Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I got infected with PCTuner from downloading Filezilla


  • This topic is locked This topic is locked
5 replies to this topic

#1 madscyan

madscyan

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 27 May 2015 - 11:47 AM

I find this very weird and disturbing.  My girlfriend installed Filezilla on my computer and although im not the one who clicked on the link, im 99% sure she clicked on the official website filezilla-project.org 

 

She installed it without double checking so i wouldve expected some stuff like a toolbar being installed or something like that, but a minute after, i see a weather app pop up on my desktop and from then all goes south.  

 

I got infected with PCTuner and its kind of extreme because it even launches internet explorer by himself (i never use IE i use chrome) and its really starting to mess up my computer.  I checked other threads with PCTuner and it seems indeed that a normal uninstall will not fix the problem.

 

So here i am again.  You guys have already helped me fix my computer once and im very grateful for that and kindly ask again if you would be willing to help me out with this issue that i have now.

 

Thank you

 

P.S. If any of you know if there is something wrong with filezilla or if there is some kind of mirror program thats malevolent, ive used this program before and never have i got anything like this



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,936 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:04 PM

Posted 29 May 2015 - 07:33 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
POST THE LOG FOR MY REVIEW.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===


How is the computer running?
Wait for further instructions.

#3 madscyan

madscyan
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 03 June 2015 - 04:19 PM

Hi nasdaq,

 

thanks for helping me out.  Here are the logs

 

Protection log

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
 
Protection, 2015-06-03 4:01:44 PM, SYSTEM, MAIKA, Protection, Malware Protection, Starting, 
Protection, 2015-06-03 4:01:44 PM, SYSTEM, MAIKA, Protection, Malware Protection, Started, 
Protection, 2015-06-03 4:01:44 PM, SYSTEM, MAIKA, Protection, Malicious Website Protection, Starting, 
Protection, 2015-06-03 4:01:44 PM, SYSTEM, MAIKA, Protection, Malicious Website Protection, Started, 
Update, 2015-06-03 4:01:49 PM, SYSTEM, MAIKA, Manual, Remediation Database, 2015.3.9.1, 2015.5.13.1, 
Update, 2015-06-03 4:01:49 PM, SYSTEM, MAIKA, Manual, Rootkit Database, 2015.2.25.1, 2015.6.2.1, 
Update, 2015-06-03 4:02:00 PM, SYSTEM, MAIKA, Manual, Malware Database, 2015.3.9.5, 2015.6.3.5, 
Protection, 2015-06-03 4:02:00 PM, SYSTEM, MAIKA, Protection, Refresh, Starting, 
Protection, 2015-06-03 4:02:00 PM, SYSTEM, MAIKA, Protection, Malicious Website Protection, Stopping, 
Protection, 2015-06-03 4:02:00 PM, SYSTEM, MAIKA, Protection, Malicious Website Protection, Stopped, 
Protection, 2015-06-03 4:02:04 PM, SYSTEM, MAIKA, Protection, Refresh, Success, 
Protection, 2015-06-03 4:02:04 PM, SYSTEM, MAIKA, Protection, Malicious Website Protection, Starting, 
Protection, 2015-06-03 4:02:05 PM, SYSTEM, MAIKA, Protection, Malicious Website Protection, Started, 
Scan, 2015-06-03 4:27:38 PM, SYSTEM, MAIKA, Manual, Start:2015-06-03 4:05:28 PM, Duration:18 min 31 sec, Threat Scan, Completed, 0 Malware Detections, 13 Non-Malware Detections, 
Protection, 2015-06-03 4:31:14 PM, SYSTEM, MAIKA, Protection, Malware Protection, Starting, 
Protection, 2015-06-03 4:31:14 PM, SYSTEM, MAIKA, Protection, Malware Protection, Started, 
Protection, 2015-06-03 4:31:14 PM, SYSTEM, MAIKA, Protection, Malicious Website Protection, Starting, 
Protection, 2015-06-03 4:31:14 PM, SYSTEM, MAIKA, Protection, Malicious Website Protection, Started, 
Update, 2015-06-03 4:31:42 PM, SYSTEM, MAIKA, Scheduler, Malware Database, 2015.6.3.5, 2015.6.3.6, 
Protection, 2015-06-03 4:31:42 PM, SYSTEM, MAIKA, Protection, Refresh, Starting, 
Protection, 2015-06-03 4:31:42 PM, SYSTEM, MAIKA, Protection, Malicious Website Protection, Stopping, 
Protection, 2015-06-03 4:31:42 PM, SYSTEM, MAIKA, Protection, Malicious Website Protection, Stopped, 
Protection, 2015-06-03 4:31:45 PM, SYSTEM, MAIKA, Protection, Refresh, Success, 
Protection, 2015-06-03 4:31:45 PM, SYSTEM, MAIKA, Protection, Malicious Website Protection, Starting, 
Protection, 2015-06-03 4:31:46 PM, SYSTEM, MAIKA, Protection, Malicious Website Protection, Started, 
 
(end)
 
Scan log
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 2015-06-03
Scan Time: 4:05:28 PM
Logfile: scan log.txt
Administrator: Yes
 
Version: 2.01.6.1022
Malware Database: v2015.06.03.05
Rootkit Database: v2015.06.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Jonathan
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 350818
Time Elapsed: 18 min, 31 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 2
PUP.Optional.WinYahoo.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [2829853151395ed85bb9453a5ca946ba], 
PUP.Optional.WinYahoo.A, HKU\S-1-5-21-824104819-4214671232-1680957218-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [5df4cde93c4e91a56da67b0431d41de3], 
 
Registry Values: 4
PUP.Optional.WinYahoo.A, HKU\S-1-5-21-824104819-4214671232-1680957218-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://ca.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_15_22&param1=1&param2=fQuarantinedD4%26bQuarantinedDIE%26ccQuarantinedDca%26paQuarantinedDWincy%26cdQuarantinedD2XzuyEtN2Y1L1QzuyDyCtByBtC0E0F0BtC0BtD0AyBzyzy0EtN0D0Tzu0StCtByEtDtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StAtBzz0Dzz0E0E0FtG0EtA0E0EtGyC0D0BzytGyCzz0F0DtGyBzzzy0BtByEtA0D0DyByE0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDyBtAzytDtBzztGyEtAtDyEtGyEyD0AtAtGzytAtBtAtGzzyBtAtDzzzyzy0EyC0FzzyB2QtN0A0LzutB%26crQuarantinedD521083927%26aQuarantinedDwncy_frg01_15_22%26osQuarantinedDWindows 8.1&p={searchTerms}, [5df4cde93c4e91a56da67b0431d41de3], %5
PUP.Optional.WinYahoo.A, HKU\S-1-5-21-824104819-4214671232-1680957218-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, http://ca.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_15_22&param1=1&param2=fQuarantinedD4%26bQuarantinedDIE%26ccQuarantinedDca%26paQuarantinedDWincy%26cdQuarantinedD2XzuyEtN2Y1L1QzuyDyCtByBtC0E0F0BtC0BtD0AyBzyzy0EtN0D0Tzu0StCtByEtDtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StAtBzz0Dzz0E0E0FtG0EtA0E0EtGyC0D0BzytGyCzz0F0DtGyBzzzy0BtByEtA0D0DyByE0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDyBtAzytDtBzztGyEtAtDyEtGyEyD0AtAtGzytAtBtAtGzzyBtAtDzzzyzy0EyC0FzzyB2QtN0A0LzutB%26crQuarantinedD521083927%26aQuarantinedDwncy_frg01_15_22%26osQuarantinedDWindows 8.1&p={searchTerms}, [75dcc5f13d4dab8be2311a65689dd52b], %5
 
Registry Data: 1
PUP.Optional.WinYahoo.A, HKU\S-1-5-21-824104819-4214671232-1680957218-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://ca.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_15_22&param1=1&param2=fGood: (www.google.com)D1%26bGood: (www.google.com)DIE%26ccGood: (www.google.com)Dca%26paGood: (www.google.com)DWincy%26cdGood: (www.google.com)D2XzuyEtN2Y1L1QzuyDyCtByBtC0E0F0BtC0BtD0AyBzyzy0EtN0D0Tzu0StCtByEtDtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StAtBzz0Dzz0E0E0FtG0EtA0E0EtGyC0D0BzytGyCzz0F0DtGyBzzzy0BtByEtA0D0DyByE0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDyBtAzytDtBzztGyEtAtDyEtGyEyD0AtAtGzytAtBtAtGzzyBtAtDzzzyzy0EyC0FzzyB2QtN0A0LzutB%26crGood: (www.google.com)D521083927%26aGood: (www.google.com)Dwncy_frg01_15_22%26osGood: (www.google.com)DWindows 8.1, Bad: (http://ca.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_15_22&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyDyCtByBtC0E0F0BtC0BtD0AyBzyzy0EtN0D0Tzu0StCtByEtDtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StAtBzz0Dzz0E0E0FtG0EtA0E0EtGyC0D0BzytGyCzz0F0DtGyBzzzy0BtByEtA0D0DyByE0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDyBtAzytDtBzztGyEtAtDyEtGyEyD0AtAtGzytAtBtAtGzzyBtAtDzzzyzy0EyC0FzzyB2QtN0A0LzutB%26cr%3D521083927%26a%3Dwncy_frg01_15_22%26os%3DWindows 8.1),Replaced,[1e33e2d4bfcb2d099daa4de9a066e818], %5
 
Folders: 2
PUP.Optional.PCTuner.C, C:\Program Files (x86)\Tuneup computer, Quarantined, [3d1461550e7cf244041b1bc840c39868], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Quarantined, [252ca80e52385cdaa1dbb23263a0e61a], 
 
Files: 4
PUP.Optional.InstallCore.A, C:\Users\Jonathan\Downloads\FileZilla_3.11.0.1_win64-setup (1).exe, Quarantined, [242d476f0f7be0566316cf96af53b24e], 
PUP.Optional.PCTuner.C, C:\Program Files (x86)\Tuneup computer\infodts.dat, Quarantined, [3d1461550e7cf244041b1bc840c39868], 
PUP.Optional.PCTuner.C, C:\Program Files (x86)\Tuneup computer\ProductKey.txt, Quarantined, [3d1461550e7cf244041b1bc840c39868], 
PUP.Optional.WinYahoo, C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Good: ("session":{"restore_on_startup":5}}), Bad: ("session":{"restore_on_startup":4,"startup_urls":["http://mysearch.avg.com/?cid={1C3C3DBE-A433-432F-917D-7C0E9F8CFF1F}&mid=c3cd7bb134f547d2a1e22104e4de9cd5-be66d1e750f53e0934e30c81d42bced95533c9fd&lang=fr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-07-07%2010:10:25&v=18.1.8.643&pid=safeguard&sg=&sap=hp","https://www.youtube.com/","http://ca.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_15_22&param1=1&param2=fReplaced,[e56cad09aedcfd391d6b63139a6ca759]D7%26bReplaced,[e56cad09aedcfd391d6b63139a6ca759]DChrome%26ccReplaced,[e56cad09aedcfd391d6b63139a6ca759]Dca%26paReplaced,[e56cad09aedcfd391d6b63139a6ca759]DWincy%26cdReplaced,[e56cad09aedcfd391d6b63139a6ca759]D2XzuyEtN2Y1L1QzuyDyCtByBtC0E0F0BtC0BtD0AyBzyzy0EtN0D0Tzu0StCtByEtDtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StAtBzz0Dzz0E0E0FtG0EtA0E0EtGyC0D0BzytGyCzz0F0DtGyBzzzy0BtByEtA0D0DyByE0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDyBtAzytDtBzztGyEtAtDyEtGyEyD0AtAtGzytAtBtAtGzzyBtAtDzzzyzy0EyC0FzzyB2QtN0A0LzutB%26crReplaced,[e56cad09aedcfd391d6b63139a6ca759]D521083927%26aReplaced,[e56cad09aedcfd391d6b63139a6ca759]Dwncy_frg01_15_22%26osReplaced,[e56cad09aedcfd391d6b63139a6ca759]DWindows 8.1"]},"sync":{"remaining_rollback_tries":0}}), %5
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
AdwCleaner log
 
# AdwCleaner v4.206 - Logfile created 03/06/2015 at 16:43:00
# Updated 01/06/2015 by Xplode
# Database : 2015-06-01.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Jonathan - MAIKA
# Running from : C:\Users\Jonathan\Downloads\adwcleaner_4.206.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
File Deleted : C:\Users\Jonathan\AppData\Roaming\AdobeWLCMCache.dat
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v43.0.2357.81
 
[C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : 
[C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : 1C0066033DF53DB019603F256350A38EB6320AA163FF8785E744DE53370F8A8E"},"software_reporter":{"prompt_reason":"19A98B33A67D0CF4BB0891E96753BC41ECBFE09178566A8BF77031D2E48E9004","prompt_seed":"A5DE44D6B4DEFEA5A04BFBA8BE0C4DE268C22D041AAD3CDF96EFC4C77F06AF1C","prompt_version":"D9CBFF5F670B8B5536DAE6D2D6C14C1700CDE25754C739E44EAE4B915756956D"},"sync":{"remaining_rollback_tries":"9902E9B2A8365B24D2DEC6102299173F52E1C8AAC0CC0ED93909557A4C1099D7"}},"super_mac":"CC0506EB6B11E4144EDEA7C6EB3F9412D18B138A008EFF717CE117210ED9752C"},"session":{"restore_on_startup":4,"startup_urls":["hxxp://mysearch.avg.com/?cid={1C3C3DBE-A433-432F-917D-7C0E9F8CFF1F}&mid=c3cd7bb134f547d2a1e22104e4de9cd5-be66d1e750f53e0934e30c81d42bced95533c9fd&lang=fr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-07-07%2010:10:25&v=18.1.8.643&pid=safeguard&sg=&sap=hp","hxxps://www.youtube.com/","hxxp://ca.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_15_22&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dca%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyDyCtByBtC0E0F0BtC0BtD0AyBzyzy0EtN0D0Tzu0StCtByEtDtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StAtBzz0Dzz0E0E0FtG0EtA0E0EtGyC0D0BzytGyCzz0F0DtGyBzzzy0BtByEtA0D0DyByE0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDyBtAzytDtBzztGyEtAtDyEtGyEyD0AtAtGzytAtBtAtGzzyBtAtDzzzyzy0EyC0FzzyB2QtN0A0LzutB%26cr%3D521083927%26a%3Dwncy_frg01_15_22%26os%3DWindows 8.1
 
-\\ Chromium v45.0.2406.0
 
 
*************************
 
AdwCleaner[R0].txt - [8321 bytes] - [03/06/2015 16:40:05]
AdwCleaner[S0].txt - [2397 bytes] - [03/06/2015 16:43:00]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2456  bytes] ##########
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by Jonathan at 2015-06-03 17:00:34
Running from C:\Users\Jonathan\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-824104819-4214671232-1680957218-500 - Administrator - Disabled)
Guest (S-1-5-21-824104819-4214671232-1680957218-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-824104819-4214671232-1680957218-1003 - Limited - Enabled)
Jonathan (S-1-5-21-824104819-4214671232-1680957218-1001 - Administrator - Enabled) => C:\Users\Jonathan
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-824104819-4214671232-1680957218-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
100% Orange Juice (HKLM-x32\...\Steam App 282800) (Version:  - Orange_Juice)
888poker (HKLM-x32\...\888poker) (Version:  - )
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.0.1.88 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Arena: Cyber Evolution (HKLM-x32\...\Steam App 285580) (Version:  - Spearhead Games)
ASUS GPU Tweak (HKLM\...\{7353D4C7-43E9-46A3-A1FF-79DD94A386F2}) (Version: 1.0.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0033 - ASUS)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.228 - Broadcom Corporation)
Camtasia Studio 8 (HKLM-x32\...\{1B57499B-1BEB-426A-A406-D9D004A1D2CE}) (Version: 8.5.0.1954 - TechSmith Corporation)
Castle Story (HKLM-x32\...\Steam App 227860) (Version:  - Sauropod Studio)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Chivalry BETA (HKLM-x32\...\Steam App 232210) (Version:  - )
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Chromium (HKU\S-1-5-21-824104819-4214671232-1680957218-1001\...\Chromium) (Version: 45.0.2406.0 - Chromium)
Craft The World (HKLM-x32\...\Steam App 248390) (Version:  - Dekovir Entertainment)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version:  - Red Hook Studios)
Darkwood (HKLM-x32\...\Steam App 274520) (Version:  - Acid Wizard Studio)
Dawn of Discovery - Venice (HKLM-x32\...\Steam App 33340) (Version:  - Blue Byte)
Dawn of Discovery (HKLM-x32\...\Steam App 33210) (Version:  - Blue Byte)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
ETDWare PS/2-X64 11.5.12.1_WHQL (HKLM\...\Elantech) (Version: 11.5.12.1 - ELAN Microelectronic Corp.)
FileZilla Client 3.11.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.1 - Tim Kosse)
Game Explorer Categories - casual (HKLM-x32\...\WildTangentGameProvider-asus-casual) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - enthusiast (HKLM-x32\...\WildTangentGameProvider-asus-enthusiast) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - family (HKLM-x32\...\WildTangentGameProvider-asus-family) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - kids (HKLM-x32\...\WildTangentGameProvider-asus-kids) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - touch (HKLM-x32\...\WildTangentGameProvider-asus-touch) (Version: 3.2.0.6 - WildTangent, Inc.)
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version:  - Telltale Games)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Gemini Rue (HKLM-x32\...\Steam App 80310) (Version:  - Joshua Neurnberger)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.7 - Genesys Logic)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HEX (HKLM-x32\...\{E31B651A-B48C-423C-8D0D-855756C8B7E8}_is1) (Version:  - HEX Entertainment)
Highlands (HKLM-x32\...\Steam App 359920) (Version:  - Burrito Studio)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Kingdom Wars 2: Battles (HKLM-x32\...\Steam App 253190) (Version:  - Reverie World Studios, INC)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office 365 Small Business Premium - en-us (HKLM\...\O365SmallBusPremRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.60 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Pox Nora 1.8 (HKLM-x32\...\3055-2232-0137-3195) (Version: 1.8 - Desert Owl Games)
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.24565 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skullgirls (HKLM-x32\...\Steam App 245170) (Version:  - Lab Zero Games)
Small World 2 (HKLM-x32\...\Steam App 235620) (Version:  - Days of Wonder)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Escapists (HKLM-x32\...\Steam App 298630) (Version:  - Mouldy Toof Studios)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
Thunderbolt™ Software (HKLM\...\{A1E0CC92-937C-4D22-8F42-C5BE96F35AC0}) (Version: 1.4.0.1 - Intel® Corporation)
TortoiseSVN 1.8.10.26129 (64 bit) (HKLM\...\{A9E679EC-8FD4-49D8-A5A5-ACE462515A9E}) (Version: 1.8.26129 - TortoiseSVN)
Unity (HKLM-x32\...\Unity) (Version: 4.6.3f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-824104819-4214671232-1680957218-1001\...\UnityWebPlayer) (Version: 4.6.3f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8070 - Broadcom Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.2 - WildTangent)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E7}) (Version: 19.0.11294 - WinZip Computing, S.L. )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-824104819-4214671232-1680957218-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Restore Points =========================
 
28-05-2015 12:00:32 Scheduled Checkpoint
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {06710980-346E-473F-A373-DEBF3FD70A8B} - System32\Tasks\Chromium => C:\Users\Jonathan\AppData\Local\Chromium\Application\45.0.2406.0\Installer\uninstall.exe [2015-05-25] ()
Task: {08428D6E-0D00-48A2-92B6-D201336D4C9D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {181DCA77-C9FB-48C1-8368-F8AB4D97063E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-29] (Google Inc.)
Task: {1A7FD88C-718D-44C7-A889-1AD93BB8C00C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-29] (Google Inc.)
Task: {293C87F7-CF0E-4D9F-B7AE-7F2CBE717C14} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {29F1C008-940E-488C-9090-CA21A63498D1} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {2BFF7A3E-7FA9-4078-994F-A020528DD7A8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MAIKA-Jonathan Maika => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-03-10] (Microsoft Corporation)
Task: {2CADCDCF-F8CB-4AB8-BC57-C435ECD0884B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {3FD07185-11AA-4861-9765-6D4E0BA408DC} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {426348A3-BB03-4F65-ADD5-434147F5450C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor)
Task: {47DC2846-1451-4938-8C63-53B0857AB007} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {4A099DFF-33BC-422E-A2B1-BE0CA9CA1FB9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {4E3387D6-298A-4B5F-82B3-EC94D4196C77} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {53F9AFA3-13CE-4FF2-B466-41AC8D323277} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-19] (Microsoft Corporation)
Task: {5D922B7B-80C6-4E18-BB3D-2CE9F2D1BBDE} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-11] (ASUS)
Task: {669A568A-7D2A-4F66-980D-A97B9768978B} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {70EB2481-2CA9-4976-B5C0-5350127B0944} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Tuneup computer\updater.exe
Task: {71C5A6C6-858B-404E-874A-879CC3DC2FC2} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-madscyan@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30] (Adobe Systems Incorporated)
Task: {7705D7F4-F1EB-4AC2-A2FC-E37E63BB79E7} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {800D5B05-057C-4B62-8A9A-C37A5E2A327C} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2013-08-05] ()
Task: {83BDC7D5-EA43-44DA-94D4-4C5D99B02196} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor)
Task: {88EDE54B-2117-4E69-9610-34D920110F9B} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-11] ()
Task: {96455964-786D-4CA0-B510-B22841237E71} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {9A4CBBD3-E43B-4DFA-A9B4-156E3B202C65} - System32\Tasks\ASUS GPUTweak => C:\Program Files\ASUS\ASUS GPU Tweak\GPUTweak.exe [2014-03-06] (ASUS)
Task: {A2CC1B50-37AD-4F57-8409-DF8361D2C744} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {A893663C-1878-4314-A931-1132CC371AC8} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {B110D37E-374A-49B1-9D5A-FA094020FEA8} - System32\Tasks\IE_ERR4WDR => C:\Program Files (x86)\Portable WeatherApp\IEError.exe
Task: {B9022907-108D-4834-B831-2FE344B14BDC} - System32\Tasks\UPDTEXE4_WDR => C:\Program Files (x86)\Portable WeatherApp\updater.exe
Task: {C79B98C5-972E-4BF1-9485-280DC2ABF775} - System32\Tasks\IEError => C:\Program Files (x86)\Tuneup computer\Popialert.exe
Task: {C89753EA-A355-4FBF-AFF3-EDE3AEE3AECB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {C9343C08-FF90-4181-854D-6534F3AB3416} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {D06DA26E-90F3-46F7-AFA1-8C1DDAAF8C80} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {D5CD6692-A859-4727-B50D-BE7F0130DD8B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-29] (Adobe Systems Incorporated)
Task: {DC36044C-1228-45EB-9D9F-1BE63A621F89} - System32\Tasks\boosterpop => C:\Program Files (x86)\Tuneup computer\Probsalert.exe
Task: {FCACC08B-E3A0-4B10-BE78-25A8D291C758} - System32\Tasks\HDNINSTSCHD => C:\Windows\PCBHDNW\hdnInstaller.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Chromium.job => C:\Users\Jonathan\AppData\Local\Chromium\APPLIC~1\450240~1.0\INSTAL~1\UNINST~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-08-09 18:53 - 2014-02-02 20:24 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-25 15:05 - 2013-10-25 15:05 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-12-18 10:36 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-04 19:24 - 2015-02-04 19:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-04-16 17:42 - 2015-04-16 17:42 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-03-16 23:57 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-12-17 22:31 - 2014-12-17 22:31 - 00076032 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-12-17 22:30 - 2014-12-17 22:30 - 00088832 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2014-02-11 20:08 - 2014-02-11 20:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-02-11 20:08 - 2014-02-11 20:08 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2014-03-06 19:42 - 2014-03-06 19:42 - 00011264 _____ () C:\Program Files\ASUS\ASUS GPU Tweak\WMIProc.dll
2014-03-06 19:42 - 2014-03-06 19:42 - 00320000 _____ () C:\Program Files\ASUS\ASUS GPU Tweak\NavpiWrapper.dll
2014-08-09 19:07 - 2013-05-15 17:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
2015-04-16 17:41 - 2015-04-16 17:41 - 05842080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-02-24 06:59 - 2014-02-24 06:59 - 00109056 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSHomeCloudAPI.dll
2012-03-07 22:27 - 2012-03-07 22:27 - 00016384 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ACVsWin.dll
2015-03-16 23:56 - 2015-01-27 10:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2014-12-17 21:53 - 2014-12-17 21:53 - 00065792 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-12-17 21:53 - 2014-12-17 21:53 - 00071936 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2013-09-09 21:23 - 2013-09-09 21:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-10-08 23:41 - 2013-10-08 23:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-05-22 10:44 - 2015-05-22 10:44 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-12-23 02:19 - 2014-12-23 02:19 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-05-04 21:35 - 2015-05-04 21:38 - 01754296 _____ () C:\Program Files\Microsoft Office 15\root\office15\tmpod.dll
2014-12-18 10:36 - 2014-12-18 10:38 - 00022696 _____ () C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconvpxy.dll
2015-03-16 23:56 - 2015-01-27 10:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\office15\1033\GrooveIntlResource.dll
2015-05-25 21:05 - 2015-05-22 16:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-25 21:05 - 2015-05-22 16:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-04-20 07:16 - 2015-04-20 07:16 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2014-08-09 18:49 - 2013-10-23 16:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-04-20 07:16 - 2015-04-20 07:16 - 00746672 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-04-20 07:16 - 2015-04-20 07:16 - 00136368 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
2014-12-23 02:19 - 2014-12-23 02:19 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-11-29 21:53 - 2015-04-16 13:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 01:07 - 2015-04-22 22:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-11-29 21:53 - 2015-06-01 23:29 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-20 01:07 - 2015-04-22 22:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 01:07 - 2015-04-22 22:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-11-29 21:53 - 2014-12-01 17:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-11-29 21:53 - 2014-12-01 17:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-11-29 21:53 - 2014-12-01 17:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-11-29 21:53 - 2014-12-01 17:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-11-29 21:53 - 2014-12-01 17:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-11-29 21:53 - 2015-06-01 23:28 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-11-29 21:53 - 2015-05-11 15:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-13 18:01 - 2015-05-11 15:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Jonathan\OneDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-824104819-4214671232-1680957218-1001\...\sharepoint.com -> hxxps://burritostudio.sharepoint.com
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-824104819-4214671232-1680957218-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jonathan\Pictures\fantasy\563367.jpg
DNS Servers: 24.200.241.37 - 24.200.243.189
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{63F28167-CF00-4291-9AE9-F1FC0F5BAF5E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B2253004-A971-46C3-AC9A-B5B97A59BE00}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8D11B4F8-FA81-44B6-9222-466C9151F581}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E717309C-B851-455A-873D-8CF6B3D8623A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{CE50EF02-D2DA-4348-893D-B2F7E0267BB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{889A0453-06A8-4751-8A84-C4DD17D22064}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B1F65366-6099-4CDD-BD8D-0F178B3B0A54}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{22BC2421-3E39-49E3-B969-EBE881271442}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{B78C6438-CC3C-4BE8-ADD8-1BAA6795010D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{39611EFA-E368-47E9-84DF-CC2911833355}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{5B85EC5D-4979-4C08-87CF-4307F123566D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{57AC194B-0B2C-43BE-AC58-A4D42AE758A1}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{48E1AF51-31E7-4D5F-AC24-7B73B99E3F9A}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{1E990A5F-2CF0-42A5-BE11-C3F32F3A2E65}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{D8FE37F5-6174-4ADF-A184-1815BA332922}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{59B12789-9573-48BB-A278-7C8875A70403}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{41BFD87F-85C6-44F4-A1DC-B998D8A15625}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AA75F983-6525-4C3F-B2F8-3CE597F1DF22}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DE9F4203-6DCC-4DFC-B452-C45C6B3A93EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{9A1B94AE-306B-42D9-9273-46D82615A3CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe
FirewallRules: [{48D9302E-02AD-4371-8FB3-A4B0BA25F435}] => (Allow) C:\Users\Jonathan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0EB5490D-7BF2-43C5-9553-E6E706F53279}] => (Allow) C:\Users\Jonathan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FA551573-5FDD-4BBB-AC6F-3E8795FAF431}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{F532C4B8-D4ED-4487-B1A9-45BCBD6FE501}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{30E51F7B-6052-44CB-ABF8-17658DA66736}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{5272AD5B-FC2F-4A50-8D96-92F7BCD8DBE6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{B9167945-FE5F-4693-B808-543E7466A5E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{E637DC35-656E-42CC-8DA2-6E307B54C7F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{8A0B4B2F-5CC2-41C4-82AD-CA9F93FBE8C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{64A8040C-E2E0-4F57-94F7-FA86028E9CF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{318BB31E-065A-4219-BCD6-9090A85D6EAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{042CF8EF-6B78-4D38-93F0-EDDA6EC8502D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\CraftWorld.exe
FirewallRules: [{206B4776-996F-4C7B-9A73-D6689BB7C982}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\CraftWorld.exe
FirewallRules: [{73333AAF-D138-44E0-B622-8EC005772FD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SmallWorld2\SW2Executable.app\Contents\Win32\SW2Executable.exe
FirewallRules: [{ED7C3963-4A77-497E-8AC8-E26A1314F9F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SmallWorld2\SW2Executable.app\Contents\Win32\SW2Executable.exe
FirewallRules: [{E01BCD94-B00A-4C6F-9D3B-14FFE727507C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{8BBE0D57-C724-468A-8FE6-B1DF6AA5C6E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{44E1D516-3304-45A0-AE05-027AB11C5C87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{E4D5314E-89A9-4505-9D9F-A007FBDE54B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{AC9A83EF-D99B-4415-BD2B-45755D836C64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{B4A35484-F6AD-4C8D-A0C0-3FFFB23366A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{A2F10272-C58A-4111-8B43-AA63D537D8EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{37CD26CD-B4AB-4768-BC59-994EDCC79E58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{392574C0-79A8-49D0-9FBA-37291A244ADA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E8DAB4FC-42A3-4746-BB80-56D840A61173}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{13A47317-486F-4D90-9ABE-7E62AC5467C5}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{FA51236F-7F3D-4437-8584-05D4E96ACD3C}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{1F2A7859-3EEF-4CB1-B900-ABBBCBAD342E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe
FirewallRules: [{A082E48D-6103-4B88-9C9F-5966BFA9852E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe
FirewallRules: [{76D8561E-98B9-41EE-B6C8-450416238E39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe
FirewallRules: [{00E3585E-8B19-456D-B1EF-0317D4E6CCC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe
FirewallRules: [{4B2CD8FD-F30B-4957-BDAE-16ECC072A7D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe
FirewallRules: [{1688DEE5-3675-4764-9A75-4C6EC5C945A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe
FirewallRules: [{202E0865-5655-4672-BFE8-F770CABD629A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{38D5150E-BBEF-41A6-B33D-3AC866ACDC11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{7AE14E6D-C09F-4915-8394-833E4BFA57A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\100 Orange Juice\100orange.exe
FirewallRules: [{656718CD-B158-45D9-A35C-DE5DF1E6D390}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\100 Orange Juice\100orange.exe
FirewallRules: [{E28DFC56-6815-4F8C-A18D-57E17ED7126B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ACE\Binaries\Win32\CyphGame.exe
FirewallRules: [{D5A7865D-C8B4-4565-9C67-571AFC9D02F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ACE\Binaries\Win32\CyphGame.exe
FirewallRules: [{495B86EF-4E1A-4630-B8A6-9B366C87B93C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{C3FD5C06-2B92-4F87-AE62-9412492251C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{19E04BD4-BCDC-483C-900A-37C2CF3403CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{60CB9095-9AD5-404B-A100-D3CBFFD5436E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{2BA11546-CBB4-4CA6-88BB-C21BDA5209C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Escapists\TheEscapists.exe
FirewallRules: [{0A32CF8A-3EA8-46EE-B8F9-3DDA788090CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Escapists\TheEscapists.exe
FirewallRules: [{4EBB6989-2B5D-49F4-929A-48382DC79E63}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{FBCA8412-54A8-40EE-A389-67D5F2330584}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{9BAB94B4-3027-4F63-8D9E-E4BCB8AD0903}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{2C73CA12-4D9C-42E2-BC41-3902F1EF7B24}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{418AB710-5164-4CBF-8981-F1D7EBE938A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gemini Rue\reslists\Gemini Rue.exe
FirewallRules: [{FA670609-D34F-4B04-ADDE-F67A3DCE1174}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gemini Rue\reslists\Gemini Rue.exe
FirewallRules: [{0FE97131-7A46-4162-B971-7B823609ADE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gemini Rue\reslists\winsetup.exe
FirewallRules: [{4523294F-C4F9-4209-A7E0-40D49DABCBDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gemini Rue\reslists\winsetup.exe
FirewallRules: [TCP Query User{DBCA63DB-987A-40D1-9631-1B51418B35D3}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [UDP Query User{DC1A1E4B-2FB1-412C-900A-23E95AEA157D}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [{34D16F58-B9F0-47B1-85FE-657BEA1270FB}] => (Allow) LPort=8317
FirewallRules: [{7D8B798A-F6FC-4C99-B406-08ED7358FCAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Castle Story\Castle Story.exe
FirewallRules: [{ADBB6054-757A-4A3E-A7B2-EA714CD83A4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Castle Story\Castle Story.exe
FirewallRules: [{FCF177BE-EA6F-4A0A-82E3-04DCCFC20F22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{E79CEEEC-C128-49F6-B56E-B60A46D7B53C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{6F6E8A86-25CA-45BD-9ACD-C702550D3751}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1A55EEFA-2BC1-4239-8F76-C9F3DBA2D215}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{63C62322-9175-46CB-9EC2-F13B80E1CC8F}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{BC2875F4-0F01-4B7A-857F-A391B83AC0B6}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{15028C70-FC14-4A02-8067-6B10EC8483E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{42564C57-AD5D-4669-B9F0-B6AD461F8394}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{A977C23A-54CB-4E17-8416-A529C5285DEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{9415633F-26E4-4826-968A-F69BC0E4E48A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{FDE0C71F-D38A-469B-A6C9-C1A94CA4920E}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2860A551-5E10-449D-B183-4FB7561DB193}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{55352E88-BC20-4507-8000-EB184ADDCEEB}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{43EE17BD-8D95-4F07-83CE-974B13013E3F}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{1FD52CDB-F195-4AC2-A685-2BCDAEF8FCFA}C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{791490DC-3815-4334-9913-2FC5CE05894D}C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [{D3C0D4E5-2B40-46B5-8609-D95E7F755164}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{0EF82415-58BE-4A80-BD52-2C5832D69148}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{9B9F2D87-15D4-4854-BD18-CA3EFDEB5193}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KW2 Battles\kw2b.exe
FirewallRules: [{FA697296-E3FF-40EE-9BB5-90F61F054731}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KW2 Battles\kw2b.exe
FirewallRules: [{B5F8D43E-97BB-4381-A9DE-A87815E3AD57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KW2 Battles\options.exe
FirewallRules: [{352542B6-C0F8-40FE-B353-F86DEDC3DF60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KW2 Battles\options.exe
FirewallRules: [{0C53754A-ACFA-4221-BCA4-2BB8139F3F86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KW2 Battles\Editor.exe
FirewallRules: [{BDF075A1-C836-420E-A975-AC115E21CBDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KW2 Battles\Editor.exe
FirewallRules: [{55E3DAB6-50A0-461C-AA46-D07691979A3A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{1149595B-CC0C-4733-A4BC-A53E5138D1D7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{0EB6CDA9-D20E-4DDD-BDF4-E65FECF21EAA}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{651E91A1-BAF6-484B-ABC1-3992FBD34F65}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [{A897160B-9BB3-47AC-B0E0-268B23DE55C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of Discovery\Addon.exe
FirewallRules: [{688FCE1D-06D3-469C-9BCD-B88643162C10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of Discovery\Addon.exe
FirewallRules: [{14108127-EE37-4AB4-B5FE-AD47042CBA50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of Discovery\Anno4.exe
FirewallRules: [{28D10C06-3420-47AC-B952-9E69088827F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of Discovery\Anno4.exe
FirewallRules: [TCP Query User{2365B3A1-5B1B-48CD-83E3-6A5757308847}C:\program files (x86)\steam\steamapps\common\dawn of discovery\tools\addonweb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dawn of discovery\tools\addonweb.exe
FirewallRules: [UDP Query User{96B90FD0-450B-4EEA-B56E-53399AE79A1D}C:\program files (x86)\steam\steamapps\common\dawn of discovery\tools\addonweb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dawn of discovery\tools\addonweb.exe
FirewallRules: [{C2B25E25-C801-4E3C-BC2E-58C37DCF57FC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7A071C36-5CBA-4CB5-AEC1-528836442E15}] => (Allow) C:\Users\Jonathan\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{6CCBB7F3-A7E7-4E93-99B5-D37AA687BD41}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{35CE06D4-C84A-4B9E-9730-E6AA4FF99297}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A5061A6C-61E1-42C7-A7FD-5EC7FB9B9243}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B3EB910D-4B0A-4AD1-AE4A-BA221F5245B7}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{A7AE0CFD-5956-4810-B522-75ABCD976C6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{60D3353D-A46A-4A82-BCC1-C5F0241B15E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{37514DA6-3E41-47C0-A4AB-7EE845628143}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{8D4C20DE-0503-42E8-966A-686B3F64AFD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/03/2015 04:45:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UMonit64.exe, version: 13.0.0.0, time stamp: 0x52007056
Faulting module name: ustor.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process id: 0x1100
Faulting application start time: 0xUMonit64.exe0
Faulting application path: UMonit64.exe1
Faulting module path: UMonit64.exe2
Report Id: UMonit64.exe3
Faulting package full name: UMonit64.exe4
Faulting package-relative application ID: UMonit64.exe5
 
Error: (06/03/2015 04:31:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UMonit64.exe, version: 13.0.0.0, time stamp: 0x52007056
Faulting module name: ustor.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process id: 0x103c
Faulting application start time: 0xUMonit64.exe0
Faulting application path: UMonit64.exe1
Faulting module path: UMonit64.exe2
Report Id: UMonit64.exe3
Faulting package full name: UMonit64.exe4
Faulting package-relative application ID: UMonit64.exe5
 
Error: (06/03/2015 03:59:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Unity.exe, version: 4.6.3.21464, time stamp: 0x54e4b427
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000005
Fault offset: 0x00040fb2
Faulting process id: 0x24460
Faulting application start time: 0xUnity.exe0
Faulting application path: Unity.exe1
Faulting module path: Unity.exe2
Report Id: Unity.exe3
Faulting package full name: Unity.exe4
Faulting package-relative application ID: Unity.exe5
 
Error: (06/03/2015 03:28:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
 
Error: (06/03/2015 03:26:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/03/2015 03:17:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
 
Error: (06/03/2015 03:15:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/03/2015 03:09:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UpdateChecker.exe, version: 0.0.0.0, time stamp: 0x54dc4378
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000005
Fault offset: 0x00041037
Faulting process id: 0x210a4
Faulting application start time: 0xUpdateChecker.exe0
Faulting application path: UpdateChecker.exe1
Faulting module path: UpdateChecker.exe2
Report Id: UpdateChecker.exe3
Faulting package full name: UpdateChecker.exe4
Faulting package-relative application ID: UpdateChecker.exe5
 
Error: (06/03/2015 03:02:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
 
Error: (06/03/2015 03:01:09 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (06/03/2015 04:43:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (06/03/2015 04:43:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (06/03/2015 04:43:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (06/03/2015 04:43:30 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
Error: (06/03/2015 04:43:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (06/03/2015 04:43:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office ClickToRun Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (06/03/2015 04:42:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (06/03/2015 04:42:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/03/2015 04:42:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® ME Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/03/2015 04:42:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The GamesAppIntegrationService service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office:
=========================
Error: (06/03/2015 04:45:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: UMonit64.exe13.0.0.052007056ustor.dll6.3.9600.17736550f42c2c00001350009d4f2110001d09e3e30d31adcC:\Windows\SysWOW64\UMonit64.exeustor.dll74ff71cd-0a31-11e5-827e-54271ef4dcec
 
Error: (06/03/2015 04:31:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: UMonit64.exe13.0.0.052007056ustor.dll6.3.9600.17736550f42c2c00001350009d4f2103c01d09e3c46e12e76C:\Windows\SysWOW64\UMonit64.exeustor.dll8c2a4063-0a2f-11e5-827d-54271ef4dcec
 
Error: (06/03/2015 03:59:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Unity.exe4.6.3.2146454e4b427ntdll.dll6.3.9600.17736550f42c2c000000500040fb22446001d09e341fb206b3C:\Program Files (x86)\Unity\Editor\Unity.exeC:\Windows\SYSTEM32\ntdll.dll0d18093d-0a2b-11e5-827c-54271ef4dcec
 
Error: (06/03/2015 03:28:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe
 
Error: (06/03/2015 03:26:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
 
Error: (06/03/2015 03:17:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe
 
Error: (06/03/2015 03:15:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
 
Error: (06/03/2015 03:09:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: UpdateChecker.exe0.0.0.054dc4378ntdll.dll6.3.9600.17736550f42c2c000000500041037210a401d09e302eca06b9C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exeC:\Windows\SYSTEM32\ntdll.dll1cd4f3f7-0a24-11e5-827c-54271ef4dcec
 
Error: (06/03/2015 03:02:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe
 
Error: (06/03/2015 03:01:09 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-05-15 10:46:13.077
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-05-14 11:11:52.923
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-05-02 20:56:31.734
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-04-30 17:37:03.545
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-04-19 15:18:06.567
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-04-16 12:09:39.971
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-04-11 16:24:39.693
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-04-09 10:35:15.514
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-03-31 11:26:57.605
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-03-26 15:29:34.487
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 24%
Total physical RAM: 12170.95 MB
Available physical RAM: 9232.66 MB
Total Pagefile: 14026.95 MB
Available Pagefile: 10726.52 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:107.28 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:324.37 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0DEF092B)
 
Partition: GPT Partition Type.
 
==================== End of log ============================
 
FRST
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by Jonathan (administrator) on MAIKA on 03-06-2015 16:59:45
Running from C:\Users\Jonathan\Downloads
Loaded Profiles: Jonathan (Available Profiles: Jonathan)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ASUS) C:\Program Files\ASUS\ASUS GPU Tweak\GPUTweak.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Intel Corporation) C:\Program Files\Intel\Thunderbolt Software\Thunderbolt.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\lync.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\groove.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ucmapi.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2893576 2013-08-01] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Thunderbolt] => C:\Program Files\Intel\Thunderbolt Software\Thunderbolt.exe [767944 2013-10-24] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2584240 2015-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-02-28] (Razer Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-824104819-4214671232-1680957218-1001\...\Run: [GoogleChromeAutoLaunch_67B49362D3A8C1AAF36B88B38FC33840] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
HKU\S-1-5-21-824104819-4214671232-1680957218-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-21-824104819-4214671232-1680957218-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office 15\root\office15\lync.exe [23959720 2015-04-14] (Microsoft Corporation)
HKU\S-1-5-21-824104819-4214671232-1680957218-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-824104819-4214671232-1680957218-1001\...\MountPoints2: {f0d5df53-2015-11e4-8253-806e6f6e6963} - "E:\Setup.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-08-09]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk [2015-04-30]
ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files\Microsoft Office 15\root\office15\groove.exe (Microsoft Corporation)
Startup: C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-02-01]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-824104819-4214671232-1680957218-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-824104819-4214671232-1680957218-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 24.200.241.37 24.200.243.189 24.201.245.77
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll [2015-03-29] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-05-08] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll [2015-03-29] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-18] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-05-08] (Adobe Systems)
FF Plugin HKU\S-1-5-21-824104819-4214671232-1680957218-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jonathan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-18] (Unity Technologies ApS)
 
Chrome: 
=======
CHR Profile: C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-07] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-08-01] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-27] (WildTangent)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-07] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7546544 2014-08-09] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [100072 2013-08-02] (GenesysLogic)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-26] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows ® Win 7 DDK provider)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-02-04] (Razer, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-03 16:59 - 2015-06-03 17:00 - 00024232 _____ C:\Users\Jonathan\Downloads\FRST.txt
2015-06-03 16:59 - 2015-06-03 16:59 - 00000000 ____D C:\FRST
2015-06-03 16:58 - 2015-06-03 16:58 - 02108928 _____ (Farbar) C:\Users\Jonathan\Downloads\FRST64.exe
2015-06-03 16:46 - 2015-06-03 16:46 - 00002536 _____ C:\Users\Jonathan\Desktop\AdwCleaner[S0].txt
2015-06-03 16:39 - 2015-06-03 16:43 - 00000000 ____D C:\AdwCleaner
2015-06-03 16:38 - 2015-06-03 16:38 - 02231296 _____ C:\Users\Jonathan\Downloads\adwcleaner_4.206.exe
2015-06-03 16:30 - 2015-06-03 16:44 - 00000696 _____ C:\Windows\setupact.log
2015-06-03 16:30 - 2015-06-03 16:43 - 00005260 _____ C:\Windows\PFRO.log
2015-06-03 16:30 - 2015-06-03 16:30 - 00000000 _____ C:\Windows\setuperr.log
2015-06-03 16:01 - 2015-06-03 16:45 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-03 16:01 - 2015-06-03 16:01 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-03 16:01 - 2015-06-03 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-03 16:01 - 2015-06-03 16:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-03 16:01 - 2015-06-03 16:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-03 16:01 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-03 16:01 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-03 16:01 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-03 15:56 - 2015-06-03 15:57 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Jonathan\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-03 13:16 - 2015-06-03 15:55 - 00000339 _____ C:\Users\Jonathan\Desktop\quick notes.txt
2015-06-03 00:16 - 2015-06-03 00:16 - 00002874 _____ C:\Users\Jonathan\AppData\Local\recently-used.xbel
2015-06-03 00:11 - 2015-06-03 00:11 - 00000000 ____D C:\Users\Jonathan\.thumbnails
2015-06-02 19:37 - 2015-06-02 20:36 - 00001257 _____ C:\Users\Jonathan\Desktop\tooltips.txt
2015-06-02 19:19 - 2015-06-02 19:28 - 00000000 ____D C:\Users\Jonathan\Desktop\temp sounds
2015-06-01 19:44 - 2015-06-03 00:17 - 00000000 ____D C:\Users\Jonathan\.gimp-2.8
2015-06-01 19:44 - 2015-06-01 19:44 - 00000000 ____D C:\Users\Jonathan\AppData\Local\gegl-0.2
2015-06-01 19:43 - 2015-06-01 19:43 - 00000912 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-06-01 19:42 - 2015-06-01 19:43 - 00000000 ____D C:\Program Files\GIMP 2
2015-06-01 19:39 - 2015-06-01 19:41 - 91931728 _____ (The GIMP Team ) C:\Users\Jonathan\Downloads\gimp-2.8.14-setup-1 (1).exe
2015-06-01 15:51 - 2015-06-01 15:51 - 00000000 ____D C:\Users\Jonathan\Documents\Dawn of Discovery Venice
2015-05-27 12:50 - 2015-05-27 12:53 - 367802251 _____ C:\Users\Jonathan\Downloads\Jay Highlight.mp4
2015-05-27 12:34 - 2015-05-27 12:34 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\�Adobe
2015-05-26 23:25 - 2015-05-26 23:25 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-05-26 15:57 - 2015-06-03 16:59 - 01296686 _____ C:\Windows\WindowsUpdate.log
2015-05-26 14:36 - 2015-05-26 14:36 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-26 14:36 - 2015-05-26 14:36 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-05-26 14:36 - 2015-05-26 14:36 - 00000000 ____D C:\Program Files\CCleaner
2015-05-26 14:35 - 2015-05-26 14:35 - 06549184 _____ (Piriform Ltd) C:\Users\Jonathan\Downloads\ccsetup506.exe
2015-05-26 00:24 - 2015-05-26 00:24 - 00003684 _____ C:\Windows\System32\Tasks\boosterpop
2015-05-26 00:24 - 2015-05-26 00:24 - 00003682 _____ C:\Windows\System32\Tasks\IEError
2015-05-26 00:24 - 2015-05-26 00:24 - 00003498 _____ C:\Windows\System32\Tasks\AI_Updater
2015-05-26 00:24 - 2015-05-26 00:24 - 00000000 ____D C:\Users\Jonathan\AppData\Local\PCTuner
2015-05-25 23:55 - 2015-06-03 16:55 - 00000352 _____ C:\Windows\Tasks\Chromium.job
2015-05-25 23:55 - 2015-05-26 00:22 - 00000000 ____D C:\Users\Jonathan\Desktop\INTRO
2015-05-25 23:55 - 2015-05-25 23:55 - 00002690 _____ C:\Windows\System32\Tasks\Chromium
2015-05-25 23:55 - 2015-05-25 23:55 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Chromium
2015-05-25 23:54 - 2015-05-26 15:39 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\FileZilla
2015-05-25 23:54 - 2015-05-25 23:54 - 00003628 _____ C:\Windows\System32\Tasks\HDNINSTSCHD
2015-05-25 23:54 - 2015-05-25 23:54 - 00003494 _____ C:\Windows\System32\Tasks\UPDTEXE4_WDR
2015-05-25 23:53 - 2015-05-28 14:40 - 00000000 ____D C:\Program Files (x86)\Portable WeatherApp
2015-05-25 23:53 - 2015-05-25 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-05-25 23:53 - 2015-05-25 23:54 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2015-05-25 23:53 - 2015-05-25 23:53 - 00003652 _____ C:\Windows\System32\Tasks\IE_ERR4WDR
2015-05-25 23:52 - 2015-05-25 23:53 - 06471520 _____ (Tim Kosse) C:\Users\Jonathan\Downloads\FileZilla_3.11.0.1_win64-setup.exe
2015-05-25 21:26 - 2015-05-29 20:44 - 00000274 _____ C:\Users\Jonathan\Desktop\daily.txt
2015-05-23 15:42 - 2015-05-23 15:44 - 00000000 ____D C:\Users\Jonathan\Downloads\Lorn
2015-05-23 02:40 - 2015-05-23 16:00 - 00000000 ____D C:\Users\Jonathan\Documents\Adobe
2015-05-23 02:39 - 2015-05-23 02:39 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2014.lnk
2015-05-23 02:26 - 2015-05-23 02:26 - 00001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2014.lnk
2015-05-23 02:13 - 2015-05-23 02:13 - 00001319 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-05-23 02:08 - 2015-05-23 02:08 - 00664752 _____ (Adobe Systems Incorporated) C:\Users\Jonathan\Downloads\CreativeCloudSet-Up (1).exe
2015-05-20 22:16 - 2015-05-20 22:16 - 00000153 _____ C:\Users\Jonathan\Desktop\add to curator.txt
2015-05-20 00:16 - 2015-05-20 00:16 - 00000026 _____ C:\Users\Jonathan\Desktop\possible name.txt
2015-05-18 14:25 - 2015-05-22 22:03 - 00012978 _____ C:\Users\Jonathan\Desktop\steam friends compendium.xlsx
2015-05-17 15:47 - 2015-05-17 16:10 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\Ubisoft
2015-05-15 16:29 - 2015-05-18 23:56 - 00000000 ____D C:\Users\Jonathan\Downloads\It Follows 2015 KORSUB 720p HDRip x264 AAC-JYK
2015-05-15 13:59 - 2015-05-17 17:39 - 00000000 ____D C:\Users\Jonathan\Downloads\Citizenfour.2014.DVDScr.XVID.AC3.HQ.Hive-CM8
2015-05-14 17:23 - 2015-05-14 17:30 - 91931728 ____R (The GIMP Team ) C:\Users\Jonathan\Downloads\gimp-2.8.14-setup-1.exe
2015-05-14 17:22 - 2015-05-14 17:22 - 00009127 _____ C:\Users\Jonathan\Downloads\gimp-2.8.14-setup-1.exe.torrent
2015-05-13 13:50 - 2015-04-24 17:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 13:50 - 2015-03-04 19:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-12 23:47 - 2015-04-30 16:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 23:47 - 2015-04-30 16:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 19:04 - 2015-05-14 22:50 - 00000863 _____ C:\Users\Jonathan\Desktop\to do tesing.txt
2015-05-12 17:08 - 2015-04-09 20:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-12 17:08 - 2015-04-09 20:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-12 17:08 - 2015-03-30 01:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-12 17:08 - 2015-03-26 23:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 17:08 - 2015-03-26 22:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 17:08 - 2015-03-26 22:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 17:08 - 2015-03-17 13:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-12 17:08 - 2015-03-12 20:29 - 00410017 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-12 17:08 - 2015-03-08 22:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-12 17:08 - 2015-01-29 20:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-12 17:08 - 2014-11-14 02:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-12 17:07 - 2015-04-30 19:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 17:07 - 2015-04-30 18:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 17:07 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 17:07 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 17:07 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 17:07 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 17:07 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 17:07 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 17:07 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 17:07 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 17:07 - 2015-04-21 12:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-12 17:07 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 17:07 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 17:07 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 17:07 - 2015-04-21 12:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-12 17:07 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 17:07 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 17:07 - 2015-04-21 11:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-12 17:07 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 17:07 - 2015-04-21 11:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-12 17:07 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 17:07 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 17:07 - 2015-04-21 11:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 17:07 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 17:07 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 17:07 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 17:07 - 2015-04-21 11:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-12 17:07 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 17:07 - 2015-04-21 11:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-12 17:07 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 17:07 - 2015-04-21 11:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-12 17:07 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 17:07 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 17:07 - 2015-04-21 11:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 17:07 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 17:07 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 17:07 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 17:07 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 17:07 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 17:07 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 17:07 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 17:07 - 2015-04-13 18:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 17:07 - 2015-04-09 21:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 17:07 - 2015-04-09 20:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 17:07 - 2015-04-09 20:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 17:07 - 2015-04-08 18:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 17:07 - 2015-04-02 20:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-12 17:07 - 2015-04-02 20:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 17:07 - 2015-04-01 18:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-12 17:07 - 2015-04-01 18:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-12 17:07 - 2015-03-31 23:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-12 17:07 - 2015-03-31 22:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-12 17:07 - 2015-03-19 21:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-12 17:07 - 2015-03-13 00:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-12 17:07 - 2015-03-13 00:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-12 17:07 - 2015-03-12 22:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-12 17:07 - 2015-03-12 21:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-12 17:07 - 2015-03-12 20:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-12 17:07 - 2015-03-10 21:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 17:07 - 2015-03-10 21:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 17:07 - 2015-03-05 23:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 17:07 - 2015-03-05 22:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-12 17:07 - 2015-03-05 22:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 17:07 - 2015-03-03 21:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-12 17:07 - 2015-03-03 21:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 17:07 - 2015-02-17 19:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-11 00:34 - 2015-06-03 12:00 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-05-11 00:34 - 2015-06-03 12:00 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-05-11 00:34 - 2015-05-11 00:34 - 00003382 _____ C:\Windows\System32\Tasks\Update Checker
2015-05-08 19:33 - 2015-05-08 19:33 - 00000096 _____ C:\Users\Jonathan\Desktop\names for reviewers.txt
2015-05-07 13:47 - 2015-05-07 13:47 - 00000302 _____ C:\Users\Jonathan\Desktop\paypal followup.txt
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-03 17:00 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-03 16:58 - 2015-04-30 13:45 - 00004974 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MAIKA-Jonathan Maika
2015-06-03 16:56 - 2014-11-29 21:49 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-03 16:49 - 2014-11-27 22:24 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-824104819-4214671232-1680957218-1001
2015-06-03 16:48 - 2015-02-25 00:05 - 00000000 ____D C:\Users\Jonathan\AppData\Local\CrashDumps
2015-06-03 16:46 - 2014-11-27 22:21 - 00000074 _____ C:\Users\Jonathan\AppData\Roaming\sp_data.sys
2015-06-03 16:45 - 2014-11-29 15:50 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-03 16:45 - 2014-11-27 22:22 - 00000000 ___DO C:\Users\Jonathan\OneDrive
2015-06-03 16:44 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-03 16:43 - 2013-08-22 09:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-06-03 16:35 - 2014-11-27 22:25 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{73574BEE-B97B-4947-9B5D-5B59B98034BA}
2015-06-03 16:31 - 2015-02-09 20:50 - 00000000 ____D C:\Users\Jonathan\AppData\Local\TSVNCache
2015-06-03 16:30 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\DesktopTileResources
2015-06-03 16:30 - 2013-08-22 10:44 - 05147216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-03 16:21 - 2015-03-29 02:13 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-03 16:05 - 2014-11-29 15:50 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-03 15:33 - 2015-02-11 13:12 - 00000000 ____D C:\ProgramData\Unity
2015-06-03 14:36 - 2014-12-01 00:15 - 00976896 ___SH C:\Users\Jonathan\Desktop\Thumbs.db
2015-06-03 13:15 - 2014-11-27 22:34 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Battle.net
2015-06-03 12:50 - 2015-03-26 17:38 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-06-03 12:11 - 2014-11-30 14:55 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Adobe
2015-06-03 00:18 - 2014-11-27 22:16 - 00000000 ____D C:\Users\Jonathan
2015-06-01 23:51 - 2014-11-27 22:34 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-01 20:29 - 2014-11-27 22:18 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Packages
2015-05-31 21:54 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness
2015-05-30 19:33 - 2015-04-30 13:45 - 00000000 ___RD C:\Users\Jonathan\OneDrive for Business
2015-05-27 12:40 - 2014-12-08 00:08 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\vlc
2015-05-26 15:39 - 2015-04-25 14:51 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\TS3Client
2015-05-26 15:39 - 2014-12-06 18:43 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\uTorrent
2015-05-26 15:18 - 2014-05-16 16:47 - 00000000 ____D C:\Windows\Panther
2015-05-24 22:47 - 2014-03-18 06:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-23 16:00 - 2014-11-27 22:18 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\Adobe
2015-05-23 13:46 - 2015-03-01 23:57 - 00000000 ____D C:\Users\Jonathan\Desktop\Maika
2015-05-23 13:37 - 2014-11-30 16:36 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-05-23 13:37 - 2014-11-29 22:31 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\NVIDIA
2015-05-23 02:39 - 2014-11-30 15:58 - 00000000 ____D C:\Program Files\Adobe
2015-05-23 02:38 - 2014-11-30 15:52 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-05-23 02:31 - 2014-11-30 15:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-05-23 02:17 - 2014-11-30 15:02 - 00000000 ____D C:\ProgramData\Adobe
2015-05-23 02:15 - 2014-11-30 15:01 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-23 02:13 - 2014-11-30 15:01 - 00001331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-05-22 15:25 - 2015-04-07 18:57 - 00000000 ____D C:\Users\Jonathan\Desktop\HL Builds
2015-05-21 18:59 - 2015-04-23 18:43 - 00000000 ____D C:\Users\Jonathan\Desktop\templates pour comms
2015-05-20 14:05 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp
2015-05-20 14:03 - 2015-04-04 13:33 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 14:03 - 2015-04-04 13:33 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-19 00:09 - 2014-12-18 10:36 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-16 16:49 - 2015-04-29 18:15 - 00000000 ____D C:\Users\Jonathan\AppData\Local\kt
2015-05-15 16:00 - 2014-11-29 15:50 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 16:00 - 2014-11-29 15:50 - 00003654 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 23:44 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-05-14 15:44 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\rescache
2015-05-14 10:23 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-13 00:43 - 2014-11-29 23:36 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 00:39 - 2014-11-29 23:36 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-12 23:44 - 2014-03-18 05:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-12 17:53 - 2014-11-27 22:35 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2015-05-11 10:45 - 2014-12-18 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-11 00:34 - 2014-05-16 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-05-11 00:34 - 2014-05-16 16:02 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-05-05 13:59 - 2014-11-30 18:22 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 13:59 - 2014-11-30 18:22 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2014-11-27 22:21 - 2015-06-03 16:46 - 0000074 _____ () C:\Users\Jonathan\AppData\Roaming\sp_data.sys
2015-06-03 00:16 - 2015-06-03 00:16 - 0002874 _____ () C:\Users\Jonathan\AppData\Local\recently-used.xbel
2014-08-09 18:57 - 2014-08-09 18:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-16 16:02 - 2012-09-07 07:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-05-16 16:02 - 2009-07-22 06:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-16 16:02 - 2012-09-07 07:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
 
 
Some files in TEMP:
====================
C:\Users\Jonathan\AppData\Local\Temp\Quarantine.exe
C:\Users\Jonathan\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-25 11:16
 
==================== End of log ============================
 
 
The computer seems to be running fine now.  I managed to delete part of PCtuner before just through the normal uninstall programs, but i was still suspecting that i had malware or adware in my comp.  As of now though, things seems to be smooth.
 
Ill wait for further instructions if need be.
 
Thanks
 
 


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,936 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:04 PM

Posted 04 June 2015 - 08:05 AM

Looking good.

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#5 madscyan

madscyan
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 09 June 2015 - 10:53 AM

Ok, thank you very much for your help. 

 

Have a nice day!



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,936 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:04 PM

Posted 09 June 2015 - 12:48 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users