API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 28th, 2015
428
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 45.85 KB | None | 0 0
raw download clone embed print report
  1. http://pastebin.com/cWp4EfdmAdditional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015 01
  2. Ran by Sheree at 2015-05-28 21:09:32
  3. Running from C:\Users\Sheree\Desktop
  4. Boot Mode: Normal
  5. ==========================================================
  6.  
  7.  
  8. ==================== Accounts: =============================
  9.  
  10. Administrator (S-1-5-21-3580520283-4175938777-2474284413-500 - Administrator - Disabled)
  11. Guest (S-1-5-21-3580520283-4175938777-2474284413-501 - Limited - Disabled)
  12. HomeGroupUser$ (S-1-5-21-3580520283-4175938777-2474284413-1003 - Limited - Enabled)
  13. Sheree (S-1-5-21-3580520283-4175938777-2474284413-1001 - Administrator - Enabled) => C:\Users\Sheree
  14.  
  15. ==================== Security Center ========================
  16.  
  17. (If an entry is included in the fixlist, it will be removed.)
  18.  
  19. AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  20. AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  21.  
  22. ==================== Installed Programs ======================
  23.  
  24. (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  25.  
  26. abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.07.2004 - Acer Incorporated)
  27. abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
  28. abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
  29. abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.08.2003.3 - Acer Incorporated)
  30. abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.03.2004.4 - Acer Incorporated)
  31. Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3012 - Acer Incorporated)
  32. Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
  33. Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8108 - Acer Incorporated)
  34. Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
  35. Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
  36. Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
  37. Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
  38. Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
  39. Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
  40. Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
  41. AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.07.2004.0 - Acer Incorporated)
  42. AutoIt v3.3.12.0 (HKLM-x32\...\AutoItv3) (Version: 3.3.12.0 - AutoIt Team)
  43. CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
  44. Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
  45. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
  46. Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
  47. Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
  48. Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
  49. Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
  50. HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
  51. Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
  52. Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
  53. Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
  54. Intel(R) Technology Access (HKLM-x32\...\{efc54997-dfa9-44b1-afac-3a7ac4f45730}) (Version: 1.3.6.1042 - Intel Corporation)
  55. Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
  56. Intel(R) Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation)
  57. Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
  58. Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
  59. Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4701.1002 - Microsoft Corporation)
  60. Microsoft OneDrive (HKU\S-1-5-21-3580520283-4175938777-2474284413-1001\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
  61. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
  62. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
  63. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
  64. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
  65. Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
  66. Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
  67. Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
  68. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
  69. Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
  70. Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
  71. Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
  72. Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
  73. OpenVPN 2.3.6-I603 (HKLM\...\OpenVPN) (Version: 2.3.6-I603 - )
  74. Pokki (HKU\S-1-5-21-3580520283-4175938777-2474284413-1001\...\Pokki) (Version: 0.269.7.652 - Pokki)
  75. Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
  76. Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
  77. Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
  78. Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
  79. ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
  80. Sandboxie 4.16 (64-bit) (HKLM\...\Sandboxie) (Version: 4.16 - Sandboxie Holdings, LLC)
  81. Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
  82. Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.4.2684.1 - Hi-Rez Studios)
  83. SpyShelter Premium 9.9.1 (HKLM\...\SpyShelter_is1) (Version: 9.9.1 - Datpol)
  84. Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
  85. TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
  86. Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
  87. TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
  88. WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
  89.  
  90. ==================== Custom CLSID (Whitelisted): ==========================
  91.  
  92. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  93.  
  94. CustomCLSID: HKU\S-1-5-21-3580520283-4175938777-2474284413-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sheree\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
  95. CustomCLSID: HKU\S-1-5-21-3580520283-4175938777-2474284413-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Sheree\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
  96. CustomCLSID: HKU\S-1-5-21-3580520283-4175938777-2474284413-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
  97. CustomCLSID: HKU\S-1-5-21-3580520283-4175938777-2474284413-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Sheree\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
  98. CustomCLSID: HKU\S-1-5-21-3580520283-4175938777-2474284413-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Sheree\AppData\Local\Roblox\Versions\version-465ca0bcd6b344c3\RobloxProxy64.dll (ROBLOX Corporation)
  99. CustomCLSID: HKU\S-1-5-21-3580520283-4175938777-2474284413-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sheree\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
  100. CustomCLSID: HKU\S-1-5-21-3580520283-4175938777-2474284413-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Sheree\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)
  101.  
  102. ==================== Restore Points =========================
  103.  
  104. 11-04-2015 00:51:33 Removed Minecraft
  105. 12-04-2015 19:37:07 Installed Hi-Rez Studios Games
  106. 17-04-2015 22:49:47 Installed DirectX
  107. 23-04-2015 17:28:32 Windows Update
  108. 28-04-2015 18:53:49 Windows Update
  109. 24-05-2015 18:02:32 Windows Update
  110.  
  111. ==================== Hosts content: ==========================
  112.  
  113. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  114.  
  115. 2013-08-22 09:25 - 2015-05-16 15:02 - 00000253 ____A C:\Windows\system32\Drivers\etc\hosts
  116. 127.0.0.1 www.virustotal.com
  117. 127.0.0.1 jotti.org
  118. 127.0.0.1 viruschef.com
  119. 127.0.0.1 novirusthanks.org
  120. 127.0.0.1 donotdistribute.com
  121. 127.0.0.1 nodistribute.com
  122. 127.0.0.1 www.metascan-online.com
  123. 127.0.0.1 virusscan.jotti.org
  124. 127.0.0.1 r.virscan.org
  125.  
  126.  
  127. ==================== Scheduled Tasks (Whitelisted) =============
  128.  
  129. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  130.  
  131. Task: {06082508-4F91-49EC-AF1F-0729BDBD6A40} - System32\Tasks\keepup => C:\Users\Sheree\AppData\Roaming\jellylam\rinti.exe
  132. Task: {0808B16F-6489-42FC-BCDD-15510DC5F05B} - System32\Tasks\WF => C:\Users\Sheree\AppData\Roaming\WF.exe <==== ATTENTION
  133. Task: {08C8B34A-407B-43B3-A425-31555706FEB5} - System32\Tasks\Convertor => C:\Users\Sheree\AppData\Roaming\Convertor\Convertor.exe [2015-01-29] ()
  134. Task: {0ACE1474-EA51-4F51-B9EA-B948A5C36A67} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
  135. Task: {11D3739C-6CA5-49FA-B949-FD064F41482D} - System32\Tasks\LIDOF => C:\Users\Sheree\AppData\Roaming\LIDOF.exe <==== ATTENTION
  136. Task: {1EBFEF83-4060-499F-9898-BE2D4FC07017} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
  137. Task: {26884E6A-C16B-433D-980D-5F7F1248FB33} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
  138. Task: {2911202A-A833-490A-B6DD-C6D0D2240DEA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
  139. Task: {2E79E1B6-55A1-495B-B327-F7E58324CD1A} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-07-28] (Acer Incorporate)
  140. Task: {3147F9E3-E494-42EA-B122-5C07038B167D} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
  141. Task: {3625509C-4CF5-4F35-BE56-D11845E8BEE8} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
  142. Task: {3BFB0428-E378-4CE0-A806-B1DA14EA2153} - System32\Tasks\{937CEC44-9BE5-4C8D-89C3-EA1DC20258C7} => pcalua.exe -a C:\Users\Sheree\AppData\Local\Roblox\Versions\version-f4fa73127aa54242\RobloxPlayerLauncher.exe -c -uninstall
  143. Task: {3CB416A3-D490-4A49-9EC5-CA9371075DE5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
  144. Task: {46477C78-CBD3-49E9-BF45-71651BC292B0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
  145. Task: {4780BE69-FCFF-4142-93C7-B263EFC0CB79} - System32\Tasks\Image_laptop.scr => C:\Users\Sheree\Desktop\Image_laptop.scr
  146. Task: {4C2FDBE8-5F9E-4DDE-B4CD-0CEDFD90566D} - System32\Tasks\WinKit => C:\Users\Sheree\AppData\Roaming\WinKit\Updater.exe
  147. Task: {4E0BEC7B-5C72-450A-A782-C02516DC3B6C} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
  148. Task: {4E173FE4-5036-444C-802A-80D234656FA0} - System32\Tasks\{0165D374-1E04-4FC9-B327-5EC0BA3360C2} => pcalua.exe -a "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" -c --lang=enUS --uid=wow_enus --displayname="World of Warcraft"
  149. Task: {5DFE696B-3CB9-43CE-A999-85D3E0D0D2B1} - System32\Tasks\{9BF32ED7-F813-449D-AA8C-5CABB921E0A6} => pcalua.exe -a "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
  150. Task: {61042EAD-5746-487E-AE0F-CD058B002605} - System32\Tasks\{2E629047-26E1-4026-80C0-7B442807979F} => pcalua.exe -a C:\Users\Sheree\AppData\Local\Roblox\Versions\version-708f91f0ad924d5c\RobloxPlayerLauncher.exe -c -uninstall
  151. Task: {638122E9-9BCE-4C9C-B0B2-A8F00F221175} - System32\Tasks\DriverMgr => C:\Users\Sheree\AppData\Roaming\jellylam\rinti.exe
  152. Task: {6A366A50-13D3-4D4B-93B4-62E190E6DC20} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
  153. Task: {6B2EC7AE-CF20-4887-809E-8B00CA91B720} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
  154. Task: {783E6D4C-2A68-436F-BE43-5063587DD6D0} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
  155. Task: {7D968D2D-CED8-4194-BDBF-4F7ADF3111FA} - System32\Tasks\Winsta Update => C:\Users\Sheree\AppData\Roaming\Winsta\Winsta.exe
  156. Task: {80DD0FE4-A22B-4702-A3B2-1611D3881952} - System32\Tasks\FKRMVN => C:\Users\Sheree\AppData\Roaming\FKRMVN.exe <==== ATTENTION
  157. Task: {8CC6BDF8-E6E2-4D81-BFFD-C0633975F3E2} - System32\Tasks\WDNSJ => C:\Users\Sheree\AppData\Roaming\WDNSJ.exe <==== ATTENTION
  158. Task: {93C8C1B2-DD5A-4FB2-8A45-1AE1A25DE566} - System32\Tasks\GKSWKV => C:\Users\Sheree\AppData\Roaming\GKSWKV.exe <==== ATTENTION
  159. Task: {97413B5C-77EF-440D-A9EA-8B1379810CE3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-24] (Microsoft Corporation)
  160. Task: {9A1879BE-9CC0-49A9-8601-521AE3B664AC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-03-27] (Microsoft Corporation)
  161. Task: {A3E9B703-D2D0-4DBE-ABA9-DCA475E21857} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
  162. Task: {B3EEF208-5F6F-4E4D-8887-EF8756C2F83C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-29] (Google Inc.)
  163. Task: {BCB2A433-12DA-4650-923A-EB06CAB95482} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3580520283-4175938777-2474284413-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
  164. Task: {BCC52C93-747C-4B96-9031-B122271D1F92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-29] (Google Inc.)
  165. Task: {C27DD2CB-CA9B-4523-9856-D5728CCDC0FF} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
  166. Task: {C2F2B4F9-844F-4F4C-9208-12B568AA9820} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
  167. Task: {C670C4B7-5516-4AA8-A7E7-00B0A40BC18D} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION
  168. Task: {CA8D159E-7F1F-4B79-BDDB-D7215BF8EE42} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
  169. Task: {CCBA6535-CFF6-4D5A-B6A1-698AFFA074B5} - System32\Tasks\Image_5_(1).scr => C:\Users\Sheree\AppData\Roaming\Skype\My
  170. Task: {CEEA6D20-F55F-4903-91BC-A239F815E002} - System32\Tasks\QR => C:\Users\Sheree\AppData\Roaming\QR.exe <==== ATTENTION
  171. Task: {D3532869-3A5D-4A1D-A6B0-4A8957718A9F} - System32\Tasks\Image_5 Laptop.scr => C:\Users\Sheree\AppData\Roaming\Skype\My
  172. Task: {D385DB6D-8D0B-4A5A-BD35-DEE2CD77C77E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
  173. Task: {DE6782E5-DD10-4DF1-9633-2D36D0B86186} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\MpCmdRun.exe
  174. Task: {E121E8CE-D695-472B-B041-757A7B4BD146} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
  175. Task: {FF35FEFB-BA87-4CED-9FD0-D61542E2DE5A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PUP-Sheree pup => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-03-27] (Microsoft Corporation)
  176. Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  177. Task: C:\Windows\Tasks\Bidaily Synchronize Task.job => C:\ProgramData\{7133e964-eee3-8fe8-7133-3e964eeea593}\XC Crypter Advanced.rar.exe <==== ATTENTION
  178. Task: C:\Windows\Tasks\FKRMVN.job => C:\Users\Sheree\AppData\Roaming\FKRMVN.exe <==== ATTENTION
  179. Task: C:\Windows\Tasks\GKSWKV.job => C:\Users\Sheree\AppData\Roaming\GKSWKV.exe <==== ATTENTION
  180. Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  181. Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d082bf17f75597.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  182. Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08de9efb57076.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  183. Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3580520283-4175938777-2474284413-1001Core.job => C:\Users\Sheree\AppData\Local\Google\Update\GoogleUpdate.exe
  184. Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3580520283-4175938777-2474284413-1001Core1d082cbce8272aa.job => C:\Users\Sheree\AppData\Local\Google\Update\GoogleUpdate.exe
  185. Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3580520283-4175938777-2474284413-1001Core1d096971fc3bac7.job => C:\Users\Sheree\AppData\Local\Google\Update\GoogleUpdate.exe
  186. Task: C:\Windows\Tasks\LIDOF.job => C:\Users\Sheree\AppData\Roaming\LIDOF.exe <==== ATTENTION
  187. Task: C:\Windows\Tasks\QR.job => C:\Users\Sheree\AppData\Roaming\QR.exe <==== ATTENTION
  188. Task: C:\Windows\Tasks\WDNSJ.job => C:\Users\Sheree\AppData\Roaming\WDNSJ.exe <==== ATTENTION
  189. Task: C:\Windows\Tasks\WF.job => C:\Users\Sheree\AppData\Roaming\WF.exe <==== ATTENTION
  190.  
  191. ==================== Loaded Modules (Whitelisted) ==============
  192.  
  193. 2015-03-26 21:15 - 2015-03-27 05:11 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
  194. 2015-03-26 21:14 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
  195. 2015-03-17 13:43 - 2015-03-17 13:43 - 00087552 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
  196. 2015-02-08 12:20 - 2015-02-08 12:20 - 01793248 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
  197. 2015-03-17 14:15 - 2015-03-17 14:15 - 00355040 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
  198. 2015-04-27 21:35 - 2015-04-27 21:35 - 00374272 _____ () C:\Users\Sheree\AppData\Local\Temp\123.EXE
  199. 2014-04-29 22:17 - 2014-04-29 22:17 - 00305008 _____ () C:\ProgramData\{7133e964-eee3-8fe8-7133-3e964eeea593}\XC Crypter Advanced.rar.exe
  200. 2015-04-27 20:33 - 2015-04-16 11:39 - 02413056 _____ () C:\Users\Sheree\AppData\Roaming\SysManager.exe
  201. 2015-05-08 01:35 - 2015-05-08 01:35 - 02291200 _____ () C:\Users\Sheree\Desktop\HawkeyeKeylogger.exe
  202. 2015-04-29 19:05 - 2015-04-29 18:41 - 00118784 _____ () C:\Program Files (x86)\PCI Monitor\pcimon.exe
  203. 2015-05-06 16:14 - 2015-05-06 16:14 - 00092928 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
  204. 2015-05-06 16:14 - 2015-05-06 16:14 - 00090368 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
  205. 2015-05-28 20:40 - 2015-05-28 20:40 - 01106512 _____ () C:\Program Files (x86)\Google\Update\Install\{F5F7C8F3-001A-49A1-9B3D-E28B109819F0}\43.0.2357.81_43.0.2357.65_chrome_updater.exe
  206. 2015-03-24 17:28 - 2015-04-16 13:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
  207. 2015-03-24 17:28 - 2015-04-22 22:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
  208. 2015-03-24 17:28 - 2015-05-14 21:58 - 02396352 _____ () C:\Program Files (x86)\Steam\video.dll
  209. 2015-03-24 17:28 - 2015-04-22 22:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
  210. 2015-03-24 17:28 - 2015-04-22 22:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
  211. 2015-03-24 17:28 - 2014-12-01 17:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
  212. 2015-03-24 17:28 - 2014-12-01 17:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
  213. 2015-03-24 17:28 - 2014-12-01 17:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
  214. 2015-03-24 17:28 - 2014-12-01 17:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
  215. 2015-03-24 17:28 - 2014-12-01 17:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
  216. 2015-03-24 17:28 - 2015-05-14 21:57 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
  217. 2015-05-13 21:53 - 2015-05-13 21:53 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
  218. 2015-05-06 10:08 - 2015-05-06 10:08 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
  219. 2015-05-08 10:41 - 2015-05-08 10:41 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
  220. 2015-05-08 10:41 - 2015-05-08 10:41 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
  221. 2015-05-08 10:41 - 2015-05-08 10:41 - 00641792 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
  222. 2015-05-08 10:41 - 2015-05-08 10:41 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
  223. 2015-05-06 10:06 - 2015-05-06 10:06 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
  224. 2015-05-06 16:15 - 2015-05-06 16:15 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
  225. 2015-03-24 17:28 - 2015-05-11 15:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
  226. 2015-03-26 21:14 - 2015-03-27 05:12 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
  227.  
  228. ==================== Alternate Data Streams (Whitelisted) =========
  229.  
  230. (If an entry is included in the fixlist, only the ADS will be removed.)
  231.  
  232. AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_SBXNV9VVGV1BFLVHNF1HJ2B3MFLBJTV1KBXV36JFSPF7VB4VP4GV
  233. AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_SBXNV9VVGV1BFLVHNF1HJ2B3MFLBJTV1KBXV36JFSPF7VB4VP4GV
  234. AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_SBXNV9VVGV1BFLVHNF1HJ2B3MFLBJTV1KBXV36JFSPF7VB4VP4GV
  235. AlternateDataStreams: C:\Users\Sheree\OneDrive:ms-properties
  236.  
  237. ==================== Safe Mode (Whitelisted) ===================
  238.  
  239. (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
  240.  
  241. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
  242. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
  243. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
  244.  
  245. ==================== EXE Association (Whitelisted) ===============
  246.  
  247. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  248.  
  249.  
  250. ==================== Internet Explorer trusted/restricted ===============
  251.  
  252. (If an entry is included in the fixlist, it will be removed from the registry.)
  253.  
  254.  
  255. ==================== Other Areas ============================
  256.  
  257. (Currently there is no automatic fix for this section.)
  258.  
  259. HKU\S-1-5-21-3580520283-4175938777-2474284413-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sheree\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img4.jpg
  260. DNS Servers: 192.168.1.1
  261.  
  262. ==================== MSCONFIG/TASK MANAGER disabled items ==
  263.  
  264. (Currently there is no automatic fix for this section.)
  265.  
  266. HKU\S-1-5-21-3580520283-4175938777-2474284413-1001\...\StartupApproved\StartupFolder: => "NanoCore-1.0.3.0.zip.lnk"
  267. HKU\S-1-5-21-3580520283-4175938777-2474284413-1001\...\StartupApproved\StartupFolder: => "b800f9829abc3ed4745ce3c4c0b38478.exe"
  268. HKU\S-1-5-21-3580520283-4175938777-2474284413-1001\...\StartupApproved\Run: => "HKCU"
  269. HKU\S-1-5-21-3580520283-4175938777-2474284413-1001\...\StartupApproved\Run: => "MicroUpdate"
  270. HKU\S-1-5-21-3580520283-4175938777-2474284413-1001\...\StartupApproved\Run: => "b800f9829abc3ed4745ce3c4c0b38478"
  271.  
  272. ==================== FirewallRules (Whitelisted) ===============
  273.  
  274. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  275.  
  276. FirewallRules: [TCP Query User{417CCA12-12BC-41F1-887C-AC5491CE0563}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
  277. FirewallRules: [UDP Query User{B74ABA0A-6D35-4893-9A45-C3194A6EADCF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
  278. FirewallRules: [TCP Query User{67D3EE98-79D6-4AC0-B85A-A21FBBF03140}C:\users\sheree\desktop\njrat\njrat v0.7d.exe] => (Allow) C:\users\sheree\desktop\njrat\njrat v0.7d.exe
  279. FirewallRules: [UDP Query User{D436BC88-6DFB-4949-920A-6A61ED56F7C6}C:\users\sheree\desktop\njrat\njrat v0.7d.exe] => (Allow) C:\users\sheree\desktop\njrat\njrat v0.7d.exe
  280. FirewallRules: [{60DC19F5-D64D-40DE-8C75-B86A1B3BACEA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
  281. FirewallRules: [{85305FF2-68BF-42A0-B7A3-53B7DFF53BD9}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
  282. FirewallRules: [{DBD8F9D6-067D-49F1-96CE-CF1996307AA1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
  283. FirewallRules: [{0D71FA77-D4E6-46BA-83D8-C24E46C13037}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
  284. FirewallRules: [{1A560793-0F9B-4E56-A63B-BAB1C7DB7480}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
  285. FirewallRules: [{6BF3A114-2051-4CCC-8544-B17CC0027481}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
  286. FirewallRules: [{4577AC1A-9DE2-452D-9617-7F1E0A5C29B8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
  287. FirewallRules: [{A32324B7-AE47-4A5B-8251-A562C8135BA2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
  288. FirewallRules: [{F5D8B121-B796-45ED-BABE-207919AEEA8F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
  289. FirewallRules: [{30B3D242-F24C-4461-A55B-D8CCE31953F5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
  290. FirewallRules: [{7CC932C5-A1DB-4A64-8D7C-5729164F0BA1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
  291. FirewallRules: [{951964ED-68A4-45CC-9A87-614B940C6397}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
  292. FirewallRules: [{CD952CE5-7ADB-4AA7-AA4B-6E1330897C31}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
  293. FirewallRules: [{0EA3ABBC-B349-451C-A3D9-8E948D9811B7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
  294. FirewallRules: [{ABAB056D-0F3E-47FD-8A47-79DF44F4CAC2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
  295. FirewallRules: [{86252470-69D6-4002-93F4-C44865B72D60}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
  296. FirewallRules: [{D72FE137-B317-40AB-9803-18FA8A08EB1F}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
  297. FirewallRules: [{E4B43F24-630F-45F3-8902-B992702546E0}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
  298. FirewallRules: [{4C09FB7F-2A4A-4662-BD9E-B3F6DEDCAE9A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
  299. FirewallRules: [{3630468E-D27B-4F41-8C47-9F48FCCCD3D5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
  300. FirewallRules: [{4E187111-F050-4ABA-8000-38C891C8F539}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
  301. FirewallRules: [{0E9ABE83-7348-463C-8F87-5B23382FE187}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
  302. FirewallRules: [{88F5315A-8BD5-4F50-BE40-036E830BB86D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
  303. FirewallRules: [{D829CEDF-B15B-42ED-A77D-1EB2FA14C102}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  304. FirewallRules: [{673511A7-7A3F-40CD-9037-75580F3DE30B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  305. FirewallRules: [{679447A9-ABEE-46A2-BC32-E125F2C2C70E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  306. FirewallRules: [{C92E3980-AB66-4F7B-98B7-8DEFFF842377}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  307. FirewallRules: [{B126C8A5-DF97-4E8D-BA2A-EA2A0E6CAF88}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  308. FirewallRules: [{0367578F-2084-4846-83CB-D0BB6B1BC2A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  309. FirewallRules: [{BC4EB672-353C-4C57-926F-5F6477A2C199}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  310. FirewallRules: [{FC005850-78BA-49D0-83B0-421F84FB943D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  311. FirewallRules: [{71573D4A-289C-4C76-A1C5-0DF646D7128F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
  312. FirewallRules: [{54B8098B-606B-4886-8CF7-42F22D081B57}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
  313. FirewallRules: [{B96F78FE-BDFD-464C-8297-0CDA1D01201A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
  314. FirewallRules: [{28604683-0A70-45C7-9B13-6F79EE1EDC7F}] => (Allow) C:\Users\Sheree\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
  315. FirewallRules: [{C0EF3895-F8A3-487F-BB79-6220BAFA5A00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
  316. FirewallRules: [{5D093D46-90BA-4950-8D7A-5A9F5A943971}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
  317. FirewallRules: [{9FAD3288-895E-445C-989F-5B59EACF7371}] => (Allow) C:\Users\Sheree\AppData\Roaming\OAS\oas.exe
  318. FirewallRules: [{BE305173-318C-464A-AED6-56D5C4D88F7B}] => (Allow) C:\Users\Sheree\AppData\Roaming\OAS\oasupd.exe
  319. FirewallRules: [{79412DC9-A523-4586-A8E3-C77A044CBA1E}] => (Allow) C:\Users\Sheree\AppData\Roaming\Dropbox\bin\Dropbox.exe
  320. FirewallRules: [{47188678-D055-44D0-AC0B-51D99AE1E63D}] => (Allow) C:\Users\Sheree\AppData\Roaming\Dropbox\bin\Dropbox.exe
  321. FirewallRules: [{1CF5E24B-AC94-4A63-A298-3B665DA507B2}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\2094755552.exe
  322. FirewallRules: [{99A556A6-1BE9-40F8-92C5-4BB11E8C1802}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\2094755552.exe
  323. FirewallRules: [{4104F9F3-D78D-4509-979A-09BD78BADF7B}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1993887748.exe
  324. FirewallRules: [{87DDF2B2-A27A-4464-B02A-71FA40A3712F}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1993887748.exe
  325. FirewallRules: [{B329DFBC-5981-49ED-9C9F-7A0B2E0CA20A}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1993887748.exe
  326. FirewallRules: [{43DAEC2D-02D6-4583-AF64-44D6CF5AB7B7}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1993887748.exe
  327. FirewallRules: [{0A5BBB75-5C77-4F0D-A6CA-58E8327BEE81}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  328. FirewallRules: [{2D6C2A0A-512B-41A0-86B1-6AD4A5D4E931}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  329. FirewallRules: [{5935779C-98D0-4D35-918D-C22E43FD3A91}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  330. FirewallRules: [{C6C89571-0DA8-46DB-A7DB-A29E77EEB3AD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  331. FirewallRules: [{7D2032AB-163E-4864-BB52-82DA630CC922}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-1582294897.exe
  332. FirewallRules: [{84D943E2-F352-41E4-9C4A-F403FC6BC006}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-1582294897.exe
  333. FirewallRules: [{CA055605-96BD-4F51-8EED-EA086A3D9BDA}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-404618927.exe
  334. FirewallRules: [{FA148FB2-8FA0-4FA0-A779-4D5FB3E13119}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-404618927.exe
  335. FirewallRules: [{3EC79CFB-04B8-439C-BA64-8C8D55458C73}] => (Allow) C:\Users\Sheree\Desktop\Tf2 Item Hack.exe
  336. FirewallRules: [{E2EDFCD1-AB90-4CB0-826E-0AEB082989FD}] => (Allow) C:\Users\Sheree\Desktop\Tf2 Item Hack.exe
  337. FirewallRules: [{DB467574-35D2-44FF-A08F-8A7F6E6F16A5}] => (Allow) C:\Users\Sheree\Desktop\Server.exe
  338. FirewallRules: [{77DB324E-E275-4DF8-B384-D38EE759CFEB}] => (Allow) C:\Users\Sheree\Desktop\Server.exe
  339. FirewallRules: [{2CBC5806-CECD-461B-9BB6-6DCDBA717ADE}] => (Allow) C:\Users\Sheree\Desktop\Server.exe
  340. FirewallRules: [{557A622D-938F-408F-9B6A-1682A22F275F}] => (Allow) C:\Users\Sheree\Desktop\Server.exe
  341. FirewallRules: [{DB02E5F9-974F-403A-9256-DEA001E67345}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1626822576.exe
  342. FirewallRules: [{891B5A3B-EF2E-45C6-A4FD-14C61CDA25E8}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1626822576.exe
  343. FirewallRules: [{7909798D-D698-42DA-B283-83EB097D2374}] => (Allow) C:\Users\Sheree\Desktop\test.exe
  344. FirewallRules: [{67BABBB3-5F57-4AF2-BE4D-D42EC3540F04}] => (Allow) C:\Users\Sheree\Desktop\test.exe
  345. FirewallRules: [{772874E5-B465-4524-A6D5-C2A6C3AD2D3D}] => (Allow) C:\Users\Sheree\Desktop\test.exe
  346. FirewallRules: [{847EF5AA-F4B8-4824-A97C-AC6FB458BFB1}] => (Allow) C:\Users\Sheree\Desktop\test.exe
  347. FirewallRules: [{45BB36E2-BDE0-4C1E-9DF9-7467C8E4B2C0}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1155680997.exe
  348. FirewallRules: [{66B93C67-7D57-4B73-9D9C-59B737FA2EB7}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1155680997.exe
  349. FirewallRules: [{AB7461F8-FF3F-4755-9E00-6E59CAEAB9EA}] => (Allow) C:\Users\Sheree\Desktop\Five nights at amy.exe
  350. FirewallRules: [{165A5CF4-3E1D-455E-BD77-943EDBCB5BE1}] => (Allow) C:\Users\Sheree\Desktop\Five nights at amy.exe
  351. FirewallRules: [{885DC03B-7DAD-4E7B-A80B-7BC6B945BC66}] => (Allow) C:\Users\Sheree\Desktop\Five nights at amy.exe
  352. FirewallRules: [{01629A54-A1BA-49D6-A73D-74323D2B1342}] => (Allow) C:\Users\Sheree\Desktop\Five nights at amy.exe
  353. FirewallRules: [{9D3880FF-27C5-4C17-8622-59C8BB729AD9}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-933937378.exe
  354. FirewallRules: [{4BF35C4D-FE62-4A13-AAE7-078934EB11C1}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-933937378.exe
  355. FirewallRules: [{B148AFAD-EACE-4AD6-92B2-F374C6AA32B2}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-933937378.exe
  356. FirewallRules: [{7970371E-6615-449A-85EC-E73782EF6723}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-933937378.exe
  357. FirewallRules: [{BBF274C5-A8ED-477E-AC8E-81719093C995}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1424025731.exe
  358. FirewallRules: [{B87D216A-7929-4658-890B-67C27F57A869}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1424025731.exe
  359. FirewallRules: [{1B6529DF-37EA-4D37-876A-CB8C2C4985C0}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1424025731.exe
  360. FirewallRules: [{ECD1B0D2-F9E5-4D9F-8EF0-64C07DC02BD1}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1424025731.exe
  361. FirewallRules: [{B4437366-8AE9-4D0D-9A96-E86BFA7578E8}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\452460884.exe
  362. FirewallRules: [{179898D7-1CFC-4420-B005-92FF56175046}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\452460884.exe
  363. FirewallRules: [{63353588-1FEA-4968-A6A2-AD230CF14448}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-166908241.exe
  364. FirewallRules: [{035414BE-2CD1-49B9-BD79-7D70A7A6611F}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-166908241.exe
  365. FirewallRules: [{883D8C09-5093-4690-99EC-DFD7631C1263}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\350944497.exe
  366. FirewallRules: [{5324B2FE-166E-439D-B3A1-4C360F8C23CB}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\350944497.exe
  367. FirewallRules: [{3CC96B2E-7C88-4F01-B9F4-D70BA29C57FF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
  368. FirewallRules: [{5D976D82-F352-4D24-80D2-3FED48E175B9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
  369. FirewallRules: [{C7862267-00E5-4B83-8ECA-A4942B3B6270}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
  370. FirewallRules: [{E429966E-B1D3-4572-A905-B163AA639D9F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
  371. FirewallRules: [{7B1ECC73-38AD-4D0A-A170-2C243AB30435}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
  372. FirewallRules: [{3243A1F0-6505-41B0-BEDA-5E03A245F0A9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
  373. FirewallRules: [{B98DC179-1AF2-4339-AB36-018E75577EF0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
  374. FirewallRules: [{F2533A4E-BDCE-4496-9E9C-CAB7B25DBA26}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
  375. FirewallRules: [{4DA0706A-E685-4A6D-908E-3D8DA7834DA4}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1932549499.exe
  376. FirewallRules: [{57856A88-DE83-4B36-83D4-D524204926A1}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1932549499.exe
  377. FirewallRules: [{440DF1E6-3291-466F-A351-22813C7BE304}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  378. FirewallRules: [{AD70FA70-347D-4033-BC95-263F92EF1DC1}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-883842932.exe
  379. FirewallRules: [{BAE518D1-80E6-4D7A-A235-2642F5CC15B3}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-883842932.exe
  380. FirewallRules: [{C34A4420-D065-49D7-8DC2-848F27959F48}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-1279299338.exe
  381. FirewallRules: [{7FCC3667-59F3-483D-B570-8F9864375027}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-1279299338.exe
  382. FirewallRules: [{F84F252B-A01B-49D7-81FE-69F7DBB77A67}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-1589427457.exe
  383. FirewallRules: [{40F308B1-8685-4271-99F3-5BCDE33FC871}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\-1589427457.exe
  384. FirewallRules: [{4C14F22C-4C11-4904-B8D9-022618A3CEAC}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1668231012.exe
  385. FirewallRules: [{B0DBC6E0-7521-4A57-93F1-674FCE977EB6}] => (Allow) C:\Users\Sheree\AppData\Local\Temp\1668231012.exe
  386.  
  387. ==================== Faulty Device Manager Devices =============
  388.  
  389.  
  390. ==================== Event log errors: =========================
  391.  
  392. Application errors:
  393. ==================
  394. Error: (05/28/2015 09:10:44 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  395. Description: Failed to schedule Software Protection service for re-start at 2115-05-05T01:10:44Z. Error Code: 0x80040154.
  396.  
  397. Error: (05/28/2015 09:10:14 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  398. Description: Failed to schedule Software Protection service for re-start at 2115-05-05T01:10:14Z. Error Code: 0x80040154.
  399.  
  400. Error: (05/28/2015 09:09:44 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  401. Description: Failed to schedule Software Protection service for re-start at 2115-05-05T01:09:44Z. Error Code: 0x80040154.
  402.  
  403. Error: (05/28/2015 09:09:14 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  404. Description: Failed to schedule Software Protection service for re-start at 2115-05-05T01:09:14Z. Error Code: 0x80040154.
  405.  
  406. Error: (05/28/2015 09:08:44 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  407. Description: Failed to schedule Software Protection service for re-start at 2115-05-05T01:08:44Z. Error Code: 0x80040154.
  408.  
  409. Error: (05/28/2015 09:08:14 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  410. Description: Failed to schedule Software Protection service for re-start at 2115-05-05T01:08:14Z. Error Code: 0x80040154.
  411.  
  412. Error: (05/28/2015 09:07:44 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  413. Description: Failed to schedule Software Protection service for re-start at 2115-05-05T01:07:44Z. Error Code: 0x80040154.
  414.  
  415. Error: (05/28/2015 09:06:34 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  416. Description: Failed to schedule Software Protection service for re-start at 2115-05-05T01:06:34Z. Error Code: 0x80040154.
  417.  
  418. Error: (05/28/2015 09:06:04 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  419. Description: Failed to schedule Software Protection service for re-start at 2115-05-05T01:06:04Z. Error Code: 0x80040154.
  420.  
  421. Error: (05/28/2015 09:05:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  422. Description: Failed to schedule Software Protection service for re-start at 2115-05-05T01:05:33Z. Error Code: 0x80040154.
  423.  
  424.  
  425. System errors:
  426. =============
  427. Error: (05/28/2015 08:37:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
  428. Description: The Sandboxie Service service terminated unexpectedly. It has done this 1 time(s).
  429.  
  430. Error: (05/28/2015 08:37:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
  431. Description: A timeout was reached (30000 milliseconds) while waiting for the BorderlineInstance service to connect.
  432.  
  433. Error: (05/28/2015 08:36:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
  434. Description: The UAC File Virtualization service failed to start due to the following error:
  435. %%1275
  436.  
  437. Error: (05/28/2015 08:36:34 PM) (Source: EventLog) (EventID: 6008) (User: )
  438. Description: The previous system shutdown at 3:32:04 AM on ‎5/‎25/‎2015 was unexpected.
  439.  
  440. Error: (05/25/2015 03:14:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
  441. Description: The Sandboxie Service service terminated unexpectedly. It has done this 1 time(s).
  442.  
  443. Error: (05/24/2015 11:44:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
  444. Description: A timeout was reached (30000 milliseconds) while waiting for the BorderlineInstance service to connect.
  445.  
  446. Error: (05/24/2015 11:44:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
  447. Description: The UAC File Virtualization service failed to start due to the following error:
  448. %%1275
  449.  
  450. Error: (05/24/2015 11:20:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
  451. Description: The Sandboxie Service service terminated unexpectedly. It has done this 1 time(s).
  452.  
  453. Error: (05/24/2015 11:19:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
  454. Description: A timeout was reached (30000 milliseconds) while waiting for the BorderlineInstance service to connect.
  455.  
  456. Error: (05/24/2015 11:18:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
  457. Description: The UAC File Virtualization service failed to start due to the following error:
  458. %%1275
  459.  
  460.  
  461. Microsoft Office:
  462. =========================
  463. Error: (05/28/2015 09:11:14 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  464. Description: 0x800401542115-05-05T01:11:14Z
  465.  
  466. Error: (05/28/2015 09:10:44 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  467. Description: 0x800401542115-05-05T01:10:44Z
  468.  
  469. Error: (05/28/2015 09:10:14 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  470. Description: 0x800401542115-05-05T01:10:14Z
  471.  
  472. Error: (05/28/2015 09:09:44 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  473. Description: 0x800401542115-05-05T01:09:44Z
  474.  
  475. Error: (05/28/2015 09:09:14 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  476. Description: 0x800401542115-05-05T01:09:14Z
  477.  
  478. Error: (05/28/2015 09:08:44 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  479. Description: 0x800401542115-05-05T01:08:44Z
  480.  
  481. Error: (05/28/2015 09:08:14 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  482. Description: 0x800401542115-05-05T01:08:14Z
  483.  
  484. Error: (05/28/2015 09:07:44 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  485. Description: 0x800401542115-05-05T01:07:44Z
  486.  
  487. Error: (05/28/2015 09:06:34 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  488. Description: 0x800401542115-05-05T01:06:34Z
  489.  
  490. Error: (05/28/2015 09:06:04 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
  491. Description: 0x800401542115-05-05T01:06:04Z
  492.  
  493.  
  494. ==================== Memory info ===========================
  495.  
  496. Processor: Intel(R) Celeron(R) CPU N2920 @ 1.86GHz
  497. Percentage of memory in use: 55%
  498. Total physical RAM: 3977.98 MB
  499. Available physical RAM: 1784.05 MB
  500. Total Pagefile: 5385.98 MB
  501. Available Pagefile: 2923.82 MB
  502. Total Virtual: 131072 MB
  503. Available Virtual: 131071.85 MB
  504.  
  505. ==================== Drives ================================
  506.  
  507. Drive c: (Acer) (Fixed) (Total:450.64 GB) (Free:352.24 GB) NTFS
  508.  
  509. ==================== MBR & Partition Table ==================
  510.  
  511. ========================================================
  512. Disk: 0 (Size: 465.8 GB) (Disk ID: 6EBF5470)
  513.  
  514. Partition: GPT Partition Type.
  515.  
  516. ==================== End of log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!