Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is someone else using my computer other than myself?


  • This topic is locked This topic is locked
8 replies to this topic

#1 BadBrain9

BadBrain9

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 22 February 2016 - 03:07 PM

Hi,

I don't know a whole lot about computers and I'm not a native english speaker, so I try to make this as accurate as I can.

I followed the instructions given to me on another thread, and it genuinely seems that someone else is also using my computer.

I ran a program called Farbar Recovery Tool, and in the end of the addition.txt it reads : "System errors:

=============

 

Error: (02/21/2016 11:51:22 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Palvelu McAfee Personal Firewall Service on riippuvainen seuraavasta palvelusta: MfeFire. Tätä palvelua ei ehkä ole asennettu.

Error: (02/21/2016 11:50:27 PM) (Source: DCOM) (EventID: 10005) (User: MIIKATEE)
Description: 1084WSearchEi käytettävissä{9E175B68-F52A-11D8-B9A5-505054503030}".

I'm (User: MIIKATEE) but what is this user (User: )?

My Digital Audio Workstation doesn't work because it says that audiodg.exe is playing audio. No audio is being played. Also a program called dsound.dll is giving me trouble.

I have read from a reliable source that all kinds of spying programs exist, but that is about all I know about them.

I have already run norton, adwcleaner, malwarebytes and I have also used a program called rkill several times before I have run these programs and they find nothing. I have also done this in safe mode. I'm using windows 8.1.

 

The program that originally downloaded to my computer was called audio2.exe, or something similar. I didn't download it, and it took quite some time for it to download. I tried to disconnect the power of my computer, but the program didn't let me until the program download was completed.


Edited by BadBrain9, 22 February 2016 - 03:33 PM.


BC AdBot (Login to Remove)

 


#2 BadBrain9

BadBrain9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 22 February 2016 - 03:20 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01
Ran by MIIKATEE-PC (administrator) on MIIKATEE (22-02-2016 17:32:58)
Running from C:\Users\MIIKATEE-PC\Downloads
Loaded Profiles: MIIKATEE-PC (Available Profiles: MIIKATEE-PC)
Platform: Windows 8.1 (X64) Language: suomi (Suomi)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILEE.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Cockos Incorporated) C:\Program Files\REAPER (x64)\reaper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-03-26] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-228244814-4014184906-1107031086-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-228244814-4014184906-1107031086-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-06-11] (Spotify Ltd)
HKU\S-1-5-21-228244814-4014184906-1107031086-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-228244814-4014184906-1107031086-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2014-12-02] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-228244814-4014184906-1107031086-1001\...\RunOnce: [Application Restart #1] => C:\Users\MIIKATEE-PC\AppData\Local\Pokki\Engine\ServiceHostApp.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disab (the data entry has 561 more characters).
HKU\S-1-5-21-228244814-4014184906-1107031086-1001\...\MountPoints2: {e4e29462-1e43-11e4-825e-90489a748a57} - "E:\AutoRun.exe"
HKU\S-1-5-21-228244814-4014184906-1107031086-1001\...\MountPoints2: {e8af5c9b-f19b-11e3-8257-806e6f6e6963} - "D:\AutoRunCD.exe"
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Internet Explorer:
==================
HKU\S-1-5-21-228244814-4014184906-1107031086-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fi/
HKU\S-1-5-21-228244814-4014184906-1107031086-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)

FireFox:
========
FF ProfilePath: C:\Users\MIIKATEE-PC\AppData\Roaming\Mozilla\Firefox\Profiles\upgzv7tq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-13] ()
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.)
FF Extension: Lightbeam - C:\Users\MIIKATEE-PC\AppData\Roaming\Mozilla\Firefox\Profiles\upgzv7tq.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2016-02-06]
FF Extension: Video DownloadHelper - C:\Users\MIIKATEE-PC\AppData\Roaming\Mozilla\Firefox\Profiles\upgzv7tq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-21]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2016-01-13]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-29]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows ® Win 7 DDK provider) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-01-14] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [230240 2014-08-08] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe [282016 2015-11-20] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1616160 2014-03-26] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-22] (Acer Incorporate)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-22] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20160213.003\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-18] (Symantec Corporation)
R3 ffusb2audio; C:\Windows\system32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [107208 2014-01-18] (GenesysLogic)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20160219.001\IDSvia64.sys [767224 2016-02-13] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20160221.021\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20160221.021\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605050.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-02] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-20] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 ZOOM_R16MTR; C:\Windows\system32\Drivers\zmr16usbaudio.sys [97792 2013-04-03] (Zoom Corporation.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-22 17:32 - 2016-02-22 17:33 - 00020270 _____ C:\Users\MIIKATEE-PC\Downloads\FRST.txt
2016-02-22 17:32 - 2016-02-22 17:32 - 00000000 ____D C:\FRST
2016-02-22 17:31 - 2016-02-22 17:31 - 02371072 _____ (Farbar) C:\Users\MIIKATEE-PC\Downloads\FRST64.exe
2016-02-16 19:49 - 2016-02-17 18:00 - 00000000 ____D C:\Naapurin Häiriköintiä
2016-02-16 19:11 - 2016-02-16 19:11 - 00001185 _____ C:\Users\MIIKATEE-PC\Desktop\rkill64 – Pikakuvake.lnk
2016-02-16 19:10 - 2016-02-16 19:10 - 00001214 _____ C:\Users\MIIKATEE-PC\Desktop\AdwCleaner – Pikakuvake.lnk
2016-02-16 19:09 - 2016-02-16 19:09 - 00001192 _____ C:\Users\MIIKATEE-PC\Downloads\AdwCleaner – Pikakuvake.lnk
2016-02-16 19:09 - 2016-02-16 19:09 - 00001163 _____ C:\Users\MIIKATEE-PC\Downloads\rkill64 – Pikakuvake.lnk
2016-02-16 19:09 - 2016-02-16 19:09 - 00001143 _____ C:\Users\MIIKATEE-PC\Downloads\rkill – Pikakuvake.lnk
2016-02-16 19:07 - 2016-02-16 19:07 - 01107912 _____ (Bleeping Computer, LLC) C:\Users\MIIKATEE-PC\Downloads\rkill64-25945.exe
2016-02-15 23:59 - 2016-02-16 00:00 - 00036466 _____ C:\Users\MIIKATEE-PC\Downloads\MTB.txt
2016-02-15 23:58 - 2016-02-15 23:58 - 00891392 _____ (Farbar) C:\Users\MIIKATEE-PC\Downloads\MiniToolBox.exe
2016-02-14 22:42 - 2016-02-14 22:42 - 01107912 _____ (Bleeping Computer, LLC) C:\Users\MIIKATEE-PC\Downloads\rkill64-27913.exe
2016-02-14 22:41 - 2016-02-14 22:41 - 01107912 _____ (Bleeping Computer, LLC) C:\Users\MIIKATEE-PC\Downloads\rkill64-27838.exe
2016-02-14 22:41 - 2016-02-14 22:41 - 01107912 _____ (Bleeping Computer, LLC) C:\Users\MIIKATEE-PC\Downloads\rkill64-27776.exe
2016-02-14 22:41 - 2016-02-14 22:41 - 01107912 _____ (Bleeping Computer, LLC) C:\Users\MIIKATEE-PC\Downloads\rkill64-27740.exe
2016-02-14 22:41 - 2016-02-14 22:41 - 01107912 _____ (Bleeping Computer, LLC) C:\Users\MIIKATEE-PC\Downloads\rkill64-27704.exe
2016-02-14 22:40 - 2016-02-14 22:40 - 01107912 _____ (Bleeping Computer, LLC) C:\Users\MIIKATEE-PC\Downloads\rkill64-27658.exe
2016-02-14 22:40 - 2016-02-14 22:40 - 01107912 _____ (Bleeping Computer, LLC) C:\Users\MIIKATEE-PC\Downloads\rkill64-27557.exe
2016-02-14 22:38 - 2016-02-21 22:26 - 00002560 _____ C:\Users\MIIKATEE-PC\Desktop\Rkill.txt
2016-02-14 22:38 - 2016-02-14 22:38 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\MIIKATEE-PC\Downloads\rkill.exe
2016-02-14 22:38 - 2016-02-14 22:38 - 01107912 _____ (Bleeping Computer, LLC) C:\Users\MIIKATEE-PC\Downloads\rkill64.exe
2016-02-12 18:57 - 2016-02-13 21:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-10 04:59 - 2016-02-06 12:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 04:59 - 2016-02-06 12:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 04:59 - 2016-02-06 12:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-10 04:59 - 2016-02-06 11:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-10 04:59 - 2016-02-06 11:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 04:59 - 2016-02-06 11:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-10 04:59 - 2016-02-06 11:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 04:59 - 2016-02-06 10:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-09 23:44 - 2016-01-15 03:42 - 00033472 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-09 23:44 - 2016-01-14 22:44 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-09 23:44 - 2016-01-14 22:44 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 23:44 - 2016-01-14 22:44 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-09 23:44 - 2016-01-14 22:44 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-09 23:44 - 2016-01-14 22:44 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-09 23:44 - 2016-01-14 22:44 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-09 23:44 - 2016-01-10 19:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-02-09 23:44 - 2016-01-10 19:31 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-09 23:44 - 2016-01-10 19:16 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-09 23:44 - 2016-01-10 19:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-02-09 23:44 - 2016-01-10 19:12 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-09 23:44 - 2016-01-10 18:58 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 23:44 - 2016-01-10 18:51 - 00702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-09 23:44 - 2016-01-10 18:49 - 00443392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-09 23:44 - 2016-01-10 18:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-09 23:43 - 2016-01-10 21:37 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 23:43 - 2016-01-10 20:39 - 00332640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-09 23:43 - 2016-01-10 20:15 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 23:43 - 2016-01-10 20:15 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 23:43 - 2016-01-10 19:43 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-02-09 23:43 - 2016-01-10 19:09 - 01442304 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 23:43 - 2016-01-10 19:09 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-02-09 23:43 - 2016-01-10 19:02 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 23:43 - 2016-01-10 18:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-02-09 23:43 - 2016-01-10 18:43 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-09 23:43 - 2016-01-07 20:34 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 23:43 - 2015-12-29 17:45 - 07783936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-02-09 23:43 - 2015-12-29 17:45 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-02-09 23:43 - 2015-12-29 17:43 - 05267968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-02-09 23:43 - 2015-12-29 17:42 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-02-09 23:42 - 2016-01-22 10:01 - 22365992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-09 23:42 - 2016-01-22 09:11 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-09 23:42 - 2016-01-22 07:25 - 14467072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-02-09 23:42 - 2016-01-22 07:14 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-02-09 23:42 - 2016-01-22 07:07 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-09 23:42 - 2016-01-22 06:58 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-09 23:40 - 2016-01-19 21:14 - 07453024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 23:40 - 2016-01-19 21:13 - 02175008 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-09 23:40 - 2016-01-19 21:12 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 23:40 - 2016-01-19 21:12 - 01133744 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 23:40 - 2016-01-19 20:23 - 01501496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-09 23:39 - 2016-01-22 08:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 23:39 - 2016-01-22 08:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 23:39 - 2016-01-22 08:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-02-09 23:39 - 2016-01-22 08:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 23:39 - 2016-01-22 08:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-09 23:39 - 2016-01-22 07:55 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-02-09 23:39 - 2016-01-22 07:52 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-02-09 23:39 - 2016-01-22 07:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-09 23:39 - 2016-01-22 07:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-09 23:39 - 2016-01-22 07:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-09 23:39 - 2016-01-22 07:48 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-09 23:39 - 2016-01-22 07:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-09 23:39 - 2016-01-22 07:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-09 23:39 - 2016-01-22 07:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-09 23:39 - 2016-01-22 07:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 23:39 - 2016-01-22 07:31 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-02-09 23:39 - 2016-01-22 07:28 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-02-09 23:39 - 2016-01-22 07:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-09 23:39 - 2016-01-22 07:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-09 23:39 - 2016-01-22 07:25 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-09 23:39 - 2016-01-22 07:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-09 23:39 - 2016-01-22 07:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-09 23:39 - 2016-01-22 07:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-09 23:39 - 2016-01-22 07:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-09 23:39 - 2016-01-19 21:13 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-09 23:39 - 2016-01-19 20:23 - 01564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-09 23:39 - 2016-01-19 20:23 - 00548024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-09 23:39 - 2016-01-19 20:15 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-09 23:39 - 2016-01-19 19:30 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-09 23:39 - 2016-01-19 18:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-02-09 23:39 - 2016-01-10 21:37 - 00136912 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-09 23:39 - 2016-01-10 18:51 - 03707392 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-09 23:39 - 2016-01-10 18:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-09 23:39 - 2016-01-10 18:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-09 23:39 - 2016-01-10 18:36 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-02-09 23:39 - 2016-01-10 18:36 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-09 23:39 - 2016-01-10 18:35 - 02243584 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-09 23:39 - 2016-01-10 18:35 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-09 23:39 - 2016-01-10 18:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-09 23:39 - 2016-01-10 18:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-09 23:39 - 2016-01-10 18:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-09 23:39 - 2016-01-10 18:26 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-09 23:39 - 2016-01-06 20:25 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 23:39 - 2015-12-28 23:42 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2016-02-09 23:39 - 2015-12-28 22:31 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll
2016-02-09 23:39 - 2015-12-17 20:29 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-09 23:39 - 2015-12-17 18:17 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-07 21:43 - 2016-02-07 21:43 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2016-02-07 21:43 - 2016-02-07 21:43 - 00002028 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2016-02-07 21:28 - 2016-02-07 21:28 - 01508352 _____ C:\Users\MIIKATEE-PC\Downloads\AdwCleaner.exe
2016-02-07 20:57 - 2016-02-07 20:57 - 00001145 _____ C:\Users\MIIKATEE-PC\Desktop\JRT.txt
2016-02-07 20:55 - 2016-02-07 20:55 - 01609032 _____ (Malwarebytes) C:\Users\MIIKATEE-PC\Downloads\JRT.exe
2016-01-29 22:25 - 2016-01-29 22:25 - 00045634 _____ C:\Users\MIIKATEE-PC\Downloads\Tiliote%20FI70%208000%202609%205387%2006(1).PDF
2016-01-29 22:24 - 2016-01-29 22:25 - 00048491 _____ C:\Users\MIIKATEE-PC\Downloads\Tiliote%20FI70%208000%202609%205387%2006.PDF
2016-01-29 20:07 - 2016-01-29 20:07 - 00391684 _____ C:\Users\MIIKATEE-PC\Downloads\Päätös.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-22 17:29 - 2015-11-20 18:29 - 00000937 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {62DE7B1F-E2A6-4FBB-8A0C-E23382439957}.job
2016-02-22 17:29 - 2015-11-20 18:29 - 00000751 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {62DE7B1F-E2A6-4FBB-8A0C-E23382439957}.job
2016-02-22 17:03 - 2014-08-08 11:41 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B84C18E1-F290-4037-A6C5-9029838CF50E}
2016-02-22 16:55 - 2014-11-02 21:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-22 15:39 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-02-22 05:11 - 2014-09-04 22:10 - 00000000 ____D C:\Users\MIIKATEE-PC\Tracing
2016-02-22 00:56 - 2015-02-20 21:49 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-22 00:56 - 2015-01-06 17:57 - 00000000 ___RD C:\Users\MIIKATEE-PC\OneDrive
2016-02-22 00:55 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-22 00:54 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-21 23:57 - 2014-06-11 21:44 - 00435530 _____ C:\Windows\system32\perfh00B.dat
2016-02-21 23:57 - 2014-06-11 21:44 - 00081592 _____ C:\Windows\system32\perfc00B.dat
2016-02-21 23:57 - 2014-04-17 08:05 - 01367966 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-21 23:54 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-02-21 22:28 - 2016-01-05 22:12 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-21 22:27 - 2016-01-07 23:53 - 00000000 ____D C:\AdwCleaner
2016-02-21 07:29 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-02-21 05:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-02-21 05:23 - 2014-09-21 17:58 - 00000000 ____D C:\Users\MIIKATEE-PC\AppData\Roaming\vlc
2016-02-17 16:56 - 2014-09-01 22:57 - 00000000 ____D C:\Users\MIIKATEE-PC\Documents\REAPER Media
2016-02-17 05:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-02-16 15:20 - 2015-12-17 23:55 - 00000000 ____D C:\Vinyylilevyt
2016-02-14 23:15 - 2015-07-31 11:11 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-02-14 23:02 - 2014-09-21 01:52 - 00000000 ____D C:\Users\MIIKATEE-PC\AppData\Roaming\uTorrent
2016-02-13 21:14 - 2013-08-22 16:44 - 00372744 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-13 21:12 - 2015-10-08 02:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-13 21:09 - 2014-12-11 20:01 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-13 21:09 - 2013-08-22 21:11 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-13 21:09 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-02-12 04:25 - 2014-08-07 17:10 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-228244814-4014184906-1107031086-1001
2016-02-11 06:34 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-10 07:55 - 2014-11-02 21:17 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 05:08 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-02-10 05:05 - 2014-08-17 20:04 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 05:01 - 2014-08-17 20:04 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-09 23:35 - 2015-11-11 00:39 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-02-09 23:35 - 2015-11-11 00:39 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-09 02:39 - 2015-12-02 04:31 - 00000000 ____D C:\Ulkoinen Kovalevy
2016-02-07 21:50 - 2014-08-14 18:02 - 00000000 ____D C:\Users\MIIKATEE-PC\AppData\Local\CrashDumps
2016-02-07 21:43 - 2015-07-20 20:56 - 00003352 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2016-02-07 21:43 - 2015-06-01 00:36 - 00000000 ____D C:\Users\MIIKATEE-PC\AppData\Local\ElevatedDiagnostics
2016-02-07 21:43 - 2014-04-17 09:26 - 00000000 ____D C:\Program Files (x86)\Acer
2016-02-07 21:43 - 2014-04-17 08:48 - 00000000 ___HD C:\OEM
2016-02-07 21:41 - 2014-04-17 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-02-07 21:37 - 2014-08-07 17:06 - 00000000 ____D C:\Users\MIIKATEE-PC\AppData\Local\clear.fi
2016-02-07 21:18 - 2014-08-07 17:03 - 00000000 ____D C:\Users\MIIKATEE-PC
2016-02-02 04:37 - 2015-07-19 18:38 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-02 04:37 - 2015-07-19 18:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-01 01:34 - 2015-01-06 03:38 - 00000000 ____D C:\Users\MIIKATEE-PC\Desktop\Tor Browser

==================== Files in the root of some directories =======

2014-09-10 04:30 - 2015-09-26 02:39 - 0009728 _____ () C:\Users\MIIKATEE-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-11 21:46 - 2014-06-11 21:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-17 05:30

==================== End of FRST.txt ============================



#3 BadBrain9

BadBrain9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 22 February 2016 - 03:32 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-02-2016 01
Ran by MIIKATEE-PC (2016-02-22 17:33:47)
Running from C:\Users\MIIKATEE-PC\Downloads
Windows 8.1 (X64) (2014-08-07 15:03:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Järjestelmänvalvoja (S-1-5-21-228244814-4014184906-1107031086-500 - Administrator - Disabled)
MIIKATEE-PC (S-1-5-21-228244814-4014184906-1107031086-1001 - Administrator - Enabled) => C:\Users\MIIKATEE-PC
Vieras (S-1-5-21-228244814-4014184906-1107031086-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 Premier (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Premier (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Premier (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
Ableton Live 9 Lite (HKLM-x32\...\{81C44E70-0F73-4BE5-B646-3C4F54C4F32A}) (Version: 9.0.0.0 - Ableton)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Aiseesoft MTS Converter 7.1.70 (HKLM-x32\...\{9CD9AEEB-C80D-47b9-8C05-079132A484CE}_is1) (Version: 7.1.70 - Aiseesoft Studio)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated)
Apple Mobile Device Support (HKLM\...\{9B3B4129-220E-42C7-9C5B-91C65E0885B4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applen ohjelmatuki (32-bittinen) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Bass Station 2.1 (HKLM-x32\...\{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1) (Version: 2.1 - Novation)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MF Toolbox 4.9.1.1.mf17 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf17 - CANON INC.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
Event Horizon version 3.0.3 (HKLM\...\Event Horizon_is1) (Version: 3.0.3 - Stillwell Audio LLC)
FlickFetch versio 2.6.5.0 (HKU\S-1-5-21-228244814-4014184906-1107031086-1001\...\{E71BF983-5AF5-419C-8ACA-21D133567457}_is1) (Version: 2.6.5.0 - )
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.0 - Genesys Logic)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
iTunes (HKLM\...\{5D239A92-31A4-4FCA-967D-F9EA8E1FDF6A}) (Version: 12.1.2.27 - Apple Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware versio 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.10.00.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 44.0.2 (x86 fi) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 fi)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 -  Microsoft)
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{36DF4580-D1B3-11E3-A23E-F04DA23A5C58}) (Version: 2.0.628 - Sony)
Norton 360 Premier (HKLM-x32\...\N360) (Version: 22.5.5.15 - Symantec Corporation)
NVIDIA Graphics Driver 332.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.91 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{A149D333-5DFF-4E9F-8B95-1E263A8C2650}) (Version: 4.11.9775 - Apache Software Foundation)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
R16_R24 Driver (HKLM\...\{19CF1A77-C522-4082-8A2B-A9952EE9E372}) (Version: 2.0.0.3 - ZOOM)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7218 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Red 2 & Red 3 Plug-in Suite version 1.0 (HKLM\...\Red 2 & Red 3 Plug-in Suite_is1) (Version: 1.0 - Focusrite Audio Engineering Limited)
Scarlett Plug-in Suite 1.7 (HKLM-x32\...\{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1) (Version: 1.7 - Focusrite)
Sound Forge Pro 11.0 (HKLM-x32\...\{FE1A7F80-1348-11E4-8C79-F04DA23A5C58}) (Version: 11.0.293 - Sony)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Windows Liven peruspaketti (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windowsin ohjainpaketti - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinX HD Video Converter Deluxe 5.6.2 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMR Complete Bundle (HKLM\...\Slate Digital VMR Complete Bundle_is1) (Version:  - Slate Digital)
YLE Areena -lataaja 2.2 (HKLM-x32\...\{5CDFB502-2DDD-488F-A22A-0EB27AD4C4BA}_is1) (Version: 2.2 - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-228244814-4014184906-1107031086-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B6A415C-3AF6-48CF-BB86-8AC5DB4D73BD} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-01-14] (Acer Incorporated)
Task: {14EE1E19-C959-43DA-AC75-4002CCBF4D87} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {17EBAFF3-CCDE-4774-B07B-425DE6B50755} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {25891DB8-D4D4-474D-A025-54F63C8040FC} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate)
Task: {3238846F-433D-4086-B0B5-FD8DCB147DF7} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {4870B8EB-B615-4D9F-8F1D-094FA449D0F6} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\WSCStub.exe [2016-01-06] (Symantec Corporation)
Task: {4A138FF5-90EC-4E76-8E85-55F2DC81B537} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-19] (Acer Incorporated)
Task: {5DC415B9-D31A-4D7B-991F-3DA991121F65} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()
Task: {6565DC4A-36F1-491D-954E-0168678578A1} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {7E67134A-2F84-4141-B293-A61D0BDF7239} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {A8E80D0E-6318-42EC-8EFF-11C20A94B974} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {BE81DB55-8A26-46AE-8ACC-54E1D8659B01} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-22] (Acer Incorporate)
Task: {BFB9DC82-3169-47F3-9A04-FB44749C2418} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-25] (TODO: <Company name>)
Task: {C267C718-F172-474E-B6A6-900491F46B7F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360 Premier\Upgrade.exe [2016-01-06] (Symantec Corporation)
Task: {C3731771-7824-47E7-8D0F-A7F08F9C1998} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {CDBC8887-A270-4B70-9058-06CF7B798D78} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {D5CA7761-7ADC-4091-BEE8-246925478B16} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {62DE7B1F-E2A6-4FBB-8A0C-E23382439957} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2014-12-02] (SEIKO EPSON CORPORATION)
Task: {EF4C36B0-C001-40CA-85C6-497294AF664B} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-01-19] (Acer)
Task: {F016002F-0887-4D7E-AEAD-32B3E0896224} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {F61ED9CC-C24A-4DF0-BE73-D2C223122EDB} - System32\Tasks\EPSON XP-412 413 415 Series Update {62DE7B1F-E2A6-4FBB-8A0C-E23382439957} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2014-12-02] (SEIKO EPSON CORPORATION)
Task: {FA24C21B-0FD4-4CBC-B793-F868F8E8A8EB} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-22] (Acer Incorporate)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {62DE7B1F-E2A6-4FBB-8A0C-E23382439957}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {62DE7B1F-E2A6-4FBB-8A0C-E23382439957}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{62DE7B1F-E2A6-4FBB-8A0C-E23382439957} /F:UpdateWORKGROUP\MIIKATEE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Public\Desktop\Booking.com.lnk -> C:\Program Files\Booking.COM\StartURL.exe () -> hxxp://www.booking.com/index.html?aid=379334

==================== Loaded Modules (Whitelisted) ==============

2014-06-11 21:47 - 2014-03-24 14:30 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-26 07:14 - 2014-02-26 07:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 07:11 - 2014-02-26 07:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 07:17 - 2014-02-26 07:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-06-11 21:45 - 2013-10-01 11:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-04-17 08:50 - 2014-03-07 18:21 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2015-11-23 18:44 - 2015-11-23 18:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2014-08-20 03:46 - 2014-08-20 03:46 - 01204224 _____ () C:\Program Files\REAPER (x64)\Plugins\elastique2.dll
2014-08-20 03:38 - 2014-08-20 03:38 - 00261632 _____ () C:\Program Files\REAPER (x64)\Plugins\soundtouch.dll
2014-08-20 03:38 - 2014-08-20 03:38 - 00862208 _____ () C:\Program Files\REAPER (x64)\Plugins\jsfx.dll
2014-08-20 03:38 - 2014-08-20 03:38 - 00245248 _____ () C:\Program Files\REAPER (x64)\Plugins\reaper_cd.dll
2014-08-20 03:38 - 2014-08-20 03:38 - 00615936 _____ () C:\Program Files\REAPER (x64)\Plugins\reaper_csurf.dll
2014-08-20 03:37 - 2014-08-20 03:37 - 00214016 _____ () C:\Program Files\REAPER (x64)\Plugins\reaper_ddp.dll
2014-08-20 03:39 - 2014-08-20 03:39 - 00529920 _____ () C:\Program Files\REAPER (x64)\Plugins\reaper_explorer.dll
2014-08-20 03:38 - 2014-08-20 03:38 - 00423936 _____ () C:\Program Files\REAPER (x64)\Plugins\reaper_flac.dll
2014-08-20 03:38 - 2014-08-20 03:38 - 00578048 _____ () C:\Program Files\REAPER (x64)\Plugins\reaper_mp3dec.dll
2014-08-20 03:38 - 2014-08-20 03:38 - 02101248 _____ () C:\Program Files\REAPER (x64)\Plugins\reaper_ogg.dll
2014-08-20 03:37 - 2014-08-20 03:37 - 00217088 _____ () C:\Program Files\REAPER (x64)\Plugins\reaper_rex.dll
2014-08-20 03:38 - 2014-08-20 03:38 - 01001984 _____ () C:\Program Files\REAPER (x64)\Plugins\reaper_video.dll
2013-03-12 16:50 - 2013-03-12 16:50 - 04084651 _____ () C:\Program Files\REAPER (x64)\Plugins\FFmpeg.dll
2014-08-20 03:39 - 2014-08-20 03:39 - 00229376 _____ () C:\Program Files\REAPER (x64)\Plugins\reaper_wave.dll
2014-08-20 03:38 - 2014-08-20 03:38 - 00445952 _____ () C:\Program Files\REAPER (x64)\Plugins\reaper_wavpack.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-25 23:21 - 2014-10-31 15:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-09-25 23:21 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-11-16 19:55 - 2015-11-16 19:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-02-07 21:43 - 2016-02-07 21:43 - 00015064 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-01-14 17:12 - 2016-01-14 17:12 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-01-14 17:11 - 2016-01-14 17:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-06-11 21:44 - 2013-12-10 01:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-228244814-4014184906-1107031086-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: Mobile Broadband HL Service => 2
MSCONFIG\Services: RichVideo => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9D7D5409-7F71-4D69-9120-6696E7D604BE}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{17519CF2-8541-4028-A0C5-5D531E71F43E}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{2542884F-6C35-4732-821B-A3D6F6DF90D6}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{5D0664F1-056F-4ED1-BA7D-A29D639AEF8C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{087BFFC9-F974-4068-8F1F-B0A33A9C3FDD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{021C509E-B282-4354-9E34-6DE49BF6771F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B8B74A77-A0C2-4888-9D45-3E9F9F7FFFAF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{1B60273A-67D8-449E-B22A-E9FA66313750}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{008A1382-A39B-4C35-BA39-FB45D712632A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{333941D2-1231-4E64-85AF-98692965392F}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{648B7C5A-75F1-4D2E-8409-09882007EF88}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{8DAD4ACE-70BF-4DDC-8CC5-1F4D5511B1F2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{469E0FEE-6F31-49E9-9C86-68CF86079C06}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{62AB6605-9333-42B5-8C61-620DB6FFCEFD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{739B0741-B034-4B4D-BBAE-47DB9B08E4D3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{B34944A2-E226-475B-85CC-2305858D8846}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{7DAB37B3-5DFF-428C-9C18-1A135AF2AC60}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{1206BD4F-C9FC-4BE7-9E59-C2057544D551}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{30DF324A-801C-45E7-A2B1-07B4159EB3A9}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{7D034A7D-9557-4A7C-81D3-6A799EACD6D5}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{CD7468CC-2097-417E-A30F-920CE54B0F9D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{6B0CCB09-D999-4AFA-BEF7-755D4898BCEE}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{FD6F5291-A9CA-4337-AE6A-89C6D267BFE3}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{F2D00911-D7A5-4911-B039-F0F2BCC0ACC9}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{C564E8AA-9F36-4BAF-A9C2-08D6460EFFBF}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{911E77B3-D417-4728-8D05-2687B502D837}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{CFA69725-3730-49F5-8D53-6B11F242E84A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{36EE385D-857B-4A1F-AB64-60F564940364}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{B75BF9ED-4BAE-41FD-8D72-EBE9FFBBC187}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{C0CEEEF2-5D5E-4ACA-AFC8-027188CBF064}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{1CCFE104-C7CD-41B6-A1CE-7CDD08682EA3}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{8E7E51D3-7BF8-4F9F-9491-98D66D7AD3B5}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{61C36301-EC73-468C-8CBE-D8EEC5EF7C24}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{DF59348A-5628-474F-829C-4B57A4309E4C}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{595D627A-46A0-4B05-A1D8-EF119CC0F67D}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{8BB8AC69-2AB5-4449-98C1-7DB936461DB7}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{497CC98C-C1DE-4340-99AE-0C3E4A647755}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{BF10726D-25AF-40BC-9893-D0C930D55014}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{EF570025-FFC7-44F8-ADAE-5CA340927160}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{EE6E6498-ABBA-4D84-B15E-CDA1962E4A2D}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{0AAD50FF-92A7-4CF5-99C9-692F79CE3613}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{D6AAF4B5-C4D5-47AC-A9C6-651040FE17AF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{28903D94-C1D5-488E-9C20-2FDFEFED026F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{4DCA81BD-F52B-477B-900E-0C99A3AC7583}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{91976C6F-D21F-4FDE-AB59-AAA92961A7F5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{4B3CBF03-E6F0-49C9-800B-4BCC7AB05E40}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{44074231-8641-4F5C-B272-E6101EA536D4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{0A254965-CC78-40B3-B6D6-C0CA15F388A6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{F1A686CC-33CE-4005-9A5F-418E313A388A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{A6E3C2BF-7496-4F2D-B98E-65FB78BCA968}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{43D4A099-2EC1-43B2-A8A8-149FC23D35E5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{C213BC43-829C-4F22-8A3B-A050998C1000}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{B8108FC2-1619-4755-BA67-E1DF67478E6A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{1A12D30F-0094-49EF-8D02-487B8EB1636A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{AA41C4CB-EBFE-4801-9E89-D11920694486}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{8CB74B20-E3F5-4647-AB95-8EAD4A236219}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{23C009EA-C923-45AE-A361-3C8F52770941}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{E774C2F2-94D5-4B79-BA10-F68BF5EB07BC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{EE1D39AF-5967-438C-89B4-D08AECC79E9E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{9E07F322-AFD1-42EF-B487-A0C53E0F7623}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{FDB66BBF-970B-478F-8B68-EFCFBCDCA198}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{50979443-31B6-4B67-B578-482C7DFD2384}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{042A6302-D6EA-4A7D-AC84-E82EBB99956B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{2AA4D3A0-C99B-4E61-B369-5BA7CDAA0E81}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{57C520DF-2295-4CE4-A2D4-B79CFCC6B961}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C67EEACD-40E6-4964-BF59-BA9EFEDEEB29}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{AA9CF51B-3882-454E-B2E5-0FF64F23856E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9FBCF48F-645D-42A6-8E38-37C481ED7402}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F9749AB9-65E1-46DA-B7E5-BED450FD1FBD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{16AF7E34-A849-419E-A82B-AC47BDFDE3E2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3B92A20E-66CA-444F-8640-B2A123EF7118}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{09F8768B-407E-41B4-BDB7-4AF5B6EBDB3B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CCFBACA1-9759-40D3-9DBA-E3CD319AD6FE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D4713156-0218-43E8-B88F-2A0123A86B79}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{9148FBC9-80D4-4C0D-B76F-9AC2C76A1111}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{1C8C0FE9-C4C5-4490-9F1B-ECCB32F7F745}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E40BB7DC-8AB1-4212-8623-78FE3E62D212}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E7825404-CE2A-4289-A0D0-E447B1006533}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{688F3910-5CA2-45D6-BC9D-D0AC0DE7AAE4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{A9EF5E4B-0FF2-4131-9941-326BD0E302F2}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{33F8E2FE-E159-4515-8DA7-E16FD06A5AB6}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{A7BD46FB-B7CE-4423-B25B-58A27BDF79CC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7EC9717A-2107-4D3C-B67D-D6F353E33636}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CFF35C98-FB71-42FB-9822-D2A31EF7AF27}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FB9756A8-019E-4B06-A16B-E8D2CD9A28EC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E172B008-777F-4B04-96CF-2B7EB84800B9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{60033C33-773D-472C-9C18-241B3EA46232}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F7864E5F-DCBF-4C75-885F-0C27BDB8164F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{DF295384-A4C4-4CCE-93BB-8A4B2774E465}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CF985152-8ABA-48B5-867A-FD3AE89DFA15}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BFAA9BF3-6B9B-4A35-8706-40041D2D1CC1}] => (Allow) LPort=2869
FirewallRules: [{B2C4D5FA-1390-4DAD-A948-7FF90456F22B}] => (Allow) LPort=1900
FirewallRules: [{1BC0BFD3-4987-4A40-B1EA-7E41E5717420}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4AF2EB9F-DABB-46A5-B710-EFCE479E2439}] => (Allow) C:\Users\MIIKATEE-PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8D38DC3B-3E56-466E-8D2F-97C2100FD1DE}] => (Allow) C:\Users\MIIKATEE-PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{18AD3BEF-C29D-4268-9872-B10E2A4A8AFE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{ECCDB0F5-6251-4920-851C-D3AB8F0E1D92}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{ED46B3BD-8134-46FF-96F0-AD7418A12EB1}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{6CE2DA41-C518-4E3F-BAEC-CC5D6F455CB7}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{FD4214D0-5E36-48B6-A9DB-38669B7368D1}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{5E52A2C0-8FE4-484E-BFFA-DF866BD6E4CA}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{F7EB3C81-B8B1-4AAF-AFA3-FE46FE4156FF}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{DC6F896C-541A-454B-AD42-D51CCF5449E7}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{ABA7E38E-86AA-46DD-8ABC-F6BD95C6A8EF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1529B315-2FE3-4AB0-8911-94A98EED027B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6817637A-C7A9-4565-9F72-0D87080170DB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A8FB0186-E05E-4CF3-8FAB-A5BE41B8E965}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{15DB821D-4E13-4D2A-867A-3DEB6F4E1E49}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A9C3E20F-60E2-4C37-8ADE-903A5FA64F3D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{86689987-7C83-45E1-A0CE-EA46059ADDF3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{972271CC-4093-49AA-97BB-358B7F21CBBA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{047DD7B4-68D2-4537-A1C5-D6C6CF195A00}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{52D72857-DB4C-4A9C-9593-5EE79BC3E332}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2DD7FC3C-4C11-4B3B-8DF3-59C1BEC43AA6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4CF650BF-F1E1-4BFE-928F-104C75B45053}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{18D03663-AC75-4224-8C4B-272467E47F88}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{88A76DAD-22D9-49D8-96F4-8DF7D768BFF8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E1ABF521-2ADB-4FD8-A960-8CEF00C53D21}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{DA092352-A52C-446E-B3A0-EEFB514F5B04}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B5C5D581-EC84-4B75-A53A-603D0BBE5644}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{730C5BAC-668E-4416-ABAE-01B45BF73449}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{7C20B195-0FC9-481C-B804-CF45C08C017E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{56089620-6142-434C-BA6D-A417FC9A6BAD}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{B6F51D81-15CF-4279-8385-C97D7FB0E7E9}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{54BCAD9A-FF36-471C-8B05-5463305B8094}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{F91E8938-08DB-4E4D-BA16-DCC54867FA69}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{CFE560A5-6E51-49A0-9B04-CD99FBCF707C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{4E48109A-9F51-4161-8585-948E3EE2F492}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3CBD885E-CAFA-4DA5-910E-DF1195ED87F8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{85BEEE9A-D2A1-4199-AC6C-CEC110EF5D29}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{50BDFA6E-9220-4C7F-8846-522BB739E94D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3A3110CF-4E9D-4F46-A04E-720C13742EC9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{62B21C9E-25E3-42FC-BFA5-D9C973960CB4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{08650F22-F923-4C96-8794-B7FC650D47D4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7B1B5892-A856-48E9-9D91-5971421811E5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{37D4832D-2ECB-478F-B4B9-A3A253E53D62}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{3F615C55-9281-4C96-92A9-1E8A0861A875}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{3B3CE0CD-D6B2-4568-8BDE-0ACC4CBD2892}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C8F9AC63-929B-4EBE-B229-856112867D62}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{5CA8C4D2-4753-4E73-BFC5-6795A51A6CF5}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{E67381FD-8104-4F14-A3FC-0F5809B4AEEB}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{DC727B0B-478A-4F78-A2F5-A53835C864EE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{811E81FB-5D8A-4B8F-A99E-D8430B632B30}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{A0C72AF4-8FC1-4231-A81F-C6B42F79F1F0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1BAAE6AE-0D1D-4A9E-824B-F8DC6B810DED}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{454795C8-8D73-4505-8D87-AEED46E14C5E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{08B1F129-4263-4995-8E93-1A413E495D8F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B4669F39-C508-4E97-9276-D35EEF6D9547}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{500FE59E-CD16-4D23-9701-E5DE30CF17B5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{75FCF1F8-2DFF-4452-9D9C-9F16B4339B8D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{25258260-84FB-496A-B07E-2883D1AA7B74}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FC6B0A0A-7E1D-430D-B4B8-82996D413442}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{462ABD75-E3F4-43F2-A538-092379200415}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0F1787C9-9765-4CB2-BE34-0BC7F7E06552}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2D44529C-9E47-4547-BDD0-105FCAEAD7EC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F68B056C-2971-4256-BB46-D5871BF20E9E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{AADB4562-E659-4452-B870-0E2151340DB6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7C844595-723E-4115-9039-67151B7494F3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{17BC7199-7B3F-465B-B2AA-A34FA884B553}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{6F0E0714-88FC-4E7D-A031-28A75FD2F5CD}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{5B4C8C12-E4F5-418E-8D7F-CFABD364BC9F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{2494DAFC-3861-4D86-AF83-17B75755A46B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{410A85C1-89B2-44C1-AC18-6CB9C351AA20}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DD49C5E9-02AD-45CD-ADF7-D955FDC552A9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{176A6938-C0E0-45EF-B9B8-68348E926E69}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{047BE6E6-B8BA-4EF2-8566-C16DF48AC9EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{C1C519AE-A15E-4421-B36C-831D1D1E53A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{A609BED0-F743-43E4-922A-40B5CA62A999}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{177C4E7A-218F-454D-BB62-B90EEC6B7DA6}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{D16C5077-C641-44D8-8822-E1923DFA7C04}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{2B1B69AA-DFE2-4F80-91DC-3400CC743C43}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{163E0ED1-826E-4431-B304-73B36B739540}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{1AB469C3-0CEB-4A73-9FFC-35A6E69C6A44}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{DB06FEE1-CD2F-45B7-8AAB-7F7D8D30E7CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{B42C7C2B-6F59-4451-8E5C-8D279E0DF85A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{5B30A831-50EB-4975-934D-6E755C6ED788}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E841024E-6965-4A0C-AA45-ED4D2939676A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BF153A99-F84D-4D69-A923-74EB64C99D8E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{496EEFF5-C9F4-487B-9895-CD7850D74483}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A1E3B153-6511-410B-999A-82B01BE39DEC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2C072757-C3FB-4993-B6BB-155419B3B5C2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{126CAC4F-973F-43CA-854B-BD6B4CFBC6DF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9F9D1517-89AE-44C3-91C3-72BA3EAF0173}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{718E38B3-4145-4245-B282-1B80A52F9D1E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DE7EBCC3-9595-4C3D-9C0C-3E1B074C941B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7CF9506C-DCDF-4DA7-8968-C4F3E08CD3E8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{EDEE3D2A-59DF-4302-9324-D24C0578C022}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A90B4680-0709-4C71-B62F-6446F770D81A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{69E38358-6EEA-4CF2-8C27-AD13C24C2EFD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6257A01C-D753-42BB-B233-9E0F23AB8620}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9A33DA70-79C5-40B2-AB22-714B13FDC4DF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{643E9F83-71D2-4D3A-A409-E5E590C9EB7A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2A970A97-6A97-4D3E-BCB2-35BFFA040D8D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F2A054CF-8CC5-43FA-8D37-B5B2674A10D2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{544D68F6-9D94-4B2C-8FE1-68FF201AA9E4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C8DD2746-76C5-4DC8-88A4-87DC9C7DFDF1}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{8D90C54E-8023-4989-B5B3-06A0F51EE88F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2D319902-4A6E-4DFE-BF60-9D95220B8C48}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8194A252-3FC5-4284-BBBD-ADA7A5CE93BF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BC8AC446-2519-4B5F-8BC0-C384B20CF5D8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D832C013-A611-4EA8-837D-FF374AC72513}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DCB01BC3-5B84-4BE7-9840-C964E4ABF135}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A1174AB7-995A-4EFE-974C-F225CD180AC7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{6FC9D93E-E648-4428-BD54-35E9CE7DD2E0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D7C7246E-1682-4B71-9DE0-3A0B69C68D85}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{71A9EC87-D107-4D59-8761-BACA59243AAE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E7E85DD4-3C39-464E-A078-7F49925D60D3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C629B14C-808C-4843-8817-137F1360A192}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{97D53B7B-5426-4960-A998-81C77F459AF1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C18A0AA0-650D-491A-B222-2099C2082F1B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A36132D0-CBFD-43B6-B00E-62C2B640DD94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6CFE3805-4F5E-4C78-BB06-EB4E45485E0E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ACE75C96-0D95-4C17-AF1F-84F6EAE8711C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7C040A66-5650-4895-94E4-A4FEFE5A9204}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F7DD9EC4-9EE1-41EB-ACF3-2527B84E2A0D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{EA01A59D-D1AD-44A6-8147-5AF6C9DD73ED}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{78BC8497-E960-489A-AA6E-2789F531BAD5}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{8FBCF1CB-12BA-4BA4-ADE2-A1F076D0B0FB}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

==================== Restore Points =========================

11-02-2016 06:34:12 Windows Update
15-02-2016 06:41:03 Windows Update
18-02-2016 17:39:51 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/22/2016 12:07:04 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-hallinta)
Description: There was an error with the Windows Location Provider database

Error: (02/14/2016 11:09:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Ohjelman Explorer.EXE versio 6.3.9600.17667, lakkasi olemasta yhteydessä Windowsiin, joten se suljettiin. Voit tarkistaa, onko ongelmasta saatavilla lisätietoja, ohjauspaneelin Toimintokeskus-kohdasta.

Prosessin tunnus: a80

Alkamisaika: 01d1676b42e431b8

Päättymisaika: 60000

Sovelluksen polku: C:\Windows\Explorer.EXE

Raportin tunnus: 247a6117-d35f-11e5-82a7-c4544482ad40

Viallisen paketin koko nimi:

Viallisen paketin suhteellinen sovellustunnus:

Error: (02/14/2016 11:09:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Ohjelman LiveComm.exe versio 17.5.9600.20911, lakkasi olemasta yhteydessä Windowsiin, joten se suljettiin. Voit tarkistaa, onko ongelmasta saatavilla lisätietoja, ohjauspaneelin Toimintokeskus-kohdasta.

Prosessin tunnus: dcc

Alkamisaika: 01d1676b490c5e8c

Päättymisaika: 4294967295

Sovelluksen polku: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Raportin tunnus: 3d238d2a-d35f-11e5-82a7-c4544482ad40

Viallisen paketin koko nimi: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Viallisen paketin suhteellinen sovellustunnus: ppleae38af2e007f4358a809ac99a64a67c1

Error: (02/14/2016 11:07:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Ohjelman Explorer.EXE versio 6.3.9600.17667, lakkasi olemasta yhteydessä Windowsiin, joten se suljettiin. Voit tarkistaa, onko ongelmasta saatavilla lisätietoja, ohjauspaneelin Toimintokeskus-kohdasta.

Prosessin tunnus: a80

Alkamisaika: 01d1676b42e431b8

Päättymisaika: 4294967295

Sovelluksen polku: C:\Windows\Explorer.EXE

Raportin tunnus: 05b8262e-d35f-11e5-82a7-c4544482ad40

Viallisen paketin koko nimi:

Viallisen paketin suhteellinen sovellustunnus:

Error: (02/14/2016 05:44:11 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (02/12/2016 12:04:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Ohjelman Explorer.EXE versio 6.3.9600.17667, lakkasi olemasta yhteydessä Windowsiin, joten se suljettiin. Voit tarkistaa, onko ongelmasta saatavilla lisätietoja, ohjauspaneelin Toimintokeskus-kohdasta.

Prosessin tunnus: 8a0

Alkamisaika: 01d161deac9dab3e

Päättymisaika: 60000

Sovelluksen polku: C:\Windows\Explorer.EXE

Raportin tunnus: 4c9ff060-d10b-11e5-82a5-90489a748a57

Viallisen paketin koko nimi:

Viallisen paketin suhteellinen sovellustunnus:

Error: (02/09/2016 01:41:44 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-hallinta)
Description: There was an error with the Windows Location Provider database

Error: (02/07/2016 09:43:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Viallisen sovelluksen nimi: wmplayer.exe, versio: 12.0.9600.17415, aikaleima: 0x545046f0
Viallisen moduulin nimi: WINMM.dll, versio: 6.3.9600.17415, aikaleima: 0x54503b0a
Poikkeuskoodi: 0xc0000005
Virhepoikkeama: 0x00002810
Viallisen prosessin tunnus: 0x167c
Viallisen sovelluksen käynnistysaika: 0xwmplayer.exe0
Viallisen sovelluksen polku: wmplayer.exe1
Viallisen moduulin polku: wmplayer.exe2
Raportin tunnus: wmplayer.exe3
Viallisen paketin koko nimi: wmplayer.exe4
Viallisen paketin suhteellinen sovellustunnus: wmplayer.exe5

Error: (02/07/2016 09:07:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4438

Error: (02/07/2016 09:07:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4438


System errors:
=============
Error: (02/22/2016 12:55:29 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Palvelu McAfee Personal Firewall Service on riippuvainen seuraavasta palvelusta: MfeFire. Tätä palvelua ei ehkä ole asennettu.

Error: (02/21/2016 11:51:22 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Palvelu McAfee Personal Firewall Service on riippuvainen seuraavasta palvelusta: MfeFire. Tätä palvelua ei ehkä ole asennettu.

Error: (02/21/2016 11:50:27 PM) (Source: DCOM) (EventID: 10005) (User: MIIKATEE)
Description: 1084WSearchEi käytettävissä{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (02/21/2016 11:50:26 PM) (Source: DCOM) (EventID: 10005) (User: MIIKATEE)
Description: 1084ShellHWDetectionEi käytettävissä{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/21/2016 11:50:07 PM) (Source: DCOM) (EventID: 10005) (User: MIIKATEE)
Description: 1084ShellHWDetectionEi käytettävissä{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/21/2016 11:48:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Palvelu Tietokoneiden selaus on riippuvainen palvelusta Palvelin, jonka käynnistyminen epäonnistui virheen vuoksi:
%%1068

Error: (02/21/2016 11:48:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Palvelu Tietokoneiden selaus on riippuvainen palvelusta Palvelin, jonka käynnistyminen epäonnistui virheen vuoksi:
%%1068

Error: (02/21/2016 11:48:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Palvelu Tietokoneiden selaus on riippuvainen palvelusta Palvelin, jonka käynnistyminen epäonnistui virheen vuoksi:
%%1068

Error: (02/21/2016 11:45:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Palvelu Tietokoneiden selaus on riippuvainen palvelusta Palvelin, jonka käynnistyminen epäonnistui virheen vuoksi:
%%1068

Error: (02/21/2016 11:45:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Palvelu Tietokoneiden selaus on riippuvainen palvelusta Palvelin, jonka käynnistyminen epäonnistui virheen vuoksi:
%%1068


CodeIntegrity:
===================================
  Date: 2016-01-26 22:46:09.381
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-26 22:45:17.699
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-26 22:45:14.352
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-26 22:45:10.471
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-26 22:44:41.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-27 01:44:43.841
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-07 00:54:29.747
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 28%
Total physical RAM: 8115.27 MB
Available physical RAM: 5794.21 MB
Total Virtual: 9395.27 MB
Available Virtual: 6838.91 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:913.51 GB) (Free:558.95 GB) NTFS
Drive d: (UPD1-71332) (CDROM) (Total:6.76 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5AF6084F)

Partition: GPT.

==================== End of Addition.txt ============================



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:28 AM

Posted 23 February 2016 - 08:44 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to the a new file.


Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-228244814-4014184906-1107031086-1001\...\RunOnce: [Application Restart #1] => C:\Users\MIIKATEE-PC\AppData\Local\Pokki\Engine\ServiceHostApp.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disab (the data entry has 561 more characters).
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
S2 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
C:\Users\MIIKATEE-PC\AppData\Local\Pokki\Engine\ServiceHostApp.exe

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Please paste the logs and let me know what problem persists with this computer.

#5 BadBrain9

BadBrain9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 23 February 2016 - 04:35 PM

Thank you for your help.

 

Here are the content of the files you requested.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:21-02-2016 01
Ran by MIIKATEE-PC (2016-02-23 22:52:52) Run:1
Running from C:\Users\MIIKATEE-PC\Downloads
Loaded Profiles: MIIKATEE-PC (Available Profiles: MIIKATEE-PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-228244814-4014184906-1107031086-1001\...\RunOnce: [Application Restart #1] => C:\Users\MIIKATEE-PC\AppData\Local\Pokki\Engine\ServiceHostApp.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disab (the data entry has 561 more characters).
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
S2 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
C:\Users\MIIKATEE-PC\AppData\Local\Pokki\Engine\ServiceHostApp.exe

End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-228244814-4014184906-1107031086-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #1 => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}" => key removed successfully
McMPFSvc => service removed successfully
"C:\Users\MIIKATEE-PC\AppData\Local\Pokki\Engine\ServiceHostApp.exe" => not found.
EmptyTemp: => 19.2 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 22:53:17 ====

 

And

 

# AdwCleaner v5.036 - Logfile created 23/02/2016 at 23:28:43
# Updated 22/02/2016 by Xplode
# Database : 2016-02-22.2 [Server]
# Operating system : Windows 8.1  (x64)
# Username : MIIKATEE-PC - MIIKATEE
# Running from : C:\Users\MIIKATEE-PC\Downloads\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1598 bytes] - [07/02/2016 21:32:51]
C:\AdwCleaner\AdwCleaner[R0].txt - [1634 bytes] - [07/01/2016 23:53:10]
C:\AdwCleaner\AdwCleaner[R1].txt - [1466 bytes] - [15/02/2016 00:18:14]
C:\AdwCleaner\AdwCleaner[R2].txt - [1526 bytes] - [15/02/2016 00:29:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [1558 bytes] - [07/01/2016 23:53:39]
C:\AdwCleaner\AdwCleaner[S1].txt - [2904 bytes] - [07/02/2016 21:29:21]
C:\AdwCleaner\AdwCleaner[S10].txt - [650 bytes] - [16/02/2016 20:15:04]
C:\AdwCleaner\AdwCleaner[S11].txt - [649 bytes] - [16/02/2016 20:25:15]
C:\AdwCleaner\AdwCleaner[S12].txt - [650 bytes] - [19/02/2016 23:31:08]
C:\AdwCleaner\AdwCleaner[S13].txt - [650 bytes] - [21/02/2016 22:15:22]
C:\AdwCleaner\AdwCleaner[S14].txt - [650 bytes] - [21/02/2016 22:27:23]
C:\AdwCleaner\AdwCleaner[S15].txt - [650 bytes] - [22/02/2016 23:20:56]
C:\AdwCleaner\AdwCleaner[S16].txt - [2209 bytes] - [22/02/2016 23:23:18]
C:\AdwCleaner\AdwCleaner[S17].txt - [2283 bytes] - [22/02/2016 23:23:56]
C:\AdwCleaner\AdwCleaner[S18].txt - [2357 bytes] - [22/02/2016 23:24:44]
C:\AdwCleaner\AdwCleaner[S19].txt - [1700 bytes] - [23/02/2016 23:28:43]
C:\AdwCleaner\AdwCleaner[S2].txt - [1861 bytes] - [14/02/2016 22:39:57]
C:\AdwCleaner\AdwCleaner[S3].txt - [649 bytes] - [14/02/2016 22:44:12]
C:\AdwCleaner\AdwCleaner[S4].txt - [649 bytes] - [14/02/2016 22:45:28]
C:\AdwCleaner\AdwCleaner[S5].txt - [649 bytes] - [14/02/2016 23:08:46]
C:\AdwCleaner\AdwCleaner[S6].txt - [649 bytes] - [14/02/2016 23:17:52]
C:\AdwCleaner\AdwCleaner[S7].txt - [649 bytes] - [15/02/2016 00:04:05]
C:\AdwCleaner\AdwCleaner[S8].txt - [649 bytes] - [15/02/2016 00:05:03]
C:\AdwCleaner\AdwCleaner[S9].txt - [649 bytes] - [16/02/2016 19:13:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S19].txt - [2351 bytes] ##########



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:28 AM

Posted 24 February 2016 - 08:20 AM

How is the computer running now?

#7 BadBrain9

BadBrain9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 24 February 2016 - 03:03 PM

How is the computer running now?

 

It seems like that might have worked. The annoying dsound.dll disappeared.

 

Thank you a lot for the help.



#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:28 AM

Posted 24 February 2016 - 03:36 PM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:28 AM

Posted 01 March 2016 - 09:54 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users