Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

pcfixing3.info popup [Closed]

Started by zestron , Apr 30 2015 04:06 PM
popup

  • This topic is locked This topic is locked

#1
zestron
Posted 30 April 2015 - 04:06 PM

zestron

    Member

  • Member
  • PipPipPip
  • 334 posts

Whenever I click something in my Chrome browser which opens something in a new window, I am redirected to a spam page under the URL of www.pcfixing3.info ______________ such as http://pcfixing3.inf...068&a=apapamam7

 

I've tried everything I can think of and run numerous programs to help, but nothing has helped.

 

fhyJOQC.jpg

 

---------------------------------

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by Joe (administrator) on OWNER-3FGPFZGW4 on 30-04-2015 19:00:19
Running from C:\Users\Joe\Desktop
Loaded Profiles: Joe (Available profiles: Joe & Acronis Agent User)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Oculus\Service\OVRServer_x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Users\Joe\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oculus VR, LLC) C:\Program Files (x86)\Oculus\Tools\OculusConfigUtil.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\charmap.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4031152 2013-11-26] (Stardock Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [478984 2012-12-15] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Run: [OneDrive] => C:\Users\Joe\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281248 2015-03-12] (Microsoft Corporation)
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\MountPoints2: D - D:\Setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-07] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OculusConfigUtil.lnk [2015-01-24]
ShortcutTarget: OculusConfigUtil.lnk -> C:\Program Files (x86)\Oculus\Tools\OculusConfigUtil.exe (Oculus VR, LLC)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Joe\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-03-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Joe\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-03-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Joe\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-03-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Joe\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Joe\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Joe\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2014-06-03] (Hermann Schinagl)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?ocid=iehp
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\88xq2klu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-25] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-09-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-12-15] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-12] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-11] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-12-15] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-2118853541-1488753588-3094647493-1000: @hola.org/vlc,version=1.7.598 -> C:\Users\Joe\AppData\Local\Hola\firefox\app\vlc [2015-04-25] ()
FF Plugin HKU\S-1-5-21-2118853541-1488753588-3094647493-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Joe\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2118853541-1488753588-3094647493-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF Extension: Hola Better Internet - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\88xq2klu.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-04-25]
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Nightly\firefox.exe
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-28]
CHR Extension: (Adblock Plus) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-29]
CHR Extension: (Video downloader pro) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbjlfogfpagepnaojhfbdlhjhildeaem [2014-11-04]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2014-10-26]
CHR Extension: (Kill News Feed) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjobfcedfgohjkaieocljfcppjbkglfd [2014-10-25]
CHR Extension: (Disconnect) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-08-29]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-08-30]
CHR Extension: (Any.do Extension) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem [2014-08-29]
CHR Extension: (Video downloader) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlenniinblnemaeneglhgicafiahoibg [2014-11-04]
CHR Extension: (Google Wallet) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-28]
CHR Extension: (4chan Plus) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj [2014-08-29]
StartMenuInternet: Google Chrome - chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [173848 2015-02-09] (EasyAntiCheat Ltd)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 OVRService; C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe [231952 2014-12-03] () [File not signed]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
S2 OutfoxTvService; C:\Program Files\OutfoxTV\OutfoxTvService.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ESEADriver2; C:\Users\Joe\AppData\Local\Temp\ESEADriver2.sys [312136 2015-04-27] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-04-21] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2013-12-20] (CACE Technologies, Inc.)
S3 OCUSBVID; C:\Windows\System32\DRIVERS\OCUSBVID.sys [47560 2014-12-03] (Oculus VR, LLC)
R1 RiftEnabler; C:\Windows\System32\DRIVERS\RiftEnabler.sys [53704 2014-12-03] (Oculus VR, LLC)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-12-05] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-12-05] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-12-05] (Acronis International GmbH)
S3 cpuz131; \??\C:\Users\Joe\AppData\Local\Temp\cpuz131\cpuz_x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-30 19:00 - 2015-04-30 19:01 - 00021377 _____ () C:\Users\Joe\Desktop\FRST.txt
2015-04-30 18:59 - 2015-04-30 19:00 - 00000000 ____D () C:\FRST
2015-04-30 18:59 - 2015-04-30 18:59 - 02101248 _____ (Farbar) C:\Users\Joe\Downloads\FRST64.exe
2015-04-30 18:59 - 2015-04-30 18:59 - 02101248 _____ (Farbar) C:\Users\Joe\Desktop\FRST64.exe
2015-04-30 17:30 - 2015-04-30 17:33 - 00000000 ____D () C:\Users\Joe\Desktop\MANET
2015-04-30 17:20 - 2015-04-30 17:54 - 00000000 ____D () C:\Users\Joe\Desktop\BMO
2015-04-30 16:37 - 2015-04-30 16:37 - 00000000 ___HD () C:\OneDriveTemp
2015-04-26 20:37 - 2015-04-26 20:37 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-04-26 20:37 - 2015-04-26 20:37 - 00000000 ____D () C:\Users\Joe\Documents\Penumbra
2015-04-26 20:22 - 2015-04-26 20:22 - 00000000 ____D () C:\Users\Joe\Documents\KentuckyRouteZero
2015-04-26 19:35 - 2015-04-26 19:35 - 00000000 ____D () C:\Program Files (x86)\Nidhogg v1.004
2015-04-26 19:19 - 2015-04-26 19:19 - 00000222 _____ () C:\Users\Joe\Desktop\Rust.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000222 _____ () C:\Users\Joe\Desktop\Kentucky Route Zero.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000222 _____ () C:\Users\Joe\Desktop\DayZ.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000222 _____ () C:\Users\Joe\Desktop\Dark Souls Prepare to Die Edition.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000221 _____ () C:\Users\Joe\Desktop\The Elder Scrolls V Skyrim.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000221 _____ () C:\Users\Joe\Desktop\The Elder Scrolls III Morrowind.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000221 _____ () C:\Users\Joe\Desktop\Super Meat Boy.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000221 _____ () C:\Users\Joe\Desktop\Rising StormRed Orchestra 2 Multiplayer.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000221 _____ () C:\Users\Joe\Desktop\Penumbra Overture.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000221 _____ () C:\Users\Joe\Desktop\Penumbra Black Plague.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000220 _____ () C:\Users\Joe\Desktop\Garry's Mod.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000219 _____ () C:\Users\Joe\Desktop\Team Fortress 2.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000219 _____ () C:\Users\Joe\Desktop\Half-Life 2.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000219 _____ () C:\Users\Joe\Desktop\Dota 2.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000219 _____ () C:\Users\Joe\Desktop\Counter-Strike Global Offensive.url
2015-04-26 19:19 - 2015-04-26 19:19 - 00000218 _____ () C:\Users\Joe\Desktop\Half-Life.url
2015-04-26 19:18 - 2015-04-26 19:18 - 00000222 _____ () C:\Users\Joe\Desktop\Dear Esther.url
2015-04-26 19:18 - 2015-04-26 19:18 - 00000222 _____ () C:\Users\Joe\Desktop\Cortex Command.url
2015-04-26 19:18 - 2015-04-26 19:18 - 00000222 _____ () C:\Users\Joe\Desktop\Amnesia A Machine for Pigs.url
2015-04-26 18:20 - 2015-04-26 18:20 - 00056472 _____ () C:\Users\Joe\Downloads\Nimbus Sans L CY Bold.ttf
2015-04-25 01:13 - 2015-04-25 01:13 - 00000000 ____D () C:\Users\Joe\AppData\Local\Macromedia
2015-04-25 01:12 - 2015-04-25 01:12 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-25 01:12 - 2015-04-25 01:12 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-25 01:12 - 2015-04-25 01:12 - 00000000 ____D () C:\Windows\system32\Macromed
2015-04-25 01:10 - 2015-04-25 01:11 - 00000000 ____D () C:\Users\Joe\Downloads\Hola
2015-04-25 01:10 - 2015-04-25 01:10 - 00000000 ____D () C:\Users\Joe\AppData\Local\Hola
2015-04-21 18:53 - 2015-04-21 18:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-21 16:26 - 2015-04-21 16:26 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-04-21 16:11 - 2015-04-21 16:11 - 00003154 _____ () C:\Windows\system32\.crusader
2015-04-21 15:40 - 2015-04-21 16:11 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-04-21 15:39 - 2015-04-21 15:40 - 11028616 _____ (SurfRight B.V.) C:\Users\Joe\Downloads\HitmanPro_x64.exe
2015-04-21 14:56 - 2015-04-21 14:56 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-OWNER-3FGPFZGW4-Windows-7-Ultimate-(64-bit).dat
2015-04-21 14:56 - 2015-04-21 14:56 - 00000000 ____D () C:\RegBackup
2015-04-21 14:55 - 2015-04-21 14:55 - 02685507 _____ (Thisisu) C:\Users\Joe\Downloads\JRT.exe
2015-04-21 14:27 - 2015-04-21 14:49 - 00000000 ____D () C:\AdwCleaner
2015-04-21 14:27 - 2015-04-21 14:27 - 02217984 _____ () C:\Users\Joe\Downloads\adwcleaner_4.201.exe
2015-04-20 22:10 - 2015-04-20 22:10 - 01380960 _____ (Skype Technologies S.A.) C:\Users\Joe\Downloads\SkypeSetup.exe
2015-04-19 21:21 - 2015-04-19 21:21 - 03483413 _____ () C:\Users\Joe\Downloads\forge-1.8-11.14.1.1375-installer-win.exe
2015-04-19 21:21 - 2015-04-19 21:21 - 00003194 _____ () C:\Windows\System32\Tasks\{0712CEE4-6F21-4497-83F5-42D74A7817AB}
2015-04-19 11:27 - 2015-04-19 11:27 - 03455765 _____ () C:\Users\Joe\Downloads\forge-1.8-11.14.1.1375-installer.jar
2015-04-19 11:26 - 2015-04-19 11:26 - 00225817 _____ () C:\Users\Joe\Downloads\InventoryTweaks-1.59-176.jar
2015-04-18 17:07 - 2015-04-25 22:16 - 00000000 ____D () C:\Users\Joe\Desktop\forsale
2015-04-17 21:41 - 2015-04-17 21:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2015-04-17 21:27 - 2015-04-17 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2015-04-17 21:23 - 2015-04-17 21:23 - 00000000 ____D () C:\Program Files (x86)\Paradox Interactive
2015-04-17 20:08 - 2015-04-17 20:08 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\java
2015-04-17 20:07 - 2015-04-17 20:08 - 00000000 ____D () C:\Program Files (x86)\Minecraft
2015-04-17 20:07 - 2015-04-17 20:07 - 00000961 _____ () C:\Users\Public\Desktop\Minecraft.lnk
2015-04-17 20:07 - 2015-04-17 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-04-17 20:06 - 2015-04-17 20:07 - 02314240 _____ () C:\Users\Joe\Downloads\MinecraftInstaller.msi
2015-04-17 18:01 - 2015-04-17 18:01 - 00000000 ____D () C:\Program Files\Nightly
2015-04-17 18:00 - 2015-04-17 18:00 - 43428360 _____ () C:\Users\Joe\Downloads\firefox-40.0a1.en-US.win64.installer.exe
2015-04-17 18:00 - 2015-04-17 18:00 - 00243312 _____ () C:\Users\Joe\Downloads\Firefox Setup Stub 37.0.1.exe
2015-04-17 16:38 - 2015-04-17 16:38 - 00000000 ____D () C:\Users\Joe\AppData\Local\UnrealEngineLauncher
2015-04-14 21:48 - 2015-04-14 21:48 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESEA
2015-04-12 22:05 - 2015-04-12 22:05 - 00000000 ____D () C:\Users\Joe\Tracing
2015-04-11 19:52 - 2015-04-14 18:11 - 00000000 ____D () C:\Users\Joe\AppData\Local\Blurb
2015-04-11 19:52 - 2015-04-11 19:58 - 00000000 ____D () C:\Users\Joe\Documents\Blurb
2015-04-11 19:51 - 2015-04-14 18:11 - 00000000 ____D () C:\Program Files (x86)\BookWright
2015-04-05 11:53 - 2015-04-05 12:06 - 1663853140 _____ () C:\Users\Joe\Desktop\2015_0405_115302_002.MOV
2015-04-03 14:01 - 2015-04-07 18:58 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\Tera_Awesomium
2015-04-02 18:14 - 2015-04-07 18:53 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-04-02 18:14 - 2015-04-02 18:14 - 00000000 ____D () C:\Users\Joe\AppData\Local\TERA
2015-04-02 13:32 - 2015-04-02 18:14 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TERA
2015-04-02 13:30 - 2015-04-07 18:57 - 00000000 ____D () C:\ProgramData\HappyCloud
2015-04-02 13:30 - 2015-04-02 13:30 - 10458976 _____ () C:\Users\Joe\Downloads\TERA-Setup-HC.exe
2015-04-02 13:30 - 2015-04-02 13:30 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud
2015-03-31 23:36 - 2015-03-31 23:36 - 00000735 _____ () C:\Users\Joe\Downloads\accounts (1).htm
2015-03-31 23:35 - 2015-03-31 23:35 - 00000735 _____ () C:\Users\Joe\Downloads\accounts.htm
2015-03-31 20:10 - 2015-03-31 20:10 - 00000000 ____D () C:\Users\Default\AppData\Roaming\WTablet
2015-03-31 20:10 - 2015-03-31 20:10 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\WTablet
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-30 18:33 - 2013-09-06 20:13 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-30 18:24 - 2014-02-09 12:16 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\.minecraft
2015-04-30 17:42 - 2013-09-06 20:04 - 01690952 _____ () C:\Windows\WindowsUpdate.log
2015-04-30 16:48 - 2014-01-10 23:43 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118853541-1488753588-3094647493-1000UA.job
2015-04-30 16:43 - 2009-07-14 01:45 - 00021024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-30 16:43 - 2009-07-14 01:45 - 00021024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-30 16:37 - 2014-02-20 23:10 - 00000000 ___RD () C:\Users\Joe\OneDrive
2015-04-30 16:34 - 2014-12-04 20:01 - 00033949 _____ () C:\Windows\setupact.log
2015-04-30 16:34 - 2013-09-06 20:13 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-30 16:34 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-30 01:08 - 2015-02-07 10:50 - 00000020 _____ () C:\Users\Joe\AppData\Roaming\appdataFr3.bin
2015-04-30 01:07 - 2014-01-10 23:43 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118853541-1488753588-3094647493-1000Core.job
2015-04-29 17:09 - 2015-01-24 19:26 - 00000000 ____D () C:\Users\Joe\AppData\Local\Oculus
2015-04-27 23:20 - 2013-09-06 20:15 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-26 20:37 - 2013-12-19 19:09 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-04-26 20:37 - 2013-12-19 19:09 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-04-26 20:37 - 2013-12-19 19:09 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-04-26 20:07 - 2015-02-27 23:51 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\Nidhogg
2015-04-26 19:13 - 2009-07-14 01:45 - 05064568 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-26 18:39 - 2013-09-06 21:18 - 00117232 _____ () C:\Users\Joe\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-26 10:37 - 2013-09-09 19:33 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\vlc
2015-04-26 00:18 - 2013-09-06 20:35 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\Skype
2015-04-25 18:54 - 2009-07-14 02:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-25 17:00 - 2014-08-30 13:31 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-25 01:11 - 2013-09-06 20:14 - 00000000 ____D () C:\Users\Joe\AppData\Local\Adobe
2015-04-22 10:22 - 2014-10-12 10:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-21 14:49 - 2013-09-06 20:04 - 00000000 ____D () C:\Users\Joe
2015-04-20 22:11 - 2013-09-06 20:16 - 00000000 ____D () C:\ProgramData\Skype
2015-04-20 22:10 - 2014-09-29 19:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-20 19:13 - 2014-03-11 12:18 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-04-19 00:43 - 2014-12-05 01:10 - 00306464 _____ () C:\Windows\PFRO.log
2015-04-18 16:19 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\registration
2015-04-17 21:21 - 2013-09-06 20:15 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\uTorrent
2015-04-17 17:39 - 2014-10-09 21:31 - 00000000 ____D () C:\Users\Joe\Documents\Unreal Projects
2015-04-17 17:35 - 2014-10-09 21:29 - 00000000 ____D () C:\Users\Joe\AppData\Local\UnrealEngine
2015-04-17 16:38 - 2014-10-08 19:32 - 00000000 ____D () C:\ProgramData\Epic
2015-04-14 20:39 - 2013-09-08 18:32 - 00000000 ____D () C:\Users\Joe\Documents\Resumes
2015-04-14 18:11 - 2009-07-14 00:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-14 18:11 - 2009-07-14 00:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-12 19:11 - 2013-12-08 12:53 - 00000132 _____ () C:\Users\Joe\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-04-11 21:20 - 2015-03-27 10:22 - 00000000 ____D () C:\Users\Joe\Desktop\grad_renders
2015-04-10 19:45 - 2015-01-10 23:46 - 00002328 _____ () C:\Windows\LkmdfCoInst.log
2015-04-10 19:44 - 2013-09-06 20:39 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-04-05 15:20 - 2013-09-22 17:20 - 00006144 _____ () C:\Users\Joe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-31 20:19 - 2009-07-14 00:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-03-31 20:18 - 2015-03-29 16:36 - 00000000 ____D () C:\IORRT
 
==================== Files in the root of some directories =======
 
2013-11-08 10:52 - 2014-02-19 23:22 - 0000132 _____ () C:\Users\Joe\AppData\Roaming\Adobe AIFF Format CS6 Prefs
2015-01-21 21:44 - 2015-01-21 22:04 - 0000132 _____ () C:\Users\Joe\AppData\Roaming\Adobe BMP Format CS6 Prefs
2014-12-22 15:11 - 2014-12-24 15:38 - 0000132 _____ () C:\Users\Joe\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-12-08 12:53 - 2015-04-12 19:11 - 0000132 _____ () C:\Users\Joe\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-02-07 10:50 - 2015-04-30 01:08 - 0000020 _____ () C:\Users\Joe\AppData\Roaming\appdataFr3.bin
2014-09-02 22:48 - 2014-09-02 23:08 - 0000107 _____ () C:\Users\Joe\AppData\Roaming\Camdata.ini
2014-09-02 22:48 - 2014-09-02 23:08 - 0000408 _____ () C:\Users\Joe\AppData\Roaming\CamLayout.ini
2014-09-02 22:48 - 2014-09-02 23:08 - 0000408 _____ () C:\Users\Joe\AppData\Roaming\CamShapes.ini
2014-09-02 22:48 - 2014-09-02 23:08 - 0004544 _____ () C:\Users\Joe\AppData\Roaming\CamStudio.cfg
2014-12-24 17:03 - 2014-12-24 18:49 - 297506468 _____ () C:\Users\Joe\AppData\Roaming\Install Quixel SUITE.exe
2014-09-22 15:47 - 2014-11-22 18:53 - 0000112 _____ () C:\Users\Joe\AppData\Roaming\JP2K CS6 Prefs
2014-10-26 16:51 - 2014-10-26 16:56 - 0000125 _____ () C:\Users\Joe\AppData\Roaming\licecap.ini
2014-01-04 01:00 - 2014-01-04 01:05 - 0001158 _____ () C:\Users\Joe\AppData\Roaming\ShiftN.ini
2014-09-02 22:41 - 2014-09-02 23:04 - 0000096 _____ () C:\Users\Joe\AppData\Roaming\version2.xml
2014-08-30 12:55 - 2014-08-30 12:55 - 0000046 _____ () C:\Users\Joe\AppData\Roaming\WB.CFG
2014-08-29 17:09 - 2014-08-29 17:11 - 174606558 _____ () C:\Users\Joe\AppData\Local\ACCCx2_7_1_418.zip
2013-12-08 13:38 - 2015-02-02 10:44 - 0001456 _____ () C:\Users\Joe\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-09-22 17:20 - 2015-04-05 15:20 - 0006144 _____ () C:\Users\Joe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-27 16:18 - 2015-02-27 16:18 - 0000746 _____ () C:\Users\Joe\AppData\Local\recently-used.xbel
 
Some content of TEMP:
====================
C:\Users\Joe\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\Joe\AppData\Local\Temp\divx3f54.exe
C:\Users\Joe\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.7.598.exe
C:\Users\Joe\AppData\Local\Temp\optprosetup.exe
C:\Users\Joe\AppData\Local\Temp\ose00000.exe
C:\Users\Joe\AppData\Local\Temp\ose00001.exe
C:\Users\Joe\AppData\Local\Temp\Quarantine.exe
C:\Users\Joe\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Joe\AppData\Local\Temp\sqlite3.dll
C:\Users\Joe\AppData\Local\Temp\xmlUpdater.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-26 11:54
 
==================== End Of Log ============================
 
---------------------------------
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by Joe at 2015-04-30 19:01:48
Running from C:\Users\Joe\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Acronis Agent User (S-1-5-21-2118853541-1488753588-3094647493-1003 - Administrator - Enabled) => C:\Users\Acronis Agent User
Administrator (S-1-5-21-2118853541-1488753588-3094647493-500 - Administrator - Disabled)
Guest (S-1-5-21-2118853541-1488753588-3094647493-501 - Limited - Enabled)
Joe (S-1-5-21-2118853541-1488753588-3094647493-1000 - Administrator - Enabled) => C:\Users\Joe
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
Acronis True Image 2014 (HKLM-x32\...\{1F91344A-B963-4431-89E8-4F80DEE282BE}Visible) (Version: 17.0.5560 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.5560 - Acronis) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.7.8981 - )
Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call Of Cthulhu DCoTE (HKLM-x32\...\{E4406ED3-B04C-44F1-ABB4-08775B74934F}) (Version: 1.00.000 - )
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Cortex Command (HKLM-x32\...\Steam App 209670) (Version:  - Data Realms)
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crazybump (remove only) (HKLM-x32\...\Crazybump) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dear Esther (HKLM-x32\...\Steam App 203810) (Version:  - thechineseroom & Robert Briscoe)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
DropIt (v8.0) (HKLM\...\DropIt_is1) (Version: 8.0 - Lupo PenSuite Team)
Dxtory version 2.0.127 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.127 - ExKode Co. Ltd.)
Emscripten SDK 64-bit (HKLM\...\Emscripten) (Version:  - )
EPS Viewer (HKLM-x32\...\{32E05824-A0AC-4DFE-B965-5F52C28FBE9F}_is1) (Version:  - IdeaMK)
ESEA Client (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
f.lux (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\Flux) (Version:  - )
FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GitHub (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\5f7eb300e2ea4ebf) (Version: 2.6.6.2 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\{AF69DB21-C080-3845-B5A1-62BB493085EF}) (Version: 65.130.49218 - Google, Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
Half-Life SDK (HKLM-x32\...\Steam App 254430) (Version:  - )
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
Happy Cloud Client (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)
Heroes of Might & Magic III HD Edition (HKLM-x32\...\Heroes of Might & Magic III HD Edition_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
InMind VR (HKLM-x32\...\Steam App 343740) (Version:  - Nival VR)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Jed's Half-Life Model Viewer 1.3.6 (HKLM-x32\...\Jed's Half-Life Model Viewer) (Version: 1.3.6 - wunderboy.org)
Kentucky Route Zero (HKLM-x32\...\Steam App 231200) (Version:  - Cardboard Computer)
K-Lite Codec Pack 10.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Left 4 Dead Authoring Tools (HKLM-x32\...\Steam App 513) (Version:  - Valve)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - Playdead)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.5.1 - Hermann Schinagl)
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Magicka (HKLM-x32\...\Magicka_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManyCam 4.0.110 (HKLM-x32\...\ManyCam) (Version: 4.0.110 - Visicom Media Inc.)
MeshLab_64b 1.3.2 (HKLM\...\MeshLab_64b) (Version: 1.3.2 - Paolo Cignoni - Guido Ranzuglia VCG - ISTI - CNR)
Meshmixer (HKLM\...\Meshmixer_x64) (Version:  - )
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{A6A4A258-0A48-4F76-B8F1-61F0514594DD}) (Version: 16.4.1970.0624 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MiPony 2.1.4 (HKLM-x32\...\MiPony) (Version: 2.1.4 - )
MKVToolNix 7.2.0 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 7.2.0 - Moritz Bunkus)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0a1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
msxml4 (HKLM-x32\...\{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}) (Version: 1.0.0 - Default Company Name)
Nidhogg v1.004 (HKLM-x32\...\TmlkaG9nZ3YxMDA0_is1) (Version: 1 - )
Nightly 40.0a1 (x64 en-US) (HKLM\...\Nightly 40.0a1 (x64 en-US)) (Version: 40.0a1 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NSIS Example2 (HKLM-x32\...\ARC3D Webservice v2.2) (Version:  - )
Oculus Display Driver (Install Only) (HKLM\...\{2C48475F-F6AA-48BC-827E-67C21685BE65}) (Version: 1.2.2.0 - Oculus VR, LLC)
Oculus Positional Tracker Driver (Install Only) (HKLM\...\{53CBAB0B-4713-4743-B62F-325ED1B6869F}) (Version: 0.0.1.7 - Oculus VR, LLC)
Oculus Runtime (HKLM-x32\...\Oculus Runtime 0.4.4 Rev 1) (Version: 0.4.4 Rev 1 - Oculus VR, LLC)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
PackBit Codec version 1.0.0.1Beta (HKLM-x32\...\{5AFD98DE-0AF5-497F-BE7E-F93DEDF74573}_is1) (Version: 1.0.0.1Beta - Dxtory Software)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Penumbra: Black Plague (HKLM-x32\...\Steam App 22120) (Version:  - Frictional Games)
Penumbra: Overture (HKLM-x32\...\Steam App 22180) (Version:  - Frictional Games)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
RoboBasket3 (HKLM\...\RoboBasket_is1) (Version: 3.6.8 - ETUS)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.04.00 - Samsung Electronics Co., Ltd.)
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Source SDK Base 2013 Singleplayer (HKLM-x32\...\Steam App 243730) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.12 - Stardock Software, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1032 - SUPERAntiSpyware.com)
Swiff Player 1.7.2 (HKLM-x32\...\Swiff Player_is1) (Version: 1.7.2 - GlobFX Technologies)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TERA (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\teraenmasse) (Version:  - )
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version:  - Bethesda Game Studios®)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Unity Web Player (HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Unreal Development Kit: 2014-08 (HKLM\...\UDK-9c2d7d48-70d6-4b8d-8177-eed675927679) (Version:  - Epic Games, Inc.)
Unreal Engine (HKLM\...\{C5027D29-72B6-45F1-95C7-AAB98C31F69D}) (Version: 1.1.12.0 - Epic Games, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Worms Armageddon (HKLM-x32\...\Worms Armageddon) (Version:  - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2118853541-1488753588-3094647493-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
18-04-2015 14:18:37 Windows Update
21-04-2015 16:10:34 Checkpoint by HitmanPro
21-04-2015 16:11:11 Checkpoint by HitmanPro
22-04-2015 00:02:06 Windows Update
25-04-2015 12:51:38 Windows Update
28-04-2015 18:48:07 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 23:34 - 2014-12-05 01:09 - 00000860 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {03A4DBE9-0858-4BB9-99A2-53C1221E7686} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2118853541-1488753588-3094647493-1000UA => C:\Users\Joe\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {1834C36C-9E44-497A-BC62-B9A6A774DAA8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2118853541-1488753588-3094647493-1000Core => C:\Users\Joe\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {1F2BD0D9-06BA-4C21-91F4-12CF62F50E97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-06] (Google Inc.)
Task: {77EDF184-D3CE-403C-8F18-3326189D4F11} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9432F8F8-56CD-475A-AB8E-C5AFE2D7725B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {B60C4AA2-B54F-46A8-9779-8DD45C2809CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-06] (Google Inc.)
Task: {C66F61DB-B81C-4BBB-84E5-699CFC921128} - System32\Tasks\{0712CEE4-6F21-4497-83F5-42D74A7817AB} => pcalua.exe -a C:\Users\Joe\Downloads\forge-1.8-11.14.1.1375-installer-win.exe -d C:\Users\Joe\Downloads
Task: {D5100BF2-90D2-463B-AFA5-67D3661F8C42} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E556C05C-D04F-42C2-B673-3534E3A238FB} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe
Task: {EAC73821-25D2-4693-83E1-F0CED2F7181F} - System32\Tasks\{62DE4789-40F7-454A-88EC-924C65C24006} => pcalua.exe -a C:\Users\Joe\Desktop\oculus\Perception\Perception\bin\VireioDLLInstaller.exe -d C:\Users\Joe\Desktop\oculus\Perception\Perception\bin
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118853541-1488753588-3094647493-1000Core.job => C:\Users\Joe\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2118853541-1488753588-3094647493-1000UA.job => C:\Users\Joe\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-03-29 19:14 - 2011-04-11 02:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll
2004-09-30 15:15 - 2004-09-30 15:15 - 00192000 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2013-03-28 22:31 - 2013-03-28 22:31 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 13:53 - 2012-09-23 13:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 13:53 - 2012-09-23 13:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-01-24 12:45 - 2014-12-03 18:17 - 00231952 _____ () C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe
2015-01-24 12:45 - 2014-12-03 18:17 - 01176592 _____ () C:\Program Files (x86)\Oculus\Service\OVRServer_x64.exe
2014-01-10 02:26 - 2014-01-10 02:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-01-03 04:51 - 2014-08-19 16:12 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-03-28 22:30 - 2013-03-28 22:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-11 12:18 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-03-11 12:18 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-01-10 02:28 - 2014-01-10 02:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-08-22 12:38 - 2013-08-22 12:38 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-08-22 12:41 - 2013-08-22 12:41 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2004-09-30 14:09 - 2004-09-30 14:09 - 00155648 _____ () C:\Program Files\LinkShellExtension\32\RockallDLL.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2013-05-11 07:37 - 2013-05-11 07:37 - 14588632 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll
2015-01-16 19:35 - 2015-01-08 21:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-16 19:35 - 2015-01-08 21:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-16 19:35 - 2015-01-08 21:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-16 19:35 - 2015-01-08 21:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2015-01-16 19:35 - 2015-01-08 21:35 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Joe\AppData\Local\Temporary Internet Files:NiFImA7pno1whoJ0WFt1s
AlternateDataStreams: C:\Users\Joe\AppData\Local\Temporary Internet Files:um32ukd1KRmO1e4HGQ5zgAZ
AlternateDataStreams: C:\Users\Joe\AppData\Local\Temporary Internet Files:YGTYDIQ9YvrI8e5ywTKVj4vt
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CrashPlan Tray.lnk => C:\Windows\pss\CrashPlan Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Joe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Joe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG-Secure-Search-Update_0214c => C:\Users\Joe\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=012d7d48095647d39ae281ac0f58262d-70393698b68259567fe90401a4c13bae881e40dd /CMPID=0214c
MSCONFIG\startupreg: AVG-Secure-Search-Update_1113a => C:\Users\Joe\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=012d7d48095647d39ae281ac0f58262d-70393698b68259567fe90401a4c13bae881e40dd /CMPID=1113a
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: BackupAndRecoveryMonitor.exe => C:\Program Files (x86)\Acronis\BackupAndRecovery\BackupAndRecoveryMonitor.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: f.lux => "C:\Users\Joe\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: Facebook Update => "C:\Users\Joe\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: googletalk => C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: OutfoxTV => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TrayMonitor.exe => C:\Program Files (x86)\Acronis\TrayMonitor\TrayMonitor.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Joe\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
 
==================== FirewallRules (whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [{3B4E2E45-B7E3-4774-AE82-9C6FE16A79CD}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
FirewallRules: [{2945D9DC-3D4B-4D7F-AA8D-DCE669D75C79}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
FirewallRules: [{6A1B49D5-57F7-477B-BBBF-E94F3CBB314E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6851E29B-4CED-4178-B2B4-C50CAD1DA965}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A63DE944-C8A1-4492-8BF9-5174DDF0F92F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5AEB9935-1FA6-452F-A1F6-EA7DCF686DAC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{66F89ED6-324E-46D2-BCD4-8B2457CC398E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AAC0578C-4252-4BED-B881-48392ACC689D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3FD2F27F-3218-4A77-85C2-7C37831266A2}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{3248EC83-4848-43E8-B6CA-219EBA8B209C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{743BEDEB-8310-4B61-B4FA-24908C2864C4}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{EE01F051-6977-40D1-968F-46F1D2EE15A4}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{C6304A0B-7E24-4E7E-9BB8-7C585628A3C7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{C0DF9F94-A717-4C53-AEED-992914AA1B3C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{D24BE8EB-9CD5-41A6-80B2-6D096B70C8CD}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{C3C363E6-6633-46E3-8D61-D6F5AB48BF88}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{32DF0FE8-E3EF-4395-949D-069F11B925A9}] => (Allow) C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe
FirewallRules: [{CC869128-4AC7-4DA9-A84E-68B63BD7D6D7}] => (Allow) C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe
FirewallRules: [{70E99FA8-D032-4180-953B-A9E9FEF17467}] => (Allow) C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe
FirewallRules: [{59B499D6-7A16-4AC5-8317-4249E9B59687}] => (Allow) C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe
FirewallRules: [{81D01F25-45E7-4A45-BC98-9797F0FA84DD}] => (Allow) C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe
FirewallRules: [{A0097646-3A08-428C-BEAB-36969F8B7232}] => (Allow) C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe
FirewallRules: [TCP Query User{F126D196-4670-4756-9A49-1ACED4807FAC}C:\users\Joe\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\Joe\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{91331AFE-DC3D-4181-8407-FFFEF8BAD75A}C:\users\Joe\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\Joe\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{B1481AD3-B68A-40BD-AB92-0AD890EF5989}] => (Allow) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{FDFAC8A1-BBF6-450D-B2B1-13411B4FE021}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{C1385073-4BFF-4E37-A1CA-DA22C6BB58EA}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{65F0A2E5-9E45-4915-BBFD-89CC52980239}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{18EE8B07-831D-4C2A-A753-B9336CF68705}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{F1D72AD7-5360-40F8-B356-658E6CE5162C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{F6C1195F-7226-4A0C-8DE0-E421402BCA08}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{46FB3D3E-161E-46FC-B87A-5A76394739F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{8A717357-2916-4FB5-8C6B-26CDD6F9D087}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{B027A9F6-42CA-4757-B11C-3DFAD7B15B6C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{C1258AE8-D306-4DF3-BF51-C9FFEE03A10B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [TCP Query User{9A677C8A-4E4B-4317-BAE0-7D62A12D3F15}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{77A1F528-C305-47C4-9EE8-FADA0899565B}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{CA61E41C-A04C-4310-BCCE-F3A3ABB4F4CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B240A6EF-D5D7-4A32-9BB2-BD0EC1611707}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D57D5C87-9287-4364-8DF7-3132DC97E369}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{290ADAD8-252E-48DC-8D26-D7EEB3FFA0EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E441DE4D-207C-425A-B4ED-C4407F84246F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{EA842D7E-7996-4D14-9205-9B6AD6C42273}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{802BB151-9C68-40F9-9440-D6FA0DBA0621}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1D27D2EE-5D8B-4B9F-97B9-690D175D16D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{854ED3F1-FECE-4052-B014-0B1997698FB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0F39D55F-FBED-4B38-8476-AC3BBD7573C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C16919FF-2519-46FC-884D-028B11BDF0C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{80C901C2-6FF0-40B7-9045-F2AE3E42A3C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{679FE4AF-76D1-4B96-8216-401D8D646440}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2F8D325A-ED64-440C-96BA-040B56A04E56}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6A52E697-7BDE-4EEC-AE16-7FA55BA3741E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{A2FF888B-45F5-46B6-9374-104FB370FB0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{0EDD9F5F-AA5F-4BDA-B760-ABDDCC1A665B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{44BF999B-C5DB-4857-BFF0-15B2BC4F628D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{ABFA9C35-5EC3-40A4-861F-82FC1B5C0FBC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6E5B2C30-AAD4-4339-9887-DCFB64B1B9B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3E862773-4157-4769-AA62-169EF6A20C41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{DC6C8F6B-D53E-48BD-83E7-D23AF7644D91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{13571475-63DF-42B2-B4B9-34A1B37AAD90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BCBB016A-7740-42A7-A777-9E331864548A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{0459CE47-E226-4653-A5C8-DF1CB73E9445}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{DF587C25-3694-4D90-97E3-3D1C3081F9C9}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{D49E712A-AE25-48F6-AFD9-7C74CBAF6FF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2999B592-E7AC-474F-A72A-EA466421A930}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{B81FCDD3-5BCB-45CA-A5EE-6BC715BC224D}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{4D759451-44EA-445F-AAB5-9FCDBE2B02C4}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{A29D69EE-9F74-45BB-9FBC-CBB8ED1BA890}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{F6CD971B-C6D3-4E6A-AB53-2BCFAB125A35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{5505FF65-ED3E-4A94-94AB-5FD80669FC3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Morrowind\Morrowind Launcher.exe
FirewallRules: [{2A059470-6208-4E4D-89B7-27757B12A9B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Morrowind\Morrowind Launcher.exe
FirewallRules: [TCP Query User{AB84B143-BAF9-4A8B-90FF-2BC3C18CAEF9}C:\users\Joe\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\Joe\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{9DFD4375-8509-4E0F-B964-4EA11798C057}C:\users\Joe\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\Joe\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{99D685FA-9458-4285-8048-802DD0CEB253}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{56FFB7E7-4121-47CC-9A22-DB02C79800C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E1B16B81-9E24-4DB7-B67B-2950CA0DA710}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B6080E87-9741-4AB6-85B7-7EF9B69D0E09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{9B369E52-4AA7-46E6-B3A5-21F2ABEAC5FB}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [UDP Query User{DB47BB91-829E-40C6-AE99-7E8AFBAC81D7}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [TCP Query User{F3CAF2AB-EEDA-4D23-9579-D4E346F3230F}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{BD06EFB7-ACD4-4B68-A9EE-CD1920A8D0C1}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{BF036E11-8E7F-4FC6-843B-FE13044BF492}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5BBADA0D-7A50-4B8A-BC75-5C28ED8002AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7192F61F-A591-4E6F-87B9-3F3B1BE59F65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1FF26D7B-6C36-44E2-B2AF-FBD98F3A1A68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{20ECDF20-B891-4BEB-A636-A3194C729C35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{6639ECE2-07CB-467B-8EEA-9A635E12141A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{196302D0-AE91-4982-B708-5EE71BE9D570}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6B36B3D0-8344-4F71-967C-4B42A7CE60DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{14A3AE91-D91B-49E1-BD78-1BCAE910B511}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{F4A1B8F6-5963-49F1-850A-64E9A6030020}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{30F80BB7-AC17-4D37-AA6B-083A9D4C9355}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{EB712917-B6FB-41F0-B6BB-DCCD01B5C03E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{0BCA0035-4C54-4650-B605-C52898219AC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{05FBDC54-095C-4954-A6AB-D32A7B681B3F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{086B93DB-74E8-4E68-8518-9785A44BFBD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{FC0B206B-C651-4A72-B4B6-964495F9A49D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{189AA99C-29B4-4787-BA4F-49038D0CD82C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{97BA6D3B-7F24-4BAF-86B0-56F154B4E62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{6D4F103A-84B2-47FE-9C68-711D8069466A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{0A05A12F-340B-4C99-8B02-E92ACE1681C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{5B46C9F1-DC53-413E-B057-1408461D932E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6AF6517C-FC6F-47EB-8AFA-F045D6F260C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{543DDC54-C739-472F-A79E-66C40668AC6F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{BD74BEF4-F946-468F-BA67-B2AAB8B3D846}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{24F6BE55-084F-4D9C-886B-C1D8D02DA7AE}] => (Allow) C:\Users\Joe\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{CF104D53-1015-4169-BA24-7AD82DA25256}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{FDFCFEBD-B39B-4C82-B6F7-955C0FD0FE3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{E7EA8D79-286C-41BB-823E-E1FB770461A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life SDK\Hammer Editor\hammer.exe
FirewallRules: [{365CF0E7-335E-497B-A6C2-9D0EF37E592F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life SDK\Hammer Editor\hammer.exe
FirewallRules: [{A8907515-6C54-4241-85D6-544D9E793422}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{13944DF1-FC9C-4543-8C2B-0414EA18BEDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{B75AB411-522D-47C0-B206-6775A3C76913}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{82A10E02-EECD-4CBF-959F-0BBDFAA80CBA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{6A79DF62-5B88-4C9C-9104-F661FA501C4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\half-life 2 deathmatch\hl2.exe
FirewallRules: [{D6E40A83-F052-4AFC-B613-EB7731D20D1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\half-life 2 deathmatch\hl2.exe
FirewallRules: [{BF9069EB-D6C3-4A0E-B432-4E246497E4EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{5CCED517-F47C-4127-B375-420F798744E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{C7B75A24-3A3B-4308-8CEF-EEB2541E7572}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{6337E307-76D3-4D5E-BB42-AE9A424AED3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{439846EA-C718-47AA-9E58-8FA7093FC2E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{391658E2-5D00-48ED-9795-CE0435B6584B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{4A5E98D2-427F-42AE-A5F5-084EB39EB9C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{17A91EFC-AB92-4C4C-A03E-5861C19AB7B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{5DF3193C-079D-4FBE-BDE9-9ED23CD96D21}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\team fortress 2\hl2.exe
FirewallRules: [{01B94D6C-BAB3-4CB6-A725-7963319B4E08}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\team fortress 2\hl2.exe
FirewallRules: [{ADBEBF8A-FE75-475C-8648-0C79C5A446A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Free to Play\FTP.exe
FirewallRules: [{DD5370F6-6014-4EEE-A0F0-B31DC0BE66C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Free to Play\FTP.exe
FirewallRules: [{F2C538D2-CDCB-4AA7-AC77-FF12EF32F3CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Penumbra Black Plague\redist\Penumbra.exe
FirewallRules: [{1D032D33-B665-477B-B36D-9697627C0BFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Penumbra Black Plague\redist\Penumbra.exe
FirewallRules: [{998B5B86-6CD5-4237-A747-7E9B23370B7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [{8905A171-F954-4A06-8B10-A14EA7B23B55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [{9E1EF846-D980-44D5-B064-9DEFBC386BF0}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{F27C79D6-E2C6-4EBB-B69D-BBCCE4D7736B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{18F0382C-1904-4F09-8465-A5E33A170F0D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4BBB0452-0EB2-4D07-B8EA-08EFC0010C1C}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
FirewallRules: [{C6741E01-4C3D-408B-8D5F-CC946A22FA83}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
FirewallRules: [{FA5672C5-79CA-4238-8542-B535C9C04AA3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6C4B18EA-1923-4CE3-9816-38A32670250A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5BE45551-2216-46BE-B0D4-AB084ABF6B5E}] => (Allow) LPort=2869
FirewallRules: [{8C369261-2C9E-4AC6-96D3-74DF7904DB5A}] => (Allow) LPort=1900
FirewallRules: [{A488BE73-CE02-4B06-8835-6B54A55133B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\bin\SDKLauncher.exe
FirewallRules: [{B6CB86F2-75B2-48EB-8516-5504475D41D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\bin\SDKLauncher.exe
FirewallRules: [{C0C17CE3-CF5D-488A-982A-67A5B012D068}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{56AF8189-48C8-474A-BE17-1C756CDF0C4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{6F33C7AF-E299-4E25-B864-6CEDFDC941E7}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win32\UDK.exe
FirewallRules: [{BD0F74E9-033F-41D6-99B1-EA009D003A05}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win32\UDK.exe
FirewallRules: [{D756C30A-7DC0-40B9-B4E0-E27B97B9ACA9}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win64\UDK.exe
FirewallRules: [{CFC16692-2CCD-4EE0-A203-88B536979279}] => (Allow) C:\UDK\UDK-2014-08\Binaries\Win64\UDK.exe
FirewallRules: [{D1AC4A27-1B51-4258-89B7-84532C4E3940}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{511D6634-6DA3-46C1-A627-FDC589BD54DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [TCP Query User{D1F3ABDE-DF8B-443B-BE2D-CD46D2A03939}C:\program files\epic games\4.4\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.4\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{594E1599-E05C-4711-9973-4ADA276BB75C}C:\program files\epic games\4.4\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.4\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{1AFADED0-1480-473A-B26A-75B369BC0D00}C:\program files\epic games\4.4\engine\binaries\dotnet\swarmagent.exe] => (Block) C:\program files\epic games\4.4\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [UDP Query User{10AAEDC2-D644-4A2E-A003-704ACB3AFA9E}C:\program files\epic games\4.4\engine\binaries\dotnet\swarmagent.exe] => (Block) C:\program files\epic games\4.4\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [TCP Query User{DDBCA569-9098-4F30-9DFA-DF9D72D52D25}C:\users\Joe\documents\unreal projects\annashow\saved\stagedbuilds\windowsnoeditor\annashow\binaries\win64\annashow.exe] => (Allow) C:\users\Joe\documents\unreal projects\annashow\saved\stagedbuilds\windowsnoeditor\annashow\binaries\win64\annashow.exe
FirewallRules: [UDP Query User{CCFC3105-2DE8-4F19-9925-A2BCB56A3FD8}C:\users\Joe\documents\unreal projects\annashow\saved\stagedbuilds\windowsnoeditor\annashow\binaries\win64\annashow.exe] => (Allow) C:\users\Joe\documents\unreal projects\annashow\saved\stagedbuilds\windowsnoeditor\annashow\binaries\win64\annashow.exe
FirewallRules: [TCP Query User{525531BD-9B93-42A7-9D47-32E412F5B5D0}C:\program files\epic games\4.5\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.5\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{B68BE113-28F1-47A8-BF97-7617C00296BF}C:\program files\epic games\4.5\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.5\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{46236AF6-AD31-4A90-8C93-5BA317B918DF}C:\program files\epic games\4.5\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\4.5\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [UDP Query User{334D3045-D0BF-4651-88F9-35BD6DAE93DD}C:\program files\epic games\4.5\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\4.5\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [{70BC060B-FAA7-4814-AF0A-1979E3BF68FA}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{B44E0E0E-13FF-44DF-89DC-66A2C159D353}C:\users\Joe\desktop\testpackage\windowsnoeditor\annashow\binaries\win64\annashow.exe] => (Allow) C:\users\Joe\desktop\testpackage\windowsnoeditor\annashow\binaries\win64\annashow.exe
FirewallRules: [UDP Query User{79EF6C2F-C1D1-4C48-BE7E-7FBEA62B2034}C:\users\Joe\desktop\testpackage\windowsnoeditor\annashow\binaries\win64\annashow.exe] => (Allow) C:\users\Joe\desktop\testpackage\windowsnoeditor\annashow\binaries\win64\annashow.exe
FirewallRules: [{78DA62EC-9AD7-4C8A-8856-C870591C171E}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{CC5E7AA1-A1D9-4683-A46A-2CBFC0DA5338}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{4A253306-E3F0-4553-A324-C21F035C0B66}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{6AFBEF5A-D828-4668-82B4-BE6BA25870E3}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{C8388148-72B0-4121-8031-FA50D82EF239}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{B8845F9D-01DE-4FC8-8C42-6553945137EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{D614BFF5-2C7D-4756-A4C8-98F8BF20DE85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{AA0C4311-7C28-41E5-ADF8-257AFBB8978F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{E1DBBEB6-8AB7-4DB4-B37E-F1BB20F9310B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{BCEC217F-4EF7-40D5-93E2-1987C9671215}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{BB1BE65F-E880-4FF6-8227-B2268548ACF3}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{43BE26E7-965F-4EFD-9D05-EF9E5F005882}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{34139BA1-08FD-42CD-A134-AD5660E4B296}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cortex Command\Cortex Command.exe
FirewallRules: [{8ECE6510-BA2D-432A-8412-0F806FDBA783}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cortex Command\Cortex Command.exe
FirewallRules: [{1EB87F30-4AA1-4387-9A1C-D594B356FC51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dear Esther\dearesther.exe
FirewallRules: [{F2CBCE41-B49D-4E47-81BF-CB33C1A41BA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dear Esther\dearesther.exe
FirewallRules: [{3D0DB79C-690D-48F3-83D9-468701D1B1D2}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 Portable [ThumperDC]\Adobe Photoshop CS6 Extended v13 0 Portable [ThumperDC]\Adobe Photoshop CS6.exe
FirewallRules: [{78B1169E-EB05-4462-B37F-8BDC73762FE5}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 Portable [ThumperDC]\Adobe Photoshop CS6 Extended v13 0 Portable [ThumperDC]\Adobe Bridge CS6.exe
FirewallRules: [{EA22FD92-E6AF-42AA-B1B2-8EFE5E885828}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 Portable [ThumperDC]\Adobe Photoshop CS6 Extended v13 0 Portable [ThumperDC]\Adobe ExtendScript Toolkit CS6.exe
FirewallRules: [{6BAF25F7-DB19-4CF6-9575-B75D01746871}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 Portable [ThumperDC]\Adobe Photoshop CS6 Extended v13 0 Portable [ThumperDC]\Adobe Extension Manager CS6.exe
FirewallRules: [{C2E404BC-D38A-4697-92E1-31147E3C1C24}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 Portable [ThumperDC]\Adobe Photoshop CS6 Extended v13 0 Portable [ThumperDC]\Adobe Photoshop CS6.exe
FirewallRules: [{EAFC5D33-F04C-45A8-B6CC-08D47310068D}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 Portable [ThumperDC]\Adobe Photoshop CS6 Extended v13 0 Portable [ThumperDC]\Adobe Bridge CS6.exe
FirewallRules: [{F93E5F03-430D-456E-ADB5-24CB6B52FBD3}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 Portable [ThumperDC]\Adobe Photoshop CS6 Extended v13 0 Portable [ThumperDC]\Adobe ExtendScript Toolkit CS6.exe
FirewallRules: [{14EA01B9-78F2-4410-AAAF-AC7FBB69344D}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 Portable [ThumperDC]\Adobe Photoshop CS6 Extended v13 0 Portable [ThumperDC]\Adobe Extension Manager CS6.exe
FirewallRules: [{27A24F6F-FC6F-4DCB-8596-740C4920EA07}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
FirewallRules: [{73FD529B-82D6-4C01-8CAD-E11474274B0F}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
FirewallRules: [{810FDC5C-9426-45F6-BC70-DABC10789AC0}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
FirewallRules: [{BC0B3D70-E890-4D6F-B1F7-C46B86A6E633}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
FirewallRules: [{8B0515E4-0E49-43B2-BF01-86CE7CBA52B0}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
FirewallRules: [{2FA9FE2A-47A0-4593-963D-DCFED39BE8AB}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\LogTransport2.exe
FirewallRules: [{35248B8B-0468-4F3B-8B7F-07D48887F81E}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\sniffer_gpu.exe
FirewallRules: [{4F1C0B00-3EA9-43F9-85FD-C95EB000204A}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe
FirewallRules: [{304D728F-8450-45B4-B223-F669374AF7E7}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe
FirewallRules: [{BDCAEA99-6314-4F53-9A08-C74438D71D71}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
FirewallRules: [{CAD61D0F-5111-41A1-867C-6B0B0FEDBAA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{23BF50F4-EE4F-40CC-A36B-3F0AF45AEEB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{90214BD3-6C16-4825-BA2E-D47A1B842E65}C:\program files\epic games\4.6\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.6\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{CDCE0D14-F25C-4198-8E43-038633C3BB66}C:\program files\epic games\4.6\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.6\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{28D06268-7996-4CAD-857D-258E078120A4}C:\program files\epic games\4.6\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\4.6\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [UDP Query User{0283B996-4765-4AE0-A9EC-E7718A12D62E}C:\program files\epic games\4.6\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\4.6\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [TCP Query User{AC4C0091-981F-4D6A-81F1-1621BF7396E8}C:\users\Joe\desktop\new folder\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\Joe\desktop\new folder\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{99B9DFC2-25C1-4327-87C0-4C2E975CD0BB}C:\users\Joe\desktop\new folder\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\Joe\desktop\new folder\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{1E2E6C0D-E1B1-4D8A-B0BE-1A6306B7EF47}C:\users\Joe\desktop\testproject\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\Joe\desktop\testproject\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{0C29EE9E-8494-480B-9C34-3CBD7DF26806}C:\users\Joe\desktop\testproject\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\Joe\desktop\testproject\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{4D6E06DC-0850-49AA-8361-E347DFF1410E}C:\users\Joe\desktop\test\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\Joe\desktop\test\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{5B035613-6C5F-4B5D-95F2-AEE562F80872}C:\users\Joe\desktop\test\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\Joe\desktop\test\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [{7A66E499-CA36-4D94-80E0-13669063FB63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{735EA6D8-51A0-429C-977E-BD07430B5904}C:\users\Joe\desktop\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\Joe\desktop\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{5F0FDB19-1364-4D83-97F0-22948483CC67}C:\users\Joe\desktop\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\Joe\desktop\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{EA3BCDD0-63C0-4011-AC4E-0308259531D2}C:\users\Joe\desktop\test22\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\Joe\desktop\test22\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{38374726-7364-4063-969B-5BE8516F9416}C:\users\Joe\desktop\test22\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\Joe\desktop\test22\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [{7D4AC657-70B3-44A4-999E-527E80378B66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\InMind\InMind.exe
FirewallRules: [{27DF1454-250C-4F7D-B0BD-3D09CDAF5387}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\InMind\InMind.exe
FirewallRules: [{A12E4BC7-CD8A-4908-9F4C-5430D81F57DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\InMind\InMind_DirectToRift.exe
FirewallRules: [{7D65E1A1-D1BC-4EAE-865A-A24273DD2AF1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\InMind\InMind_DirectToRift.exe
FirewallRules: [{7D4B419B-CF0A-446C-8F62-B2C93382A3F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{C521E5E5-D481-4F73-BD24-E3B13FAD7E1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{7CE20C67-895D-4A90-93C1-952B178219A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{E5C1652A-5CDC-4C14-95D8-39AEAC5A9E25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [TCP Query User{7A58F8C9-7DDE-40BF-A28F-716D258B2DA4}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{9C529439-5165-49DF-B520-B3D97C972635}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [{514C00E2-A730-4FF1-AB99-B492619D9DF0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{D54BD7B3-A8BE-4473-8F3C-1E71238AE472}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{E754284F-C775-4FE5-BDA6-59031968BF59}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
FirewallRules: [{9D77D8BB-02E4-44B4-B206-B3868F17E804}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
FirewallRules: [{F67FE88A-0CFB-49EB-A3C2-C95F16592E66}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
FirewallRules: [{76641CFF-5D43-434E-9F09-C4EC23283929}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
FirewallRules: [{8AACFF69-C354-42FD-B9FD-3877AF30E29B}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
FirewallRules: [{BC6E3AE7-8935-419F-99CA-9377FFD04F42}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
FirewallRules: [TCP Query User{F209D454-A95A-4CCE-89BD-6A58638CD573}C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{F468F212-27A6-49EB-A1FD-F9E6E8043DDD}C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.7\engine\binaries\win64\ue4editor.exe
FirewallRules: [{8F9D1740-D1FE-4604-84CA-9B5DFEDF4535}] => (Allow) C:\Program Files\Nightly\firefox.exe
FirewallRules: [{A59E78DE-5113-488F-8078-97B367544E12}] => (Allow) C:\Program Files\Nightly\firefox.exe
FirewallRules: [TCP Query User{6C7D645F-C720-48DF-A830-04A2864AA1AF}C:\program files\epic games\4.7\engine\binaries\dotnet\swarmagent.exe] => (Block) C:\program files\epic games\4.7\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [UDP Query User{21882BBD-430C-4A2F-A0ED-063637381857}C:\program files\epic games\4.7\engine\binaries\dotnet\swarmagent.exe] => (Block) C:\program files\epic games\4.7\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [TCP Query User{FB60E9E8-09AD-40BF-9741-5A27EA899BC5}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{BD3BD8C6-DE95-4799-904D-699D1B2B50FB}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{21627EE0-777D-494D-8601-480B8262E35B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KentuckyRouteZero\KentuckyRouteZero.exe
FirewallRules: [{FEBEAF90-0241-4CA4-BFE6-11AFCDDA9651}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KentuckyRouteZero\KentuckyRouteZero.exe
FirewallRules: [{E07CAF56-39DC-4395-A331-377EB8A51215}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{8AC00453-0D0D-4FD6-9919-3B37EDC677F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{DDE20219-4B00-48D2-82AB-3D49A6802748}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{BFC69807-5BFC-4D67-AC36-50C5179393E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [TCP Query User{E513ED70-6431-4F69-B430-717AF875ED81}C:\users\Joe\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\Joe\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{287379BE-4253-4C59-AFC7-AD9E0C5017A4}C:\users\Joe\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\Joe\appdata\local\hola\firefox\app\hola_plugin.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/30/2015 04:41:01 PM) (Source: WTabletServiceCon) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (04/30/2015 04:34:49 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Scheduler failed to run task  with GUID '674D9BE6-C532-4258-B58C-132B38D406F4' because of error 3 (The system cannot find the path specified).
 
Error: (04/30/2015 04:34:49 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Scheduler failed to run task  with GUID '175175AE-ED85-4233-96F4-BC9E6915336B' because of error 3 (The system cannot find the path specified).
 
Error: (04/30/2015 09:59:27 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.
 
Error: (04/29/2015 05:26:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008
 
Error: (04/29/2015 05:26:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008
 
Error: (04/29/2015 05:26:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (04/29/2015 05:26:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009
 
Error: (04/29/2015 05:26:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4009
 
Error: (04/29/2015 05:26:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (04/30/2015 04:44:53 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (04/30/2015 04:36:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (04/30/2015 04:36:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (04/30/2015 04:36:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Updating Service service failed to start due to the following error: 
%%1053
 
Error: (04/30/2015 04:36:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
 
Error: (04/30/2015 04:35:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (04/30/2015 04:35:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (04/30/2015 04:35:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The OutfoxTvService service failed to start due to the following error: 
%%2
 
Error: (04/30/2015 10:01:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (04/30/2015 10:01:02 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
 
Microsoft Office Sessions:
=========================
Error: (04/30/2015 04:41:01 PM) (Source: WTabletServiceCon) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (04/30/2015 04:34:49 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Scheduler failed to run task  with GUID '674D9BE6-C532-4258-B58C-132B38D406F4' because of error 3 (The system cannot find the path specified).
 
Error: (04/30/2015 04:34:49 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Scheduler failed to run task  with GUID '175175AE-ED85-4233-96F4-BC9E6915336B' because of error 3 (The system cannot find the path specified).
 
Error: (04/30/2015 09:59:27 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.
 
Error: (04/29/2015 05:26:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008
 
Error: (04/29/2015 05:26:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008
 
Error: (04/29/2015 05:26:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (04/29/2015 05:26:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009
 
Error: (04/29/2015 05:26:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4009
 
Error: (04/29/2015 05:26:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-11-02 18:15:04.443
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-02 18:15:04.217
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD Phenom™ II X4 955 Processor
Percentage of memory in use: 36%
Total physical RAM: 8189.24 MB
Available physical RAM: 5223.75 MB
Total Pagefile: 20470.43 MB
Available Pagefile: 17034.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:159.08 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AEAA2C87)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Edited by zestron, 30 April 2015 - 04:09 PM.

  • 0

Advertisements

#2
Essexboy
Posted 01 May 2015 - 07:38 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, your copy of Chrome has been compromised

Re-install Chrome

Unless you did this yourself, malware has changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants. We need to resolve this.

1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chrome.
Note: When asked about user data or settings you must remove this also so please check the box.
5. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
6. Import your bookmarks back into Chrome
7. Sign back in to your Chrome browser so that your bookmarks sync with your online account.

THEN

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2118853541-1488753588-3094647493-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
2015-04-02 18:14 - 2015-04-07 18:53 - 00000000 ____D () C:\ProgramData\boost_interprocess
Task: {C66F61DB-B81C-4BBB-84E5-699CFC921128} - System32\Tasks\{0712CEE4-6F21-4497-83F5-42D74A7817AB} => pcalua.exe -a C:\Users\Joe\Downloads\forge-1.8-11.14.1.1375-installer-win.exe -d C:\Users\Joe\Downloads
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Joe\AppData\Local\Temporary Internet Files:NiFImA7pno1whoJ0WFt1s
AlternateDataStreams: C:\Users\Joe\AppData\Local\Temporary Internet Files:um32ukd1KRmO1e4HGQ5zgAZ
AlternateDataStreams: C:\Users\Joe\AppData\Local\Temporary Internet Files:YGTYDIQ9YvrI8e5ywTKVj4vt
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#3
Essexboy
Posted 05 May 2015 - 08:46 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: popup

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP