TechSpot

Conduit found by adwcleaner. Still not acting right.

By Jess_123
Oct 25, 2015
  1. I don't exactly know how to describe it without someone witnessing it.

    When I'm doing anything on my laptop, the cpu and ram are both running at 100%. This causes my sound to glitch and even sound robotic at some points. I know it's a virus or remnants related to it because it doesn't usually do this and I've ran out of my basic knowledge to stop the intrusion. It's been happening about a week now. I thought it stopped after adwcleaner found Conduit, but it's now coming back again. Don't know how or where I picked it up, probably a pop up because adblock has NOT been working on firefox, at all; and Chrome gives me more issues.

    Farbar txts in following replies
     
  2. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
    Ran by Jess (administrator) on JESSICA-PC (25-10-2015 17:28:20)
    Running from C:\Users\Jess\Desktop
    Loaded Profiles: Jess (Available Profiles: Jess & Administrator)
    Platform: Windows 10 Home (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
    () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
    (Deluge Team) C:\Program Files (x86)\Deluge\deluge.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe
     
  3. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
    HKLM\...\Run: [IntelConnectCenter] => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel® Corporation)
    HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] ()
    HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-23] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-25] (AVAST Software)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-08-07] (SUPERAntiSpyware)
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\Run: [Spotify Web Helper] => C:\Users\Jess\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-17] (Spotify Ltd)
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\Run: [Spotify] => C:\Users\Jess\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-17] (Spotify Ltd)
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\MountPoints2: E - "E:\LaunchU3.exe" -a
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\MountPoints2: {4987a84d-987e-11e4-8268-382c4a7d9f02} - "G:\LaunchU3.exe" -a
    HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-02] (AVAST Software)
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 142.166.166.166
    Tcpip\..\Interfaces\{1048e396-fd3b-406e-a25c-f3369e398d8f}: [DhcpNameServer] 40.52.1.18
    Tcpip\..\Interfaces\{fe8445f8-1b5e-44fc-890a-1c0305cf81be}: [DhcpNameServer] 192.168.2.1 142.166.166.166

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-17] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-02] (AVAST Software)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-17] (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-02] (AVAST Software)
    BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default
    FF Homepage: www.facebook.com
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
    FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-17] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-17] (Oracle Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\artur.dubovoy@gmail.com [2015-09-23]
    FF Extension: WOT - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-09]
    FF Extension: ClipConverter - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\clipconverter@clipconverter.cc.xpi [2015-10-04]
    FF Extension: YouTube mp3 - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\info@youtube-mp3.org.xpi [2015-05-29]
    FF Extension: Strict Pop-up Blocker - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\jid1-P34HaABBBpOerQ@jetpack.xpi [2015-10-22]
    FF Extension: RAMBack - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\ramback@pavlov.net.xpi [2015-08-13]
    FF Extension: Adblock Plus - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-18]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-02] [not signed]

    Chrome:
    =======
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-20]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-02] (AVAST Software)
    R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-02] (AVAST Software)
    R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Limited)
    R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Limited)
    R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Limited)
    R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Limited)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-15] (Intel Corporation)
    S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
    S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    S4 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [8095456 2015-03-16] (Intel Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
    S2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [X]
     
  4. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-02] (AVAST Software)
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-02] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-02] (AVAST Software)
    R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-02] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-02] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-02] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-02] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-02] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-02] (AVAST Software)
    R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.)
    R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [102888 2015-09-18] (ASUS Corporation)
    S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
    R3 csravrcp; C:\Windows\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Limited)
    R3 CsrBthAudioHF; C:\Windows\system32\DRIVERS\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Limited)
    R3 CsrBtPort; C:\Windows\System32\drivers\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
    R3 csrhfgcc; C:\Windows\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Limited)
    R3 csrpan; C:\Windows\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
    R3 csrserial; C:\Windows\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
    R3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
    R3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
    R3 csr_bthav; C:\Windows\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Limited)
    R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-22] (REALiX(tm))
    U5 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [632168 2013-12-15] (Intel Corporation)
    R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
    R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-27] (Intel Corporation)
    R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek )
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2015-03-22] (Synaptics Incorporated)
    R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
    S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-10-25 17:28 - 2015-10-25 17:29 - 00018130 _____ C:\Users\Jess\Desktop\FRST.txt
    2015-10-25 17:25 - 2015-10-25 17:28 - 00000000 ____D C:\FRST
    2015-10-25 17:24 - 2015-10-25 17:25 - 02197504 _____ (Farbar) C:\Users\Jess\Desktop\FRST64.exe
    2015-10-25 16:18 - 2015-10-25 16:18 - 00016148 _____ C:\WINDOWS\system32\JESSICA-PC_Jess_HistoryPrediction.bin
    2015-10-24 01:50 - 2015-10-24 01:50 - 00000218 _____ C:\Users\Jess\AppData\Local\recently-used.xbel
    2015-10-22 22:02 - 2015-10-22 22:02 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2015-10-21 09:14 - 2015-10-25 17:27 - 00000093 _____ C:\Users\Jess\AppData\Roaming\sp_data.sys
    2015-10-20 21:11 - 2015-10-20 21:11 - 00001558 _____ C:\WINDOWS\PFRO.log
    2015-10-20 19:33 - 2015-10-20 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2015-10-20 14:55 - 2015-10-20 14:55 - 00000000 ____D C:\Users\Jess\Documents\Share Link
    2015-10-20 13:36 - 2015-10-20 13:36 - 00000000 ____D C:\WINDOWS\system32\es-cl
    2015-10-20 13:36 - 2015-10-20 13:36 - 00000000 ____D C:\Program Files (x86)\CSR
    2015-10-20 13:35 - 2015-10-20 13:35 - 00000000 ____D C:\Program Files\CSR
    2015-10-20 12:48 - 2015-10-20 12:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_csrserial_01009.Wdf
    2015-10-20 12:48 - 2015-10-20 12:48 - 00000000 ____D C:\BluetoothExchangeFolder
    2015-10-20 12:18 - 2015-10-22 11:34 - 00002258 _____ C:\WINDOWS\setupact.log
    2015-10-20 12:18 - 2015-10-20 12:18 - 00000049 _____ C:\WINDOWS\setuperr.log
    2015-10-18 11:56 - 2015-10-25 15:11 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
    2015-10-17 15:07 - 2015-10-17 15:07 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\7D450485.sys
    2015-10-15 14:45 - 2015-10-15 14:45 - 00000000 ____D C:\Users\Jess\AppData\Local\Hardcoded Software
    2015-10-15 14:29 - 2015-10-15 14:29 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
    2015-10-15 14:29 - 2015-10-15 14:29 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl
    2015-10-15 14:29 - 2015-10-15 14:29 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00181524 _____ C:\WINDOWS\system32\resELL.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00163044 _____ C:\WINDOWS\system32\resARA.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00155988 _____ C:\WINDOWS\system32\resITA.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00155828 _____ C:\WINDOWS\system32\resROM.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00155716 _____ C:\WINDOWS\system32\resESN.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00149812 _____ C:\WINDOWS\system32\resENU.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp
    2015-10-15 14:28 - 2015-10-25 11:39 - 00001600 _____ C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
    2015-10-15 14:28 - 2015-10-25 11:38 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
    2015-10-15 14:20 - 2015-10-15 14:20 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
    2015-10-13 18:50 - 2015-10-13 18:56 - 00000000 ____D C:\f6712dc53be1a40c595d6300d8e1f0
    2015-10-13 18:40 - 2015-10-10 02:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2015-10-13 18:40 - 2015-10-05 23:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2015-10-13 18:40 - 2015-09-24 23:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2015-10-13 18:40 - 2015-09-24 23:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2015-10-13 18:40 - 2015-09-24 22:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2015-10-13 18:39 - 2015-10-10 03:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2015-10-13 18:39 - 2015-10-10 02:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2015-10-13 18:39 - 2015-10-05 22:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2015-10-13 18:39 - 2015-10-01 00:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2015-10-13 18:39 - 2015-10-01 00:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2015-10-13 18:39 - 2015-10-01 00:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2015-10-13 18:39 - 2015-10-01 00:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2015-10-13 18:39 - 2015-10-01 00:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2015-10-13 18:39 - 2015-09-30 23:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2015-10-13 18:39 - 2015-09-25 00:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2015-10-13 18:39 - 2015-09-25 00:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
    2015-10-13 18:39 - 2015-09-24 23:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2015-10-13 18:39 - 2015-09-24 23:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2015-10-13 18:39 - 2015-09-24 23:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2015-10-13 18:39 - 2015-09-24 23:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
    2015-10-13 18:39 - 2015-09-24 23:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
    2015-10-13 18:39 - 2015-09-24 23:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2015-10-13 18:39 - 2015-09-24 23:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2015-10-13 18:39 - 2015-09-24 23:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2015-10-13 18:39 - 2015-09-24 23:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2015-10-13 18:39 - 2015-09-24 23:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2015-10-13 18:39 - 2015-09-24 23:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2015-10-13 18:39 - 2015-09-24 23:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2015-10-13 18:39 - 2015-09-24 23:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
     
  5. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    2015-10-13 18:39 - 2015-09-24 23:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2015-10-13 18:39 - 2015-09-24 23:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2015-10-13 18:39 - 2015-09-24 23:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2015-10-13 18:39 - 2015-09-24 23:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2015-10-13 18:39 - 2015-09-24 23:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2015-10-13 18:39 - 2015-09-24 23:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
    2015-10-13 18:39 - 2015-09-24 23:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2015-10-13 18:39 - 2015-09-24 23:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
    2015-10-13 18:39 - 2015-09-24 23:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
    2015-10-13 18:39 - 2015-09-24 22:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2015-10-13 18:39 - 2015-09-24 22:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
    2015-10-13 18:39 - 2015-09-24 22:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
    2015-10-13 18:39 - 2015-09-24 22:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2015-10-13 18:39 - 2015-09-24 22:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2015-10-13 18:39 - 2015-09-24 22:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2015-10-13 18:39 - 2015-09-24 22:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2015-10-13 18:39 - 2015-09-24 22:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2015-10-13 18:39 - 2015-09-24 22:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2015-10-13 18:39 - 2015-09-24 22:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2015-10-13 18:39 - 2015-09-24 22:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2015-10-13 18:39 - 2015-09-24 22:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2015-10-13 18:39 - 2015-09-24 22:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
    2015-10-13 18:39 - 2015-09-24 22:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
    2015-10-13 18:39 - 2015-09-24 22:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
    2015-10-13 18:39 - 2015-09-24 22:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
    2015-10-13 18:39 - 2015-09-24 22:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
    2015-10-13 18:39 - 2015-09-24 22:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
    2015-10-13 18:39 - 2015-09-24 22:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2015-10-13 18:39 - 2015-09-24 22:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
    2015-10-12 15:53 - 2015-10-12 15:53 - 00001779 _____ C:\Users\Jess\Desktop\Prison Architect.lnk
    2015-10-12 15:53 - 2015-10-12 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prison Architect [GOG.com]
    2015-10-12 15:53 - 2015-10-12 15:53 - 00000000 ____D C:\GOG Games
    2015-10-08 01:20 - 2015-10-08 01:20 - 00003382 _____ C:\WINDOWS\System32\Tasks\IntelBootstrapCCDashExe
    2015-10-08 01:19 - 2015-10-20 14:55 - 00000000 ____D C:\Users\Jess\AppData\Local\Share Link
    2015-10-08 01:19 - 2015-10-08 01:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Connect Center
    2015-09-30 18:36 - 2015-09-19 01:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
    2015-09-30 18:36 - 2015-09-17 02:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2015-09-30 18:36 - 2015-09-17 02:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2015-09-30 18:36 - 2015-09-17 02:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2015-09-30 18:36 - 2015-09-17 02:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
    2015-09-30 18:36 - 2015-09-17 02:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2015-09-30 18:36 - 2015-09-17 02:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
    2015-09-30 18:36 - 2015-09-17 02:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
    2015-09-30 18:36 - 2015-09-17 02:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2015-09-30 18:36 - 2015-09-17 02:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2015-09-30 18:36 - 2015-09-17 02:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2015-09-30 18:36 - 2015-09-17 02:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
    2015-09-30 18:36 - 2015-09-17 02:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2015-09-30 18:36 - 2015-09-17 02:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2015-09-30 18:36 - 2015-09-17 02:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2015-09-30 18:36 - 2015-09-17 02:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
    2015-09-30 18:36 - 2015-09-17 02:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2015-09-30 18:36 - 2015-09-17 02:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2015-09-30 18:36 - 2015-09-17 02:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2015-09-30 18:36 - 2015-09-17 02:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
    2015-09-30 18:36 - 2015-09-17 02:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2015-09-30 18:36 - 2015-09-17 02:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
    2015-09-30 18:36 - 2015-09-17 02:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2015-09-30 18:36 - 2015-09-17 02:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2015-09-30 18:36 - 2015-09-17 02:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2015-09-30 18:36 - 2015-09-17 02:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
    2015-09-30 18:36 - 2015-09-17 02:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2015-09-30 18:36 - 2015-09-17 02:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2015-09-30 18:36 - 2015-09-17 02:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
    2015-09-30 18:36 - 2015-09-17 02:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2015-09-30 18:36 - 2015-09-17 02:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
    2015-09-30 18:36 - 2015-09-17 02:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
    2015-09-30 18:36 - 2015-09-17 02:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
    2015-09-30 18:36 - 2015-09-17 02:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2015-09-30 18:36 - 2015-09-17 02:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
    2015-09-30 18:36 - 2015-09-17 02:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
    2015-09-30 18:36 - 2015-09-17 02:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
    2015-09-30 18:36 - 2015-09-17 02:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2015-09-30 18:36 - 2015-09-17 02:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
    2015-09-30 18:36 - 2015-09-17 02:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
    2015-09-30 18:36 - 2015-09-17 02:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2015-09-30 18:36 - 2015-09-17 02:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2015-09-30 18:36 - 2015-09-17 02:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2015-09-30 18:36 - 2015-09-17 02:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
    2015-09-30 18:36 - 2015-09-17 02:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2015-09-30 18:36 - 2015-09-17 02:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
    2015-09-30 18:36 - 2015-09-17 02:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
    2015-09-30 18:36 - 2015-09-17 02:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
    2015-09-30 18:36 - 2015-09-17 02:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2015-09-30 18:36 - 2015-09-17 02:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2015-09-30 18:36 - 2015-09-17 02:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2015-09-30 18:36 - 2015-09-17 02:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2015-09-30 18:36 - 2015-09-17 02:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2015-09-30 18:36 - 2015-09-17 02:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2015-09-30 18:36 - 2015-09-17 02:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
    2015-09-30 18:36 - 2015-09-17 02:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2015-09-30 18:36 - 2015-09-17 02:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2015-09-30 18:36 - 2015-09-17 02:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
    2015-09-30 18:36 - 2015-09-17 02:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
    2015-09-30 18:36 - 2015-09-17 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2015-09-30 18:36 - 2015-09-17 02:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2015-09-30 18:36 - 2015-09-17 02:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
    2015-09-30 18:36 - 2015-09-17 02:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2015-09-30 18:36 - 2015-09-17 02:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2015-09-30 18:36 - 2015-09-17 02:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2015-09-30 18:36 - 2015-09-17 02:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
    2015-09-30 18:36 - 2015-09-17 01:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2015-09-30 18:36 - 2015-09-17 01:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2015-09-30 18:36 - 2015-09-17 01:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2015-09-30 18:36 - 2015-09-17 01:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
    2015-09-30 18:36 - 2015-09-17 01:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
    2015-09-30 18:36 - 2015-09-17 01:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2015-09-30 18:36 - 2015-09-17 01:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2015-09-30 18:36 - 2015-09-17 01:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2015-09-30 18:36 - 2015-09-17 01:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
    2015-09-30 18:36 - 2015-09-17 01:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2015-09-30 18:36 - 2015-09-17 01:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2015-09-30 18:36 - 2015-09-17 01:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-09-30 18:36 - 2015-09-17 01:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
    2015-09-30 18:36 - 2015-09-17 01:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2015-09-30 18:36 - 2015-09-17 01:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
    2015-09-30 18:36 - 2015-09-17 01:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
    2015-09-30 18:36 - 2015-09-17 01:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2015-09-30 18:36 - 2015-09-17 01:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
    2015-09-30 18:36 - 2015-09-17 01:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2015-09-30 18:36 - 2015-09-17 01:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2015-09-30 18:36 - 2015-09-17 01:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
    2015-09-30 18:36 - 2015-09-17 01:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
    2015-09-30 18:36 - 2015-09-17 01:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
    2015-09-30 18:36 - 2015-09-17 01:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
    2015-09-30 18:36 - 2015-09-17 01:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
    2015-09-30 18:36 - 2015-09-17 01:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
    2015-09-30 18:36 - 2015-09-17 01:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
     
  6. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    2015-09-30 18:36 - 2015-09-17 01:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
    2015-09-30 18:36 - 2015-09-17 01:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
    2015-09-30 18:36 - 2015-09-17 01:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
    2015-09-30 18:36 - 2015-09-17 01:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
    2015-09-30 18:36 - 2015-09-17 01:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
    2015-09-30 18:36 - 2015-09-17 01:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
    2015-09-30 18:36 - 2015-09-17 01:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2015-09-30 18:36 - 2015-09-17 01:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2015-09-30 18:36 - 2015-09-17 01:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
    2015-09-30 18:36 - 2015-09-17 01:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2015-09-30 18:36 - 2015-09-17 01:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
    2015-09-30 18:36 - 2015-09-17 01:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
    2015-09-30 18:36 - 2015-09-17 01:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2015-09-30 18:36 - 2015-09-17 01:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
    2015-09-30 18:36 - 2015-09-17 01:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
    2015-09-30 18:36 - 2015-09-17 01:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2015-09-30 18:36 - 2015-09-17 01:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2015-09-30 18:36 - 2015-09-17 01:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
    2015-09-30 18:36 - 2015-09-17 01:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2015-09-30 18:36 - 2015-09-17 01:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
    2015-09-30 18:36 - 2015-09-17 01:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2015-09-30 18:36 - 2015-09-17 01:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2015-09-30 18:36 - 2015-09-17 01:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2015-09-30 18:36 - 2015-09-17 01:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2015-09-30 18:36 - 2015-09-17 01:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-09-30 18:36 - 2015-09-17 01:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
    2015-09-30 18:36 - 2015-09-17 01:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
    2015-09-30 18:36 - 2015-09-17 01:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
    2015-09-30 18:36 - 2015-09-17 01:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2015-09-30 18:36 - 2015-09-17 01:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2015-09-30 18:36 - 2015-09-17 01:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2015-09-30 18:36 - 2015-09-17 01:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
    2015-09-30 18:36 - 2015-09-17 01:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
    2015-09-30 18:36 - 2015-09-17 01:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
    2015-09-30 18:36 - 2015-09-17 01:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
    2015-09-30 18:36 - 2015-09-17 01:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
    2015-09-30 18:36 - 2015-09-17 01:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
    2015-09-30 18:36 - 2015-09-17 01:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2015-09-30 18:36 - 2015-09-17 01:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
    2015-09-30 18:36 - 2015-09-17 01:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2015-09-30 18:36 - 2015-09-17 01:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
    2015-09-30 18:36 - 2015-09-17 01:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
    2015-09-30 18:36 - 2015-09-17 01:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
    2015-09-30 18:36 - 2015-09-17 01:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
    2015-09-30 18:36 - 2015-09-17 01:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2015-09-30 18:36 - 2015-09-12 22:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
    2015-09-30 18:36 - 2015-09-12 21:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
     
  7. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-10-25 16:44 - 2015-03-20 10:35 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-10-25 16:40 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sru
    2015-10-25 11:47 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\AppReadiness
    2015-10-25 02:05 - 2014-12-27 23:07 - 00000000 ____D C:\Users\Jess\Desktop\shows
    2015-10-23 10:41 - 2014-12-26 17:05 - 00000000 ____D C:\Users\Jess\AppData\Local\Packages
    2015-10-22 22:14 - 2015-07-29 23:48 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2015-10-22 22:02 - 2015-07-10 08:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2015-10-22 22:01 - 2015-07-10 05:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
    2015-10-21 12:22 - 2015-07-10 06:55 - 00000000 ____D C:\WINDOWS\CbsTemp
    2015-10-20 21:18 - 2015-03-22 10:48 - 00000000 ____D C:\Users\Jess\AppData\Roaming\IObit
    2015-10-20 21:18 - 2015-03-22 10:48 - 00000000 ____D C:\ProgramData\IObit
    2015-10-20 21:12 - 2015-03-22 11:04 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
    2015-10-20 21:11 - 2015-03-18 18:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-10-20 19:33 - 2015-03-20 18:44 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2015-10-20 19:10 - 2015-03-20 18:43 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2015-10-20 19:02 - 2015-03-20 16:24 - 00000000 ____D C:\Users\Jess\AppData\Roaming\deluge
    2015-10-20 14:48 - 2015-07-11 15:09 - 00000000 ____D C:\BigFishCache
    2015-10-20 14:48 - 2014-04-23 05:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2015-10-20 14:47 - 2015-03-20 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-10-20 14:45 - 2015-07-29 23:26 - 00000000 ____D C:\Program Files (x86)\ASUS
    2015-10-20 14:44 - 2014-04-23 05:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
    2015-10-20 13:36 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
    2015-10-20 13:36 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\th-TH
    2015-10-20 13:36 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sk-SK
    2015-10-20 13:36 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\he-IL
    2015-10-20 13:36 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\fr-CA
    2015-10-20 13:36 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\ar-SA
    2015-10-20 13:36 - 2014-03-18 06:00 - 00000000 ____D C:\WINDOWS\system32\gl-es
    2015-10-20 13:36 - 2014-03-18 06:00 - 00000000 ____D C:\WINDOWS\system32\eu-es
    2015-10-20 13:36 - 2014-03-18 06:00 - 00000000 ____D C:\WINDOWS\system32\ca-es
    2015-10-18 00:44 - 2015-08-24 20:46 - 00000000 ____D C:\Users\Jess\Desktop\Proof of Entry
    2015-10-17 23:27 - 2015-03-22 11:57 - 00000000 ____D C:\Users\Jess\AppData\Roaming\MPC-HC
    2015-10-17 21:40 - 2014-12-27 22:51 - 00000000 ____D C:\Users\Jess\Desktop\Movies
    2015-10-17 15:09 - 2015-03-20 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-10-17 15:09 - 2015-03-20 18:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-10-17 01:58 - 2015-04-05 20:18 - 00000000 ____D C:\Users\Jess\Desktop\Musica
    2015-10-15 23:10 - 2015-07-10 07:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2015-10-15 23:10 - 2015-07-10 07:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2015-10-15 15:38 - 2015-03-18 18:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-10-15 14:29 - 2015-07-30 00:11 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
    2015-10-15 14:29 - 2015-07-30 00:11 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
    2015-10-15 14:29 - 2015-07-30 00:11 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
    2015-10-15 14:29 - 2015-07-30 00:11 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
    2015-10-15 14:29 - 2015-07-29 23:25 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
    2015-10-15 14:29 - 2015-07-29 23:25 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
    2015-10-15 14:29 - 2015-07-11 00:50 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
    2015-10-15 14:29 - 2015-07-11 00:49 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
    2015-10-15 14:29 - 2015-07-11 00:49 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
    2015-10-15 14:29 - 2015-07-11 00:46 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
    2015-10-15 14:29 - 2015-07-11 00:46 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
    2015-10-15 14:29 - 2015-07-11 00:46 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
    2015-10-15 14:22 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2015-10-15 14:20 - 2014-10-19 20:33 - 00000000 ____D C:\Program Files\DIFX
    2015-10-13 18:56 - 2015-03-19 09:16 - 00000000 ____D C:\WINDOWS\system32\MRT
    2015-10-13 18:50 - 2015-03-19 09:16 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-10-12 19:10 - 2015-07-11 15:10 - 00000000 ____D C:\ProgramData\TEMP
    2015-10-11 20:15 - 2015-02-27 09:23 - 00000000 ____D C:\Users\Jess\Documents\Calibre Library
    2015-10-11 20:09 - 2015-04-11 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
    2015-10-11 20:09 - 2015-04-11 19:36 - 00000000 ____D C:\Program Files\Calibre2
    2015-10-08 01:19 - 2015-07-29 23:25 - 00000000 ____D C:\Program Files\Intel
    2015-10-08 01:19 - 2015-04-14 04:43 - 00000000 ____D C:\ProgramData\Package Cache
    2015-10-08 01:19 - 2014-10-19 20:29 - 00000000 ____D C:\ProgramData\Intel
    2015-10-07 21:19 - 2015-09-16 21:38 - 00000765 _____ C:\Users\Jess\Desktop\Daily 2015.txt
    2015-10-07 18:25 - 2015-01-02 17:57 - 00000000 ____D C:\Users\Jess\Desktop\2015
    2015-10-05 22:21 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\rescache
    2015-10-05 09:50 - 2015-03-20 18:43 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
    2015-10-05 09:50 - 2015-03-20 18:43 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2015-10-04 14:40 - 2014-12-27 23:07 - 00001115 _____ C:\Users\Jess\Desktop\Daily.txt
    2015-10-03 21:44 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ___SD C:\WINDOWS\system32\F12
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Provisioning
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\L2Schemas
    2015-09-25 11:27 - 2015-03-20 18:36 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update

    ==================== Files in the root of some directories =======

    2015-10-21 09:14 - 2015-10-25 17:27 - 0000093 _____ () C:\Users\Jess\AppData\Roaming\sp_data.sys
    2015-08-21 22:49 - 2015-08-21 22:49 - 0003584 _____ () C:\Users\Jess\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2015-10-24 01:50 - 2015-10-24 01:50 - 0000218 _____ () C:\Users\Jess\AppData\Local\recently-used.xbel
    2015-06-13 16:58 - 2015-06-13 16:58 - 0007605 _____ () C:\Users\Jess\AppData\Local\Resmon.ResmonCfg
    2015-07-29 23:26 - 2015-07-29 23:26 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-10-25 12:08

    ==================== End of FRST.txt ============================
     
  8. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
    Ran by Jess (2015-10-25 17:31:11)
    Running from C:\Users\Jess\Desktop
    Windows 10 Home (X64) (2015-07-30 04:04:06)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3640888093-4081718688-4149402660-500 - Administrator - Disabled) => C:\Users\Administrator
    DefaultAccount (S-1-5-21-3640888093-4081718688-4149402660-503 - Limited - Disabled)
    Guest (S-1-5-21-3640888093-4081718688-4149402660-501 - Limited - Disabled)
    Jess (S-1-5-21-3640888093-4081718688-4149402660-1001 - Administrator - Enabled) => C:\Users\Jess

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
    Apple Application Support (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
    ASUS PC Link (HKLM-x32\...\{52AE8601-EA55-456E-80A9-7FB48E82CF81}_is1) (Version: 2.2.29.727 - ASUSTEK)
    ASUS Share Link (HKLM-x32\...\{c3bcc1e3-f950-439c-bcae-f01283e9f2a4}_is1) (Version: 1.0.27.0911 - ASUSTEK)
    ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.3.9 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
    AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
    Avast Premier (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    calibre 64bit (HKLM\...\{872CC218-5C6E-4598-B9C1-3B72BDB2BE44}) (Version: 2.40.0 - Kovid Goyal)
    CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
    Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
    CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Cambridge Silicon Radio Limited.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
    Deluge 1.3.12 (HKLM-x32\...\Deluge) (Version: - )
    Emergency Download Driver (HKLM-x32\...\{05DBF996-83D0-4C40-8D3A-A6850800BC88}) (Version: 1.1.7.1439 - Nokia)
    FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
    Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
    Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
    Intel® CCF Manager (HKLM-x32\...\{0f3d8dd5-54af-4404-a01c-4967e485a065}) (Version: 3.0.13.2211 - Intel Corporation)
    IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
    iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
    Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
    Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
    Lumia UEFI Blue Driver (HKLM-x32\...\{D6EEB835-5BBF-4F6B-8382-1681148D7771}) (Version: 1.1.8.1448 - Nokia)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Maxx Audio Installer (x64) (Version: 2.6.5320.104 - Waves Audio Ltd.) Hidden
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
    Mp3tag v2.69 (HKLM-x32\...\Mp3tag) (Version: v2.69 - Florian Heidenreich)
    MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
    OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
    Plague Inc v0.8.6.7 (HKLM-x32\...\Plague Inc v0.8.6.70.8.6.7) (Version: 0.8.6.7 - Friends in War)
    Prison Architect (HKLM-x32\...\1441974651_is1) (Version: 2.1.0.3 - GOG.com)
    Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
    Spotify (HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\Spotify) (Version: 1.0.14.124.g4dfabc51 - Spotify AB)
    STCServ (Version: 3.0.0.1783 - Intel Corporation) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1200 - SUPERAntiSpyware.com)
    Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software)
    VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.89 - NCH Software)
    WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.05 - NCH Software)
    Windows Driver Package - ASUS (ATP) Mouse (01/13/2015 1.0.0.233) (HKLM\...\8335D73177E6D80E7ADC00FED2275758BD28AEFB) (Version: 01/13/2015 1.0.0.233 - ASUS)
    Windows Driver Package - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\0236763014F4120EF90CB077B1100A704C694EAE) (Version: 06/17/2015 1.0.0.262 - ASUS)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Phone Recovery Tool 2.1.1 (HKLM-x32\...\{461efced-58d4-4470-9b4b-5f2fc83704d4}) (Version: 2.1.1 - Microsoft)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
    WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    WinUsb CoInstallers (HKLM-x32\...\{B7D4B08A-9D89-4369-B51C-92CF8C03D2F8}) (Version: 1.1.8.1406 - Nokia)
    WinUSB Compatible ID Drivers (HKLM-x32\...\{316ED84C-ACDA-4F1F-8E64-52B7AFF8677D}) (Version: 1.1.9.1439 - Nokia)
    WinUSB Drivers ext (HKLM-x32\...\{238EAE31-4E9E-43CF-B244-C4879279E6AF}) (Version: 1.1.12.1439 - Nokia)
    XnView 2.34 (HKLM-x32\...\XnView_is1) (Version: 2.34 - Gougelet Pierre-e)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

    ==================== Restore Points =========================

    15-10-2015 14:19:07 Installed ASUS Smart Gesture
    20-10-2015 12:42:17 Installed CSR Harmony Wireless Software Stack.

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0DD510D9-1163-4A4D-A007-7DAA1A30AA30} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {0E401916-4C94-4AC1-A07E-5D0C4C6EFA72} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {13AE63EA-C1AB-4729-A2D9-1F8D154B78FC} - System32\Tasks\IntelBootstrapCCDashExe => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [2015-03-16] (Intel® Corporation)
    Task: {1D222314-FCFF-4A72-9A86-668F860D378D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {1EFBD15D-886E-4DEA-877B-CCCCE6BD3998} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {3FB63B05-978E-4AE4-A3A8-4FE2BFED015B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
    Task: {4133E9E2-A024-427E-91F9-0C2988A747A4} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
    Task: {4394E4C7-9E2C-447B-9B06-99A20E16CCD6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-02] (AVAST Software)
    Task: {637424FC-68ED-4268-BA9F-F0B41E920F41} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
    Task: {76DA29C2-B2DA-465B-B531-D59943CCC732} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24] (Realtek Semiconductor)
    Task: {7A787DBE-F27B-487E-BE2A-37036F89A870} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {7AF922AA-3F6B-427D-A633-4C706777DA46} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
    Task: {83EA355B-F59A-4758-9D96-38337180C03B} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-10-07] (AsusTek)
    Task: {8A65AD4E-339C-4FCF-80F1-43D0DCE908E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
    Task: {9A562521-B87C-47BD-AC79-B1A79E67A65E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-13] (Microsoft Corporation)
    Task: {A26D99F4-3A67-42B2-BD22-FA8D678BD482} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
    Task: {A2F5DCE4-88B2-43DC-9BA5-E7339843D3C0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {B220E95B-0C7E-4394-B973-B2C45DDB3FF6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {C2598163-313F-4266-BD5F-C30EBA795B67} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {D0F2F313-F5E9-4036-B0E1-85E1323C0D45} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {D5E60F84-03DE-4052-AEE8-37B24FCB13A7} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24] (Realtek Semiconductor)
    Task: {ECF61C90-0F4F-4F10-90CD-ED15D3E3CC2B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {EF25BE96-0423-46EE-96FC-DCB17D3FB7C9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
    Task: {FA4AB86C-2C43-4DFE-A613-FB53F2731382} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2015-07-30 03:14 - 2015-07-30 03:14 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
    2015-08-18 20:21 - 2015-08-11 05:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2015-07-10 06:59 - 2015-07-10 06:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
    2015-09-30 18:36 - 2015-09-17 01:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2015-09-30 18:36 - 2015-09-17 01:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2015-09-30 18:36 - 2015-09-17 01:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2015-09-30 18:36 - 2015-09-17 01:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2015-07-10 07:00 - 2015-07-10 09:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
    2012-03-22 21:11 - 2012-03-22 21:11 - 00244944 _____ () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
    2015-10-22 09:34 - 2015-10-22 09:34 - 03498496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
    2015-08-02 23:47 - 2015-08-02 23:47 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
    2015-08-02 23:47 - 2015-08-02 23:47 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
    2015-10-22 19:11 - 2015-10-22 19:11 - 02969088 _____ () C:\Program Files\AVAST Software\Avast\defs\15102201\algo.dll
    2015-10-25 14:31 - 2015-10-25 14:31 - 02997616 _____ () C:\Program Files\AVAST Software\Avast\defs\15102503\algo.dll
    2014-04-02 17:46 - 2014-04-02 17:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
    2014-04-02 17:46 - 2014-04-02 17:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
    2014-04-02 17:46 - 2014-04-02 17:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
    2014-04-02 17:46 - 2014-04-02 17:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
    2015-03-20 18:35 - 2015-03-20 18:35 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-05-03 13:48 - 2014-05-03 13:48 - 00100352 _____ () C:\Program Files (x86)\Deluge\win32api.pyd
    2014-05-03 13:46 - 2014-05-03 13:46 - 00110080 _____ () C:\Program Files (x86)\Deluge\pywintypes26.dll
    2014-05-03 13:49 - 2014-05-03 13:49 - 00396800 _____ () C:\Program Files (x86)\Deluge\pythoncom26.dll
    2010-08-24 14:47 - 2010-08-24 14:47 - 00040448 _____ () C:\Program Files (x86)\Deluge\_socket.pyd
    2010-08-24 14:48 - 2010-08-24 14:48 - 00720896 _____ () C:\Program Files (x86)\Deluge\_ssl.pyd
    2011-04-09 04:58 - 2011-04-09 04:58 - 00058368 _____ () C:\Program Files (x86)\Deluge\glib._glib.pyd
    2011-04-09 04:58 - 2011-04-09 04:58 - 00113152 _____ () C:\Program Files (x86)\Deluge\gobject._gobject.pyd
    2015-09-12 11:59 - 2015-09-12 11:59 - 00019968 _____ () C:\Program Files (x86)\Deluge\zope.interface._zope_interface_coptimizations.pyd
    2015-09-12 11:59 - 2015-09-12 11:59 - 00006656 _____ () C:\Program Files (x86)\Deluge\twisted.python._initgroups.pyd
    2010-08-24 14:48 - 2010-08-24 14:48 - 00073728 _____ () C:\Program Files (x86)\Deluge\_ctypes.pyd
    2010-08-24 14:48 - 2010-08-24 14:48 - 00286208 _____ () C:\Program Files (x86)\Deluge\_hashlib.pyd
    2011-09-02 07:55 - 2011-09-02 07:55 - 00010752 _____ () C:\Program Files (x86)\Deluge\OpenSSL.rand.pyd
    2011-09-02 07:55 - 2011-09-02 07:55 - 00056320 _____ () C:\Program Files (x86)\Deluge\OpenSSL.crypto.pyd
    2011-09-02 07:55 - 2011-09-02 07:55 - 00043520 _____ () C:\Program Files (x86)\Deluge\OpenSSL.SSL.pyd
    2014-05-03 13:47 - 2014-05-03 13:47 - 00036864 _____ () C:\Program Files (x86)\Deluge\win32process.pyd
    2010-08-24 14:48 - 2010-08-24 14:48 - 00011776 _____ () C:\Program Files (x86)\Deluge\select.pyd
    2014-05-03 13:47 - 2014-05-03 13:47 - 00119808 _____ () C:\Program Files (x86)\Deluge\win32file.pyd
    2014-05-03 13:47 - 2014-05-03 13:47 - 00018432 _____ () C:\Program Files (x86)\Deluge\win32event.pyd
    2014-05-03 13:48 - 2014-05-03 13:48 - 00167936 _____ () C:\Program Files (x86)\Deluge\win32gui.pyd
    2011-04-09 05:00 - 2011-04-09 05:00 - 01882624 _____ () C:\Program Files (x86)\Deluge\gtk._gtk.pyd
    2012-02-08 19:43 - 2012-02-08 19:43 - 01294335 _____ () C:\Program Files (x86)\Deluge\libcairo-2.dll
    2012-02-08 19:43 - 2012-02-08 19:43 - 00279059 _____ () C:\Program Files (x86)\Deluge\libfontconfig-1.dll
    2012-02-08 19:43 - 2012-02-08 19:43 - 00230529 _____ () C:\Program Files (x86)\Deluge\libpng14-14.dll
    2012-02-08 19:43 - 2012-02-08 19:43 - 00100352 _____ () C:\Program Files (x86)\Deluge\zlib1.dll
    2012-02-08 19:43 - 2012-02-08 19:43 - 00538324 _____ () C:\Program Files (x86)\Deluge\freetype6.dll
    2012-02-08 19:43 - 2012-02-08 19:43 - 00143096 _____ () C:\Program Files (x86)\Deluge\libexpat-1.dll
    2010-11-02 16:34 - 2010-11-02 16:34 - 00069632 _____ () C:\Program Files (x86)\Deluge\cairo._cairo.pyd
    2011-04-09 04:58 - 2011-04-09 04:58 - 00263168 _____ () C:\Program Files (x86)\Deluge\gio._gio.pyd
    2011-04-09 05:01 - 2011-04-09 05:01 - 00111616 _____ () C:\Program Files (x86)\Deluge\pango.pyd
    2011-04-09 05:01 - 2011-04-09 05:01 - 00208384 _____ () C:\Program Files (x86)\Deluge\atk.pyd
    2011-04-09 05:01 - 2011-04-09 05:01 - 00017920 _____ () C:\Program Files (x86)\Deluge\pangocairo.pyd
    2011-04-09 05:01 - 2011-04-09 05:01 - 00018944 _____ () C:\Program Files (x86)\Deluge\gtk.glade.pyd
    2012-02-08 19:43 - 2012-02-08 19:43 - 00168833 _____ () C:\Program Files (x86)\Deluge\libglade-2.0-0.dll
    2012-02-08 19:43 - 2012-02-08 19:43 - 01225225 _____ () C:\Program Files (x86)\Deluge\libxml2-2.dll
    2010-08-24 14:48 - 2010-08-24 14:48 - 00585728 _____ () C:\Program Files (x86)\Deluge\unicodedata.pyd
    2014-05-03 13:47 - 2014-05-03 13:47 - 00024064 _____ () C:\Program Files (x86)\Deluge\win32pipe.pyd
    2015-09-12 11:58 - 2015-09-12 11:58 - 01029120 _____ () C:\Program Files (x86)\Deluge\PIL._imaging.pyd
    2015-09-13 11:02 - 2015-09-13 11:02 - 00156686 _____ () C:\Program Files (x86)\Deluge\lib\gtk-2.0\2.10.0\engines\libmurrine.dll
    2012-02-08 19:43 - 2012-02-08 19:43 - 00062248 _____ () C:\Program Files (x86)\Deluge\lib\gtk-2.0\2.10.0\engines\libpixmap.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:2AE74FF9
    AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
    AlternateDataStreams: C:\ProgramData\TEMP:FAFEC4B9

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jess\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
    DNS Servers: 192.168.2.1 - 142.166.166.166
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is disabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: !SASCORE => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: Apple Mobile Device => 2
    MSCONFIG\Services: Apple Mobile Device Service => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: cphs => 3
    MSCONFIG\Services: ICCS => 3
    MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
    MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
    MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: MBAMService => 2
    MSCONFIG\Services: Mobizen plugin => 2
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: STCServ => 2
    HKLM\...\StartupApproved\Run: => "HotKeysCmds"
    HKLM\...\StartupApproved\Run: => "IgfxTray"
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
    HKLM\...\StartupApproved\Run: => "IntelConnectCenter"
    HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
    HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
    HKLM\...\StartupApproved\Run32: => "iTunesHelper"
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\StartupApproved\Run: => "Spotify"
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\StartupApproved\Run: => "Spotify Web Helper"
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\StartupApproved\Run: => "PCLink"
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\StartupApproved\Run: => "OneDrive"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{D7D14C68-0C98-4626-B5DB-FC64919F5056}] => (Allow) LPort=1900
    FirewallRules: [{21CFDFF6-D2CC-4429-A7EC-1F9CD9AF35B1}] => (Allow) LPort=2869
    FirewallRules: [{C1C781B6-E763-40DD-A00D-C9EAB5AB7BF8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [UDP Query User{61CDC179-6168-4F08-9F37-CB833D6C849D}C:\users\jess\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jess\appdata\roaming\spotify\spotify.exe
    FirewallRules: [TCP Query User{AD203CD6-ADF6-4FD3-8279-A243BE8FDEC6}C:\users\jess\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jess\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{B97CA794-B713-4DBC-B4EC-00F65FD61A93}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{4C57ABA2-F875-4303-B77C-AD56F711705F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{1F6BCF79-F929-41CE-986A-E14DD7041AFD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{2D6B5F59-8B8A-4ED8-AC90-0637468D4910}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [UDP Query User{815E6641-D6B8-4058-8484-1B664AB2430F}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [TCP Query User{5CB6B331-6489-441F-BBA2-CAD2D8CD6B55}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [UDP Query User{23DF8B5C-7C2D-4F07-86BF-58161E3F7B5B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [TCP Query User{85C8409B-0BBB-4756-B181-EED7FE14C7CB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{AFDF143D-5093-4BCD-B414-6DB9E3DDAB59}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{99EE7192-30FB-4C7A-813F-B1EA9E42A916}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{00C5E940-A8EC-4F4F-8B90-14B7ED13BE83}] => (Allow) C:\Program Files (x86)\ASUS\PC Link\PCLinkService.exe
    FirewallRules: [TCP Query User{1F7FBE99-EDE4-4DD9-8BE6-EF309BAD9C0A}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
    FirewallRules: [UDP Query User{5A5F34B4-0C03-4A57-87F3-E1EAAE89CAE8}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
    FirewallRules: [{7CF44EBA-357A-474E-A961-C3C35FF1AB9D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{CA99FED8-C519-4ECE-B778-AFF74935072F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{D84B39DE-3933-4B5C-AC06-F23B43DF8D8F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{E6F4D713-6843-40B6-8046-3332D90BBC8F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{72404508-C8B5-421D-AA0C-0F374B9E6CE1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{34CBCED9-349A-4987-BA8B-04F9A6AB5622}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe
    FirewallRules: [{2FB1F281-D2A3-44AF-A82D-81593816AC21}] => (Allow) C:\Program Files (x86)\ASUS\Share Link\ShareLink.exe
    FirewallRules: [{9B53C479-C4A3-4F0F-B6B5-6B99D14A193F}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe
    FirewallRules: [{BFCA4F95-059A-48B0-81D1-0D6972B9013D}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (10/24/2015 11:19:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICA-PC)
    Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (10/23/2015 08:06:46 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: CsrBtService.exe, version: 2.1.63.0, time stamp: 0x4f6b2b7e
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x00000000020efdd0
    Faulting process id: 0x1380
    Faulting application start time: 0xCsrBtService.exe0
    Faulting application path: CsrBtService.exe1
    Faulting module path: CsrBtService.exe2
    Report Id: CsrBtService.exe3
    Faulting package full name: CsrBtService.exe4
    Faulting package-relative application ID: CsrBtService.exe5

    Error: (10/23/2015 02:25:46 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: CsrBtService.exe, version: 2.1.63.0, time stamp: 0x4f6b2b7e
    Faulting module name: CsrBtService.exe, version: 2.1.63.0, time stamp: 0x4f6b2b7e
    Exception code: 0xc0000005
    Fault offset: 0x000000000001d7c2
    Faulting process id: 0x7fc
    Faulting application start time: 0xCsrBtService.exe0
    Faulting application path: CsrBtService.exe1
    Faulting module path: CsrBtService.exe2
    Report Id: CsrBtService.exe3
    Faulting package full name: CsrBtService.exe4
    Faulting package-relative application ID: CsrBtService.exe5

    Error: (10/22/2015 03:19:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICA-PC)
    Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (10/22/2015 03:19:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICA-PC)
    Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (10/22/2015 11:53:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICA-PC)
    Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (10/22/2015 11:53:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICA-PC)
    Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (10/21/2015 11:28:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICA-PC)
    Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (10/21/2015 11:28:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICA-PC)
    Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (10/21/2015 09:19:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICA-PC)
    Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.


    System errors:
    =============
    Error: (10/25/2015 11:41:42 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

    Error: (10/25/2015 11:39:35 AM) (Source: DCOM) (EventID: 10016) (User: JESSICA-PC)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JESSICA-PCJessS-1-5-21-3640888093-4081718688-4149402660-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

    Error: (10/25/2015 11:39:35 AM) (Source: DCOM) (EventID: 10016) (User: JESSICA-PC)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JESSICA-PCJessS-1-5-21-3640888093-4081718688-4149402660-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

    Error: (10/25/2015 11:39:33 AM) (Source: DCOM) (EventID: 10016) (User: JESSICA-PC)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JESSICA-PCJessS-1-5-21-3640888093-4081718688-4149402660-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

    Error: (10/25/2015 11:39:33 AM) (Source: DCOM) (EventID: 10016) (User: JESSICA-PC)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JESSICA-PCJessS-1-5-21-3640888093-4081718688-4149402660-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

    Error: (10/25/2015 03:16:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_Session2 service to connect.

    Error: (10/25/2015 03:16:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Sync Host_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (10/25/2015 03:03:07 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (10/24/2015 11:19:17 AM) (Source: DCOM) (EventID: 10010) (User: JESSICA-PC)
    Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

    Error: (10/24/2015 11:13:30 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}


    ==================== Memory info ===========================

    Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
    Percentage of memory in use: 62%
    Total physical RAM: 3982.68 MB
    Available physical RAM: 1496.11 MB
    Total Virtual: 8078.68 MB
    Available Virtual: 5284.76 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:115.46 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (Data) (Fixed) (Total:258.34 GB) (Free:238.71 GB) NTFS
    Drive e: (JESS' HD) (Fixed) (Total:1862.56 GB) (Free:1399.35 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 543DAE44)

    Partition: GPT.

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7FFF6332)
    Partition 1: (Active) - (Size=1863 GB) - (Type=0C)

    ==================== End of Addition.txt ============================
     
  9. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ====================================

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2
    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
    [​IMG] Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
    NOTE. If you already have MBAM 2.0 installed scroll down.
    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    If you already have MBAM 2.0 installed:
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    How to get logs:
    (Export log to save as txt)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • Attach that saved log to your next reply.
    (Copy to clipboard for pasting into forum replies or tickets)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.
    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
  10. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    RogueKiller V10.11.2.0 [Oct 20 2015] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/software/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 10 (10.0.10240) 64 bits version
    Started in : Normal mode
    User : Jess [Administrator]
    Started from : C:\Users\Jess\Desktop\RogueKiller.exe
    Mode : Delete -- Date : 10/25/2015 19:25:13

    ¤¤¤ Processes : 0 ¤¤¤

    ¤¤¤ Registry : 8 ¤¤¤
    [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3640888093-4081718688-4149402660-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Not selected
    [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3640888093-4081718688-4149402660-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com/?pc=ASJB -> Not selected
    [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3640888093-4081718688-4149402660-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Not selected
    [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3640888093-4081718688-4149402660-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1048e396-fd3b-406e-a25c-f3369e398d8f} | DhcpNameServer : 40.52.1.18 ([UNITED STATES (US)]) -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1048e396-fd3b-406e-a25c-f3369e398d8f} | DhcpNameServer : 40.52.1.18 ([UNITED STATES (US)]) -> Not selected
    [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected
    [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected

    ¤¤¤ Tasks : 0 ¤¤¤

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

    ¤¤¤ Web browsers : 1 ¤¤¤
    [PUM.HomePage][FIREFX:Config] 17n8a7oh.default : user_pref("browser.startup.homepage", "www.facebook.com"); -> Not selected

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: ST500LT012-1DG142 +++++
    --- User ---
    [MBR] beb9253c14cd2e84d0c7c51fca657a43
    [BSP] b3fc247e62bdab1f7acf574a70a921f8 : Empty MBR Code
    Partition table:
    0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
    1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 206848 | Size: 900 MB
    2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2050048 | Size: 128 MB
    3 - Basic data partition | Offset (sectors): 2312192 | Size: 190776 MB
    4 - Basic data partition | Offset (sectors): 393021440 | Size: 264545 MB
    5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 934809600 | Size: 20490 MB
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: PHD 3.0 Silicon-Power USB Device +++++
    --- User ---
    [MBR] e1cda11040fd859c5b8183c62d568185
    [BSP] 2a5ab407c1e80643461d53b39552e59d : Windows Vista/7/8|VT.Unknown MBR Code
    Partition table:
    0 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB
    User = LL1 ... OK
    Error reading LL2 MBR! ([32] The request is not supported. )
     
  11. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 10/25/2015
    Scan Time: 7:27 PM
    Logfile: mbam.txt
    Administrator: Yes

    Version: 2.2.0.1024
    Malware Database: v2015.10.25.04
    Rootkit Database: v2015.10.23.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 10
    CPU: x64
    File System: NTFS
    User: Jess

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 384202
    Time Elapsed: 44 min, 23 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
  12. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    # AdwCleaner v5.014 - Logfile created 25/10/2015 at 20:17:25
    # Updated 18/10/2015 by Xplode
    # Database : 2015-10-18.5 [Server]
    # Operating system : Windows 10 Home (x64)
    # Username : Jess - JESSICA-PC
    # Running from : C:\Users\Jess\Desktop\adwcleaner_5.014.exe
    # Option : Scan
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Folders ] *****


    ***** [ Files ] *****


    ***** [ DLLs ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Registry ] *****


    ***** [ Web browsers ] *****


    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [568 bytes] ##########
     
  13. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 7.6.4 (09.28.2015:1)
    OS: Windows 10 Home x64
    Ran by Jess on Sun 10/25/2015 at 20:22:44.97
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Tasks



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files

    Successfully deleted: [File] C:\Users\Jess\AppData\Roaming\sp_data.sys



    ~~~ Folders



    ~~~ FireFox

    Successfully deleted the following from C:\Users\Jess\AppData\Roaming\mozilla\firefox\profiles\17n8a7oh.default\prefs.js

    user_pref(extensions.clipconverter@clipconverter.cc.sdk.baseURI, resource://clipconverter-at-clipconverter-dot-cc/);
    user_pref(extensions.clipconverter@clipconverter.cc.sdk.domain, clipconverter-at-clipconverter-dot-cc);
    user_pref(extensions.clipconverter@clipconverter.cc.sdk.load.reason, startup);
    user_pref(extensions.clipconverter@clipconverter.cc.sdk.rootURI, jar:file:///C:/Users/Jess/AppData/Roaming/Mozilla/Firefox/Profiles/17n8a7oh.default/extensions/clipconverte
    user_pref(extensions.clipconverter@clipconverter.cc.sdk.version, 1.5.2);
    user_pref(extensions.xpiState, {\app-profile\:{\artur.dubovoy@gmail.com\:{\d\:\C:\\\\Users\\\\Jess\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\17n8a7o





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sun 10/25/2015 at 20:28:59.70
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  14. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    I have a very massive problem now. AFTER doing all those scans, my computer will not read/recognize my external hard drive and it has EVERYTHING important on it. I don't know what happened..but I need it reversed.
     
  15. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    I doubt any of our tools did that.
    Use some other computer to see if it'll read that drive.
     
  16. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    I don't have another computer that can read it. It worked before doing the scans, now it doesn't.
     
  17. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Try to restart computer.
     
  18. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    It has been restarted, several times. I shut it down completely at the end of every night. The computer won't read it anymore, prior to scans it recognized it. After, it does not. I'm sure the info is on it, and I can physically feel the drive spinning, but it doesn't pick up the drive anymore.
     
  19. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    We need to make sure that drive is OK so I suggest you visit a friend or family member to see if their computer can see the drive.

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
     
  20. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    The drive is fine, the computer can no longer read it. I can't bring it to someone else. No one else has a USB 3.0 and yes it NEEDS to be 3.0. It is too powerful to work on 2.0 otherwise I could load it onto my other laptop, which I tried and I get the red light because it lacks the power. On 3.0 I get the blue light and then no light because the computer won't read the external drive anymore. It's a computer problem, not the external hard drive.
     
  21. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
    Ran by Jess (administrator) on JESSICA-PC (27-10-2015 01:14:05)
    Running from C:\Users\Jess\Desktop
    Loaded Profiles: Jess (Available Profiles: Jess & Administrator)
    Platform: Windows 10 Home (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
    () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
    () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
    HKLM\...\Run: [IntelConnectCenter] => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel® Corporation)
    HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] ()
    HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-23] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-25] (AVAST Software)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-08-07] (SUPERAntiSpyware)
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\Run: [Spotify Web Helper] => C:\Users\Jess\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-17] (Spotify Ltd)
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\Run: [Spotify] => C:\Users\Jess\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-17] (Spotify Ltd)
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\MountPoints2: E - "E:\LaunchU3.exe" -a
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\MountPoints2: {4987a84d-987e-11e4-8268-382c4a7d9f02} - "G:\LaunchU3.exe" -a
    HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-02] (AVAST Software)
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 142.166.166.166
    Tcpip\..\Interfaces\{1048e396-fd3b-406e-a25c-f3369e398d8f}: [DhcpNameServer] 40.52.1.18
    Tcpip\..\Interfaces\{fe8445f8-1b5e-44fc-890a-1c0305cf81be}: [DhcpNameServer] 192.168.2.1 142.166.166.166

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-17] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-02] (AVAST Software)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-17] (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-02] (AVAST Software)
    BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default
    FF Homepage: www.facebook.com
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
    FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-17] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-17] (Oracle Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\artur.dubovoy@gmail.com [2015-09-23]
    FF Extension: WOT - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-09]
    FF Extension: ClipConverter - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\clipconverter@clipconverter.cc.xpi [2015-10-04]
    FF Extension: YouTube mp3 - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\info@youtube-mp3.org.xpi [2015-05-29]
    FF Extension: Strict Pop-up Blocker - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\jid1-P34HaABBBpOerQ@jetpack.xpi [2015-10-22]
    FF Extension: RAMBack - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\ramback@pavlov.net.xpi [2015-08-13]
    FF Extension: Adblock Plus - C:\Users\Jess\AppData\Roaming\Mozilla\Firefox\Profiles\17n8a7oh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-18]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-02] [not signed]

    Chrome:
    =======
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-20]
     
  22. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-02] (AVAST Software)
    R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-02] (AVAST Software)
    R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Limited)
    R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Limited)
    R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Limited)
    R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Limited)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-15] (Intel Corporation)
    S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
    S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    S4 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [8095456 2015-03-16] (Intel Corporation)
    S3 UmRdpService; C:\Windows\System32\umrdp.dll [276992 2015-07-10] (Microsoft Corporation) [File not signed]
    S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [928256 2015-09-24] (Microsoft Corporation) [File not signed]
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
    S2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [X]

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-02] (AVAST Software)
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-02] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-02] (AVAST Software)
    R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-02] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-02] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-02] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-02] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-02] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-02] (AVAST Software)
    R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.)
    R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [102888 2015-09-18] (ASUS Corporation)
    S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
    S3 csravrcp; C:\Windows\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 CsrBthAudioHF; C:\Windows\system32\DRIVERS\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 CsrBtPort; C:\Windows\System32\drivers\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 csrhfgcc; C:\Windows\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 csrpan; C:\Windows\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 csrserial; C:\Windows\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 csr_bthav; C:\Windows\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Limited)
    R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-22] (REALiX(tm))
    U5 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [632168 2013-12-15] (Intel Corporation)
    R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
    R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-27] (Intel Corporation)
    R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek )
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2015-03-22] (Synaptics Incorporated)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-10-25] ()
    R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
    S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-10-27 00:57 - 2015-10-27 00:57 - 00016148 _____ C:\WINDOWS\system32\JESSICA-PC_Jess_HistoryPrediction.bin
    2015-10-26 23:15 - 2015-10-26 23:21 - 520931068 _____ C:\Users\Jess\Desktop\scorpion.206.hdtv-lol.mp4
    2015-10-26 23:14 - 2015-10-27 00:02 - 335793425 _____ C:\Users\Jess\Desktop\Chicago.Fire.S04E03.HDTV.x264-KILLERS.mp4
    2015-10-26 22:21 - 2015-10-26 23:11 - 356217081 _____ C:\Users\Jess\Desktop\Jane.the.Virgin.S02E03.HDTV.x264-FLEET.mp4
    2015-10-26 22:17 - 2015-10-26 23:09 - 344495663 _____ C:\Users\Jess\Desktop\supergirl.101.hdtv-lol.mp4
    2015-10-26 12:24 - 2015-10-27 00:57 - 00000093 _____ C:\Users\Jess\AppData\Roaming\sp_data.sys
    2015-10-26 02:03 - 2015-10-26 02:03 - 00000218 _____ C:\Users\Jess\AppData\Local\recently-used.xbel
    2015-10-25 22:11 - 2015-10-27 00:50 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
    2015-10-25 22:11 - 2015-10-25 22:11 - 00000000 _____ C:\WINDOWS\setuperr.log
    2015-10-25 22:11 - 2015-10-25 22:11 - 00000000 _____ C:\WINDOWS\setupact.log
    2015-10-25 20:28 - 2015-10-25 20:28 - 00001542 _____ C:\Users\Jess\Desktop\JRT.txt
    2015-10-25 20:22 - 2015-10-25 20:22 - 00000646 _____ C:\Users\Jess\Desktop\AdwCleaner[S1].txt
    2015-10-25 20:17 - 2015-10-25 20:17 - 00000000 ____D C:\AdwCleaner
    2015-10-25 20:16 - 2015-10-25 20:16 - 00001038 _____ C:\Users\Jess\Desktop\mbam.txt
    2015-10-25 19:26 - 2015-10-25 19:26 - 00006674 _____ C:\Users\Jess\Desktop\rk_7C66.tmp.txt
    2015-10-25 18:57 - 2015-10-25 20:22 - 01801288 _____ (Malwarebytes) C:\Users\Jess\Desktop\JRT.exe
    2015-10-25 18:57 - 2015-10-25 20:17 - 01691648 _____ C:\Users\Jess\Desktop\adwcleaner_5.014.exe
    2015-10-25 18:56 - 2015-10-25 18:57 - 18838088 _____ C:\Users\Jess\Desktop\RogueKiller.exe
    2015-10-25 17:31 - 2015-10-25 17:32 - 00036646 _____ C:\Users\Jess\Desktop\Addition.txt
    2015-10-25 17:28 - 2015-10-27 01:15 - 00018319 _____ C:\Users\Jess\Desktop\FRST.txt
    2015-10-25 17:25 - 2015-10-27 01:14 - 00000000 ____D C:\FRST
    2015-10-25 17:24 - 2015-10-25 17:25 - 02197504 _____ (Farbar) C:\Users\Jess\Desktop\FRST64.exe
    2015-10-22 22:02 - 2015-10-22 22:02 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2015-10-20 19:33 - 2015-10-20 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2015-10-20 14:55 - 2015-10-20 14:55 - 00000000 ____D C:\Users\Jess\Documents\Share Link
    2015-10-20 13:36 - 2015-10-20 13:36 - 00000000 ____D C:\WINDOWS\system32\es-cl
    2015-10-20 13:36 - 2015-10-20 13:36 - 00000000 ____D C:\Program Files (x86)\CSR
    2015-10-20 13:35 - 2015-10-20 13:35 - 00000000 ____D C:\Program Files\CSR
    2015-10-20 12:48 - 2015-10-20 12:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_csrserial_01009.Wdf
    2015-10-20 12:48 - 2015-10-20 12:48 - 00000000 ____D C:\BluetoothExchangeFolder
    2015-10-17 15:07 - 2015-10-17 15:07 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\7D450485.sys
    2015-10-15 14:45 - 2015-10-15 14:45 - 00000000 ____D C:\Users\Jess\AppData\Local\Hardcoded Software
    2015-10-15 14:29 - 2015-10-15 14:29 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
    2015-10-15 14:29 - 2015-10-15 14:29 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl
    2015-10-15 14:29 - 2015-10-15 14:29 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00181524 _____ C:\WINDOWS\system32\resELL.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
    2015-10-15 14:29 - 2015-10-15 14:29 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00163044 _____ C:\WINDOWS\system32\resARA.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00155988 _____ C:\WINDOWS\system32\resITA.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00155828 _____ C:\WINDOWS\system32\resROM.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00155716 _____ C:\WINDOWS\system32\resESN.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00149812 _____ C:\WINDOWS\system32\resENU.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui
    2015-10-15 14:29 - 2015-10-15 14:29 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00018944 _____ ( )
     
  23. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    C:\WINDOWS\system32\igfxDILibv2_0.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
    2015-10-15 14:29 - 2015-10-15 14:29 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp
    2015-10-15 14:28 - 2015-10-26 12:51 - 00001600 _____ C:\Users\Jess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
    2015-10-15 14:28 - 2015-10-26 12:46 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
    2015-10-15 14:20 - 2015-10-15 14:20 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
    2015-10-13 18:50 - 2015-10-13 18:56 - 00000000 ____D C:\f6712dc53be1a40c595d6300d8e1f0
    2015-10-13 18:40 - 2015-10-10 02:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2015-10-13 18:40 - 2015-10-05 23:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2015-10-13 18:40 - 2015-09-24 23:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2015-10-13 18:40 - 2015-09-24 23:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2015-10-13 18:40 - 2015-09-24 22:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2015-10-13 18:39 - 2015-10-10 03:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2015-10-13 18:39 - 2015-10-10 02:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2015-10-13 18:39 - 2015-10-05 22:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2015-10-13 18:39 - 2015-10-01 00:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2015-10-13 18:39 - 2015-10-01 00:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2015-10-13 18:39 - 2015-10-01 00:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2015-10-13 18:39 - 2015-10-01 00:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2015-10-13 18:39 - 2015-10-01 00:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2015-10-13 18:39 - 2015-09-30 23:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2015-10-13 18:39 - 2015-09-25 00:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2015-10-13 18:39 - 2015-09-25 00:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
    2015-10-13 18:39 - 2015-09-24 23:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2015-10-13 18:39 - 2015-09-24 23:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2015-10-13 18:39 - 2015-09-24 23:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2015-10-13 18:39 - 2015-09-24 23:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
    2015-10-13 18:39 - 2015-09-24 23:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
    2015-10-13 18:39 - 2015-09-24 23:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2015-10-13 18:39 - 2015-09-24 23:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2015-10-13 18:39 - 2015-09-24 23:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2015-10-13 18:39 - 2015-09-24 23:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2015-10-13 18:39 - 2015-09-24 23:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2015-10-13 18:39 - 2015-09-24 23:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2015-10-13 18:39 - 2015-09-24 23:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2015-10-13 18:39 - 2015-09-24 23:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2015-10-13 18:39 - 2015-09-24 23:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2015-10-13 18:39 - 2015-09-24 23:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2015-10-13 18:39 - 2015-09-24 23:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2015-10-13 18:39 - 2015-09-24 23:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2015-10-13 18:39 - 2015-09-24 23:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2015-10-13 18:39 - 2015-09-24 23:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
    2015-10-13 18:39 - 2015-09-24 23:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2015-10-13 18:39 - 2015-09-24 23:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
    2015-10-13 18:39 - 2015-09-24 23:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
    2015-10-13 18:39 - 2015-09-24 22:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
    2015-10-13 18:39 - 2015-09-24 22:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2015-10-13 18:39 - 2015-09-24 22:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
    2015-10-13 18:39 - 2015-09-24 22:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
    2015-10-13 18:39 - 2015-09-24 22:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2015-10-13 18:39 - 2015-09-24 22:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2015-10-13 18:39 - 2015-09-24 22:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2015-10-13 18:39 - 2015-09-24 22:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2015-10-13 18:39 - 2015-09-24 22:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2015-10-13 18:39 - 2015-09-24 22:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2015-10-13 18:39 - 2015-09-24 22:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2015-10-13 18:39 - 2015-09-24 22:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2015-10-13 18:39 - 2015-09-24 22:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2015-10-13 18:39 - 2015-09-24 22:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
    2015-10-13 18:39 - 2015-09-24 22:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
    2015-10-13 18:39 - 2015-09-24 22:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
    2015-10-13 18:39 - 2015-09-24 22:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
    2015-10-13 18:39 - 2015-09-24 22:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
    2015-10-13 18:39 - 2015-09-24 22:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
    2015-10-13 18:39 - 2015-09-24 22:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2015-10-13 18:39 - 2015-09-24 22:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
    2015-10-12 15:53 - 2015-10-12 15:53 - 00001779 _____ C:\Users\Jess\Desktop\Prison Architect.lnk
    2015-10-12 15:53 - 2015-10-12 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prison Architect [GOG.com]
    2015-10-12 15:53 - 2015-10-12 15:53 - 00000000 ____D C:\GOG Games
    2015-10-08 01:20 - 2015-10-08 01:20 - 00003382 _____ C:\WINDOWS\System32\Tasks\IntelBootstrapCCDashExe
    2015-10-08 01:19 - 2015-10-20 14:55 - 00000000 ____D C:\Users\Jess\AppData\Local\Share Link
    2015-10-08 01:19 - 2015-10-08 01:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Connect Center
    2015-09-30 18:36 - 2015-09-19 01:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
    2015-09-30 18:36 - 2015-09-17 02:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2015-09-30 18:36 - 2015-09-17 02:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2015-09-30 18:36 - 2015-09-17 02:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2015-09-30 18:36 - 2015-09-17 02:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
    2015-09-30 18:36 - 2015-09-17 02:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2015-09-30 18:36 - 2015-09-17 02:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
    2015-09-30 18:36 - 2015-09-17 02:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
    2015-09-30 18:36 - 2015-09-17 02:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2015-09-30 18:36 - 2015-09-17 02:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2015-09-30 18:36 - 2015-09-17 02:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2015-09-30 18:36 - 2015-09-17 02:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
    2015-09-30 18:36 - 2015-09-17 02:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2015-09-30 18:36 - 2015-09-17 02:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2015-09-30 18:36 - 2015-09-17 02:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2015-09-30 18:36 - 2015-09-17 02:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
    2015-09-30 18:36 - 2015-09-17 02:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2015-09-30 18:36 - 2015-09-17 02:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2015-09-30 18:36 - 2015-09-17 02:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2015-09-30 18:36 - 2015-09-17 02:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
    2015-09-30 18:36 - 2015-09-17 02:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2015-09-30 18:36 - 2015-09-17 02:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
    2015-09-30 18:36 - 2015-09-17 02:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2015-09-30 18:36 - 2015-09-17 02:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2015-09-30 18:36 - 2015-09-17 02:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2015-09-30 18:36 - 2015-09-17 02:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
    2015-09-30 18:36 - 2015-09-17 02:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2015-09-30 18:36 - 2015-09-17 02:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2015-09-30 18:36 - 2015-09-17 02:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
    2015-09-30 18:36 - 2015-09-17 02:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2015-09-30 18:36 - 2015-09-17 02:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
    2015-09-30 18:36 - 2015-09-17 02:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
    2015-09-30 18:36 - 2015-09-17 02:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
    2015-09-30 18:36 - 2015-09-17 02:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2015-09-30 18:36 - 2015-09-17 02:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
    2015-09-30 18:36 - 2015-09-17 02:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
    2015-09-30 18:36 - 2015-09-17 02:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
    2015-09-30 18:36 - 2015-09-17 02:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2015-09-30 18:36 - 2015-09-17 02:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
    2015-09-30 18:36 - 2015-09-17 02:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
    2015-09-30 18:36 - 2015-09-17 02:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2015-09-30 18:36 - 2015-09-17 02:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2015-09-30 18:36 - 2015-09-17 02:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2015-09-30 18:36 - 2015-09-17 02:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
    2015-09-30 18:36 - 2015-09-17 02:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2015-09-30 18:36 - 2015-09-17 02:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
    2015-09-30 18:36 - 2015-09-17 02:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
    2015-09-30 18:36 - 2015-09-17 02:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
    2015-09-30 18:36 - 2015-09-17 02:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2015-09-30 18:36 - 2015-09-17 02:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2015-09-30 18:36 - 2015-09-17 02:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2015-09-30 18:36 - 2015-09-17 02:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2015-09-30 18:36 - 2015-09-17 02:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2015-09-30 18:36 - 2015-09-17 02:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2015-09-30 18:36 - 2015-09-17 02:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
    2015-09-30 18:36 - 2015-09-17 02:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2015-09-30 18:36 - 2015-09-17 02:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2015-09-30 18:36 - 2015-09-17 02:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
    2015-09-30 18:36 - 2015-09-17 02:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
    2015-09-30 18:36 - 2015-09-17 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2015-09-30 18:36 - 2015-09-17 02:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2015-09-30 18:36 - 2015-09-17 02:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
    2015-09-30 18:36 - 2015-09-17 02:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2015-09-30 18:36 - 2015-09-17 02:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2015-09-30 18:36 - 2015-09-17 02:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2015-09-30 18:36 - 2015-09-17 02:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
    2015-09-30 18:36 - 2015-09-17 01:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2015-09-30 18:36 - 2015-09-17 01:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2015-09-30 18:36 - 2015-09-17 01:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2015-09-30 18:36 - 2015-09-17 01:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
    2015-09-30 18:36 - 2015-09-17 01:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
    2015-09-30 18:36 - 2015-09-17 01:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2015-09-30 18:36 - 2015-09-17 01:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2015-09-30 18:36 - 2015-09-17 01:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
    2015-09-30 18:36 - 2015-09-17 01:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2015-09-30 18:36 - 2015-09-17 01:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
    2015-09-30 18:36 - 2015-09-17 01:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2015-09-30 18:36 - 2015-09-17 01:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2015-09-30 18:36 - 2015-09-17 01:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-09-30 18:36 - 2015-09-17 01:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
    2015-09-30 18:36 - 2015-09-17 01:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
    2015-09-30 18:36 - 2015-09-17 01:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2015-09-30 18:36 - 2015-09-17 01:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
    2015-09-30 18:36 - 2015-09-17 01:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
    2015-09-30 18:36 - 2015-09-17 01:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2015-09-30 18:36 - 2015-09-17 01:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
    2015-09-30 18:36 - 2015-09-17 01:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2015-09-30 18:36 - 2015-09-17 01:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2015-09-30 18:36 - 2015-09-17 01:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
    2015-09-30 18:36 - 2015-09-17 01:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
    2015-09-30 18:36 - 2015-09-17 01:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
    2015-09-30 18:36 - 2015-09-17 01:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
    2015-09-30 18:36 - 2015-09-17 01:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
    2015-09-30 18:36 - 2015-09-17 01:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
    2015-09-30 18:36 - 2015-09-17 01:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
    2015-09-30 18:36 - 2015-09-17 01:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
    2015-09-30 18:36 - 2015-09-17 01:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
    2015-09-30 18:36 - 2015-09-17 01:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
    2015-09-30 18:36 - 2015-09-17 01:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
    2015-09-30 18:36 - 2015-09-17 01:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
    2015-09-30 18:36 - 2015-09-17 01:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
    2015-09-30 18:36 - 2015-09-17 01:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
    2015-09-30 18:36 - 2015-09-17 01:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2015-09-30 18:36 - 2015-09-17 01:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2015-09-30 18:36 - 2015-09-17 01:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
    2015-09-30 18:36 - 2015-09-17 01:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2015-09-30 18:36 - 2015-09-17 01:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
    2015-09-30 18:36 - 2015-09-17 01:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
    2015-09-30 18:36 - 2015-09-17 01:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2015-09-30 18:36 - 2015-09-17 01:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
    2015-09-30 18:36 - 2015-09-17 01:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
    2015-09-30 18:36 - 2015-09-17 01:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2015-09-30 18:36 - 2015-09-17 01:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2015-09-30 18:36 - 2015-09-17 01:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
    2015-09-30 18:36 - 2015-09-17 01:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2015-09-30 18:36 - 2015-09-17 01:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
    2015-09-30 18:36 - 2015-09-17 01:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2015-09-30 18:36 - 2015-09-17 01:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2015-09-30 18:36 - 2015-09-17 01:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2015-09-30 18:36 - 2015-09-17 01:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2015-09-30 18:36 - 2015-09-17 01:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-09-30 18:36 - 2015-09-17 01:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
    2015-09-30 18:36 - 2015-09-17 01:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
    2015-09-30 18:36 - 2015-09-17 01:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
    2015-09-30 18:36 - 2015-09-17 01:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2015-09-30 18:36 - 2015-09-17 01:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2015-09-30 18:36 - 2015-09-17 01:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2015-09-30 18:36 - 2015-09-17 01:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
    2015-09-30 18:36 - 2015-09-17 01:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
    2015-09-30 18:36 - 2015-09-17 01:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
    2015-09-30 18:36 - 2015-09-17 01:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
    2015-09-30 18:36 - 2015-09-17 01:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
    2015-09-30 18:36 - 2015-09-17 01:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
    2015-09-30 18:36 - 2015-09-17 01:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2015-09-30 18:36 - 2015-09-17 01:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
    2015-09-30 18:36 - 2015-09-17 01:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2015-09-30 18:36 - 2015-09-17 01:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
    2015-09-30 18:36 - 2015-09-17 01:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
    2015-09-30 18:36 - 2015-09-17 01:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
    2015-09-30 18:36 - 2015-09-17 01:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
    2015-09-30 18:36 - 2015-09-17 01:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2015-09-30 18:36 - 2015-09-12 22:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
    2015-09-30 18:36 - 2015-09-12 21:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
     
  24. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-10-27 01:07 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sru
    2015-10-27 00:44 - 2015-03-20 10:35 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-10-26 23:24 - 2014-12-27 23:07 - 00000000 ____D C:\Users\Jess\Desktop\shows
    2015-10-26 23:22 - 2015-09-16 21:38 - 00000744 _____ C:\Users\Jess\Desktop\Daily 2015.txt
    2015-10-26 12:53 - 2015-07-29 23:48 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2015-10-26 12:45 - 2015-07-10 08:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2015-10-26 12:45 - 2015-07-10 05:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
    2015-10-26 12:32 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\AppReadiness
    2015-10-26 02:15 - 2014-12-27 22:51 - 00000000 ____D C:\Users\Jess\Desktop\Movies
    2015-10-26 01:33 - 2015-03-20 16:24 - 00000000 ____D C:\Users\Jess\AppData\Roaming\deluge
    2015-10-25 20:34 - 2015-03-22 11:57 - 00000000 ____D C:\Users\Jess\AppData\Roaming\MPC-HC
    2015-10-25 19:27 - 2015-03-20 18:44 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2015-10-25 19:27 - 2015-03-20 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-10-25 19:27 - 2015-03-20 18:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-10-25 18:58 - 2015-06-10 20:53 - 00035064 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
    2015-10-23 10:41 - 2014-12-26 17:05 - 00000000 ____D C:\Users\Jess\AppData\Local\Packages
    2015-10-21 12:22 - 2015-07-10 06:55 - 00000000 ____D C:\WINDOWS\CbsTemp
    2015-10-20 21:18 - 2015-03-22 10:48 - 00000000 ____D C:\Users\Jess\AppData\Roaming\IObit
    2015-10-20 21:18 - 2015-03-22 10:48 - 00000000 ____D C:\ProgramData\IObit
    2015-10-20 21:12 - 2015-03-22 11:04 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
    2015-10-20 21:11 - 2015-03-18 18:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-10-20 14:48 - 2015-07-11 15:09 - 00000000 ____D C:\BigFishCache
    2015-10-20 14:48 - 2014-04-23 05:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2015-10-20 14:47 - 2015-03-20 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-10-20 14:45 - 2015-07-29 23:26 - 00000000 ____D C:\Program Files (x86)\ASUS
    2015-10-20 14:44 - 2014-04-23 05:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
    2015-10-20 13:36 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
    2015-10-20 13:36 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\th-TH
    2015-10-20 13:36 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sk-SK
    2015-10-20 13:36 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\he-IL
    2015-10-20 13:36 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\fr-CA
    2015-10-20 13:36 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\ar-SA
    2015-10-20 13:36 - 2014-03-18 06:00 - 00000000 ____D C:\WINDOWS\system32\gl-es
    2015-10-20 13:36 - 2014-03-18 06:00 - 00000000 ____D C:\WINDOWS\system32\eu-es
    2015-10-20 13:36 - 2014-03-18 06:00 - 00000000 ____D C:\WINDOWS\system32\ca-es
    2015-10-18 00:44 - 2015-08-24 20:46 - 00000000 ____D C:\Users\Jess\Desktop\Proof of Entry
    2015-10-17 01:58 - 2015-04-05 20:18 - 00000000 ____D C:\Users\Jess\Desktop\Musica
    2015-10-15 23:10 - 2015-07-10 07:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2015-10-15 23:10 - 2015-07-10 07:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2015-10-15 15:38 - 2015-03-18 18:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-10-15 14:29 - 2015-07-30 00:11 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
    2015-10-15 14:29 - 2015-07-30 00:11 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
    2015-10-15 14:29 - 2015-07-30 00:11 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
    2015-10-15 14:29 - 2015-07-30 00:11 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
    2015-10-15 14:29 - 2015-07-29 23:25 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
    2015-10-15 14:29 - 2015-07-29 23:25 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
    2015-10-15 14:29 - 2015-07-11 00:50 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
    2015-10-15 14:29 - 2015-07-11 00:49 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
    2015-10-15 14:29 - 2015-07-11 00:49 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
    2015-10-15 14:29 - 2015-07-11 00:46 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
    2015-10-15 14:29 - 2015-07-11 00:46 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
    2015-10-15 14:29 - 2015-07-11 00:46 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
    2015-10-15 14:22 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2015-10-15 14:20 - 2014-10-19 20:33 - 00000000 ____D C:\Program Files\DIFX
    2015-10-13 18:56 - 2015-03-19 09:16 - 00000000 ____D C:\WINDOWS\system32\MRT
    2015-10-13 18:50 - 2015-03-19 09:16 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-10-12 19:10 - 2015-07-11 15:10 - 00000000 ____D C:\ProgramData\TEMP
    2015-10-11 20:15 - 2015-02-27 09:23 - 00000000 ____D C:\Users\Jess\Documents\Calibre Library
    2015-10-11 20:09 - 2015-04-11 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
    2015-10-11 20:09 - 2015-04-11 19:36 - 00000000 ____D C:\Program Files\Calibre2
    2015-10-08 01:19 - 2015-07-29 23:25 - 00000000 ____D C:\Program Files\Intel
    2015-10-08 01:19 - 2015-04-14 04:43 - 00000000 ____D C:\ProgramData\Package Cache
    2015-10-08 01:19 - 2014-10-19 20:29 - 00000000 ____D C:\ProgramData\Intel
    2015-10-07 18:25 - 2015-01-02 17:57 - 00000000 ____D C:\Users\Jess\Desktop\2015
    2015-10-05 22:21 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\rescache
    2015-10-05 09:50 - 2015-03-20 18:43 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2015-10-05 09:50 - 2015-03-20 18:43 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
    2015-10-05 09:50 - 2015-03-20 18:43 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2015-10-04 14:40 - 2014-12-27 23:07 - 00001115 _____ C:\Users\Jess\Desktop\Daily.txt
    2015-10-03 21:44 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ___SD C:\WINDOWS\system32\F12
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Provisioning
    2015-10-03 14:13 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\L2Schemas

    ==================== Files in the root of some directories =======

    2015-10-26 12:24 - 2015-10-27 00:57 - 0000093 _____ () C:\Users\Jess\AppData\Roaming\sp_data.sys
    2015-08-21 22:49 - 2015-08-21 22:49 - 0003584 _____ () C:\Users\Jess\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2015-10-26 02:03 - 2015-10-26 02:03 - 0000218 _____ () C:\Users\Jess\AppData\Local\recently-used.xbel
    2015-06-13 16:58 - 2015-06-13 16:58 - 0007605 _____ () C:\Users\Jess\AppData\Local\Resmon.ResmonCfg
    2015-07-29 23:26 - 2015-07-29 23:26 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    Some files in TEMP:
    ====================
    C:\Users\Jess\AppData\Local\Temp\dllnt_dump.dll
    C:\Users\Jess\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-10-25 12:08

    ==================== End of FRST.txt ============================
    Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
    Ran by Jess (2015-10-27 01:17:47)
    Running from C:\Users\Jess\Desktop
    Windows 10 Home (X64) (2015-07-30 04:04:06)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3640888093-4081718688-4149402660-500 - Administrator - Disabled) => C:\Users\Administrator
    DefaultAccount (S-1-5-21-3640888093-4081718688-4149402660-503 - Limited - Disabled)
    Guest (S-1-5-21-3640888093-4081718688-4149402660-501 - Limited - Disabled)
    Jess (S-1-5-21-3640888093-4081718688-4149402660-1001 - Administrator - Enabled) => C:\Users\Jess

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
    Apple Application Support (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
    ASUS PC Link (HKLM-x32\...\{52AE8601-EA55-456E-80A9-7FB48E82CF81}_is1) (Version: 2.2.29.727 - ASUSTEK)
    ASUS Share Link (HKLM-x32\...\{c3bcc1e3-f950-439c-bcae-f01283e9f2a4}_is1) (Version: 1.0.27.0911 - ASUSTEK)
    ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.3.9 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
    AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
    Avast Premier (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    calibre 64bit (HKLM\...\{872CC218-5C6E-4598-B9C1-3B72BDB2BE44}) (Version: 2.40.0 - Kovid Goyal)
    CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
    Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
    CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Cambridge Silicon Radio Limited.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
    Deluge 1.3.12 (HKLM-x32\...\Deluge) (Version: - )
    Emergency Download Driver (HKLM-x32\...\{05DBF996-83D0-4C40-8D3A-A6850800BC88}) (Version: 1.1.7.1439 - Nokia)
    FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
    Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
    Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
    Intel® CCF Manager (HKLM-x32\...\{0f3d8dd5-54af-4404-a01c-4967e485a065}) (Version: 3.0.13.2211 - Intel Corporation)
    IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
    iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
    Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
    Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
    Lumia UEFI Blue Driver (HKLM-x32\...\{D6EEB835-5BBF-4F6B-8382-1681148D7771}) (Version: 1.1.8.1448 - Nokia)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Maxx Audio Installer (x64) (Version: 2.6.5320.104 - Waves Audio Ltd.) Hidden
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
    Mp3tag v2.69 (HKLM-x32\...\Mp3tag) (Version: v2.69 - Florian Heidenreich)
    MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
    OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
    Plague Inc v0.8.6.7 (HKLM-x32\...\Plague Inc v0.8.6.70.8.6.7) (Version: 0.8.6.7 - Friends in War)
    Prison Architect (HKLM-x32\...\1441974651_is1) (Version: 2.1.0.3 - GOG.com)
    Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
    Spotify (HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\Spotify) (Version: 1.0.14.124.g4dfabc51 - Spotify AB)
    STCServ (Version: 3.0.0.1783 - Intel Corporation) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1200 - SUPERAntiSpyware.com)
    Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software)
    VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.89 - NCH Software)
    WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.05 - NCH Software)
    Windows Driver Package - ASUS (ATP) Mouse (01/13/2015 1.0.0.233) (HKLM\...\8335D73177E6D80E7ADC00FED2275758BD28AEFB) (Version: 01/13/2015 1.0.0.233 - ASUS)
    Windows Driver Package - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\0236763014F4120EF90CB077B1100A704C694EAE) (Version: 06/17/2015 1.0.0.262 - ASUS)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Phone Recovery Tool 2.1.1 (HKLM-x32\...\{461efced-58d4-4470-9b4b-5f2fc83704d4}) (Version: 2.1.1 - Microsoft)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
    WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    WinUsb CoInstallers (HKLM-x32\...\{B7D4B08A-9D89-4369-B51C-92CF8C03D2F8}) (Version: 1.1.8.1406 - Nokia)
    WinUSB Compatible ID Drivers (HKLM-x32\...\{316ED84C-ACDA-4F1F-8E64-52B7AFF8677D}) (Version: 1.1.9.1439 - Nokia)
    WinUSB Drivers ext (HKLM-x32\...\{238EAE31-4E9E-43CF-B244-C4879279E6AF}) (Version: 1.1.12.1439 - Nokia)
    XnView 2.34 (HKLM-x32\...\XnView_is1) (Version: 2.34 - Gougelet Pierre-e)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
    CustomCLSID: HKU\S-1-5-21-3640888093-4081718688-4149402660-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

    ==================== Restore Points =========================

    15-10-2015 14:19:07 Installed ASUS Smart Gesture
    20-10-2015 12:42:17 Installed CSR Harmony Wireless Software Stack.
    25-10-2015 20:22:48 JRT Pre-Junkware Removal

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0DD510D9-1163-4A4D-A007-7DAA1A30AA30} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {0E401916-4C94-4AC1-A07E-5D0C4C6EFA72} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {13AE63EA-C1AB-4729-A2D9-1F8D154B78FC} - System32\Tasks\IntelBootstrapCCDashExe => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [2015-03-16] (Intel® Corporation)
    Task: {1D222314-FCFF-4A72-9A86-668F860D378D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {1EFBD15D-886E-4DEA-877B-CCCCE6BD3998} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {3FB63B05-978E-4AE4-A3A8-4FE2BFED015B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
    Task: {4133E9E2-A024-427E-91F9-0C2988A747A4} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
    Task: {4394E4C7-9E2C-447B-9B06-99A20E16CCD6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-02] (AVAST Software)
    Task: {637424FC-68ED-4268-BA9F-F0B41E920F41} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
    Task: {76DA29C2-B2DA-465B-B531-D59943CCC732} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24] (Realtek Semiconductor)
    Task: {7A787DBE-F27B-487E-BE2A-37036F89A870} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {7AF922AA-3F6B-427D-A633-4C706777DA46} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
    Task: {83EA355B-F59A-4758-9D96-38337180C03B} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-10-07] (AsusTek)
    Task: {8A65AD4E-339C-4FCF-80F1-43D0DCE908E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
    Task: {A26D99F4-3A67-42B2-BD22-FA8D678BD482} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
    Task: {A2F5DCE4-88B2-43DC-9BA5-E7339843D3C0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {B220E95B-0C7E-4394-B973-B2C45DDB3FF6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {C2598163-313F-4266-BD5F-C30EBA795B67} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {C63D487D-47AE-4E9B-8D3A-7C50E6E413E0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-13] (Microsoft Corporation)
    Task: {D0F2F313-F5E9-4036-B0E1-85E1323C0D45} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {D5E60F84-03DE-4052-AEE8-37B24FCB13A7} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24] (Realtek Semiconductor)
    Task: {ECF61C90-0F4F-4F10-90CD-ED15D3E3CC2B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {EF25BE96-0423-46EE-96FC-DCB17D3FB7C9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
    Task: {FA4AB86C-2C43-4DFE-A613-FB53F2731382} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
     
  25. Jess_123

    Jess_123 TS Booster Topic Starter Posts: 153

    ==================== Loaded Modules (Whitelisted) ==============

    2015-07-30 03:14 - 2015-07-30 03:14 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
    2015-08-18 20:21 - 2015-08-11 05:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2015-09-30 18:36 - 2015-09-17 02:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2015-09-30 18:36 - 2015-09-17 01:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2015-07-10 06:59 - 2015-07-10 06:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
    2015-09-30 18:36 - 2015-09-17 01:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2015-09-30 18:36 - 2015-09-17 01:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2015-09-30 18:36 - 2015-09-17 01:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2015-09-30 18:36 - 2015-09-17 01:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2015-07-10 07:00 - 2015-07-10 09:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
    2012-03-22 21:11 - 2012-03-22 21:11 - 00244944 _____ () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
    2015-10-22 09:34 - 2015-10-22 09:34 - 03498496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
    2015-08-02 23:47 - 2015-08-02 23:47 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
    2015-08-02 23:47 - 2015-08-02 23:47 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
    2015-10-26 12:39 - 2015-10-26 12:39 - 02997616 _____ () C:\Program Files\AVAST Software\Avast\defs\15102601\algo.dll
    2015-10-26 18:25 - 2015-10-26 18:25 - 02997616 _____ () C:\Program Files\AVAST Software\Avast\defs\15102602\algo.dll
    2014-04-02 17:46 - 2014-04-02 17:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
    2014-04-02 17:46 - 2014-04-02 17:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
    2014-04-02 17:46 - 2014-04-02 17:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
    2014-04-02 17:46 - 2014-04-02 17:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
    2015-03-20 18:35 - 2015-03-20 18:35 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:2AE74FF9
    AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
    AlternateDataStreams: C:\ProgramData\TEMP:FAFEC4B9

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jess\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
    DNS Servers: 192.168.2.1 - 142.166.166.166
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is disabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: !SASCORE => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: Apple Mobile Device => 2
    MSCONFIG\Services: Apple Mobile Device Service => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: cphs => 3
    MSCONFIG\Services: ICCS => 3
    MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
    MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
    MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: MBAMService => 2
    MSCONFIG\Services: Mobizen plugin => 2
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: STCServ => 2
    HKLM\...\StartupApproved\Run: => "HotKeysCmds"
    HKLM\...\StartupApproved\Run: => "IgfxTray"
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
    HKLM\...\StartupApproved\Run: => "IntelConnectCenter"
    HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
    HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
    HKLM\...\StartupApproved\Run32: => "iTunesHelper"
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\StartupApproved\Run: => "Spotify"
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\StartupApproved\Run: => "Spotify Web Helper"
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\StartupApproved\Run: => "PCLink"
    HKU\S-1-5-21-3640888093-4081718688-4149402660-1001\...\StartupApproved\Run: => "OneDrive"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{D7D14C68-0C98-4626-B5DB-FC64919F5056}] => (Allow) LPort=1900
    FirewallRules: [{21CFDFF6-D2CC-4429-A7EC-1F9CD9AF35B1}] => (Allow) LPort=2869
    FirewallRules: [{C1C781B6-E763-40DD-A00D-C9EAB5AB7BF8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [UDP Query User{61CDC179-6168-4F08-9F37-CB833D6C849D}C:\users\jess\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jess\appdata\roaming\spotify\spotify.exe
    FirewallRules: [TCP Query User{AD203CD6-ADF6-4FD3-8279-A243BE8FDEC6}C:\users\jess\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jess\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{B97CA794-B713-4DBC-B4EC-00F65FD61A93}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{4C57ABA2-F875-4303-B77C-AD56F711705F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{1F6BCF79-F929-41CE-986A-E14DD7041AFD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{2D6B5F59-8B8A-4ED8-AC90-0637468D4910}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [UDP Query User{815E6641-D6B8-4058-8484-1B664AB2430F}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [TCP Query User{5CB6B331-6489-441F-BBA2-CAD2D8CD6B55}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
    FirewallRules: [UDP Query User{23DF8B5C-7C2D-4F07-86BF-58161E3F7B5B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [TCP Query User{85C8409B-0BBB-4756-B181-EED7FE14C7CB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{AFDF143D-5093-4BCD-B414-6DB9E3DDAB59}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{99EE7192-30FB-4C7A-813F-B1EA9E42A916}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{00C5E940-A8EC-4F4F-8B90-14B7ED13BE83}] => (Allow) C:\Program Files (x86)\ASUS\PC Link\PCLinkService.exe
    FirewallRules: [TCP Query User{1F7FBE99-EDE4-4DD9-8BE6-EF309BAD9C0A}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
    FirewallRules: [UDP Query User{5A5F34B4-0C03-4A57-87F3-E1EAAE89CAE8}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
    FirewallRules: [{7CF44EBA-357A-474E-A961-C3C35FF1AB9D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{CA99FED8-C519-4ECE-B778-AFF74935072F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{D84B39DE-3933-4B5C-AC06-F23B43DF8D8F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{E6F4D713-6843-40B6-8046-3332D90BBC8F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{72404508-C8B5-421D-AA0C-0F374B9E6CE1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{34CBCED9-349A-4987-BA8B-04F9A6AB5622}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe
    FirewallRules: [{2FB1F281-D2A3-44AF-A82D-81593816AC21}] => (Allow) C:\Program Files (x86)\ASUS\Share Link\ShareLink.exe
    FirewallRules: [{9B53C479-C4A3-4F0F-B6B5-6B99D14A193F}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe
    FirewallRules: [{BFCA4F95-059A-48B0-81D1-0D6972B9013D}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (10/26/2015 12:45:08 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
    Faulting module name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
    Exception code: 0xc0000005
    Fault offset: 0x0000000000006f58
    Faulting process id: 0x1184
    Faulting application start time: 0xCsrBtOBEXService.exe0
    Faulting application path: CsrBtOBEXService.exe1
    Faulting module path: CsrBtOBEXService.exe2
    Report Id: CsrBtOBEXService.exe3
    Faulting package full name: CsrBtOBEXService.exe4
    Faulting package-relative application ID: CsrBtOBEXService.exe5

    Error: (10/26/2015 02:16:44 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
    Faulting module name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
    Exception code: 0xc0000005
    Fault offset: 0x0000000000006f58
    Faulting process id: 0x1b3c
    Faulting application start time: 0xCsrBtOBEXService.exe0
    Faulting application path: CsrBtOBEXService.exe1
    Faulting module path: CsrBtOBEXService.exe2
    Report Id: CsrBtOBEXService.exe3
    Faulting package full name: CsrBtOBEXService.exe4
    Faulting package-relative application ID: CsrBtOBEXService.exe5

    Error: (10/26/2015 02:16:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICA-PC)
    Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (10/25/2015 08:23:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    Details:
    AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

    System Error:
    Access is denied.
    .

    Error: (10/24/2015 11:19:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICA-PC)
    Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (10/23/2015 08:06:46 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: CsrBtService.exe, version: 2.1.63.0, time stamp: 0x4f6b2b7e
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x00000000020efdd0
    Faulting process id: 0x1380
    Faulting application start time: 0xCsrBtService.exe0
    Faulting application path: CsrBtService.exe1
    Faulting module path: CsrBtService.exe2
    Report Id: CsrBtService.exe3
    Faulting package full name: CsrBtService.exe4
    Faulting package-relative application ID: CsrBtService.exe5

    Error: (10/23/2015 02:25:46 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: CsrBtService.exe, version: 2.1.63.0, time stamp: 0x4f6b2b7e
    Faulting module name: CsrBtService.exe, version: 2.1.63.0, time stamp: 0x4f6b2b7e
    Exception code: 0xc0000005
    Fault offset: 0x000000000001d7c2
    Faulting process id: 0x7fc
    Faulting application start time: 0xCsrBtService.exe0
    Faulting application path: CsrBtService.exe1
    Faulting module path: CsrBtService.exe2
    Report Id: CsrBtService.exe3
    Faulting package full name: CsrBtService.exe4
    Faulting package-relative application ID: CsrBtService.exe5

    Error: (10/22/2015 03:19:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICA-PC)
    Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (10/22/2015 03:19:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICA-PC)
    Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (10/22/2015 11:53:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICA-PC)
    Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.


    System errors:
    =============
    Error: (10/27/2015 12:52:43 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (10/27/2015 12:47:44 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (10/27/2015 12:39:03 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (10/26/2015 09:47:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (10/26/2015 09:38:12 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (10/26/2015 09:33:13 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (10/26/2015 09:11:06 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (10/26/2015 01:01:17 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (10/26/2015 01:00:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (10/26/2015 01:00:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable


    ==================== Memory info ===========================

    Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
    Percentage of memory in use: 57%
    Total physical RAM: 3982.68 MB
    Available physical RAM: 1692.5 MB
    Total Virtual: 8078.68 MB
    Available Virtual: 5468.43 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:112.09 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (Data) (Fixed) (Total:258.34 GB) (Free:257.9 GB) NTFS
    Drive e: (JESS' HD) (Fixed) (Total:1862.56 GB) (Free:1378.5 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 543DAE44)

    Partition: GPT.

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7FFF6332)
    Partition 1: (Active) - (Size=1863 GB) - (Type=0C)

    ==================== End of Addition.txt ============================
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...