Inactive-A Completed all instructions, but still getting adware pop-ups

Status
Not open for further replies.
S









2015-04-22 15:22 - 2014-10-29 02:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RunLegacyCPLElevated.exe
2015-04-22 15:22 - 2014-10-29 02:39 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2015-04-22 15:22 - 2014-10-29 02:38 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoveDeviceElevated.dll
2015-04-22 15:22 - 2014-10-29 02:34 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsui.exe
2015-04-22 15:22 - 2014-10-29 02:32 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2015-04-22 15:22 - 2014-10-29 02:29 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapi.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2015-04-22 15:22 - 2014-10-29 02:28 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprmsg.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\reg.exe
2015-04-22 15:22 - 2014-10-29 02:28 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\icacls.exe
2015-04-22 15:22 - 2014-10-29 02:28 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdhcinst.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\fltLib.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PATHPING.EXE
2015-04-22 15:22 - 2014-10-29 02:28 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\nrpsrv.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2015-04-22 15:22 - 2014-10-29 02:28 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winrssrv.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\whhelper.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBthProxy.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TCPSVCS.EXE
2015-04-22 15:22 - 2014-10-29 02:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msidle.dll
2015-04-22 15:22 - 2014-10-29 02:28 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\backgroundTaskHost.exe
2015-04-22 15:22 - 2014-10-29 02:28 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2015-04-22 15:22 - 2014-10-29 02:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nslookup.exe
2015-04-22 15:22 - 2014-10-29 02:27 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentprf.dll
2015-04-22 15:22 - 2014-10-29 02:27 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\setx.exe
2015-04-22 15:22 - 2014-10-29 02:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecEdit.exe
2015-04-22 15:22 - 2014-10-29 02:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2015-04-22 15:22 - 2014-10-29 02:27 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecerts.dll
2015-04-22 15:22 - 2014-10-29 02:27 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhapi.dll
2015-04-22 15:22 - 2014-10-29 02:27 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2015-04-22 15:22 - 2014-10-29 02:27 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\PING.EXE
2015-04-22 15:22 - 2014-10-29 02:27 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2015-04-22 15:22 - 2014-10-29 02:27 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerClient.dll
2015-04-22 15:22 - 2014-10-29 02:27 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2015-04-22 15:22 - 2014-10-29 02:27 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Register-CimProvider.exe
2015-04-22 15:22 - 2014-10-29 02:27 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2015-04-22 15:22 - 2014-10-29 02:27 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringIeProvider.dll
2015-04-22 15:22 - 2014-10-29 02:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2015-04-22 15:22 - 2014-10-29 02:26 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\pots.dll
2015-04-22 15:22 - 2014-10-29 02:26 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityRtapiPal.dll
2015-04-22 15:22 - 2014-10-29 02:26 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpcsvc.dll
2015-04-22 15:22 - 2014-10-29 02:25 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2015-04-22 15:22 - 2014-10-29 02:25 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsext.dll
2015-04-22 15:22 - 2014-10-29 02:24 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\procinst.dll
2015-04-22 15:22 - 2014-10-29 02:23 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2015-04-22 15:22 - 2014-10-29 02:23 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Background.ps.dll
2015-04-22 15:22 - 2014-10-29 02:22 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskSchdPS.dll
2015-04-22 15:22 - 2014-10-29 02:21 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2015-04-22 15:22 - 2014-10-29 02:21 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipconfig.exe
2015-04-22 15:22 - 2014-10-29 02:21 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2015-04-22 15:22 - 2014-10-29 02:21 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragproxy.dll
2015-04-22 15:22 - 2014-10-29 02:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHostProxy.dll
2015-04-22 15:22 - 2014-10-29 02:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfmifsproxy.dll
2015-04-22 15:22 - 2014-10-29 02:20 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2015-04-22 15:22 - 2014-10-29 02:19 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschapext.dll
2015-04-22 15:22 - 2014-10-29 02:19 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2015-04-22 15:22 - 2014-10-29 02:16 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2015-04-22 15:22 - 2014-10-29 02:14 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\nci.dll
2015-04-22 15:22 - 2014-10-29 02:12 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwaninst.dll
2015-04-22 15:22 - 2014-10-29 02:08 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winrs.exe
2015-04-22 15:22 - 2014-10-29 02:06 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprext.dll
2015-04-22 15:22 - 2014-10-29 02:05 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2015-04-22 15:22 - 2014-10-29 02:05 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprmsg.dll
2015-04-22 15:22 - 2014-10-29 02:05 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unlodctr.exe
2015-04-22 15:22 - 2014-10-29 02:05 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PATHPING.EXE
2015-04-22 15:22 - 2014-10-29 02:05 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TRACERT.EXE
2015-04-22 15:22 - 2014-10-29 02:05 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemEventsBrokerClient.dll
2015-04-22 15:22 - 2014-10-29 02:05 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmsgapi.dll
2015-04-22 15:22 - 2014-10-29 02:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2015-04-22 15:22 - 2014-10-29 02:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\whhelper.dll
2015-04-22 15:22 - 2014-10-29 02:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2015-04-22 15:22 - 2014-10-29 02:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winrssrv.dll
2015-04-22 15:22 - 2014-10-29 02:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBthProxy.dll
2015-04-22 15:22 - 2014-10-29 02:05 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msidle.dll
2015-04-22 15:22 - 2014-10-29 02:05 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2015-04-22 15:22 - 2014-10-29 02:04 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2015-04-22 15:22 - 2014-10-29 02:04 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fltMC.exe
2015-04-22 15:22 - 2014-10-29 02:04 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Register-CimProvider.exe
2015-04-22 15:22 - 2014-10-29 02:04 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpcsvc.dll
2015-04-22 15:22 - 2014-10-29 02:03 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MRINFO.EXE
2015-04-22 15:22 - 2014-10-29 02:03 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityRtapiPal.dll
2015-04-22 15:22 - 2014-10-29 02:02 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2015-04-22 15:22 - 2014-10-29 02:01 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskSchdPS.dll
2015-04-22 15:22 - 2014-10-29 02:01 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vss_ps.dll
2015-04-22 15:22 - 2014-10-29 02:01 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2015-04-22 15:22 - 2014-10-29 02:01 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.ps.dll
2015-04-22 15:22 - 2014-10-29 02:01 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Background.ps.dll
2015-04-22 15:22 - 2014-10-29 02:00 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2015-04-22 15:22 - 2014-10-29 02:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfmifsproxy.dll
2015-04-22 15:22 - 2014-10-29 01:58 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Startupscan.dll
2015-04-22 15:22 - 2014-10-29 01:55 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\CheckNetIsolation.exe
2015-04-22 15:22 - 2014-10-29 01:46 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Startupscan.dll
2015-04-22 15:21 - 2014-10-29 04:54 - 05120000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll
2015-04-22 15:21 - 2014-10-29 04:54 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWWizFwk.dll
2015-04-22 15:21 - 2014-10-29 04:07 - 05120000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll
2015-04-22 15:21 - 2014-10-29 04:07 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWWizFwk.dll
2015-04-22 15:21 - 2014-10-29 03:50 - 02628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-04-22 15:21 - 2014-10-29 03:49 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUxRes.dll
2015-04-22 15:21 - 2014-10-29 03:49 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2015-04-22 15:21 - 2014-10-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Firewall.cpl
2015-04-22 15:21 - 2014-10-29 03:49 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2help.dll
2015-04-22 15:21 - 2014-10-29 03:49 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rnr20.dll
2015-04-22 15:21 - 2014-10-29 03:48 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2015-04-22 15:21 - 2014-10-29 03:48 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ktmw32.dll
2015-04-22 15:21 - 2014-10-29 03:48 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys
2015-04-22 15:21 - 2014-10-29 03:48 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSHTCPIP.DLL
2015-04-22 15:21 - 2014-10-29 03:48 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wship6.dll
2015-04-22 15:21 - 2014-10-29 03:48 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2015-04-22 15:21 - 2014-10-29 03:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Locator.exe
2015-04-22 15:21 - 2014-10-29 03:48 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmi.dll
2015-04-22 15:21 - 2014-10-29 03:47 - 00098304 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2015-04-22 15:21 - 2014-10-29 03:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\qwavedrv.sys
2015-04-22 15:21 - 2014-10-29 03:47 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-04-22 15:21 - 2014-10-29 03:46 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-04-22 15:21 - 2014-10-29 03:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys
2015-04-22 15:21 - 2014-10-29 03:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2015-04-22 15:21 - 2014-10-29 03:46 - 00029696 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbGD.sys
2015-04-22 15:21 - 2014-10-29 03:45 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2015-04-22 15:21 - 2014-10-29 03:45 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-04-22 15:21 - 2014-10-29 03:45 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2015-04-22 15:21 - 2014-10-29 03:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mslldp.sys
2015-04-22 15:21 - 2014-10-29 03:45 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2015-04-22 15:21 - 2014-10-29 03:45 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciseq.dll
2015-04-22 15:21 - 2014-10-29 03:45 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2015-04-22 15:21 - 2014-10-29 03:45 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2015-04-22 15:21 - 2014-10-29 03:45 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2015-04-22 15:21 - 2014-10-29 03:45 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\normaliz.dll
2015-04-22 15:21 - 2014-10-29 03:44 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSchedExe.exe
2015-04-22 15:21 - 2014-10-29 03:44 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\regini.exe
2015-04-22 15:21 - 2014-10-29 03:43 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\hh.exe
2015-04-22 15:21 - 2014-10-29 03:43 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmdkey.exe
2015-04-22 15:21 - 2014-10-29 03:43 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dvdplay.exe
2015-04-22 15:21 - 2014-10-29 03:43 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\help.exe
2015-04-22 15:21 - 2014-10-29 03:43 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\plasrv.exe
2015-04-22 15:21 - 2014-10-29 03:42 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\colorcpl.exe
2015-04-22 15:21 - 2014-10-29 03:42 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cliconfg.exe
2015-04-22 15:21 - 2014-10-29 03:42 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2015-04-22 15:21 - 2014-10-29 03:42 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\TapiUnattend.exe
2015-04-22 15:21 - 2014-10-29 03:42 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomcnfg.exe
2015-04-22 15:21 - 2014-10-29 03:42 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcNs4.dll
2015-04-22 15:21 - 2014-10-29 03:41 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcmsetup.exe
2015-04-22 15:21 - 2014-10-29 03:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrnsave.scr
2015-04-22 15:21 - 2014-10-29 03:41 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2015-04-22 15:21 - 2014-10-29 03:40 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.proxystub.dll
2015-04-22 15:21 - 2014-10-29 03:40 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-04-22 15:21 - 2014-10-29 03:38 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\pstorec.dll
2015-04-22 15:21 - 2014-10-29 03:37 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\secinit.exe
2015-04-22 15:21 - 2014-10-29 03:37 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ctfmon.exe
2015-04-22 15:21 - 2014-10-29 03:35 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\PnPutil.exe
2015-04-22 15:21 - 2014-10-29 03:34 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winver.exe
2015-04-22 15:21 - 2014-10-29 03:34 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2015-04-22 15:21 - 2014-10-29 03:34 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialer.exe
2015-04-22 15:21 - 2014-10-29 03:34 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-04-22 15:21 - 2014-10-29 03:34 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cofire.exe
2015-04-22 15:21 - 2014-10-29 03:34 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2015-04-22 15:21 - 2014-10-29 03:34 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\write.exe
2015-04-22 15:21 - 2014-10-29 03:34 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\write.exe
2015-04-22 15:21 - 2014-10-29 03:34 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\systray.exe
2015-04-22 15:21 - 2014-10-29 03:33 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\runas.exe
2015-04-22 15:21 - 2014-10-29 03:33 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\InfDefaultInstall.exe
2015-04-22 15:21 - 2014-10-29 03:30 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\sigverif.exe
2015-04-22 15:21 - 2014-10-29 03:30 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\RmClient.exe
2015-04-22 15:21 - 2014-10-29 03:29 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsicli.exe
2015-04-22 15:21 - 2014-10-29 03:28 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcad32.exe
2015-04-22 15:21 - 2014-10-29 03:25 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\resmon.exe
2015-04-22 15:21 - 2014-10-29 03:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationNotifications.exe
2015-04-22 15:21 - 2014-10-29 03:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizardElev.exe
2015-04-22 15:21 - 2014-10-29 03:20 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\proquota.exe
2015-04-22 15:21 - 2014-10-29 03:20 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WallpaperHost.exe
2015-04-22 15:21 - 2014-10-29 03:19 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceProperties.exe
2015-04-22 15:21 - 2014-10-29 03:19 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemPropertiesRemote.exe
2015-04-22 15:21 - 2014-10-29 03:19 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemPropertiesProtection.exe
2015-04-22 15:21 - 2014-10-29 03:19 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemPropertiesPerformance.exe
2015-04-22 15:21 - 2014-10-29 03:19 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemPropertiesHardware.exe
2015-04-22 15:21 - 2014-10-29 03:19 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemPropertiesDataExecutionPrevention.exe
2015-04-22 15:21 - 2014-10-29 03:19 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemPropertiesComputerName.exe
2015-04-22 15:21 - 2014-10-29 03:19 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemPropertiesAdvanced.exe
2015-04-22 15:21 - 2014-10-29 03:19 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Netplwiz.exe
2015-04-22 15:21 - 2014-10-29 03:18 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartScreenSettings.exe
2015-04-22 15:21 - 2014-10-29 03:18 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OptionalFeatures.exe
2015-04-22 15:21 - 2014-10-29 03:18 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Fondue.exe
2015-04-22 15:21 - 2014-10-29 03:18 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RunLegacyCPLElevated.exe
2015-04-22 15:21 - 2014-10-29 03:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2015-04-22 15:21 - 2014-10-29 03:12 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsui.exe
2015-04-22 15:21 - 2014-10-29 03:09 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthudtask.exe
2015-04-22 15:21 - 2014-10-29 03:05 - 02628608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-04-22 15:21 - 2014-10-29 03:04 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-04-22 15:21 - 2014-10-29 03:04 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceUxRes.dll
2015-04-22 15:21 - 2014-10-29 03:04 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2015-04-22 15:21 - 2014-10-29 03:04 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2help.dll
2015-04-22 15:21 - 2014-10-29 03:04 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rnr20.dll
2015-04-22 15:21 - 2014-10-29 03:03 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2015-04-22 15:21 - 2014-10-29 03:03 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ktmw32.dll
2015-04-22 15:21 - 2014-10-29 03:03 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wship6.dll
2015-04-22 15:21 - 2014-10-29 03:03 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSHTCPIP.DLL
2015-04-22 15:21 - 2014-10-29 03:03 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmi.dll
2015-04-22 15:21 - 2014-10-29 03:00 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2015-04-22 15:21 - 2014-10-29 03:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shimeng.dll
2015-04-22 15:21 - 2014-10-29 03:00 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2015-04-22 15:21 - 2014-10-29 03:00 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2015-04-22 15:21 - 2014-10-29 03:00 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\normaliz.dll
2015-04-22 15:21 - 2014-10-29 03:00 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprop.dll
2015-04-22 15:21 - 2014-10-29 02:59 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\help.exe
2015-04-22 15:21 - 2014-10-29 02:58 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\colorcpl.exe
2015-04-22 15:21 - 2014-10-29 02:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmdkey.exe
2015-04-22 15:21 - 2014-10-29 02:58 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomcnfg.exe
2015-04-22 15:21 - 2014-10-29 02:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DDOIProxy.dll
2015-04-22 15:21 - 2014-10-29 02:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrnsave.scr
2015-04-22 15:21 - 2014-10-29 02:57 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcNs4.dll
2015-04-22 15:21 - 2014-10-29 02:56 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pstorec.dll
2015-04-22 15:21 - 2014-10-29 02:53 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\winhlp32.exe
2015-04-22 15:21 - 2014-10-29 02:52 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msra.exe
2015-04-22 15:21 - 2014-10-29 02:52 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\write.exe
2015-04-22 15:21 - 2014-10-29 02:51 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systray.exe
2015-04-22 15:21 - 2014-10-29 02:45 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resmon.exe
2015-04-22 15:21 - 2014-10-29 02:45 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2015-04-22 15:21 - 2014-10-29 02:39 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceProperties.exe
2015-04-22 15:21 - 2014-10-29 02:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesRemote.exe
2015-04-22 15:21 - 2014-10-29 02:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesProtection.exe
2015-04-22 15:21 - 2014-10-29 02:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe
2015-04-22 15:21 - 2014-10-29 02:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesHardware.exe
2015-04-22 15:21 - 2014-10-29 02:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesDataExecutionPrevention.exe
2015-04-22 15:21 - 2014-10-29 02:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesComputerName.exe
2015-04-22 15:21 - 2014-10-29 02:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesAdvanced.exe
2015-04-22 15:21 - 2014-10-29 02:32 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthudtask.exe
2015-04-22 15:21 - 2014-10-29 02:29 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprext.dll
2015-04-22 15:21 - 2014-10-29 02:29 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2015-04-22 15:21 - 2014-10-29 02:29 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_ISCII.DLL
2015-04-22 15:21 - 2014-10-29 02:28 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mountvol.exe
2015-04-22 15:21 - 2014-10-29 02:28 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TcpipSetup.dll
2015-04-22 15:21 - 2014-10-29 02:27 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\lodctr.exe
2015-04-22 15:21 - 2014-10-29 02:27 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\unlodctr.exe
2015-04-22 15:21 - 2014-10-29 02:27 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cacls.exe
2015-04-22 15:21 - 2014-10-29 02:27 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\fltMC.exe
2015-04-22 15:21 - 2014-10-29 02:27 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\TRACERT.EXE
2015-04-22 15:21 - 2014-10-29 02:27 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\HOSTNAME.EXE
2015-04-22 15:21 - 2014-10-29 02:26 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VaultCmd.exe
2015-04-22 15:21 - 2014-10-29 02:26 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRINFO.EXE
2015-04-22 15:21 - 2014-10-29 02:23 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxStreamingDataSourcePS.dll
2015-04-22 15:21 - 2014-10-29 02:21 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallButtons.ProxyStub.dll
2015-04-22 15:21 - 2014-10-29 02:21 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ROUTE.EXE
2015-04-22 15:21 - 2014-10-29 02:21 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllhst3g.exe
2015-04-22 15:21 - 2014-10-29 02:12 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2015-04-22 15:21 - 2014-10-29 02:06 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_ISCII.DLL
2015-04-22 15:21 - 2014-10-29 02:06 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2015-04-22 15:21 - 2014-10-29 02:05 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TCPSVCS.EXE
2015-04-22 15:21 - 2014-10-29 02:05 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\backgroundTaskHost.exe
2015-04-22 15:21 - 2014-10-29 02:03 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2015-04-22 15:21 - 2014-10-29 02:01 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2015-04-22 15:21 - 2014-10-29 02:00 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallButtons.ProxyStub.dll
2015-04-22 15:21 - 2014-10-29 01:58 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootim.exe
2015-04-22 15:21 - 2014-10-29 01:50 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2015-04-22 15:21 - 2014-10-11 01:10 - 00389020 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-04-22 15:21 - 2014-10-07 04:30 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-04-22 15:21 - 2014-10-07 04:29 - 00107520 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-04-22 15:21 - 2014-10-07 04:29 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-04-22 15:21 - 2014-10-07 04:29 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-04-21 01:11 - 2015-04-21 21:28 - 00000000 ____D () C:\Program Files (x86)\QUIckViewer
2015-04-21 01:10 - 2015-05-18 10:40 - 00000000 ____D () C:\ProgramData\10408937475793103121
2015-04-21 01:10 - 2015-04-21 01:10 - 00000020 _____ () C:\Users\lkoul_000\AppData\Roaming\appdataFr3.bin
2015-04-19 02:46 - 2015-04-19 20:53 - 00000000 ____D () C:\Users\lkoul_000\Downloads\A Song of Ice and Fire (Audio Books 1-5 - Complete)

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-19 23:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-19 22:53 - 2013-09-06 00:23 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-19 22:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-19 09:07 - 2013-11-28 02:42 - 00000000 ___DO () C:\Users\lkoul_000\SkyDrive
2015-05-18 23:44 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
2015-05-18 22:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-18 21:54 - 2013-08-26 20:28 - 00345600 ___SH () C:\Users\lkoul_000\Desktop\Thumbs.db
2015-05-18 21:46 - 2014-08-10 14:38 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-18 21:46 - 2013-11-27 16:12 - 00000000 ___DC () C:\WINDOWS\Panther
2015-05-18 21:46 - 2013-09-05 18:04 - 00000000 ____D () C:\Users\lkoul_000\AppData\Roaming\uTorrent
2015-05-18 21:24 - 2013-08-16 00:40 - 00000000 ____D () C:\Users\lkoul_000\AppData\Local\Google
2015-05-18 15:31 - 2014-01-16 19:15 - 00003114 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-05-18 15:31 - 2013-08-16 00:38 - 00003056 _____ () C:\WINDOWS\System32\Tasks\ASUS P4G
2015-05-18 15:31 - 2013-08-15 11:25 - 00000401 _____ () C:\Users\lkoul_000\AppData\Roaming\sp_data.sys
2015-05-18 15:31 - 2012-12-12 18:44 - 00003260 _____ () C:\WINDOWS\System32\Tasks\ASUS Patch for Touch Panel
2015-05-18 15:31 - 2012-12-12 18:15 - 00003028 _____ () C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2015-05-18 15:31 - 2012-12-12 18:06 - 00003222 _____ () C:\WINDOWS\System32\Tasks\ASUS Patch for VIA Audio
2015-05-18 15:29 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-18 15:28 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-18 12:43 - 2014-09-14 20:05 - 00000000 ____D () C:\Users\lkoul_000\Downloads\Top 200 90's Alternative Songs
2015-05-14 23:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-14 10:30 - 2013-09-30 05:11 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-14 10:01 - 2013-08-22 15:44 - 02432288 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-13 15:51 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-13 15:48 - 2013-08-16 02:51 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-13 15:41 - 2013-08-16 02:51 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-13 15:36 - 2013-09-30 04:59 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-11 20:05 - 2013-09-03 22:12 - 00000000 ____D () C:\Users\lkoul_000\AppData\Roaming\PrimoPDF
2015-05-09 18:39 - 2014-12-13 18:21 - 00824008 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2015-05-09 18:39 - 2014-08-19 12:31 - 00056008 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kldisk.sys
2015-05-09 17:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-05-09 17:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-09 17:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-09 17:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-09 17:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-09 17:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-09 17:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-09 17:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-09 17:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-09 17:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-09 17:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2015-05-09 17:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-05-09 17:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2015-05-09 17:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-05-09 17:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-05-09 17:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-05-09 17:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-05-09 17:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sppui
2015-05-09 17:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-05-09 17:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-05-09 17:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-05-09 17:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2015-05-09 17:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-09 17:31 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-05-09 17:31 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2015-05-09 17:31 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\servicing
2015-05-09 17:27 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-09 17:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-05-09 17:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sppui
2015-05-09 17:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-05-09 17:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-05-09 17:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-05-09 17:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-05-09 17:27 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-05-09 17:27 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-05-09 17:26 - 2013-08-22 16:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc
2015-05-09 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-05-09 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-05-09 17:26 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2015-05-09 17:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-05-09 17:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-05-09 17:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-05-09 17:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell
2015-05-09 17:03 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-09 17:02 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-05-09 17:02 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-05-05 18:59 - 2014-05-21 13:14 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 18:59 - 2014-05-21 13:14 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-22 19:16 - 2013-08-22 16:36 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2015-04-22 19:16 - 2013-08-22 16:36 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2015-04-21 17:29 - 2013-08-16 00:41 - 00000000 ____D () C:\Program Files (x86)\Google

==================== Files in the root of some directories =======

2015-04-21 01:10 - 2015-04-21 01:10 - 0000020 _____ () C:\Users\lkoul_000\AppData\Roaming\appdataFr3.bin
2014-03-12 19:33 - 2014-03-12 19:33 - 0000021 _____ () C:\Users\lkoul_000\AppData\Roaming\my_intel.sys
2013-08-15 11:25 - 2015-05-18 15:31 - 0000401 _____ () C:\Users\lkoul_000\AppData\Roaming\sp_data.sys
2014-02-20 15:07 - 2014-02-20 15:07 - 0003584 _____ () C:\Users\lkoul_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-21 17:36 - 2015-05-09 16:49 - 0000806 _____ () C:\Users\lkoul_000\AppData\Local\Temp-log.txt
2012-08-17 01:52 - 2012-07-30 07:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 01:52 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-19 09:20

==================== End Of Log ============================
 
Here is the addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015
Ran by lkoul_000 at 2015-05-20 00:13:57
Running from C:\Users\lkoul_000\Downloads
Boot Mode: Normal
==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2139896988-2101449784-3495016842-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_a04a925a57548091300ada368235fc6) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS S200 Product Demo (HKLM-x32\...\{5E396FE4-6110-41C9-9B1F-2F30A4A13715}) (Version: 1.0.0 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0005 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.22 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.49 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2139896988-2101449784-3495016842-1001\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-GB)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team)
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Viper Plagiarism Scanner (HKLM-x32\...\{2D9F8754-84AB-4C46-8243-9EADF23A63EE}_is1) (Version: 4.1.90.1039 - All Answers Ltd)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.2200 - Broadcom Corporation)
Windows Phone app for desktop (HKLM-x32\...\{8C9B338E-6815-41F2-9FE3-337715D1524E}) (Version: 1.0.1720.1 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XBMC (HKU\S-1-5-21-2139896988-2101449784-3495016842-1001\...\XBMC) (Version: - Team XBMC)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2139896988-2101449784-3495016842-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\lkoul_000\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2139896988-2101449784-3495016842-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\lkoul_000\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2139896988-2101449784-3495016842-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\lkoul_000\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2139896988-2101449784-3495016842-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\lkoul_000\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2139896988-2101449784-3495016842-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\lkoul_000\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

19-05-2015 11:50:29 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {295CF0E8-5783-4E62-AFEC-F401FC3F6F11} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2012-11-07] (ASUSTek Computer INC.)
Task: {5C2BE173-3103-4542-9197-427AB614769A} - System32\Tasks\ASUS Patch for VIA Audio => C:\Windows\system32\AsPatchViaAudio.exe [2012-11-07] (ASUSTek Computer INC.)
Task: {81248020-F156-4659-9A25-67F85671A86B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {9A686EDC-40E7-4BF4-BB39-DA6F0337DA14} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {A1B7ACF7-A655-4BEA-A161-6E6178791C79} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {CC30D1D0-7438-45A5-8F8A-62BDF8101BC5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {D6E11BB5-6B88-4912-A2A6-7FA06E964536} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {D9BEA6A4-581E-4B17-9149-6B20D4E62D28} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {DD89B9CA-44F0-4AFE-9869-A9DFE872DA57} - System32\Tasks\ASUS VivoBook => C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe [2012-11-21] (ASUSTeK Computer Inc.)
Task: {EF84D90E-30A3-45B2-8094-83A7A2C376FA} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {F13EBDD7-072A-4B14-B134-D6916BD02127} - \Optimize Start Menu Cache Files-S-1-5-21-2139896988-2101449784-3495016842-500 No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2013-09-03 22:10 - 2011-02-28 23:37 - 00095008 _____ () C:\WINDOWS\System32\Primomonnt.dll
2012-09-06 16:53 - 2012-09-06 16:53 - 00047480 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\BtwLeAPI.dll
2012-11-30 05:07 - 2012-11-02 08:19 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\kpcengine.2.3.dll
2006-10-26 14:56 - 2006-10-26 14:56 - 00757008 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2013-05-11 11:37 - 2013-05-11 11:37 - 14588632 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\lkoul_000\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\lkoul_000\Downloads\noname.eml:OECustomProperty

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2139896988-2101449784-3495016842-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lkoul_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\kiwi_and_caek_by_goat_piddles.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: PowerSkin => c:\windows\temp\PowerSkin\PowerSkin.exe
MSCONFIG\startupreg: VIAAUD => C:\Program Files (x86)\VIA\VIAudioi\VDeck\viaaud.exe
HKLM\...\StartupApproved\Run32: => "Brunel University Connect Assistant"
HKU\S-1-5-21-2139896988-2101449784-3495016842-1001\...\StartupApproved\Run: => "uTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{4C1B5E5E-BCF0-4194-9500-F0F285252CFA}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [TCP Query User{91C115C4-ABB2-409C-A639-C09BDE1842E9}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [UDP Query User{7E1CE732-7CB5-449C-9D5B-9140EA043A3B}C:\program files\ibm\spss\statistics\20\stats.exe] => (Block) C:\program files\ibm\spss\statistics\20\stats.exe
FirewallRules: [TCP Query User{ADAEE1A8-E8CE-4264-B363-254EABDE6919}C:\program files\ibm\spss\statistics\20\stats.exe] => (Block) C:\program files\ibm\spss\statistics\20\stats.exe
FirewallRules: [{C073A69A-E48F-484D-AF29-DCD761D99931}] => (Allow) C:\Users\lkoul_000\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F5CC93BA-D03F-41B1-8D4D-FF4DA2E7A631}] => (Allow) C:\Users\lkoul_000\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{3E2F6082-1566-4DA0-8A23-7597ED0D057E}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [TCP Query User{B1F25EC9-50CF-4D3F-B396-D006D36D27D4}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [{AFD6E556-BB81-478C-9A26-055803D1E443}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.exe
FirewallRules: [{FAEB2D51-5477-4C2F-9C0C-C3EC225BDEEB}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\WinWrapIDE.exe
FirewallRules: [{80DE3E68-7545-4FAB-A482-42865EED8E0D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.com
FirewallRules: [{B6B015D0-2541-4AAA-8794-B2E55D85751F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.exe
FirewallRules: [{98032A0A-EEB8-4D71-8EF8-4E86232816C3}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\WinWrapIDE.exe
FirewallRules: [{5F9D032A-38FB-4A22-92EF-7AF8FACD09DB}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\20\stats.com
FirewallRules: [{BB13A0BD-F69A-4A51-AE2C-49FDD04D7F03}] => (Allow) C:\Users\lkoul_000\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E4A76C0C-B066-4C31-B0A7-2B7BF5D3797F}] => (Allow) C:\Users\lkoul_000\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5A5F7ACF-AE9E-4739-8637-82174BB56A2E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A177C7F8-2292-474B-AFB8-BFD47A5D07C5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{0EAD938E-29A1-4AE6-9463-11779216C533}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{E181F3CE-DECD-49EA-AAB0-09BC5AF23B82}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{8F7ED793-3E1C-4646-8913-8798C176E5BA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9AF80DDC-A7D2-40B5-88AA-BEACA6281C4C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{1758CCF3-91AA-4637-9C2D-66AC32B35516}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [UDP Query User{0AD30A0C-162B-4D31-9309-F35CFE64245A}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [{130D8B38-257B-4BE3-929F-23CFAF9D82CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{874D3D13-B444-4B89-8E5C-6A91CA279DB5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{BCC90DBA-E3A9-4FF7-A386-CE954539AC1F}C:\users\lkoul_000\appdata\roaming\utorrent\updates\3.4.2_38656.exe] => (Block) C:\users\lkoul_000\appdata\roaming\utorrent\updates\3.4.2_38656.exe
FirewallRules: [UDP Query User{1013FBE6-24C2-49D3-8BF5-09A5127BEB8E}C:\users\lkoul_000\appdata\roaming\utorrent\updates\3.4.2_38656.exe] => (Block) C:\users\lkoul_000\appdata\roaming\utorrent\updates\3.4.2_38656.exe
FirewallRules: [{9F562882-3007-47A3-8766-DFD68D0FF0C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B6DC88EA-2302-438C-9726-34B14E665644}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/18/2015 11:50:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: bf0

Start Time: 01d09177130ebd86

Termination Time: 0

Application Path: C:\WINDOWS\Explorer.EXE

Report Id: 4d87187c-fda5-11e4-becd-50465d3eda54

Faulting package full name:

Faulting package-relative application ID:

Error: (05/18/2015 11:14:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 53d0

Start Time: 01d091b73b57f02d

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 3f332457-fdab-11e4-becd-50465d3eda54

Faulting package full name: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (05/18/2015 11:14:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: MITSOKOLLIDI)
Description: App Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c+App did not launch within its allotted time.

Error: (05/18/2015 11:14:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 673c

Start Time: 01d091b73c5cc175

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 30077d7d-fdab-11e4-becd-50465d3eda54

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/18/2015 11:07:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3790

Start Time: 01d091b36f8dfa32

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 31f52284-fdaa-11e4-becd-50465d3eda54

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/18/2015 10:47:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program WORDPAD.EXE version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 5e70

Start Time: 01d091b43eb2429e

Termination Time: 22

Application Path: C:\Program Files\Windows NT\Accessories\WORDPAD.EXE

Report Id: 85fa96c2-fda7-11e4-becd-50465d3eda54

Faulting package full name:

Faulting package-relative application ID:

Error: (05/18/2015 10:46:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1808

Start Time: 01d091afc3ce64e4

Termination Time: 19

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 3f857b9d-fda7-11e4-becd-50465d3eda54

Faulting package full name:

Faulting package-relative application ID:

Error: (05/18/2015 10:34:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 4ed8

Start Time: 01d091b1aabd65e2

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 9e88cbad-fda5-11e4-becd-50465d3eda54

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/18/2015 10:33:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17415, time stamp: 0x5450355f
Faulting module name: threadpoolwinrt.dll, version: 6.3.9600.17415, time stamp: 0x54503c44
Exception code: 0xc0000005
Fault offset: 0x00003ab5
Faulting process ID: 0x26b8
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report ID: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5

Error: (05/18/2015 10:04:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 5db0

Start Time: 01d091ad79da50f3

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 6dc9a4d6-fda1-11e4-becd-50465d3eda54

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (05/18/2015 07:15:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.

Error: (05/18/2015 03:38:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (05/18/2015 03:38:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ASUS Wake Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/18/2015 03:38:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The VIA Karaoke digital mixer Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/18/2015 03:38:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/18/2015 03:38:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/18/2015 03:38:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) ME Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/18/2015 03:38:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel(R) Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (05/18/2015 03:38:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Bluetooth Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (05/18/2015 03:38:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ATKGFNEX Service service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (09/13/2014 02:19:35 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 42562 seconds with 60 seconds of active time. This session ended with a crash.

Error: (06/19/2014 02:53:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2937 seconds with 780 seconds of active time. This session ended with a crash.

Error: (04/24/2014 01:32:50 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 55542 seconds with 720 seconds of active time. This session ended with a crash.

Error: (01/20/2014 02:40:06 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 101790 seconds with 60 seconds of active time. This session ended with a crash.

Error: (12/17/2013 10:19:21 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 37628 seconds with 2340 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2015-04-22 01:54:11.702
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-21 17:37:16.448
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-20 21:58:24.520
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-03-31 15:23:13.620
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-03-15 13:19:19.103
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-03-08 01:02:35.376
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-28 22:48:30.056
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-24 17:02:29.169
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-18 22:00:17.140
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-18 13:01:28.502
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2365M CPU @ 1.40GHz
Percentage of memory in use: 73%
Total physical RAM: 3979.6 MB
Available physical RAM: 1069.04 MB
Total Pagefile: 4811.6 MB
Available Pagefile: 1242.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:104.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:257.94 GB) NTFS
Drive e: (AZUL) (Fixed) (Total:14.9 GB) (Free:7.72 GB) FAT32
Drive f: (PIEDRITA) (Fixed) (Total:14.9 GB) (Free:11.01 GB) FAT32
Drive g: (KINGSTON) (Removable) (Total:7.44 GB) (Free:1.03 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1FEB4A9B)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0B)

========================================================
Disk: 2 (Size: 14.9 GB) (Disk ID: 406FEA76)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C)

========================================================
Disk: 3 (Size: 14.9 GB) (Disk ID: F8A2C5B6)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C)

==================== End Of Log ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    1.1 KB · Views: 2
Thank you Broni. You are the best (to say the least).

My computer is an Asus; aren't these just scripts by them?

Will the fixlist quarantine/delete or scan these files?
 
This topic is marked as abandoned and closed due to inactivity.

This member will NOT be eligible to receive any more help in malware removal forum.
 
Status
Not open for further replies.

Similar threads

midian182
Windows 11 keeps adding users, but Windows 10 is still king
2
Replies
41
Views
2K
TheBigFatClown
T
L
Solved Unknown spyware/ Monitoring/ Hijacking of my devices
Replies
15
Views
3K
Broni
Broni
Daniel Sims
If you have any of these Android apps, uninstall them now
2
Replies
34
Views
2K
Rocky4040
Rocky4040

Latest posts

Back