:51 - 00023219 _____ () C:\Users\joe\Downloads\compass-1.xlsx
2014-12-18 10:26 - 2014-12-18 10:26 - 00019392 _____ () C:\Users\joe\Downloads\Home_Alone_1_and_2_Pack_1080p_HD.torrent
2014-12-18 01:14 - 2014-12-18 01:14 - 00013336 _____ () C:\Users\joe\Desktop\excetesting.xlsx
2014-12-17 22:52 - 2014-12-17 23:00 - 00004784 _____ () C:\Users\joe\Desktop\testing.txt
2014-12-17 22:44 - 2014-12-17 22:44 - 00002011 _____ () C:\Users\Public\Desktop\NeuroSolutions 4.lnk
2014-12-17 22:44 - 2014-12-17 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeuroSolutions 4
2014-12-17 22:44 - 2014-12-17 22:44 - 00000000 ____D () C:\Program Files (x86)\NeuroSolutions 4
2014-12-17 22:44 - 2000-10-23 14:41 - 00069632 _____ () C:\Windows\SysWOW64\NeuroSolutionsOL.dll
2014-12-17 22:44 - 2000-05-22 01:00 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2014-12-17 22:44 - 2000-05-22 01:00 - 00209608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx
2014-12-17 22:44 - 2000-01-21 12:19 - 00040960 _____ () C:\Windows\SysWOW64\NSSYMBOL.DLL
2014-12-17 22:44 - 1999-10-15 13:50 - 01056768 _____ (Blue Sky Software Corporation.) C:\Windows\SysWOW64\Roboex32.dll
2014-12-17 22:44 - 1999-05-07 01:00 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Comdlg32.ocx
2014-12-17 22:44 - 1998-06-18 00:00 - 00089360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2014-12-17 22:44 - 1997-01-31 10:07 - 00048640 _____ (Blue Sky Software) C:\Windows\SysWOW64\inetwh32.dll
2014-12-17 22:40 - 2014-12-17 22:43 - 27108144 _____ (NeuroDimension, Inc. ) C:\Users\joe\Downloads\nsinstall_432 (1).exe
2014-12-17 15:32 - 2014-12-17 15:32 - 00000000 __SHD () C:\Users\joe\AppData\Local\EmieBrowserModeList
2014-12-17 14:20 - 2014-12-17 14:20 - 00236289 _____ () C:\Users\joe\Downloads\basic.ics
2014-12-16 12:27 - 2014-12-16 12:27 - 00000000 ____D () C:\Users\joe\AppData\Local\NeuroSolutions
2014-12-15 21:57 - 2014-12-15 21:57 - 03024587 _____ () C:\Users\joe\Downloads\BuildTools (2).jar
2014-12-15 21:57 - 2014-12-15 21:57 - 03024587 _____ () C:\Users\joe\Downloads\BuildTools (1).jar
2014-12-15 19:45 - 2014-12-15 19:40 - 00174112 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2014-12-14 16:50 - 2014-12-14 16:51 - 370481677 _____ () C:\Users\joe\Downloads\jmonkeyplatform-windows-x64.exe
2014-12-14 00:18 - 2014-12-14 00:18 - 00000000 ____D () C:\Users\joe\Downloads\BanManager
2014-12-14 00:17 - 2014-12-14 00:17 - 00473291 _____ () C:\Users\joe\Downloads\BanManager.zip
2014-12-13 18:07 - 2014-12-13 18:07 - 01287944 _____ (Mojang) C:\Users\joe\Downloads\Minecraft (1).exe
2014-12-13 18:07 - 2014-12-13 18:07 - 00000000 ____D () C:\Users\joe\Desktop\New folder
2014-12-13 17:01 - 2014-12-13 17:01 - 00045112 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-12-12 21:55 - 2014-12-12 21:55 - 01534736 _____ () C:\Users\joe\Downloads\battlelog-web-plugins_2.6.2_154.exe
2014-12-11 21:53 - 2014-12-11 21:53 - 00003907 _____ () C:\Users\joe\Desktop\tweets.json
2014-12-09 21:20 - 2014-11-10 02:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-09 21:20 - 2014-11-10 01:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-09 21:20 - 2014-10-30 23:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-09 21:20 - 2014-10-30 23:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-09 21:11 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 21:11 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 21:11 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 21:11 - 2014-11-22 02:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-09 21:11 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 21:11 - 2014-11-22 02:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-09 21:11 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 21:11 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 21:11 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 21:11 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 21:11 - 2014-11-22 02:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-09 21:11 - 2014-11-22 02:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-09 21:11 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 21:11 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 21:11 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 21:11 - 2014-11-22 01:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-09 21:11 - 2014-11-22 01:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-09 21:11 - 2014-11-22 01:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-09 21:11 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 21:11 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 21:11 - 2014-11-22 01:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 21:11 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 21:11 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 21:11 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 21:11 - 2014-11-22 01:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-09 21:11 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 21:11 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 21:11 - 2014-11-22 01:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-09 21:11 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 21:11 - 2014-11-22 01:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-09 21:11 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 21:11 - 2014-11-22 01:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 21:11 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 21:11 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 21:11 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 21:11 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 21:11 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 21:11 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 21:11 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 21:11 - 2014-11-07 04:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 21:11 - 2014-11-07 03:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 21:11 - 2014-10-31 23:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-09 21:11 - 2014-10-31 23:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-09 21:11 - 2014-10-13 02:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-12-09 21:11 - 2014-10-13 02:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-12-09 21:11 - 2014-10-13 02:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-12-09 21:11 - 2014-10-13 02:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-12-09 14:13 - 2014-12-09 14:13 - 03763514 _____ () C:\Users\joe\Downloads\ets2mp_client.zip
2014-12-08 16:47 - 2014-12-08 16:47 - 02810360 _____ () C:\Users\joe\Downloads\OneScreenOfBurgersWindows.zip
2014-12-08 16:47 - 2014-12-08 16:47 - 00419677 _____ () C:\Users\joe\Downloads\OneScreenOfBurgersSource.zip
2014-12-07 21:57 - 2014-12-07 21:57 - 00084917 _____ () C:\Users\joe\Downloads\bluescreenview-x64.zip
2014-12-07 21:24 - 2014-12-07 21:24 - 00009141 _____ () C:\Users\joe\Downloads\NoPvpLog.jar
2014-12-07 21:20 - 2014-12-07 21:20 - 11241080 _____ () C:\Users\joe\Downloads\join.me.exe
2014-12-07 21:00 - 2014-12-07 21:00 - 00152944 _____ () C:\Users\joe\Downloads\SilkSpawners.jar
2014-12-07 20:48 - 2014-12-07 20:48 - 00006316 _____ () C:\Users\joe\Downloads\spawnjoin.jar
2014-12-07 19:40 - 2014-12-07 19:40 - 00088477 _____ () C:\Users\joe\Downloads\CommandSigns.jar
2014-12-07 00:37 - 2014-12-07 00:37 - 00337004 _____ () C:\Users\joe\Downloads\Vault-1.4.1 (1).jar
2014-12-07 00:35 - 2014-12-07 00:35 - 00265122 _____ () C:\Users\joe\Downloads\askyblock.jar
2014-12-07 00:32 - 2014-12-07 00:32 - 01647028 _____ () C:\Users\joe\Downloads\Multiverse-Core-2.5 (1).jar
2014-12-07 00:29 - 2014-12-07 00:29 - 00003948 _____ () C:\Users\joe\Downloads\VoidWorld.jar
2014-12-06 23:56 - 2014-12-06 23:56 - 00005166 _____ () C:\Users\joe\Downloads\SW8PTower.schematic
2014-12-06 20:44 - 2014-12-06 20:44 - 00321700 _____ () C:\Users\joe\Downloads\MinigamesLib-1.11.0.jar
2014-12-06 20:44 - 2014-12-06 20:44 - 00023123 _____ () C:\Users\joe\Downloads\MGSkyWars.jar
2014-12-06 19:24 - 2014-12-06 19:24 - 00004775 _____ () C:\Users\joe\Downloads\fix-worldedit-cui-1.0.jar
2014-12-06 02:26 - 2014-12-06 02:26 - 00000000 ____D () C:\Users\joe\AppData\Roaming\java
2014-12-06 02:05 - 2014-12-06 02:05 - 00285808 _____ () C:\Windows\Minidump\120614-9968-01.dmp
2014-12-05 23:11 - 2014-12-05 23:11 - 00682854 _____ () C:\Users\joe\Desktop\Object Orientated Systems Coursework.zip
2014-12-05 19:49 - 2014-12-05 19:49 - 00000000 ___SD () C:\Users\joe\Documents\My Shapes
2014-12-05 15:48 - 2014-12-05 15:49 - 44833376 _____ (Skype Technologies S.A.) C:\Users\joe\Downloads\SkypeSetupFull.exe
2014-12-05 15:23 - 2014-12-05 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-12-05 15:21 - 2014-12-05 15:22 - 177856928 _____ (Oracle Corporation) C:\Users\joe\Downloads\jdk-8u25-windows-x64.exe
2014-12-05 15:18 - 2014-12-05 15:18 - 04697748 _____ () C:\Users\joe\Downloads\blerg (1).jar
2014-12-05 15:12 - 2014-12-05 15:13 - 92658088 _____ (Oracle Corporation) C:\Users\joe\Downloads\jre-8u25-windows-x64.exe
2014-12-05 15:09 - 2014-12-05 15:09 - 04697748 _____ () C:\Users\joe\Downloads\blerg.jar
2014-12-05 14:08 - 2014-12-05 14:15 - 961208085 _____ () C:\Users\joe\Downloads\agitarOne-windows-64.zip
2014-12-05 14:00 - 2014-12-05 14:00 - 00000000 ____D () C:\Users\joe\Downloads\apache-tomcat-8.0.15
2014-12-05 13:59 - 2014-12-05 13:59 - 09801252 _____ () C:\Users\joe\Downloads\apache-tomcat-8.0.15.zip
2014-12-05 13:58 - 2014-12-05 13:58 - 04803703 _____ () C:\Users\joe\Downloads\demo.zip
2014-12-05 01:18 - 2014-12-05 01:18 - 00009169 _____ () C:\Users\joe\Desktop\Book1.xlsx
2014-12-04 21:46 - 2014-12-04 21:46 - 18242102 _____ () C:\Users\joe\Downloads\totalbeginnerlesson04.zip
2014-12-04 21:33 - 2014-12-04 21:33 - 09624329 _____ () C:\Users\joe\Downloads\Assignment.zip
2014-12-04 21:33 - 2014-12-04 21:33 - 00000000 ____D () C:\Users\joe\Downloads\Assignment
2014-12-04 16:19 - 2014-12-04 16:19 - 05112776 _____ () C:\Users\joe\Downloads\Java-Assignment-master (2).zip
2014-12-04 02:32 - 2014-12-04 02:32 - 00002879 _____ () C:\Users\joe\Downloads\FullHunger.jar
2014-12-04 02:20 - 2014-12-04 02:20 - 00046813 _____ () C:\Users\joe\Downloads\HubEssentials (1).jar
2014-12-03 13:19 - 2014-12-04 21:33 - 13589871 _____ () C:\SentiWordNet_3.0.0.txt
2014-12-03 13:19 - 2014-12-04 21:33 - 00003907 _____ () C:\tweets.txt
2014-12-03 13:07 - 2014-12-03 13:07 - 00000000 ____D () C:\Users\joe\Downloads\Java-Assignment-master (1)
2014-12-02 22:10 - 2014-12-02 22:11 - 05322187 _____ () C:\Users\joe\Downloads\Java-Assignment-master (1).zip
2014-12-02 19:29 - 2014-12-02 19:30 - 19503909 _____ () C:\Users\joe\Downloads\spigot1658.jar
2014-12-02 01:54 - 2014-12-02 01:54 - 00305351 _____ () C:\Users\joe\Downloads\ServerListPlusUniversal-3.3.2.jar
2014-12-02 01:43 - 2014-12-02 01:43 - 00002014 _____ () C:\Users\joe\Downloads\SWN3.java
2014-12-02 01:23 - 2014-12-02 01:23 - 00453530 _____ () C:\Users\joe\Downloads\SkyWars.jar
2014-12-02 00:47 - 2014-12-02 00:47 - 00778914 _____ () C:\Users\joe\Downloads\NoCheatPlus.jar
2014-12-02 00:37 - 2014-12-02 00:37 - 00498159 _____ () C:\Users\joe\Downloads\BungeeAdminTools-1.2.8.jar
2014-12-02 00:16 - 2014-12-02 00:16 - 00276898 _____ () C:\Users\joe\Downloads\EnjinMinecraftPlugin (1).jar
2014-12-01 23:53 - 2014-12-01 23:58 - 00000000 ____D () C:\Users\joe\AppData\Local\paint.net
2014-12-01 23:53 - 2014-12-01 23:53 - 00001160 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-12-01 23:53 - 2014-12-01 23:53 - 00000000 ____D () C:\Program Files\paint.net
2014-12-01 23:48 - 2014-12-01 23:48 - 06529561 _____ () C:\Users\joe\Downloads\paint.net.4.0.4.install.zip
2014-12-01 01:39 - 2014-12-01 01:39 - 00318834 _____ () C:\Users\joe\Downloads\Factions (2).jar
2014-12-01 01:38 - 2014-12-01 01:38 - 01344243 _____ () C:\Users\joe\Downloads\MassiveCore (1).jar
2014-12-01 01:36 - 2014-12-01 01:36 - 00318909 _____ () C:\Users\joe\Downloads\Factions (1).jar
2014-12-01 01:16 - 2014-12-01 01:16 - 01344767 _____ () C:\Users\joe\Downloads\MassiveCore.jar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-31 19:40 - 2014-09-21 08:24 - 00000000 ____D () C:\FRST
2014-12-31 19:38 - 2014-03-15 17:48 - 00955428 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-31 19:37 - 2014-03-31 18:54 - 00000000 ____D () C:\Users\joe\AppData\Local\TGitCache
2014-12-31 19:34 - 2014-03-15 17:42 - 01854385 _____ () C:\Windows\WindowsUpdate.log
2014-12-31 19:33 - 2014-03-15 17:50 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Skype
2014-12-31 19:32 - 2014-11-17 21:07 - 00000000 ____D () C:\Users\joe\AppData\Local\LogMeIn Hamachi
2014-12-31 19:32 - 2014-11-10 19:55 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-31 19:32 - 2014-09-21 23:04 - 00004954 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JoePC-joe JoePC
2014-12-31 19:32 - 2014-03-15 22:15 - 00000000 ___RD () C:\Users\joe\Dropbox
2014-12-31 19:32 - 2014-03-15 22:14 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Dropbox
2014-12-31 19:32 - 2014-03-15 18:03 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-31 19:31 - 2014-05-21 20:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-31 19:31 - 2014-03-15 17:47 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-31 19:31 - 2014-03-15 17:41 - 00269800 _____ () C:\Windows\PFRO.log
2014-12-31 19:31 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-31 19:27 - 2014-11-10 19:55 - 00000000 ____D () C:\ProgramData\Origin
2014-12-31 19:26 - 2014-09-15 21:17 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-31 19:25 - 2013-08-22 15:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-31 19:08 - 2014-03-15 17:47 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-31 19:04 - 2014-03-15 19:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-31 19:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-31 18:48 - 2014-03-25 21:27 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001UA.job
2014-12-31 16:06 - 2014-03-15 17:46 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5BB247E6-8C32-4749-BD87-1FB5D1E278E5}
2014-12-31 01:35 - 2014-03-15 22:59 - 00000000 ____D () C:\Users\joe\AppData\Roaming\.minecraft
2014-12-30 22:42 - 2014-03-16 12:11 - 00000600 _____ () C:\Users\joe\AppData\Local\PUTTY.RND
2014-12-30 16:50 - 2014-03-15 17:50 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2566896282-1077780563-609952791-1001
2014-12-30 16:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\vpnplugins
2014-12-30 16:39 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-30 16:33 - 2014-05-21 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-30 16:33 - 2014-05-21 20:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-30 16:30 - 2014-03-15 22:42 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-12-30 16:30 - 2013-08-22 14:44 - 00505568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-30 15:19 - 2014-10-02 12:07 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-29 23:11 - 2014-07-01 21:48 - 00000000 ____D () C:\Users\joe\Desktop\jd-gui-0.3.6.windows (1)
2014-12-29 23:09 - 2014-03-25 15:54 - 00000000 ____D () C:\Users\joe\workspace
2014-12-29 22:41 - 2014-03-27 23:19 - 00000000 ____D () C:\Users\joe\AppData\Local\Eclipse
2014-12-29 22:40 - 2014-05-27 16:13 - 00000000 ____D () C:\Users\joe\Desktop\Email test server
2014-12-29 01:46 - 2014-11-17 20:35 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Azureus
2014-12-28 10:48 - 2014-03-25 21:27 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001Core.job
2014-12-26 20:56 - 2014-04-26 17:52 - 00096811 _____ () C:\Windows\DirectX.log
2014-12-26 00:45 - 2014-03-15 18:19 - 00000000 ____D () C:\Users\joe\AppData\Roaming\FileZilla
2014-12-25 20:19 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-24 22:27 - 2014-03-15 18:00 - 00000000 ____D () C:\Users\joe\AppData\Roaming\TS3Client
2014-12-24 21:20 - 2014-09-21 23:15 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-12-23 13:33 - 2014-03-15 19:04 - 00000000 ____D () C:\Users\joe\Documents\Euro Truck Simulator 2
2014-12-23 13:08 - 2014-09-28 18:53 - 00000000 ____D () C:\Users\joe\Documents\ETS2MP
2014-12-23 13:08 - 2014-05-05 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer
2014-12-23 13:08 - 2014-05-05 13:04 - 00000000 ____D () C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer
2014-12-23 12:52 - 2014-03-15 19:00 - 00000000 ____D () C:\Users\joe\Documents\Visual Studio 2012
2014-12-23 12:48 - 2014-03-15 17:44 - 00000000 ____D () C:\Users\joe\AppData\Local\Packages
2014-12-23 09:56 - 2014-03-15 17:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-22 21:00 - 2014-03-15 18:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-12-22 00:03 - 2014-03-16 19:14 - 00000000 ____D () C:\Users\joe\AppData\Local\join.me
2014-12-21 21:31 - 2014-04-02 16:43 - 00002240 ____H () C:\Users\joe\Documents\Default.rdp
2014-12-20 21:54 - 2014-09-30 14:59 - 00000000 ____D () C:\Users\joe\.VirtualBox
2014-12-20 12:21 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-17 22:47 - 2014-03-15 17:44 - 00000000 ____D () C:\Users\joe\AppData\Local\VirtualStore
2014-12-17 22:44 - 2014-03-15 17:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-15 05:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
2014-12-14 18:40 - 2014-10-11 12:13 - 00000000 ____D () C:\Users\joe\AppData\Roaming\TeamViewer
2014-12-13 09:39 - 2014-03-15 22:14 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-13 09:37 - 2014-03-15 17:44 - 00000000 ____D () C:\Users\joe
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 22:00 - 2014-11-10 22:23 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-12-12 21:57 - 2014-11-10 22:23 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-12-12 21:55 - 2014-11-10 22:24 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-10 04:07 - 2014-03-15 19:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 04:06 - 2014-03-15 19:48 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 18:04 - 2014-03-15 19:31 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-07 21:57 - 2014-03-15 19:02 - 00000000 ____D () C:\Users\joe\Documents\Visual Studio 2010
2014-12-06 14:39 - 2014-03-15 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-12-06 14:39 - 2014-03-15 18:18 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-12-06 02:05 - 2014-06-08 21:27 - 00000000 ____D () C:\Windows\Minidump
2014-12-05 23:31 - 2014-11-11 21:25 - 00000000 ____D () C:\Users\joe\Desktop\Java Assignment
2014-12-05 19:48 - 2014-04-24 13:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-05 19:48 - 2014-03-15 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-12-05 19:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-05 15:49 - 2014-03-15 17:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-05 15:49 - 2014-03-15 17:50 - 00000000 ____D () C:\ProgramData\Skype
2014-12-05 15:28 - 2014-05-30 11:19 - 00000544 _____ () C:\Users\joe\Desktop\jd-gui.cfg
2014-12-05 15:23 - 2014-09-22 15:44 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-12-05 15:23 - 2014-03-15 17:50 - 00000000 ____D () C:\Program Files\Java
2014-12-05 15:13 - 2014-09-14 17:45 - 00000000 ____D () C:\ProgramData\Oracle

Some content of TEMP:
====================
C:\Users\joe\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqpyuo0.dll
C:\Users\joe\AppData\Local\Temp\Quarantine.exe
C:\Users\joe\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-27 11:25

==================== End Of Log ============================

Junkware Removal Tool log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 Pro x64
Ran by joe on 31/12/2014 at 19:34:17.69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31/12/2014 at 19:39:50.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
Adwarecleaner Log
 
# AdwCleaner v4.106 - Report created 31/12/2014 at 19:31:10
# Updated 21/12/2014 by Xplode
# Database : 2014-12-30.1 [Live]
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : joe - JOEPC
# Running from : C:\Users\joe\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\Description

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v37.0.2062.120

[C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://search.conduit.com/?ctid=CT3325593&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPB6BB37BB-B7B6-4F57-8EE2-EC0101262888&SSPV=
[C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://search.conduit.com/?ctid=CT3325593&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPB6BB37BB-B7B6-4F57-8EE2-EC0101262888&SSPV=
[C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://start.mysearchdial.com/?f=1&a=aw0202ch&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0AtC0FyDyD0F0FyB0E0DtN0D0Tzu0SyBzzyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1008115529&ir=
[C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOyg7Rm9iQKjCfyGSPIpBGIT39YpXqH0t6-ozMIQbiI0CtgL5PkS11lcGdmIG4XYhylwfqc3-l3EOtdZV2oJuba-YefxfItWNsmpnFGXjI5woagJS8Q2jxyTZVNEZFVd7hyFWv5P_CCd-A,,
[C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://websearch.searchandfly.info/?pid=3844&r=2014/09/15&hid=3511734733119075858&lg=EN&cc=GB&unqvl=62

-\\ Comodo Dragon v


*************************

AdwCleaner[R2].txt - [4678 octets] - [30/12/2014 16:25:53]
AdwCleaner[R3].txt - [4738 octets] - [30/12/2014 16:27:35]
AdwCleaner[R4].txt - [2242 octets] - [31/12/2014 19:29:59]
AdwCleaner[S2].txt - [4863 octets] - [30/12/2014 16:29:30]
AdwCleaner[S3].txt - [2171 octets] - [31/12/2014 19:31:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2231 octets] ##########

FRST fixlog

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by joe (administrator) on JOEPC on 31-12-2014 19:40:51
Running from C:\Users\joe\Desktop
Loaded Profile: joe (Available profiles: joe)
Platform: Windows 8.1 Pro (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe
() C:\Program Files (x86)\Oculus\Service\OVRServer_x64.exe
() C:\Windows\System32\PnkBstrA.exe
(Spiceworks, Inc.) C:\Program Files (x86)\Spiceworks\bin\spiceworks.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Apache Software Foundation) C:\Program Files (x86)\Spiceworks\httpd\bin\spiceworks-httpd.exe
(Apache Software Foundation) C:\Program Files (x86)\Spiceworks\httpd\bin\spiceworks-httpd.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Oculus VR, LLC) C:\Program Files (x86)\Oculus\Tools\OculusConfigUtil.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Users\joe\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(http://tortoisegit.org/) C:\Program Files\TortoiseGit\bin\TGitCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\joe\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-27] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585048 2014-04-17] (Razer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-30] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872160 2014-12-03] (Skype Technologies S.A.)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1941696 2014-12-19] (Valve Corporation)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-23] (Electronic Arts)
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\MountPoints2: {2a78f0b1-ac71-11e3-824f-94de8078bb23} - "G:\SETUP.EXE" 
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\MountPoints2: {2a78f7f3-ac71-11e3-824f-94de8078bb23} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL H:\setup.hta
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OculusConfigUtil.lnk
ShortcutTarget: OculusConfigUtil.lnk -> C:\Program Files (x86)\Oculus\Tools\OculusConfigUtil.exe (Oculus VR, LLC)
Startup: C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\joe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/en-gb/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\joe\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @talk.google.com/O1DPlugin -> C:\Users\joe\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @tools.google.com/Google Update;version=3 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @tools.google.com/Google Update;version=9 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\joe\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\joe\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\joe\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-30]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-03-15]
CHR Extension: (Google Docs) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-15]
CHR Extension: (Docs Offline Background Page) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-15]
CHR Extension: (YouTube) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-15]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-08-20]
CHR Extension: (Adblock Plus) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-15]
CHR Extension: (Google Search) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-15]
CHR Extension: (ZenMate) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-06-16]
CHR Extension: (AdBlock) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-15]
CHR Extension: (Avast Online Security) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-30]
CHR Extension: (Mibbit webchat) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbadbkkklnhamjjeagmknajgmbgcmnpi [2014-03-15]
CHR Extension: (Poppit!) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-03-15]
CHR Extension: (Google Wallet) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-15]
CHR Extension: (Hover Zoom+) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2014-12-06]
CHR Extension: (Gmail) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-15]
CHR Extension: (uuNisales) - C:\ProgramData\glblpgpkemjcgoomdngfhlojlkfmafog\ [2014-03-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-30]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-30] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-30] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-12-15] (EasyAntiCheat Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-23] (Electronic Arts)
R2 OVRService; C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe [230416 2014-10-23] () [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-17] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-11-10] ()
R2 spiceworks; C:\Program Files (x86)\Spiceworks\bin\spiceworks.exe [47424 2014-06-14] (Spiceworks, Inc.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S3 wampapache; c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe [18432 2012-05-13] (Apache Software Foundation) [File not signed]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [8177664 2012-04-19] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-30] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-15] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2014-12-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2012-05-03] (CACE Technologies, Inc.)
S3 OCUSBVID; C:\Windows\system32\DRIVERS\OCUSBVID.sys [47560 2014-10-23] (Oculus VR, LLC)
R1 RiftEnabler; C:\Windows\system32\DRIVERS\RiftEnabler.sys [53704 2014-10-23] (Oculus VR, LLC)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-30] (Avast Software)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-31 19:40 - 2014-12-31 19:41 - 00026953 _____ () C:\Users\joe\Desktop\FRST.txt
2014-12-31 19:39 - 2014-12-31 19:40 - 00000616 _____ () C:\Users\joe\Desktop\JRT.txt
2014-12-31 19:35 - 2014-12-31 19:35 - 00000247 _____ () C:\Windows\system32\2014-12-31-19-35-38.013-aswFe.exe-9336.log
2014-12-31 19:34 - 2014-12-31 19:34 - 00000000 ____D () C:\Windows\ERUNT
2014-12-31 19:33 - 2014-12-31 19:35 - 00000247 _____ () C:\Windows\system32\2014-12-31-19-33-51.031-aswFe.exe-4088.log
2014-12-31 19:33 - 2014-12-31 19:33 - 01707939 _____ (Thisisu) C:\Users\joe\Downloads\JRT.exe
2014-12-31 19:33 - 2014-12-31 19:33 - 01707939 _____ (Thisisu) C:\Users\joe\Desktop\JRT.exe
2014-12-31 19:33 - 2014-12-31 19:33 - 00002315 _____ () C:\Users\joe\Desktop\AdwCleaner[S3].txt
2014-12-31 19:33 - 2014-12-31 19:33 - 00000197 _____ () C:\Windows\system32\2014-12-31-19-33-50.017-AvastVBoxSVC.exe-4144.log
2014-12-31 19:30 - 2014-12-31 19:30 - 00000247 _____ () C:\Windows\system32\2014-12-31-19-30-43.046-aswFe.exe-9116.log
2014-12-31 19:30 - 2014-12-31 19:30 - 00000197 _____ () C:\Windows\system32\2014-12-31-19-30-42.027-AvastVBoxSVC.exe-7748.log
2014-12-31 19:29 - 2014-12-31 19:29 - 02173952 _____ () C:\Users\joe\Downloads\AdwCleaner.exe
2014-12-31 19:29 - 2014-12-31 19:29 - 02173952 _____ () C:\Users\joe\Desktop\AdwCleaner.exe
2014-12-31 19:28 - 2014-12-31 19:28 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-31 19:28 - 2014-12-31 19:28 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-31 19:25 - 2014-12-31 19:25 - 00002230 _____ () C:\Users\joe\Downloads\fixlist.txt
2014-12-31 19:24 - 2014-12-31 19:24 - 02123264 _____ (Farbar) C:\Users\joe\Downloads\FRST64 (1).exe
2014-12-31 19:24 - 2014-12-31 19:24 - 02123264 _____ (Farbar) C:\Users\joe\Desktop\FRST64 (1).exe
2014-12-30 22:36 - 2014-12-30 22:36 - 00059687 _____ () C:\Users\joe\Downloads\Addition.txt
2014-12-30 22:35 - 2014-12-30 22:36 - 00064037 _____ () C:\Users\joe\Downloads\FRST.txt
2014-12-30 22:35 - 2014-12-30 22:35 - 02123264 _____ (Farbar) C:\Users\joe\Downloads\FRST64.exe
2014-12-30 22:29 - 2014-12-30 22:29 - 05604036 _____ (Swearware) C:\Users\joe\Downloads\ComboFix.exe
2014-12-30 22:29 - 2014-12-30 22:29 - 05604036 _____ (Swearware) C:\Users\joe\Desktop\ComboFix.exe
2014-12-30 16:40 - 2014-12-30 16:40 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-12-30 16:39 - 2014-12-30 16:39 - 00003080 _____ () C:\Windows\system32\.crusader
2014-12-30 16:34 - 2014-12-30 16:39 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-12-30 16:33 - 2014-12-30 16:34 - 11222744 _____ (SurfRight B.V.) C:\Users\joe\Downloads\HitmanPro_x64.exe
2014-12-30 16:33 - 2014-12-30 16:33 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-30 16:25 - 2014-12-31 19:31 - 00000000 ____D () C:\AdwCleaner
2014-12-30 16:25 - 2014-12-30 16:25 - 02173952 _____ () C:\Users\joe\Downloads\adwcleaner_4.106.exe
2014-12-30 15:28 - 2014-12-30 15:28 - 00003266 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-2566896282-1077780563-609952791-1001
2014-12-30 15:26 - 2014-12-30 15:26 - 00000000 ____D () C:\Users\joe\AppData\Roaming\AVAST Software
2014-12-30 15:20 - 2014-12-30 15:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-30 15:20 - 2014-12-30 15:20 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-30 15:20 - 2014-12-30 15:20 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-30 15:20 - 2014-12-30 15:20 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-30 15:20 - 2014-12-30 15:20 - 00001940 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-30 15:20 - 2014-12-30 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-30 15:19 - 2014-12-30 15:19 - 05006864 _____ (AVAST Software) C:\Users\joe\Downloads\avast_free_antivirus_setup_online.exe
2014-12-30 15:19 - 2014-12-30 15:19 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-29 23:16 - 2014-12-29 23:16 - 00120575 _____ () C:\Users\joe\Downloads\jarjar-1.4.jar
2014-12-29 23:11 - 2014-12-29 23:11 - 00124725 _____ () C:\Users\joe\Desktop\testing.jar
2014-12-29 22:39 - 2014-12-29 22:39 - 22826996 _____ () C:\Users\joe\Downloads\spigot-1.8-R0.1-SNAPSHOT (1).jar
2014-12-29 22:11 - 2014-12-29 22:11 - 20610577 _____ () C:\Users\joe\Downloads\spigot-1.7.10-SNAPSHOT-b1657.jar
2014-12-29 22:07 - 2014-12-29 22:07 - 19578647 _____ () C:\Users\joe\Downloads\spigot-1.6.4-R2.1-1138.jar
2014-12-29 16:32 - 2014-12-29 16:32 - 01862383 _____ () C:\Users\joe\Downloads\MassiveCore-2.7.5.zip
2014-12-29 16:20 - 2014-12-29 16:20 - 00296044 _____ () C:\Users\joe\Downloads\Vault.jar
2014-12-29 15:54 - 2014-12-29 15:55 - 22826996 _____ () C:\Users\joe\Downloads\spigot-1.8-R0.1-SNAPSHOT.jar
2014-12-29 15:50 - 2014-12-29 16:04 - 00000000 ____D () C:\Users\joe\Desktop\DaegonnersPlugins
2014-12-29 15:49 - 2014-12-29 15:50 - 00468788 _____ () C:\Users\joe\Desktop\DaegonnersPlugins.zip
2014-12-29 01:38 - 2014-12-30 01:40 - 00000000 ____D () C:\Program Files (x86)\uuNisales
2014-12-29 01:38 - 2014-12-30 01:40 - 00000000 ____D () C:\Program Files (x86)\unnISaaLes
2014-12-29 01:38 - 2014-12-29 01:38 - 00000000 ____D () C:\ProgramData\glblpgpkemjcgoomdngfhlojlkfmafog
2014-12-28 21:56 - 2014-12-28 21:56 - 00556538 _____ () C:\Users\joe\Downloads\latest.log
2014-12-27 22:05 - 2014-12-27 22:05 - 02667105 _____ () C:\Users\joe\Downloads\Hub (1).jar
2014-12-25 23:16 - 2014-12-25 23:18 - 00000000 ____D () C:\Users\joe\Documents\ShipSimExtremes Userdata
2014-12-25 23:16 - 2014-12-25 23:16 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Quest3D
2014-12-24 22:06 - 2014-12-24 22:06 - 00003608 _____ () C:\Users\joe\Downloads\Construction_Simulator_2015-CODEX.torrent
2014-12-24 21:20 - 2014-12-24 21:20 - 00000000 ____D () C:\Users\joe\Downloads\teamspeak3-server_win64-3.0.11.2
2014-12-24 21:19 - 2014-12-24 21:19 - 04523318 _____ () C:\Users\joe\Downloads\teamspeak3-server_win64-3.0.11.2.zip
2014-12-23 13:10 - 2014-12-23 13:10 - 00010095 _____ () C:\Users\joe\Downloads\zzzzzzzzzzzzzzXP,Economy and Police.scs
2014-12-23 13:07 - 2014-12-23 13:07 - 00005968 _____ () C:\Users\joe\Downloads\iniciocom99999999999999999euros_bymodsmj.rar
2014-12-23 13:02 - 2014-12-23 13:02 - 03853552 _____ () C:\Users\joe\Downloads\ets2mp_client (1).zip
2014-12-23 12:50 - 2014-12-23 12:52 - 00000000 ____D () C:\Users\joe\AppData\Local\Temporary Projects
2014-12-23 12:43 - 2014-12-23 12:43 - 00036864 _____ () C:\Users\joe\Downloads\DW spreadsheet.xls
2014-12-23 11:52 - 2014-12-23 11:52 - 00065024 _____ () C:\Users\joe\Downloads\Group & Dist. Exec. Directory -18.11.2014 (2).xls
2014-12-22 20:59 - 2014-12-22 20:59 - 00000000 ____D () C:\Users\joe\AppData\Local\Blizzard Entertainment
2014-12-22 20:58 - 2014-12-29 01:42 - 00000000 ____D () C:\Users\joe\AppData\Local\Battle.net
2014-12-22 20:58 - 2014-12-22 20:59 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Battle.net
2014-12-22 20:58 - 2014-12-22 20:58 - 00001156 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-12-22 20:58 - 2014-12-22 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-22 20:58 - 2014-12-22 20:58 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-12-22 20:58 - 2014-12-22 20:58 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-22 20:53 - 2014-12-22 20:53 - 00000000 ____D () C:\ProgramData\Battle.net
2014-12-22 20:52 - 2014-12-22 20:53 - 02868792 _____ (Blizzard Entertainment) C:\Users\joe\Downloads\Battle.net-Setup-enGB.exe
2014-12-21 05:01 - 2014-12-21 05:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-21 05:01 - 2014-12-21 05:01 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-20 16:37 - 2014-12-20 16:37 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Autodesk
2014-12-20 16:37 - 2014-12-20 16:37 - 00000000 ____D () C:\ProgramData\Autodesk
2014-12-20 16:22 - 2014-12-20 16:34 - 2467047156 _____ (Autodesk, Inc.) C:\Users\joe\Downloads\Autodesk_Revit_2015_English_Win_64bit_R2_dlm.sfx.exe
2014-12-20 16:20 - 2014-12-20 16:20 - 09642336 _____ () C:\Users\joe\Downloads\Autodesk_Revit_2015_English_Win_64bit_R2_wi_en-US_Setup (1).exe
2014-12-20 16:19 - 2014-12-20 16:19 - 09642336 _____ () C:\Users\joe\Downloads\Autodesk_Revit_2015_English_Win_64bit_R2_wi_en-US_Setup.exe
2014-12-19 19:21 - 2014-10-30 22:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-19 19:21 - 2014-10-30 22:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-19 03:37 - 2014-12-19 03:37 - 00852392 _____ () C:\Users\joe\Downloads\imm4833.pdf.bin
2014-12-18 23:16 - 2014-12-18 23:16 - 00937984 _____ () C:\Users\joe\Downloads\project.ppt
2014-12-18 21:58 - 2014-12-18 21:58 - 00008192 _____ () C:\Users\joe\Downloads\compass.csv
2014-12-18 21:52 - 2014-12-18 21:52 - 00137728 _____ () C:\Users\joe\Downloads\Compass-Youth-Data-Import-Template-Office-97-2003-version-12-Sept-2014.xls
2014-12-18 21:51 - 2014-12-18 21:51 - 00023219 _____ () C:\Users\joe\Downloads\compass-1.xlsx
2014-12-18 10:26 - 2014-12-18 10:26 - 00019392 _____ () C:\Users\joe\Downloads\Home_Alone_1_and_2_Pack_1080p_HD.torrent
2014-12-18 01:14 - 2014-12-18 01:14 - 00013336 _____ () C:\Users\joe\Desktop\excetesting.xlsx
2014-12-17 22:52 - 2014-12-17 23:00 - 00004784 _____ () C:\Users\joe\Desktop\testing.txt
2014-12-17 22:44 - 2014-12-17 22:44 - 00002011 _____ () C:\Users\Public\Desktop\NeuroSolutions 4.lnk
2014-12-17 22:44 - 2014-12-17 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeuroSolutions 4
2014-12-17 22:44 - 2014-12-17 22:44 - 00000000 ____D () C:\Program Files (x86)\NeuroSolutions 4
2014-12-17 22:44 - 2000-10-23 14:41 - 00069632 _____ () C:\Windows\SysWOW64\NeuroSolutionsOL.dll
2014-12-17 22:44 - 2000-05-22 01:00 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2014-12-17 22:44 - 2000-05-22 01:00 - 00209608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx
2014-12-17 22:44 - 2000-01-21 12:19 - 00040960 _____ () C:\Windows\SysWOW64\NSSYMBOL.DLL
2014-12-17 22:44 - 1999-10-15 13:50 - 01056768 _____ (Blue Sky Software Corporation.) C:\Windows\SysWOW64\Roboex32.dll
2014-12-17 22:44 - 1999-05-07 01:00 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Comdlg32.ocx
2014-12-17 22:44 - 1998-06-18 00:00 - 00089360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2014-12-17 22:44 - 1997-01-31 10:07 - 00048640 _____ (Blue Sky Software) C:\Windows\SysWOW64\inetwh32.dll
2014-12-17 22:40 - 2014-12-17 22:43 - 27108144 _____ (NeuroDimension, Inc. ) C:\Users\joe\Downloads\nsinstall_432 (1).exe
2014-12-17 15:32 - 2014-12-17 15:32 - 00000000 __SHD () C:\Users\joe\AppData\Local\EmieBrowserModeList
2014-12-17 14:20 - 2014-12-17 14:20 - 00236289 _____ () C:\Users\joe\Downloads\basic.ics
2014-12-16 12:27 - 2014-12-16 12:27 - 00000000 ____D () C:\Users\joe\AppData\Local\NeuroSolutions
2014-12-15 21:57 - 2014-12-15 21:57 - 03024587 _____ () C:\Users\joe\Downloads\BuildTools (2).jar
2014-12-15 21:57 - 2014-12-15 21:57 - 03024587 _____ () C:\Users\joe\Downloads\BuildTools (1).jar
2014-12-15 19:45 - 2014-12-15 19:40 - 00174112 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2014-12-14 16:50 - 2014-12-14 16:51 - 370481677 _____ () C:\Users\joe\Downloads\jmonkeyplatform-windows-x64.exe
2014-12-14 00:18 - 2014-12-14 00:18 - 00000000 ____D () C:\Users\joe\Downloads\BanManager
2014-12-14 00:17 - 2014-12-14 00:17 - 00473291 _____ () C:\Users\joe\Downloads\BanManager.zip
2014-12-13 18:07 - 2014-12-13 18:07 - 01287944 _____ (Mojang) C:\Users\joe\Downloads\Minecraft (1).exe
2014-12-13 18:07 - 2014-12-13 18:07 - 00000000 ____D () C:\Users\joe\Desktop\New folder
2014-12-13 17:01 - 2014-12-13 17:01 - 00045112 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-12-12 21:55 - 2014-12-12 21:55 - 01534736 _____ () C:\Users\joe\Downloads\battlelog-web-plugins_2.6.2_154.exe
2014-12-11 21:53 - 2014-12-11 21:53 - 00003907 _____ () C:\Users\joe\Desktop\tweets.json
2014-12-09 21:20 - 2014-11-10 02:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-09 21:20 - 2014-11-10 01:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-09 21:20 - 2014-10-30 23:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-09 21:20 - 2014-10-30 23:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-09 21:11 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 21:11 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 21:11 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 21:11 - 2014-11-22 02:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-09 21:11 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 21:11 - 2014-11-22 02:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-09 21:11 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 21:11 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 21:11 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 21:11 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 21:11 - 2014-11-22 02:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-09 21:11 - 2014-11-22 02:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-09 21:11 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 21:11 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 21:11 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 21:11 - 2014-11-22 01:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-09 21:11 - 2014-11-22 01:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-09 21:11 - 2014-11-22 01:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-09 21:11 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 21:11 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 21:11 - 2014-11-22 01:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 21:11 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 21:11 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 21:11 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 21:11 - 2014-11-22 01:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-09 21:11 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 21:11 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 21:11 - 2014-11-22 01:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-09 21:11 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 21:11 - 2014-11-22 01:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-09 21:11 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 21:11 - 2014-11-22 01:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 21:11 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 21:11 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 21:11 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 21:11 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 21:11 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 21:11 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 21:11 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 21:11 - 2014-11-07 04:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 21:11 - 2014-11-07 03:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 21:11 - 2014-10-31 23:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-09 21:11 - 2014-10-31 23:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-09 21:11 - 2014-10-13 02:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-12-09 21:11 - 2014-10-13 02:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-12-09 21:11 - 2014-10-13 02:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-12-09 21:11 - 2014-10-13 02:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-12-09 14:13 - 2014-12-09 14:13 - 03763514 _____ () C:\Users\joe\Downloads\ets2mp_client.zip
2014-12-08 16:47 - 2014-12-08 16:47 - 02810360 _____ () C:\Users\joe\Downloads\OneScreenOfBurgersWindows.zip
2014-12-08 16:47 - 2014-12-08 16:47 - 00419677 _____ () C:\Users\joe\Downloads\OneScreenOfBurgersSource.zip
2014-12-07 21:57 - 2014-12-07 21:57 - 00084917 _____ () C:\Users\joe\Downloads\bluescreenview-x64.zip
2014-12-07 21:24 - 2014-12-07 21:24 - 00009141 _____ () C:\Users\joe\Downloads\NoPvpLog.jar
2014-12-07 21:20 - 2014-12-07 21:20 - 11241080 _____ () C:\Users\joe\Downloads\join.me.exe
2014-12-07 21:00 - 2014-12-07 21:00 - 00152944 _____ () C:\Users\joe\Downloads\SilkSpawners.jar
2014-12-07 20:48 - 2014-12-07 20:48 - 00006316 _____ () C:\Users\joe\Downloads\spawnjoin.jar
2014-12-07 19:40 - 2014-12-07 19:40 - 00088477 _____ () C:\Users\joe\Downloads\CommandSigns.jar
2014-12-07 00:37 - 2014-12-07 00:37 - 00337004 _____ () C:\Users\joe\Downloads\Vault-1.4.1 (1).jar
2014-12-07 00:35 - 2014-12-07 00:35 - 00265122 _____ () C:\Users\joe\Downloads\askyblock.jar
2014-12-07 00:32 - 2014-12-07 00:32 - 01647028 _____ () C:\Users\joe\Downloads\Multiverse-Core-2.5 (1).jar
2014-12-07 00:29 - 2014-12-07 00:29 - 00003948 _____ () C:\Users\joe\Downloads\VoidWorld.jar
2014-12-06 23:56 - 2014-12-06 23:56 - 00005166 _____ () C:\Users\joe\Downloads\SW8PTower.schematic
2014-12-06 20:44 - 2014-12-06 20:44 - 00321700 _____ () C:\Users\joe\Downloads\MinigamesLib-1.11.0.jar
2014-12-06 20:44 - 2014-12-06 20:44 - 00023123 _____ () C:\Users\joe\Downloads\MGSkyWars.jar
2014-12-06 19:24 - 2014-12-06 19:24 - 00004775 _____ () C:\Users\joe\Downloads\fix-worldedit-cui-1.0.jar
2014-12-06 02:26 - 2014-12-06 02:26 - 00000000 ____D () C:\Users\joe\AppData\Roaming\java
2014-12-06 02:05 - 2014-12-06 02:05 - 00285808 _____ () C:\Windows\Minidump\120614-9968-01.dmp
2014-12-05 23:11 - 2014-12-05 23:11 - 00682854 _____ () C:\Users\joe\Desktop\Object Orientated Systems Coursework.zip
2014-12-05 19:49 - 2014-12-05 19:49 - 00000000 ___SD () C:\Users\joe\Documents\My Shapes
2014-12-05 15:48 - 2014-12-05 15:49 - 44833376 _____ (Skype Technologies S.A.) C:\Users\joe\Downloads\SkypeSetupFull.exe
2014-12-05 15:23 - 2014-12-05 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-12-05 15:21 - 2014-12-05 15:22 - 177856928 _____ (Oracle Corporation) C:\Users\joe\Downloads\jdk-8u25-windows-x64.exe
2014-12-05 15:18 - 2014-12-05 15:18 - 04697748 _____ () C:\Users\joe\Downloads\blerg (1).jar
2014-12-05 15:12 - 2014-12-05 15:13 - 92658088 _____ (Oracle Corporation) C:\Users\joe\Downloads\jre-8u25-windows-x64.exe
2014-12-05 15:09 - 2014-12-05 15:09 - 04697748 _____ () C:\Users\joe\Downloads\blerg.jar
2014-12-05 14:08 - 2014-12-05 14:15 - 961208085 _____ () C:\Users\joe\Downloads\agitarOne-windows-64.zip
2014-12-05 14:00 - 2014-12-05 14:00 - 00000000 ____D () C:\Users\joe\Downloads\apache-tomcat-8.0.15
2014-12-05 13:59 - 2014-12-05 13:59 - 09801252 _____ () C:\Users\joe\Downloads\apache-tomcat-8.0.15.zip
2014-12-05 13:58 - 2014-12-05 13:58 - 04803703 _____ () C:\Users\joe\Downloads\demo.zip
2014-12-05 01:18 - 2014-12-05 01:18 - 00009169 _____ () C:\Users\joe\Desktop\Book1.xlsx
2014-12-04 21:46 - 2014-12-04 21:46 - 18242102 _____ () C:\Users\joe\Downloads\totalbeginnerlesson04.zip
2014-12-04 21:33 - 2014-12-04 21:33 - 09624329 _____ () C:\Users\joe\Downloads\Assignment.zip
2014-12-04 21:33 - 2014-12-04 21:33 - 00000000 ____D () C:\Users\joe\Downloads\Assignment
2014-12-04 16:19 - 2014-12-04 16:19 - 05112776 _____ () C:\Users\joe\Downloads\Java-Assignment-master (2).zip
2014-12-04 02:32 - 2014-12-04 02:32 - 00002879 _____ () C:\Users\joe\Downloads\FullHunger.jar
2014-12-04 02:20 - 2014-12-04 02:20 - 00046813 _____ () C:\Users\joe\Downloads\HubEssentials (1).jar
2014-12-03 13:19 - 2014-12-04 21:33 - 13589871 _____ () C:\SentiWordNet_3.0.0.txt
2014-12-03 13:19 - 2014-12-04 21:33 - 00003907 _____ () C:\tweets.txt
2014-12-03 13:07 - 2014-12-03 13:07 - 00000000 ____D () C:\Users\joe\Downloads\Java-Assignment-master (1)
2014-12-02 22:10 - 2014-12-02 22:11 - 05322187 _____ () C:\Users\joe\Downloads\Java-Assignment-master (1).zip
2014-12-02 19:29 - 2014-12-02 19:30 - 19503909 _____ () C:\Users\joe\Downloads\spigot1658.jar
2014-12-02 01:54 - 2014-12-02 01:54 - 00305351 _____ () C:\Users\joe\Downloads\ServerListPlusUniversal-3.3.2.jar
2014-12-02 01:43 - 2014-12-02 01:43 - 00002014 _____ () C:\Users\joe\Downloads\SWN3.java
2014-12-02 01:23 - 2014-12-02 01:23 - 00453530 _____ () C:\Users\joe\Downloads\SkyWars.jar
2014-12-02 00:47 - 2014-12-02 00:47 - 00778914 _____ () C:\Users\joe\Downloads\NoCheatPlus.jar
2014-12-02 00:37 - 2014-12-02 00:37 - 00498159 _____ () C:\Users\joe\Downloads\BungeeAdminTools-1.2.8.jar
2014-12-02 00:16 - 2014-12-02 00:16 - 00276898 _____ () C:\Users\joe\Downloads\EnjinMinecraftPlugin (1).jar
2014-12-01 23:53 - 2014-12-01 23:58 - 00000000 ____D () C:\Users\joe\AppData\Local\paint.net
2014-12-01 23:53 - 2014-12-01 23:53 - 00001160 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-12-01 23:53 - 2014-12-01 23:53 - 00000000 ____D () C:\Program Files\paint.net
2014-12-01 23:48 - 2014-12-01 23:48 - 06529561 _____ () C:\Users\joe\Downloads\paint.net.4.0.4.install.zip
2014-12-01 01:39 - 2014-12-01 01:39 - 00318834 _____ () C:\Users\joe\Downloads\Factions (2).jar
2014-12-01 01:38 - 2014-12-01 01:38 - 01344243 _____ () C:\Users\joe\Downloads\MassiveCore (1).jar
2014-12-01 01:36 - 2014-12-01 01:36 - 00318909 _____ () C:\Users\joe\Downloads\Factions (1).jar
2014-12-01 01:16 - 2014-12-01 01:16 - 01344767 _____ () C:\Users\joe\Downloads\MassiveCore.jar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-31 19:40 - 2014-09-21 08:24 - 00000000 ____D () C:\FRST
2014-12-31 19:38 - 2014-03-15 17:48 - 00955428 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-31 19:37 - 2014-03-31 18:54 - 00000000 ____D () C:\Users\joe\AppData\Local\TGitCache
2014-12-31 19:34 - 2014-03-15 17:42 - 01854385 _____ () C:\Windows\WindowsUpdate.log
2014-12-31 19:33 - 2014-03-15 17:50 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Skype
2014-12-31 19:32 - 2014-11-17 21:07 - 00000000 ____D () C:\Users\joe\AppData\Local\LogMeIn Hamachi
2014-12-31 19:32 - 2014-11-10 19:55 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-31 19:32 - 2014-09-21 23:04 - 00004954 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JoePC-joe JoePC
2014-12-31 19:32 - 2014-03-15 22:15 - 00000000 ___RD () C:\Users\joe\Dropbox
2014-12-31 19:32 - 2014-03-15 22:14 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Dropbox
2014-12-31 19:32 - 2014-03-15 18:03 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-31 19:31 - 2014-05-21 20:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-31 19:31 - 2014-03-15 17:47 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-31 19:31 - 2014-03-15 17:41 - 00269800 _____ () C:\Windows\PFRO.log
2014-12-31 19:31 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-31 19:27 - 2014-11-10 19:55 - 00000000 ____D () C:\ProgramData\Origin
2014-12-31 19:26 - 2014-09-15 21:17 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-31 19:25 - 2013-08-22 15:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-31 19:08 - 2014-03-15 17:47 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-31 19:04 - 2014-03-15 19:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-31 19:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-31 18:48 - 2014-03-25 21:27 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001UA.job
2014-12-31 16:06 - 2014-03-15 17:46 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5BB247E6-8C32-4749-BD87-1FB5D1E278E5}
2014-12-31 01:35 - 2014-03-15 22:59 - 00000000 ____D () C:\Users\joe\AppData\Roaming\.minecraft
2014-12-30 22:42 - 2014-03-16 12:11 - 00000600 _____ () C:\Users\joe\AppData\Local\PUTTY.RND
2014-12-30 16:50 - 2014-03-15 17:50 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2566896282-1077780563-609952791-1001
2014-12-30 16:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\vpnplugins
2014-12-30 16:39 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-30 16:33 - 2014-05-21 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-30 16:33 - 2014-05-21 20:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-30 16:30 - 2014-03-15 22:42 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-12-30 16:30 - 2013-08-22 14:44 - 00505568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-30 15:19 - 2014-10-02 12:07 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-29 23:11 - 2014-07-01 21:48 - 00000000 ____D () C:\Users\joe\Desktop\jd-gui-0.3.6.windows (1)
2014-12-29 23:09 - 2014-03-25 15:54 - 00000000 ____D () C:\Users\joe\workspace
2014-12-29 22:41 - 2014-03-27 23:19 - 00000000 ____D () C:\Users\joe\AppData\Local\Eclipse
2014-12-29 22:40 - 2014-05-27 16:13 - 00000000 ____D () C:\Users\joe\Desktop\Email test server
2014-12-29 01:46 - 2014-11-17 20:35 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Azureus
2014-12-28 10:48 - 2014-03-25 21:27 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2566896282-1077780563-609952791-1001Core.job
2014-12-26 20:56 - 2014-04-26 17:52 - 00096811 _____ () C:\Windows\DirectX.log
2014-12-26 00:45 - 2014-03-15 18:19 - 00000000 ____D () C:\Users\joe\AppData\Roaming\FileZilla
2014-12-25 20:19 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-24 22:27 - 2014-03-15 18:00 - 00000000 ____D () C:\Users\joe\AppData\Roaming\TS3Client
2014-12-24 21:20 - 2014-09-21 23:15 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-12-23 13:33 - 2014-03-15 19:04 - 00000000 ____D () C:\Users\joe\Documents\Euro Truck Simulator 2
2014-12-23 13:08 - 2014-09-28 18:53 - 00000000 ____D () C:\Users\joe\Documents\ETS2MP
2014-12-23 13:08 - 2014-05-05 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer
2014-12-23 13:08 - 2014-05-05 13:04 - 00000000 ____D () C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer
2014-12-23 12:52 - 2014-03-15 19:00 - 00000000 ____D () C:\Users\joe\Documents\Visual Studio 2012
2014-12-23 12:48 - 2014-03-15 17:44 - 00000000 ____D () C:\Users\joe\AppData\Local\Packages
2014-12-23 09:56 - 2014-03-15 17:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-22 21:00 - 2014-03-15 18:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-12-22 00:03 - 2014-03-16 19:14 - 00000000 ____D () C:\Users\joe\AppData\Local\join.me
2014-12-21 21:31 - 2014-04-02 16:43 - 00002240 ____H () C:\Users\joe\Documents\Default.rdp
2014-12-20 21:54 - 2014-09-30 14:59 - 00000000 ____D () C:\Users\joe\.VirtualBox
2014-12-20 12:21 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-17 22:47 - 2014-03-15 17:44 - 00000000 ____D () C:\Users\joe\AppData\Local\VirtualStore
2014-12-17 22:44 - 2014-03-15 17:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-15 05:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
2014-12-14 18:40 - 2014-10-11 12:13 - 00000000 ____D () C:\Users\joe\AppData\Roaming\TeamViewer
2014-12-13 09:39 - 2014-03-15 22:14 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-13 09:37 - 2014-03-15 17:44 - 00000000 ____D () C:\Users\joe
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-12-13 09:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 22:00 - 2014-11-10 22:23 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-12-12 21:57 - 2014-11-10 22:23 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-12-12 21:55 - 2014-11-10 22:24 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-10 04:07 - 2014-03-15 19:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 04:06 - 2014-03-15 19:48 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 18:04 - 2014-03-15 19:31 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-07 21:57 - 2014-03-15 19:02 - 00000000 ____D () C:\Users\joe\Documents\Visual Studio 2010
2014-12-06 14:39 - 2014-03-15 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-12-06 14:39 - 2014-03-15 18:18 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-12-06 02:05 - 2014-06-08 21:27 - 00000000 ____D () C:\Windows\Minidump
2014-12-05 23:31 - 2014-11-11 21:25 - 00000000 ____D () C:\Users\joe\Desktop\Java Assignment
2014-12-05 19:48 - 2014-04-24 13:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-05 19:48 - 2014-03-15 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-12-05 19:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-05 15:49 - 2014-03-15 17:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-05 15:49 - 2014-03-15 17:50 - 00000000 ____D () C:\ProgramData\Skype
2014-12-05 15:28 - 2014-05-30 11:19 - 00000544 _____ () C:\Users\joe\Desktop\jd-gui.cfg
2014-12-05 15:23 - 2014-09-22 15:44 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-12-05 15:23 - 2014-03-15 17:50 - 00000000 ____D () C:\Program Files\Java
2014-12-05 15:13 - 2014-09-14 17:45 - 00000000 ____D () C:\ProgramData\Oracle

Some content of TEMP:
====================
C:\Users\joe\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqpyuo0.dll
C:\Users\joe\AppData\Local\Temp\Quarantine.exe
C:\Users\joe\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-27 11:25

==================== End Of Log ============================

FRST Fix Log

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by joe at 2014-12-31 19:25:23 Run:1
Running from C:\Users\joe\Desktop
Loaded Profiles: joe &  (Available profiles: joe)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\MountPoints2: {2a78f0b1-ac71-11e3-824f-94de8078bb23} - "G:\SETUP.EXE" 
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\MountPoints2: {2a78f7f3-ac71-11e3-824f-94de8078bb23} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL H:\setup.hta
HKU\S-1-5-21-2566896282-1077780563-609952791-1001\...\MountPoints2: {2a7910cb-ac71-11e3-824f-94de8078bb23} - "F:\LaunchU3.exe" -a
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-2566896282-1077780563-609952791-1001: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll No File
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
AlternateDataStreams: C:\Users\joe\SkyDrive:ms-properties
EmptyTemp:
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-2566896282-1077780563-609952791-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a78f0b1-ac71-11e3-824f-94de8078bb23}" => Key deleted successfully.
HKCR\CLSID\{2a78f0b1-ac71-11e3-824f-94de8078bb23} => Key not found. 
"HKU\S-1-5-21-2566896282-1077780563-609952791-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a78f7f3-ac71-11e3-824f-94de8078bb23}" => Key deleted successfully.
HKCR\CLSID\{2a78f7f3-ac71-11e3-824f-94de8078bb23} => Key not found. 
"HKU\S-1-5-21-2566896282-1077780563-609952791-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a7910cb-ac71-11e3-824f-94de8078bb23}" => Key deleted successfully.
HKCR\CLSID\{2a7910cb-ac71-11e3-824f-94de8078bb23} => Key not found. 
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
"HKU\S-1-5-21-2566896282-1077780563-609952791-1001\Software\MozillaPlugins\anvisoft.com/AdblockPlugin" => Key deleted successfully.
C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll not found.
"HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
"HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
"HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}" => Key deleted successfully.
"HKU\S-1-5-21-2566896282-1077780563-609952791-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
"C:\Users\joe\SkyDrive" => ":ms-properties" ADS not found.
EmptyTemp: => Removed 3.8 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 19:26:09 ====

  • 0

#4
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
STEP I: FRST FIX
  • Please download the attached fixlist.txt file and save it to the same location as FRST
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
STEP II: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
STEP III: ASWMBR

Please download aswMBR from one of the links below and save it to your Desktop.


Download Mirror #1

  • Right-click on aswMBR.exe and select Run as Administrator.
  • Click Yes when asked to download the Avast! definitions.
  • Click Scan to initiate the scan.
  • When the scan finishes, click Save Log and save this to your Desktop.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

Attached Files


  • 0

#5
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics


Also tagged with one or more of these keywords: Virus, Malware, Malwarebytes, Avast

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP