TechSpot

Credit Card info stolen, suspect virus/trojan.

By JudasI
May 30, 2015
  1. I have a relatively new credit card that I have only really used for online purchases which info was stolen and attempted to make (failed) purchases with, I haven't really used it much besides online and I doubt it was a local fraud because one of the purchases was at a clothing store half a world away. Anyway.... My antivirus/Malwarebytes are comming up with nothing, here's FRST:

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
    Ran by B (administrator) on B on 30-05-2015 00:51:48
    Running from C:\Users\Bn\Desktop
    Loaded Profiles: Brennan (Available Profiles: )
    Platform: Windows 8.1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Webroot) C:\Program Files\Webroot\WRSA.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
    () C:\Program Files (x86)\Everything\Everything.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Windows\System32\PnkBstrA.exe
    (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    () C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
    (Webroot) C:\Program Files\Webroot\WRSA.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
    () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
    () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Akamai Technologies, Inc.) C:\Users\Brennan\AppData\Local\Akamai\netsession_win.exe
    (Akamai Technologies, Inc.) C:\Users\Brennan\AppData\Local\Akamai\netsession_win.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
    (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
    () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AsDLNAServerReal.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4056\Agent.exe
    (Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5765\Battle.net.exe
    (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-22] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
    HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1391416 2013-06-21] (ASUSTeK Computer Inc.)
    HKLM-x32\...\Run: [bdruninstaller] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after (the data entry has 9 more characters).
    HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [817072 2015-05-05] (Webroot)
    HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
    HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
    HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Brennan\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\...\Run: [GalaxyClient] => [X]

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-ca/?ocid=iehp
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll [2015-02-26] (Webroot)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-30] (Oracle Corporation)
    BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll [2015-02-26] (Webroot)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-30] (Oracle Corporation)
    Tcpip\Parameters: [DhcpNameServer] 172.16.42.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default
    FF DefaultSearchEngine: Google
    FF DefaultSearchEngine.US: Google
    FF NetworkProxy: "type", 0
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-18] ()
    FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
    FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-18] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
    FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-30] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-30] (Oracle Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-11] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-11] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\donottrackplus@abine.com [2015-05-29]
    FF Extension: WOT - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-05-29]
    FF Extension: Bitdefender QuickScan - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-05-28]
    FF Extension: Adblock Plus Pop-up Addon - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-09-07]
    FF Extension: Add to Amazon Wish List Button - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\amznUWL2@amazon.com.xpi [2015-02-03]
    FF Extension: ZenMate Security & Privacy VPN - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\firefox@zenmate.com.xpi [2015-04-21]
    FF Extension: YouTube High Definition - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-02-01]
    FF Extension: Adblock Plus - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-07]
    FF Extension: DownThemAll! - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-02-16]
    FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
    FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
    FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2014-10-16]
    FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
    R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
    R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
    R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [1656464 2013-08-08] (ASUSTeK Computer Inc.)
    S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
    S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
    R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc)
    R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
    R2 Everything; C:\Program Files (x86)\Everything\Everything.exe [1048576 2014-08-05] () [File not signed] <==== ATTENTION
    S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1743928 2015-05-28] (GOG.com)
    S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6516792 2015-05-28] (GOG.com)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-22] (NVIDIA Corporation)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-22] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-22] (NVIDIA Corporation)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-12] (Electronic Arts)
    R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-12-27] ()
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-07] ()
    S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
    S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
    R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [817072 2015-05-05] (Webroot)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
    R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
    R3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (http://www.asmedia.com.tw) [File not signed]
    R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
    R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
    R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-27] (Intel Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-29] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-22] (NVIDIA Corporation)
    R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-05-11] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
    S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
    R1 tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [285208 2013-09-27] (Trend Micro Inc.)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-06] ()
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
    R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [116224 2015-05-05] (Webroot)
    S3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [41040 2015-02-26] (Webroot)
    R3 cpuz137; \??\C:\Users\Brennan\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-30 00:51 - 2015-05-30 00:51 - 00019775 _____ () C:\Users\Brennan\Desktop\FRST.txt
    2015-05-30 00:51 - 2015-05-30 00:51 - 00000000 ____D () C:\FRST
    2015-05-30 00:48 - 2015-05-30 00:48 - 02108928 _____ (Farbar) C:\Users\Brennan\Desktop\FRST64.exe
    2015-05-30 00:35 - 2015-05-30 00:34 - 00561248 _____ (Oracle Corporation) C:\Users\Brennan\Desktop\jxpiinstall.exe
    2015-05-29 22:45 - 2015-05-29 22:45 - 00000010 _____ () C:\Users\Brennan\AppData\Local\sponge.last.runtime.cache
    2015-05-29 22:44 - 2015-05-29 22:44 - 00421616 _____ () C:\Users\Brennan\AppData\Local\census.cache
    2015-05-29 22:44 - 2015-05-29 22:44 - 00178750 _____ () C:\Users\Brennan\AppData\Local\ars.cache
    2015-05-29 22:41 - 2015-05-29 22:41 - 00000036 _____ () C:\Users\Brennan\AppData\Local\housecall.guid.cache
    2015-05-29 22:41 - 2013-09-27 19:56 - 00285208 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
    2015-05-29 22:30 - 2015-05-29 22:32 - 00000000 ____D () C:\AdwCleaner
    2015-05-29 22:28 - 2015-05-29 22:28 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BBPC-Windows-8.1-(64-bit).dat
    2015-05-29 22:28 - 2015-05-29 22:28 - 00000000 ____D () C:\RegBackup
    2015-05-28 21:46 - 2015-05-28 21:46 - 00000000 ____D () C:\Windows\LastGood.Tmp
    2015-05-28 21:46 - 2015-05-28 21:46 - 00000000 ____D () C:\ProgramData\boost_interprocess
    2015-05-28 21:46 - 2015-04-03 06:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
    2015-05-28 21:46 - 2015-04-03 06:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
    2015-05-28 05:27 - 2015-05-28 05:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
    2015-05-27 22:49 - 2015-05-27 22:51 - 00000000 ____D () C:\Users\Brennan\Documents\Heroes of the Storm
    2015-05-27 22:28 - 2015-05-27 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
    2015-05-27 00:16 - 2015-05-27 00:16 - 00000000 ____D () C:\Users\Brennan\Documents\BioWare
    2015-05-27 00:16 - 2015-05-27 00:16 - 00000000 ____D () C:\ProgramData\EA Core
    2015-05-26 00:43 - 2015-05-26 00:44 - 15624032 _____ (FinalWire Ltd. ) C:\Users\Brennan\Desktop\aida64extreme520.exe
    2015-05-26 00:42 - 2015-05-26 00:43 - 109047601 _____ () C:\Users\Brennan\Desktop\CINEBENCH_R15.zip
    2015-05-25 04:28 - 2015-05-25 04:28 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\QuickScan
    2015-05-21 01:43 - 2015-05-21 22:32 - 00000000 ____D () C:\Users\Brennan\Documents\The Witcher 3
    2015-05-19 00:38 - 2015-05-20 04:49 - 00000000 ____D () C:\Program Files\PeerBlock
    2015-05-19 00:38 - 2015-05-19 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
    2015-05-18 21:14 - 2015-05-18 21:14 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\NVIDIA
    2015-05-18 21:10 - 2015-05-29 22:33 - 00000000 ____D () C:\ProgramData\NVIDIA
    2015-05-18 21:10 - 2015-05-12 23:52 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
    2015-05-18 21:10 - 2015-05-12 23:52 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
    2015-05-18 21:10 - 2015-05-12 23:52 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
    2015-05-18 21:10 - 2015-05-11 23:27 - 22945424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2015-05-18 21:10 - 2015-05-11 23:27 - 15048816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2015-05-18 21:10 - 2015-05-11 23:27 - 13263568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2015-05-18 21:10 - 2015-05-11 23:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
    2015-05-18 21:10 - 2015-05-11 23:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
    2015-05-18 21:10 - 2015-05-11 23:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
    2015-05-18 21:10 - 2015-05-11 23:27 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
    2015-05-18 21:10 - 2015-05-11 23:27 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
    2015-05-18 21:10 - 2015-05-11 23:27 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
    2015-05-18 21:10 - 2015-05-11 23:27 - 00117576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
    2015-05-18 21:10 - 2015-05-11 23:27 - 00112784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
    2015-05-18 21:10 - 2015-05-11 23:27 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
    2015-05-18 21:10 - 2015-05-11 23:27 - 00039056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
    2015-05-18 21:10 - 2015-05-11 20:30 - 06872392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2015-05-18 21:10 - 2015-05-11 20:30 - 03490448 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2015-05-18 21:10 - 2015-05-11 20:30 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2015-05-18 21:10 - 2015-05-11 20:30 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    2015-05-18 21:10 - 2015-05-11 20:30 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2015-05-18 21:10 - 2015-05-11 20:30 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2015-05-18 21:10 - 2015-05-11 19:34 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
    2015-05-18 21:10 - 2015-05-11 10:01 - 04391871 _____ () C:\Windows\system32\nvcoproc.bin
    2015-05-18 20:58 - 2015-05-18 20:58 - 00000000 ____D () C:\Users\Brennan\AppData\Local\GalaxyCommunicationService
    2015-05-18 19:24 - 2015-05-19 03:28 - 00000000 ____D () C:\GOG Games
    2015-05-18 19:21 - 2015-05-18 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
    2015-05-18 19:21 - 2015-05-18 19:21 - 00000000 ____D () C:\ProgramData\GOG.com
    2015-05-18 19:21 - 2015-05-18 19:21 - 00000000 ____D () C:\Program Files (x86)\GalaxyClient
    2015-05-17 19:02 - 2015-05-17 19:18 - 00000000 ____D () C:\Program Files (x86)\TuneUpMedia
    2015-05-17 19:02 - 2015-05-17 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp
    2015-05-17 19:01 - 2015-05-28 10:28 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\TuneUpMedia
    2015-05-17 18:59 - 2015-05-18 07:03 - 00000000 ____D () C:\ProgramData\TuneUpMedia
    2015-05-17 18:43 - 2015-05-17 18:43 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaHuman
    2015-05-17 18:43 - 2015-05-17 18:43 - 00000000 ____D () C:\Users\Brennan\AppData\Local\MediaHuman
    2015-05-17 18:43 - 2015-05-17 18:43 - 00000000 ____D () C:\Program Files (x86)\MediaHuman
    2015-05-15 04:34 - 2015-05-15 04:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-05-15 02:42 - 2015-05-15 02:42 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\dvdcss
    2015-05-13 04:28 - 2015-04-30 13:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-05-13 04:28 - 2015-04-30 13:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-05-13 01:05 - 2015-04-30 16:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-05-13 01:05 - 2015-04-30 15:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-05-13 01:05 - 2015-04-24 14:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-05-13 01:05 - 2015-04-21 10:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-05-13 01:05 - 2015-04-21 09:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-05-13 01:05 - 2015-04-21 09:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-05-13 01:05 - 2015-04-21 09:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-05-13 01:05 - 2015-04-21 09:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-05-13 01:05 - 2015-04-21 09:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-05-13 01:05 - 2015-04-21 09:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-05-13 01:05 - 2015-04-21 09:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-05-13 01:05 - 2015-04-21 09:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2015-05-13 01:05 - 2015-04-21 09:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-05-13 01:05 - 2015-04-21 09:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-05-13 01:05 - 2015-04-21 09:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-05-13 01:05 - 2015-04-21 09:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2015-05-13 01:05 - 2015-04-21 09:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-05-13 01:05 - 2015-04-21 09:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-05-13 01:05 - 2015-04-21 08:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2015-05-13 01:05 - 2015-04-21 08:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-05-13 01:05 - 2015-04-21 08:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2015-05-13 01:05 - 2015-04-21 08:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-05-13 01:05 - 2015-04-21 08:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-05-13 01:05 - 2015-04-21 08:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-05-13 01:05 - 2015-04-21 08:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-05-13 01:05 - 2015-04-21 08:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-05-13 01:05 - 2015-04-21 08:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-05-13 01:05 - 2015-04-21 08:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2015-05-13 01:05 - 2015-04-21 08:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-05-13 01:05 - 2015-04-21 08:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2015-05-13 01:05 - 2015-04-21 08:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-05-13 01:05 - 2015-04-21 08:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2015-05-13 01:05 - 2015-04-21 08:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-05-13 01:05 - 2015-04-21 08:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-05-13 01:05 - 2015-04-21 08:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-05-13 01:05 - 2015-04-21 08:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-05-13 01:05 - 2015-04-21 08:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-05-13 01:05 - 2015-04-21 08:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-05-13 01:05 - 2015-04-21 08:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-05-13 01:05 - 2015-04-21 08:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-05-13 01:05 - 2015-04-21 07:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-05-13 01:05 - 2015-04-21 07:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-05-13 01:05 - 2015-04-13 15:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-05-13 01:05 - 2015-04-09 18:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-05-13 01:05 - 2015-04-09 17:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-05-13 01:05 - 2015-04-09 17:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2015-05-13 01:05 - 2015-04-09 17:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2015-05-13 01:05 - 2015-04-09 17:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
    2015-05-13 01:05 - 2015-04-08 15:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2015-05-13 01:05 - 2015-04-02 17:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
    2015-05-13 01:05 - 2015-04-02 17:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
    2015-05-13 01:05 - 2015-04-01 15:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
    2015-05-13 01:05 - 2015-04-01 15:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
    2015-05-13 01:05 - 2015-03-31 20:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
    2015-05-13 01:05 - 2015-03-31 19:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
    2015-05-13 01:05 - 2015-03-29 22:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2015-05-13 01:05 - 2015-03-26 20:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2015-05-13 01:05 - 2015-03-26 19:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2015-05-13 01:05 - 2015-03-26 19:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-05-13 01:05 - 2015-03-19 18:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
    2015-05-13 01:05 - 2015-03-17 10:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2015-05-13 01:05 - 2015-03-12 21:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
    2015-05-13 01:05 - 2015-03-12 21:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
    2015-05-13 01:05 - 2015-03-12 19:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
    2015-05-13 01:05 - 2015-03-12 18:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
    2015-05-13 01:05 - 2015-03-12 17:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
    2015-05-13 01:05 - 2015-03-12 17:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
    2015-05-13 01:05 - 2015-03-10 18:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-05-13 01:05 - 2015-03-10 18:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2015-05-13 01:05 - 2015-03-08 19:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
    2015-05-13 01:05 - 2015-03-05 20:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2015-05-13 01:05 - 2015-03-05 19:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2015-05-13 01:05 - 2015-03-05 19:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2015-05-13 01:05 - 2015-03-04 16:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-05-13 01:05 - 2015-03-03 18:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
    2015-05-13 01:05 - 2015-03-03 18:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
    2015-05-13 01:05 - 2015-02-17 16:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
    2015-05-13 01:05 - 2015-01-29 17:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
    2015-05-09 22:36 - 2015-05-09 22:36 - 00000000 ____D () C:\Users\Brennan\Documents\Diablo III
    2015-05-09 03:21 - 2015-05-09 03:21 - 00000000 ____D () C:\ProgramData\Intel
    2015-05-09 03:21 - 2013-09-03 16:52 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
    2015-05-09 03:20 - 2015-05-09 03:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
    2015-05-09 03:20 - 2013-09-03 16:52 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
    2015-05-09 03:20 - 2013-09-03 16:52 - 00099288 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
    2015-05-09 03:19 - 2015-05-09 03:19 - 00000000 ____D () C:\Users\Brennan\AppData\Local\Akamai
    2015-05-09 00:53 - 2015-05-09 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
    2015-05-08 22:19 - 2015-05-08 22:28 - 00000000 ____D () C:\Program Files (x86)\StarCraft
    2015-05-08 22:19 - 2015-05-08 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft
    2015-05-04 02:57 - 2015-05-04 19:47 - 00014973 _____ () C:\Users\Brennan\Documents\TombRaider.log
    2015-05-04 02:42 - 2015-05-04 02:42 - 00000000 ____D () C:\Users\Brennan\AppData\Local\Skyrim

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-30 00:51 - 2014-09-07 03:03 - 00000000 ____D () C:\Users\Brennan\AppData\Local\Battle.net
    2015-05-30 00:51 - 2014-09-07 00:16 - 01437935 _____ () C:\Windows\WindowsUpdate.log
    2015-05-30 00:40 - 2014-09-07 00:23 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1379302413-3029893464-1618603415-1001
    2015-05-30 00:36 - 2014-09-07 02:37 - 00000000 ____D () C:\ProgramData\Oracle
    2015-05-30 00:36 - 2014-09-07 02:10 - 00000000 ____D () C:\Program Files (x86)\Java
    2015-05-30 00:35 - 2014-09-07 02:37 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2015-05-30 00:32 - 2014-03-18 03:03 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-05-30 00:13 - 2015-02-01 00:58 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-05-30 00:06 - 2014-09-07 02:16 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-05-30 00:00 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
    2015-05-29 23:04 - 2014-09-07 00:19 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B290231-A5A9-4985-9A56-73A9003BCD79}
    2015-05-29 22:38 - 2014-09-07 02:35 - 00000000 _____ () C:\Windows\Path.idx
    2015-05-29 22:33 - 2015-02-08 03:29 - 00000000 ____D () C:\Users\Brennan\AppData\Local\CrashDumps
    2015-05-29 22:33 - 2015-02-01 00:58 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-05-29 22:33 - 2014-09-07 02:15 - 01048576 _____ () C:\Windows\PE_Rom.dll
    2015-05-29 22:33 - 2014-09-07 00:25 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-05-29 22:33 - 2014-09-07 00:19 - 00000000 ___DO () C:\Users\Brennan\OneDrive
    2015-05-29 22:33 - 2013-08-22 07:46 - 00056720 _____ () C:\Windows\setupact.log
    2015-05-29 22:33 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-05-29 22:23 - 2014-09-07 02:16 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\vlc
    2015-05-29 22:07 - 2014-10-16 22:57 - 00000000 ____D () C:\ProgramData\WRData
    2015-05-29 21:35 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
    2015-05-29 21:15 - 2014-09-07 02:38 - 00000000 ____D () C:\Program Files (x86)\Steam
    2015-05-29 17:33 - 2014-09-07 04:27 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
    2015-05-29 17:25 - 2014-09-07 02:44 - 00000000 ____D () C:\ProgramData\Origin
    2015-05-29 00:30 - 2014-09-07 04:27 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
    2015-05-28 21:47 - 2014-09-07 00:37 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
    2015-05-28 05:44 - 2014-09-07 02:33 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\Azureus
    2015-05-27 22:49 - 2014-09-07 03:03 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
    2015-05-26 00:09 - 2014-09-10 23:46 - 00000659 _____ () C:\Windows\MB.idx
    2015-05-24 00:10 - 2014-09-07 00:18 - 00000000 ____D () C:\Users\Brennan
    2015-05-22 18:47 - 2014-09-07 02:31 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
    2015-05-22 18:47 - 2014-09-07 02:31 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
    2015-05-22 18:47 - 2014-09-07 02:31 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
    2015-05-22 18:47 - 2014-09-07 02:31 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
    2015-05-21 07:29 - 2014-09-07 04:26 - 00259541 _____ () C:\Windows\DirectX.log
    2015-05-19 22:48 - 2015-04-04 21:03 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
    2015-05-19 22:48 - 2015-04-04 21:03 - 00000000 ___SD () C:\Windows\system32\GWX
    2015-05-19 22:48 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
    2015-05-18 21:11 - 2014-09-07 00:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2015-05-18 21:10 - 2014-09-07 00:37 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2015-05-18 21:10 - 2014-09-07 00:37 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
    2015-05-18 21:10 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\Help
    2015-05-18 12:20 - 2015-03-24 01:13 - 00000000 ____D () C:\Users\Brennan\AppData\Local\PokerStars
    2015-05-18 10:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\LiveKernelReports
    2015-05-18 08:00 - 2014-09-07 02:16 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-05-18 08:00 - 2014-09-07 02:16 - 00000000 ____D () C:\Users\Brennan\AppData\Local\Adobe
    2015-05-17 19:18 - 2014-09-07 00:21 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\Mozilla
    2015-05-17 19:02 - 2015-04-11 22:40 - 00000000 ____D () C:\Program Files\iTunes
    2015-05-17 18:59 - 2014-09-07 04:26 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-05-17 06:54 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
    2015-05-16 21:19 - 2014-09-15 04:57 - 00000000 ____D () C:\Users\Brennan\Documents\StarCraft II
    2015-05-15 02:17 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\NDF
    2015-05-14 21:08 - 2015-02-01 00:58 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-05-14 21:08 - 2015-02-01 00:58 - 00003652 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-05-14 06:25 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
    2015-05-14 03:54 - 2013-08-22 07:44 - 00337808 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-05-14 03:48 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
    2015-05-14 03:48 - 2013-08-22 06:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
    2015-05-13 04:28 - 2014-09-07 02:22 - 00000000 ____D () C:\Windows\system32\MRT
    2015-05-13 04:27 - 2014-09-07 02:22 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-05-13 04:26 - 2014-03-18 02:45 - 00000000 ____D () C:\Program Files\Windows Journal
    2015-05-11 23:27 - 2015-01-08 12:41 - 42718864 _____ () C:\Windows\system32\nvcompiler.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 37741712 _____ () C:\Windows\SysWOW64\nvcompiler.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 30478992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 17540416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 16145176 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 15858728 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 14455296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 12849056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 11790144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 10972304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2015-05-11 23:27 - 2015-01-08 12:41 - 03363224 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 02971776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 01050256 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 00878816 _____ () C:\Windows\system32\nvmcumd.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 00502896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 00176064 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
    2015-05-11 23:27 - 2015-01-08 12:41 - 00031710 _____ () C:\Windows\system32\nvinfo.pb
    2015-05-11 10:48 - 2014-09-07 03:03 - 00000000 ____D () C:\Program Files (x86)\Battle.net
    2015-05-10 20:59 - 2014-12-12 12:58 - 00113152 ___SH () C:\Users\Brennan\Desktop\Thumbs.db
    2015-05-09 03:21 - 2014-09-07 01:11 - 00000000 ____D () C:\Program Files\Intel
    2015-05-09 03:21 - 2014-09-07 00:41 - 00000000 ____D () C:\Program Files (x86)\Intel
    2015-05-09 03:20 - 2014-09-07 01:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-05-05 20:57 - 2014-10-16 22:57 - 00166128 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
    2015-05-05 20:57 - 2014-10-16 22:57 - 00116224 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
    2015-05-05 20:57 - 2014-10-16 22:57 - 00103816 _____ (Webroot) C:\Windows\system32\WRusr.dll
    2015-05-05 10:59 - 2014-09-07 02:26 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-05-05 10:59 - 2014-09-07 02:26 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-05-02 05:16 - 2014-12-27 20:41 - 00000000 ____D () C:\Users\Brennan\Documents\My Games
    2015-05-01 23:42 - 2015-03-21 20:06 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\Skype

    ==================== Files in the root of some directories =======

    2015-05-29 22:44 - 2015-05-29 22:44 - 0178750 _____ () C:\Users\Brennan\AppData\Local\ars.cache
    2015-05-29 22:44 - 2015-05-29 22:44 - 0421616 _____ () C:\Users\Brennan\AppData\Local\census.cache
    2015-02-21 04:30 - 2015-02-21 04:35 - 1065984 _____ () C:\Users\Brennan\AppData\Local\file__0.localstorage
    2015-05-29 22:41 - 2015-05-29 22:41 - 0000036 _____ () C:\Users\Brennan\AppData\Local\housecall.guid.cache
    2015-05-29 22:45 - 2015-05-29 22:45 - 0000010 _____ () C:\Users\Brennan\AppData\Local\sponge.last.runtime.cache
    2014-09-07 11:48 - 2014-09-07 11:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    Some files in TEMP:
    ====================
    C:\Users\Brennan\AppData\Local\Temp\dllnt_dump.dll
    C:\Users\Brennan\AppData\Local\Temp\i4jdel0.exe
    C:\Users\Brennan\AppData\Local\Temp\InstHelper.exe
    C:\Users\Brennan\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
    C:\Users\Brennan\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
    C:\Users\Brennan\AppData\Local\Temp\nvSCPAPI.dll
    C:\Users\Brennan\AppData\Local\Temp\nvSCPAPI64.dll
    C:\Users\Brennan\AppData\Local\Temp\nvStereoApiI64.dll
    C:\Users\Brennan\AppData\Local\Temp\nvStInst.exe
    C:\Users\Brennan\AppData\Local\Temp\Quarantine.exe
    C:\Users\Brennan\AppData\Local\Temp\sonarinst.exe
    C:\Users\Brennan\AppData\Local\Temp\sqlite3.dll
    C:\Users\Brennan\AppData\Local\Temp\System.Data.SQLite.dll
    C:\Users\Brennan\AppData\Local\Temp\System.Data.SQLite840d3472-6440-4344-b6d9-3bc08ae900ff.dll
    C:\Users\Brennan\AppData\Local\Temp\vlc-2.2.1-win32.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-05-26 03:05

    ==================== End of log ============================
     
  2. JudasI

    JudasI TS Rookie Topic Starter

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
    Ran by Brennan at 2015-05-30 00:52:01
    Running from C:\Users\Brennan\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1379302413-3029893464-1618603415-500 - Administrator - Disabled)
    Brennan (S-1-5-21-1379302413-3029893464-1618603415-1001 - Administrator - Enabled) => C:\Users\Brennan
    Guest (S-1-5-21-1379302413-3029893464-1618603415-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1379302413-3029893464-1618603415-1003 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
    AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.)
    Akamai NetSession Interface (HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
    Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
    Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal)
    Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
    Battlefield™ Hardline Beta (HKLM-x32\...\{F5526D9D-13AD-4270-8707-AC921D168299}) (Version: 1.0.0.2 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
    Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
    Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
    calibre 64bit (HKLM\...\{F914E24C-BFF9-4D72-9775-60126B4BC51E}) (Version: 2.15.0 - Kovid Goyal)
    Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version: - Techland)
    ComicRack v0.9.176 (HKLM\...\ComicRack) (Version: v0.9.176 - cYo Soft)
    Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.7.5339 - Corsair)
    Corsair Link(TM) USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version: - Corsair Memory, Inc.)
    Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
    CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
    Curse Client (HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
    DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
    Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
    Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
    Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
    Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
    EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
    Everything 1.3.4.686 (x86) (HKLM-x32\...\Everything) (Version: - )
    Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
    Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version: - Ubisoft Montreal)
    Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
    GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
    Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
    Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
    Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
    HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
    Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
    iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
    Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
    League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
    League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
    Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
    Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
    MediaHuman Audio Converter version 1.9.4 (HKLM-x32\...\MediaHuman Audio Converter_is1) (Version: 1.9.4 - MediaHuman)
    Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
    Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
    NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
    NVIDIA Graphics Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
    NVIDIA Miracast Virtual Audio 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 352.86 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
    OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
    Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
    PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
    PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
    Plex Media Server (HKLM-x32\...\{7425d872-d65d-42c9-8c6d-7a8a529a4b50}) (Version: 0.9.1107 - Plex, Inc.)
    Plex Media Server (x32 Version: 0.9.1107 - Plex, Inc.) Hidden
    PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
    Retro/Grade (HKLM-x32\...\Steam App 222660) (Version: - 24 Caret Games)
    Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
    SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
    Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
    Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
    Slender: The Arrival (HKLM-x32\...\Steam App 252330) (Version: - Blue Isle Studios)
    Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)
    StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
    StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
    Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
    TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
    Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
    The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
    The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.4.0 - GOG.com)
    Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
    TuneUp 2.5.3.0 (HKLM-x32\...\TuneUpMedia) (Version: 2.5.3.0 - TuneUp Media, Inc.)
    Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
    Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
    VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
    Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.6.0.0 - Azureus Software, Inc.)
    Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.8.88 - Webroot)
    WinDirStat 1.1.2 (HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\...\WinDirStat) (Version: - )

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1379302413-3029893464-1618603415-1001_Classes\CLSID\{418a8b95-f713-48e2-a750-5408b148059c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

    ==================== Restore Points =========================

    17-05-2015 18:59:35 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
    18-05-2015 19:22:03 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
    21-05-2015 07:29:26 Installed DirectX
    29-05-2015 17:11:12 Scheduled Checkpoint

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {12335B71-5348-4889-BDF2-F79EAA2DCDE0} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-08-08] ()
    Task: {3966B19E-B510-4F89-BF9B-2953FA4CB50B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-01] (Google Inc.)
    Task: {4C9C18C9-CEDA-481C-8468-2D6C7D2E54A9} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.)
    Task: {50DBE5B2-511F-4AF4-8A02-0043F3F88D29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-01] (Google Inc.)
    Task: {601C58BA-CED3-4BF1-B6F9-3A07B0AC660A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-18] (Adobe Systems Incorporated)
    Task: {7136D575-8F34-4203-AA86-1C2430CF1E66} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe [2013-08-29] (ASUSTeK Computer Inc.)
    Task: {73848DA8-B7C2-470A-8AFF-D24ED5A056C1} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
    Task: {8723A4C0-8CED-4EF3-9422-46E86CEAF027} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
    Task: {A0A2AB67-A690-484D-924A-401C6624BEA0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {C374461E-3A75-4C0A-A3C0-F616E8E789C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
    Task: {DAA124C8-E1CB-4644-9976-E86FA7D56354} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe [2014-08-14] ()
    Task: {E5670D5B-C130-4FDB-B01E-EA8575D9F3B8} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
    Task: {E61D86D2-2D6F-4FF6-932D-67FE4236F1E1} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
    Task: {FE2E3F9B-B440-4A5E-A80A-4C174F7F0FFB} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2013-07-24] ()
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2015-05-18 21:10 - 2015-05-11 20:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-09-07 00:38 - 2013-07-04 03:32 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
    2014-10-12 05:21 - 2014-08-05 18:01 - 01048576 _____ () C:\Program Files (x86)\Everything\Everything.exe
    2014-09-08 00:28 - 2014-12-27 20:07 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
    2014-09-07 01:53 - 2014-08-14 14:17 - 03104768 _____ () C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
    2014-09-07 02:09 - 2013-07-24 10:16 - 01425208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
    2014-09-07 02:09 - 2013-08-08 14:34 - 01225528 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
    2014-09-07 02:10 - 2012-05-03 10:40 - 00258048 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe
    2014-09-07 02:09 - 2013-08-08 14:34 - 01221912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
    2014-09-07 00:38 - 2015-05-29 22:33 - 00029184 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
    2014-09-07 00:38 - 2013-07-04 03:32 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
    2015-03-31 03:03 - 2015-05-22 18:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
    2014-09-07 01:53 - 2014-05-15 13:55 - 00203264 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbRobbins.dll
    2014-09-07 01:53 - 2014-05-15 13:55 - 00203776 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll
    2014-09-07 02:09 - 2013-08-07 19:11 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
    2014-09-07 02:09 - 2013-03-13 17:12 - 00870912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
    2014-09-07 02:09 - 2013-08-08 14:41 - 02747392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
    2014-09-07 02:09 - 2013-08-29 15:59 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
    2014-09-07 02:09 - 2013-06-24 15:59 - 01173504 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\Network iControl.dll
    2014-09-07 02:10 - 2013-09-05 15:46 - 02064384 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\WiFiGO.dll
    2014-09-07 02:08 - 2013-06-04 17:41 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
    2014-09-07 02:09 - 2013-08-07 19:11 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
    2014-09-07 02:09 - 2013-08-08 14:35 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll
    2014-09-07 02:10 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
    2014-09-07 02:09 - 2013-08-07 19:11 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
    2014-09-07 02:09 - 2013-08-07 19:11 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
    2014-09-07 02:11 - 2013-06-24 13:45 - 00062976 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi Engine\IsSupported.dll
    2014-09-07 02:10 - 2010-09-23 11:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll
    2014-09-07 02:10 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\Aszip.dll
    2014-09-07 02:09 - 2013-07-31 20:05 - 05773588 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
    2014-09-07 02:09 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
    2014-09-07 02:09 - 2013-08-08 14:34 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
    2014-09-07 02:09 - 2013-08-08 14:34 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
    2014-09-07 02:09 - 2013-08-08 14:34 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
    2014-09-07 02:09 - 2013-08-08 14:34 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
    2014-09-07 02:09 - 2013-08-08 14:34 - 00904704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\UsbPowerManager.dll
    2014-09-07 02:10 - 2012-05-02 18:04 - 00233472 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\AudioProjection.dll
    2014-09-07 02:10 - 2013-08-07 18:43 - 00176128 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\DLCapPP.dll
    2014-09-07 02:10 - 2010-12-14 17:46 - 00067584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\CoreAudioCap.dll
    2014-09-07 02:10 - 2013-06-11 12:06 - 00425984 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\awiscale.DLL
    2014-09-07 02:10 - 2010-10-29 18:58 - 00221184 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\JpegCD.DLL
    2014-09-07 02:10 - 2013-08-06 20:04 - 02502656 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\xH264E.DLL
    2014-09-07 02:10 - 2013-08-29 17:48 - 00610304 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGOInsHelp.dll
    2014-09-07 02:10 - 2013-01-31 22:59 - 00515072 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HelpWin8.dll
    2014-09-07 02:10 - 2012-01-12 16:44 - 00475136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HookKey.dll
    2014-09-07 02:10 - 2013-06-13 17:37 - 00156160 _____ () C:\Program Files (x86)\InstallShield Installation Information\{1DF11DAD-D427-4E1D-ABB6-04CB881EBE06}\CloudAPI\CloudAPI.dll
    2014-09-07 02:10 - 2013-03-21 19:38 - 00716800 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiMoveHelp.dll
    2014-09-07 02:10 - 2012-04-25 14:47 - 00659456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\PhoneCtrlAPI.dll
    2014-09-07 02:10 - 2012-02-06 21:08 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\pngio.dll
    2015-05-09 03:20 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2015-05-11 10:48 - 2015-05-11 10:48 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\libcef.dll
    2015-05-11 10:48 - 2015-05-11 10:48 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\libGLESv2.dll
    2015-05-11 10:48 - 2015-05-11 10:48 - 00908288 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\platforms\qwindows.dll
    2015-05-11 10:48 - 2015-05-11 10:48 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\libEGL.dll
    2015-05-11 10:48 - 2015-05-11 10:48 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\imageformats\qgif.dll
    2015-05-11 10:48 - 2015-05-11 10:48 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\imageformats\qico.dll
    2015-05-11 10:48 - 2015-05-11 10:48 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\imageformats\qjpeg.dll
    2015-05-11 10:48 - 2015-05-11 10:48 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\imageformats\qmng.dll
    2015-05-11 10:48 - 2015-05-11 10:48 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\imageformats\qsvg.dll
    2015-05-11 10:48 - 2015-05-11 10:48 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\imageformats\qtiff.dll
    2015-05-11 10:48 - 2015-05-11 10:48 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\qml\QtQuick.2\qtquick2plugin.dll
    2015-05-11 10:48 - 2015-05-11 10:48 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
    2015-05-11 10:48 - 2015-05-11 10:48 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\qml\QtQml\Models.2\modelsplugin.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\Brennan\OneDrive:ms-properties

    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
    DNS Servers: 172.16.42.1

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)
     
  3. JudasI

    JudasI TS Rookie Topic Starter

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{45410BCF-985E-4352-8068-A7F830125797}] => (Allow) LPort=2869
    FirewallRules: [{53DE0128-BA13-4D23-822F-596C953B5C52}] => (Allow) LPort=1900
    FirewallRules: [{C4F7991D-9CD3-4143-81BD-71BD3A4421BD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{BDF5A9D0-758B-4EF0-8FE9-1171D1F4E1E7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{3DEE9AFA-B876-4D03-8623-60B06CE8B1D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{DF01AB10-40A7-4B22-97C5-955C3BEC3B56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{0FAD44A8-F554-4B08-A28D-027E6E557F3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{7FD0E482-75CC-421A-A63E-C9E1A76DE407}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{DE5A6CA5-6C53-48BC-9FD9-01E527448F08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{697FE735-077B-4C9E-A8C6-F8EC7D846F6C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{4A065315-BF97-40DF-AC34-2EFA71570E06}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{C261B3F6-601A-471F-83AF-BF801CE1F40F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{F4AD0279-3844-4FCE-9CA3-F1584616A59F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
    FirewallRules: [{4A6B38B2-D441-43CB-9750-ACEC18508272}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
    FirewallRules: [{19CEC44C-679C-42FB-8639-3757E307C522}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{4078971F-C13C-4511-846A-A42AD62419F6}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{32C234C4-E1F9-4194-8835-9977D6B279D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{8C4F8407-E3BC-441B-BD1F-3C2A5D789BB3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{5F31E294-7F56-44AE-A16B-CA0788DBC665}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{62691F20-C826-477A-84DD-F194A449ADBE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{637FE632-33FA-493D-A69C-8ACBD840627E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
    FirewallRules: [{6CAFF828-FBAF-4405-8402-2279BDC8FD5B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
    FirewallRules: [{9F3AA864-6138-44D0-B7F9-50101FBE341B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
    FirewallRules: [{A98418C6-C5AE-4C59-9738-8995144B672A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
    FirewallRules: [{88354A00-2B16-43FF-95D5-87648DBECFD0}] => (Allow) LPort=2869
    FirewallRules: [{61F70A43-8533-4362-83E6-CDEB4A4098CF}] => (Allow) LPort=1900
    FirewallRules: [TCP Query User{8DF738C9-E805-47A5-AE93-B96CB830F8D7}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
    FirewallRules: [UDP Query User{02F0CEDA-EF37-4720-BAD1-43F4C5234EAA}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
    FirewallRules: [TCP Query User{4012C323-493E-426D-AD3E-B6EC867CB71B}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
    FirewallRules: [UDP Query User{58A9C3C4-F60D-4C84-8922-F52AC7EC8F81}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
    FirewallRules: [{D9E8D4A5-AF6F-46B7-839A-EBF46856DA38}] => (Allow) E:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
    FirewallRules: [{90A0F649-F977-4418-AD46-E202A22C5728}] => (Allow) E:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
    FirewallRules: [{CE102D28-8354-4224-BD97-14818AF14414}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
    FirewallRules: [{4D02521D-632E-486D-B114-461CB0DD5B8C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
    FirewallRules: [{D3984958-AEFF-44BB-AC26-F02A0DF02EC6}] => (Allow) E:\Program Files\StarCraft II\StarCraft II.exe
    FirewallRules: [{B3F6A42C-188E-4E7B-B592-FA4DC747B71C}] => (Allow) E:\Program Files\StarCraft II\StarCraft II.exe
    FirewallRules: [{F9C0D6B6-A5D5-4491-BD30-7424E223D1C5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{9DE1ADCD-FAC8-418C-9E63-4D261FED6014}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{89F61924-03F4-4364-A91A-E3484CC4E4F1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{9A28A409-9F9F-41AE-8A71-47DF8461D337}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{E9DA0604-F7BE-408D-A80C-3D8C081B3628}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
    FirewallRules: [{93557496-FC1A-48BF-908D-0444614A4CD1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
    FirewallRules: [{A43CBC83-149D-4D9B-A88D-3F8334A8CF93}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
    FirewallRules: [{BFFD801B-4818-4250-BC8F-88971C90CC71}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
    FirewallRules: [{162BADC9-0D07-4895-8475-0BB6ED3A524B}] => (Allow) E:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
    FirewallRules: [{598EA479-FBC2-432B-8A9F-3BDA634232F2}] => (Allow) E:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
    FirewallRules: [{E4554AC8-DE8B-42DB-B9D4-4DDC912639A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
    FirewallRules: [{657EBE31-9D4F-40D4-8176-ACD1278E521F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
    FirewallRules: [{DA80A388-BC21-4362-BBFA-B82447990180}] => (Allow) E:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
    FirewallRules: [{96219CE4-EAF2-440D-B67B-8592A7ACDD36}] => (Allow) E:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
    FirewallRules: [{EFBB9E29-96C9-4251-B58A-C200F30D9ED4}] => (Allow) E:\SteamLibrary\SteamApps\common\RetroGrade\RetroGrade.exe
    FirewallRules: [{A4626563-D74A-40BD-BF9C-5C79A372224C}] => (Allow) E:\SteamLibrary\SteamApps\common\RetroGrade\RetroGrade.exe
    FirewallRules: [{87BBD53D-6087-4393-B566-5957E769D5D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
    FirewallRules: [{283C96D1-C4D5-4CF3-8566-2F7811BB2935}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
    FirewallRules: [TCP Query User{239D390D-5DA1-4F12-8FB1-407CACCD495B}E:\program files\starcraft ii\versions\base32283\sc2.exe] => (Allow) E:\program files\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [UDP Query User{204FFEE8-0BC7-457F-892A-464F44FC67BC}E:\program files\starcraft ii\versions\base32283\sc2.exe] => (Allow) E:\program files\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [{7BBE887F-7A40-4E2D-83E5-2239238D4167}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{DA3C35AA-5751-4CAE-B0AD-030E07AD84D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{6A5B9619-6657-453E-97C7-93928603851A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{F3763C0D-667C-41A6-8E24-E909CFD4CA75}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{ED310387-5BC2-40E7-A65F-4327D1E9491D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{506CE8B2-348C-4CB7-AE80-B1BDA3492FB9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{CDFDF9A0-AACA-4B89-B97D-2FE019C69349}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
    FirewallRules: [{CD63D3E9-9E7E-4FA8-BAFD-BEA3EDADF704}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
    FirewallRules: [{2C125E1F-996D-4519-89E4-ABB6EB2613D7}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
    FirewallRules: [{C5D6E781-F075-419A-8BBE-8EC7FD54448D}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
    FirewallRules: [{A97AA946-4FDF-483B-8037-A6813067B0D6}] => (Allow) C:\Users\Brennan\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
    FirewallRules: [{D630D046-95BF-4C58-A5A6-CB8E04A254E8}] => (Allow) C:\Users\Brennan\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
    FirewallRules: [{5ABA0A39-D73D-4473-A04B-4C8550B5CF4B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{B120BDC3-4BA3-4E02-B156-44AE189B9BB6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [TCP Query User{CCFE61D7-BE0C-42DC-886D-2B94980CF15C}E:\program files\starcraft ii\versions\base32283\sc2.exe] => (Allow) E:\program files\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [UDP Query User{42AB110F-4A67-42F8-A26C-B1152CA40315}E:\program files\starcraft ii\versions\base32283\sc2.exe] => (Allow) E:\program files\starcraft ii\versions\base32283\sc2.exe
    FirewallRules: [TCP Query User{43798EFC-2050-4A9A-8877-0790683DDB4D}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
    FirewallRules: [UDP Query User{BB587B9E-3309-4189-80EB-6C7F30744EDA}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
    FirewallRules: [TCP Query User{ED584CD6-4DEB-413A-8DC6-2C02AD7F8251}C:\programdata\battle.net\agent\agent.3632\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3632\agent.exe
    FirewallRules: [UDP Query User{5551CEFC-B896-46CB-A2FC-FD3654850A6A}C:\programdata\battle.net\agent\agent.3632\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3632\agent.exe
    FirewallRules: [{C33370D7-B779-48C9-BA02-4930CBB0F82D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{BD38EBC4-00AD-4581-B0DC-980FED655A4E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [TCP Query User{C2A93EDE-B30A-4ECA-A160-2C43D3E36419}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [UDP Query User{81FB4336-9FB5-4EA7-97AB-02D5A2CF80EF}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [{03F9CFF1-5800-4A53-BBD2-FC8775BA407E}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{8D11CB30-97FD-463B-BF07-3FC0FCDB4FB1}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{07BE5E39-AEC3-47C4-8AE5-A1620277ECC9}] => (Allow) E:\SteamLibrary\SteamApps\common\Metro 2033\metro2033.exe
    FirewallRules: [{F9806801-2DA4-4A77-B911-530727D724CD}] => (Allow) E:\SteamLibrary\SteamApps\common\Metro 2033\metro2033.exe
    FirewallRules: [{23B60606-7551-49E0-BD7D-8CCED77D5F4A}] => (Allow) E:\SteamLibrary\SteamApps\common\Anno 2070\Anno5.exe
    FirewallRules: [{BC8E20F0-F9E8-428B-8948-AAC80C44D31C}] => (Allow) E:\SteamLibrary\SteamApps\common\Anno 2070\Anno5.exe
    FirewallRules: [{8A2DCC1C-73E8-436F-88E8-E14EA5530319}] => (Allow) E:\SteamLibrary\SteamApps\common\Anno 2070\Anno5.exe
    FirewallRules: [{2D1839AD-38C5-449E-8CDD-82E463ED24A5}] => (Allow) E:\SteamLibrary\SteamApps\common\Anno 2070\Anno5.exe
    FirewallRules: [{EFF2AE02-220B-49F4-B64C-12359F6DB811}] => (Allow) E:\SteamLibrary\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
    FirewallRules: [{683D59D3-A11E-4CB9-9ED5-F0F0F7C60357}] => (Allow) E:\SteamLibrary\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
    FirewallRules: [{DC0C83DA-404F-4DE7-95A7-4EF3A74B25C9}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
    FirewallRules: [{E5F5E8D5-7326-4415-B7EA-2193FB0157D8}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
    FirewallRules: [{5AEECD8E-DC5F-45BB-AA77-4297564C9BAE}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
    FirewallRules: [{D4078A96-232A-4BEF-9D28-901064677A0D}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
    FirewallRules: [{97BF3B99-9513-4A0D-A158-86246EA8CDEA}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands\Binaries\Borderlands.exe
    FirewallRules: [{C0A69DE3-6D06-44B0-B855-E4CB8124A44E}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands\Binaries\Borderlands.exe
    FirewallRules: [{2E05609A-170E-42F7-B134-7EE655672714}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
    FirewallRules: [{D1CD0DFA-ACCF-4943-B8AE-23387781C616}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
    FirewallRules: [{8E3E49B6-BA20-4ADE-B658-717827CBE834}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
    FirewallRules: [{6D12A8B0-892A-42CC-8968-EADBE71C5293}] => (Allow) E:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
    FirewallRules: [{35095477-F6BE-468F-87D2-534EFD62546E}] => (Allow) E:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
    FirewallRules: [{5C120E8D-814F-4475-A058-702F37C215C9}] => (Allow) E:\Program Files\Mass Effect 3\Binaries\Win32\MassEffect3.exe
    FirewallRules: [{D64D2B81-60C5-4E87-BAAB-A744AC583ED8}] => (Allow) E:\Program Files\Mass Effect 3\Binaries\Win32\MassEffect3.exe
    FirewallRules: [TCP Query User{196E6E74-8C1A-454D-AF81-951EEC3A0994}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
    FirewallRules: [UDP Query User{51E0B6EF-3B05-44BA-994D-BEB1486787A0}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
    FirewallRules: [{732033D5-8011-4E54-8042-607DA188F62B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{2ECD3CAD-589E-46D3-89EA-A5FC7519ACF2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{2C136912-7972-4970-8A94-D80CDF1B1B1C}] => (Allow) E:\SteamLibrary\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{65C4BC12-D820-4A8F-823D-6D8E4DDFE9F7}] => (Allow) E:\SteamLibrary\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{E80F2583-ED13-4103-88DB-F638FEEA73BF}] => (Allow) E:\Program Files\BFH Beta 2\bfh.exe
    FirewallRules: [{BAE9F625-B9C5-4FC1-B12F-DCBC0900140D}] => (Allow) E:\Program Files\BFH Beta 2\bfh.exe
    FirewallRules: [{B4297513-FD23-425F-9F03-016F76C7F4E0}] => (Allow) E:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
    FirewallRules: [{8C7E52D0-E4ED-49A0-B990-275F59CCDE8D}] => (Allow) E:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
    FirewallRules: [{D5484211-7E0C-4F67-80AF-8BA1617B2E9D}] => (Allow) E:\SteamLibrary\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
    FirewallRules: [{A14ADC1A-D12B-4534-9D6D-7590C52555EF}] => (Allow) E:\SteamLibrary\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
    FirewallRules: [{39650208-D0FB-44E8-BE7C-3CFF444D9D36}] => (Allow) E:\Program Files\Battlefield 4\bf4_x86.exe
    FirewallRules: [{F9A5BB6D-23DE-461A-9DE5-D9EDF76C6AF5}] => (Allow) E:\Program Files\Battlefield 4\bf4_x86.exe
    FirewallRules: [{C0BC7539-4685-49C9-A1B1-AA6036A45950}] => (Allow) E:\Program Files\Battlefield 4\bf4.exe
    FirewallRules: [{77F5F5FC-3F5C-47B1-A909-AABE176B94C2}] => (Allow) E:\Program Files\Battlefield 4\bf4.exe
    FirewallRules: [TCP Query User{0B4707A1-417B-437F-A3BE-EB47AFD32AB3}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
    FirewallRules: [UDP Query User{38E23036-5F75-4472-9240-86AD06147575}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
    FirewallRules: [{7330FEA9-DAAC-4E73-B29A-6246BBAF8414}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
    FirewallRules: [{0E123DC9-0DFA-424B-9DEA-17B9CE6307E6}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
    FirewallRules: [TCP Query User{3258598D-1BE8-4550-BD58-B6B45004BEEE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{140A7847-446D-42B3-A10F-B9898948F811}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [TCP Query User{F2C3D0BF-12DC-4890-BDEB-17D94AEAE208}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{B3679746-E1EF-42C8-A7E8-E406A7E3E38B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [TCP Query User{A81D3204-5697-43A6-A276-CFC3F19ADEF8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{0868F236-1F75-4A96-8B1E-DA392C139098}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{AFFF8FAA-EC2F-477B-977F-1983060418F4}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{DE785C34-3ECA-4458-AB2E-49AD06257E09}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{1D0B0519-18C1-4347-B4E5-43C385C1E030}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{87CC93C0-1CA9-453F-945C-2D3C27ABCC6C}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
    FirewallRules: [{3C3A754D-2E87-4ACC-B477-EA1EE4305D16}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
    FirewallRules: [{87E41F14-1CA2-4E85-8905-31F14AF8E695}] => (Allow) E:\SteamLibrary\SteamApps\common\CoJ Gunslinger\CoJGunslinger.exe
    FirewallRules: [{580A197E-4419-4645-B7A0-ECB428573CA6}] => (Allow) E:\SteamLibrary\SteamApps\common\CoJ Gunslinger\CoJGunslinger.exe
    FirewallRules: [{6FA508D8-BCE1-4691-8901-4B5F289C0FAA}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
    FirewallRules: [{5433EB05-75AE-4870-94AC-AFC342EF18CE}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
    FirewallRules: [{AAE70AAA-765C-4D4F-A1C9-3007649EE1EA}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
    FirewallRules: [{D031F244-9B8D-4BCC-85DC-8E7072012C91}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
    FirewallRules: [{E143BE82-0BBB-48E7-BF74-2FCCCF9442A8}] => (Allow) E:\SteamLibrary\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{02E9ACA8-8702-4458-A16B-03DFCF4A3839}] => (Allow) E:\SteamLibrary\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{B8ACBAA4-3B9F-401B-B2A3-D9E8A4C1D399}] => (Allow) E:\SteamLibrary\SteamApps\common\Hitman Absolution\HMA.exe
    FirewallRules: [{7DCCE1BB-F2E6-4E9F-86E6-0952F89FB1BA}] => (Allow) E:\SteamLibrary\SteamApps\common\Hitman Absolution\HMA.exe
    FirewallRules: [{4CCCC24F-AAAE-44DC-8B03-A92F649EC1F6}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
    FirewallRules: [{F80272C5-75A4-4C4C-A16D-A024F561CA4B}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
    FirewallRules: [{C2E9BAD3-2DA6-4B15-AAEE-C31F37E9D6DC}] => (Allow) E:\SteamLibrary\SteamApps\common\Tomb Raider\TombRaider.exe
    FirewallRules: [{5884AFE6-857C-4BD5-826C-8FE2C6974FDD}] => (Allow) E:\SteamLibrary\SteamApps\common\Tomb Raider\TombRaider.exe
    FirewallRules: [{09AF597A-7A22-4578-B55F-37A456737F50}] => (Allow) E:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
    FirewallRules: [{D9B4716E-A1E5-4417-BC64-D73109A68FF4}] => (Allow) E:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
    FirewallRules: [{E2DFE113-8980-49D5-B2C1-752903144EEC}] => (Allow) E:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
    FirewallRules: [{EBE2D689-122A-4666-8348-58F24D58FE72}] => (Allow) E:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
    FirewallRules: [{53C96116-3FFA-4959-BF03-89FF102DF621}] => (Allow) E:\SteamLibrary\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
    FirewallRules: [{2F1B5E7F-B289-4F4B-8A41-30B598526711}] => (Allow) E:\SteamLibrary\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
    FirewallRules: [TCP Query User{500039BF-3E04-448A-9D2C-E8486E5890E9}C:\users\brennan\desktop\downloader_starcraft_combo_enus.exe] => (Allow) C:\users\brennan\desktop\downloader_starcraft_combo_enus.exe
    FirewallRules: [UDP Query User{03A5E77B-AC0D-48B8-9C75-596AB67E2A5F}C:\users\brennan\desktop\downloader_starcraft_combo_enus.exe] => (Allow) C:\users\brennan\desktop\downloader_starcraft_combo_enus.exe
    FirewallRules: [TCP Query User{304DAD77-FC3C-4726-B65D-396A02BCA790}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
    FirewallRules: [UDP Query User{29DE7C95-9426-40BD-B5B8-C90C296060F7}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
    FirewallRules: [TCP Query User{67F7647B-F56D-4A00-91A5-6901FBCB525B}C:\users\brennan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\brennan\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{6798599B-494C-4CCD-9DA9-BFE5D986A0DA}C:\users\brennan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\brennan\appdata\local\akamai\netsession_win.exe
    FirewallRules: [TCP Query User{D679F8E8-2924-4D44-8861-E21132D60A13}E:\program files\diablo iii\diablo iii.exe] => (Allow) E:\program files\diablo iii\diablo iii.exe
    FirewallRules: [UDP Query User{C041CF2A-6F7D-40DE-82DA-A183FE3E7807}E:\program files\diablo iii\diablo iii.exe] => (Allow) E:\program files\diablo iii\diablo iii.exe
    FirewallRules: [{FF451835-03BE-46DD-B6AB-265907F6DFC0}] => (Allow) E:\Program Files\Battlefield 4\bf4_x86.exe
    FirewallRules: [{F43D5B81-342A-4375-A9F0-A5443B261C92}] => (Allow) E:\Program Files\Battlefield 4\bf4_x86.exe
    FirewallRules: [{841F599A-DC75-4495-B7BA-542E5E8A326C}] => (Allow) E:\Program Files\Battlefield 4\bf4.exe
    FirewallRules: [{3038603C-24E9-42A0-B202-CB876F9D6455}] => (Allow) E:\Program Files\Battlefield 4\bf4.exe
    FirewallRules: [TCP Query User{7FCA6A3C-BAB1-4B23-B842-1EE23E03EFDA}E:\program files\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) E:\program files\mass effect 3\binaries\win32\masseffect3.exe
    FirewallRules: [UDP Query User{1584B100-9A63-450E-A54E-E4DBDA09DE32}E:\program files\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) E:\program files\mass effect 3\binaries\win32\masseffect3.exe
    FirewallRules: [TCP Query User{22C1C306-4E72-4D0C-9787-160F465AC723}E:\program files\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) E:\program files\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{8B3EAFD6-A6BF-4CE6-A389-AD7008CBE655}E:\program files\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) E:\program files\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
    FirewallRules: [{66F44D58-2933-4212-A5F1-617CEA1EB28E}] => (Allow) E:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
    FirewallRules: [{34858EC0-C19B-40DD-922C-716424E8E740}] => (Allow) E:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
    FirewallRules: [{40B7CD2D-497A-474D-B685-51CFB54CCFAC}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
    FirewallRules: [{FC34F831-C208-489B-BC29-87192303CB2F}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
    FirewallRules: [{4369D37F-5C36-4AEF-BBDD-E2E53D09B243}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\ASUSDMS.exe
    FirewallRules: [{50A62CCE-D7E4-4A5A-B1E1-05F948A53912}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\ASUSDMS.exe

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (05/29/2015 10:33:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
    Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
    Exception code: 0x40010006
    Fault offset: 0x00014598
    Faulting process id: 0x1470
    Faulting application start time: 0xDipAwayMode.exe0
    Faulting application path: DipAwayMode.exe1
    Faulting module path: DipAwayMode.exe2
    Report Id: DipAwayMode.exe3
    Faulting package full name: DipAwayMode.exe4
    Faulting package-relative application ID: DipAwayMode.exe5

    Error: (05/29/2015 10:06:19 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
    Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
    Exception code: 0x40010006
    Fault offset: 0x00014598
    Faulting process id: 0x1970
    Faulting application start time: 0xDipAwayMode.exe0
    Faulting application path: DipAwayMode.exe1
    Faulting module path: DipAwayMode.exe2
    Report Id: DipAwayMode.exe3
    Faulting package full name: DipAwayMode.exe4
    Faulting package-relative application ID: DipAwayMode.exe5

    Error: (05/29/2015 04:59:22 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
    Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
    Exception code: 0x40010006
    Fault offset: 0x00014598
    Faulting process id: 0x17c4
    Faulting application start time: 0xDipAwayMode.exe0
    Faulting application path: DipAwayMode.exe1
    Faulting module path: DipAwayMode.exe2
    Report Id: DipAwayMode.exe3
    Faulting package full name: DipAwayMode.exe4
    Faulting package-relative application ID: DipAwayMode.exe5

    Error: (05/28/2015 07:47:20 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program SC2.exe version 2.1.10.35237 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 24e8

    Start Time: 01d0994972ca7cf9

    Termination Time: 4294967295

    Application Path: E:\Program Files\StarCraft II\Versions\Base32283\SC2.exe

    Report Id: 7078f1e7-0548-11e5-82d6-240a641cef89

    Faulting package full name:

    Faulting package-relative application ID:

    Error: (05/27/2015 06:31:00 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
    Description: The volume System Reserved was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)

    Error: (05/24/2015 00:42:13 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
    Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
    Exception code: 0x40010006
    Fault offset: 0x00014598
    Faulting process id: 0x1360
    Faulting application start time: 0xDipAwayMode.exe0
    Faulting application path: DipAwayMode.exe1
    Faulting module path: DipAwayMode.exe2
    Report Id: DipAwayMode.exe3
    Faulting package full name: DipAwayMode.exe4
    Faulting package-relative application ID: DipAwayMode.exe5

    Error: (05/20/2015 11:58:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
    Description: The volume System Reserved was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)

    Error: (05/19/2015 01:43:36 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
    Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
    Exception code: 0x40010006
    Fault offset: 0x00014598
    Faulting process id: 0x112c
    Faulting application start time: 0xDipAwayMode.exe0
    Faulting application path: DipAwayMode.exe1
    Faulting module path: DipAwayMode.exe2
    Report Id: DipAwayMode.exe3
    Faulting package full name: DipAwayMode.exe4
    Faulting package-relative application ID: DipAwayMode.exe5

    Error: (05/19/2015 00:38:25 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
    Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
    Exception code: 0x40010006
    Fault offset: 0x00014598
    Faulting process id: 0x131c
    Faulting application start time: 0xDipAwayMode.exe0
    Faulting application path: DipAwayMode.exe1
    Faulting module path: DipAwayMode.exe2
    Report Id: DipAwayMode.exe3
    Faulting package full name: DipAwayMode.exe4
    Faulting package-relative application ID: DipAwayMode.exe5

    Error: (05/18/2015 09:12:38 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
    Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
    Exception code: 0x40010006
    Fault offset: 0x00014598
    Faulting process id: 0xe48
    Faulting application start time: 0xDipAwayMode.exe0
    Faulting application path: DipAwayMode.exe1
    Faulting module path: DipAwayMode.exe2
    Report Id: DipAwayMode.exe3
    Faulting package full name: DipAwayMode.exe4
    Faulting package-relative application ID: DipAwayMode.exe5


    System errors:
    =============
    Error: (05/29/2015 10:32:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Intel(R) Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

    Error: (05/29/2015 10:32:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (05/29/2015 10:32:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

    Error: (05/29/2015 10:32:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Intel(R) Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

    Error: (05/29/2015 10:32:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (05/29/2015 10:32:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The AsusFanControlService service terminated unexpectedly. It has done this 1 time(s).

    Error: (05/29/2015 10:32:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The ASUS HM Com Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (05/29/2015 10:32:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Apple Mobile Device Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (05/29/2015 10:29:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (05/29/2015 10:29:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable


    Microsoft Office:
    =========================
    Error: (05/29/2015 10:33:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade4001000600014598147001d09a9a2af86827C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll6a037bef-068d-11e5-82d9-240a641cef89

    Error: (05/29/2015 10:06:19 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade4001000600014598197001d09a965b6a0f64C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll9ac3d41d-0689-11e5-82d8-240a641cef89

    Error: (05/29/2015 04:59:22 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade400100060001459817c401d09a6b749fd576C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dllb9af880c-065e-11e5-82d7-240a641cef89

    Error: (05/28/2015 07:47:20 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: SC2.exe2.1.10.3523724e801d0994972ca7cf94294967295E:\Program Files\StarCraft II\Versions\Base32283\SC2.exe7078f1e7-0548-11e5-82d6-240a641cef89

    Error: (05/27/2015 06:31:00 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
    Description: System ReservedThe parameter is incorrect. (0x80070057)

    Error: (05/24/2015 00:42:13 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade4001000600014598136001d095f524cfb7efC:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll63ad7aed-01e8-11e5-82d6-240a641cef89

    Error: (05/20/2015 11:58:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
    Description: System ReservedThe parameter is incorrect. (0x80070057)

    Error: (05/19/2015 01:43:36 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade4001000600014598112c01d0920fe4265800C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll23470066-fe03-11e4-82d5-240a641cef89

    Error: (05/19/2015 00:38:25 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade4001000600014598131c01d09206c925e245C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll080f9199-fdfa-11e4-82d4-240a641cef89

    Error: (05/18/2015 09:12:38 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade4001000600014598e4801d091ea096e321cC:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll484bf7ee-fddd-11e4-82d3-240a641cef89


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
    Percentage of memory in use: 15%
    Total physical RAM: 16321.53 MB
    Available physical RAM: 13712.96 MB
    Total Pagefile: 18753.53 MB
    Available Pagefile: 15498.59 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.79 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:118.9 GB) (Free:65.6 GB) NTFS
    Drive e: (Western Digital Blue 1TB) (Fixed) (Total:931.51 GB) (Free:441.1 GB) NTFS
    Drive f: (My Passport) (Fixed) (Total:1862.98 GB) (Free:522.44 GB) NTFS
    Drive g: (My Passport) (Fixed) (Total:931.48 GB) (Free:787.72 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 52905511)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 5290551E)
    Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=118.9 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 606F16DA)
    Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: E90B94AA)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ==================== End of log ============================
     
  4. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =================================

    I don't see much so far....

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
    NOTE. If you already have MBAM 2.0 installed scroll down.

    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
      • Launch Malwarebytes Anti-Malware
      • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.


    If you already have MBAM 2.0 installed:

    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.

    How to get logs:
    (Export log to save as txt)


    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • Attach that saved log to your next reply.


    (Copy to clipboard for pasting into forum replies or tickets)

    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.

    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
  5. JudasI

    JudasI TS Rookie Topic Starter

    RogueKiller V10.7.0.0 [May 25 2015] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
    Started in : Normal mode
    User : Brennan [Administrator]
    Started from : C:\Users\Brennan\Desktop\RogueKiller.exe
    Mode : Delete -- Date : 05/30/2015 23:21:42

    ¤¤¤ Processes : 0 ¤¤¤

    ¤¤¤ Registry : 14 ¤¤¤
    [PUM.Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Not selected
    [PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Not selected
    [PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Not selected
    [PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} -> Not selected
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\GalaxyCommunication ("C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe") -> Not selected
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GalaxyCommunication ("C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe") -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 172.16.42.1 [(Private Address) (XX)] -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 172.16.42.1 [(Private Address) (XX)] -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AF7D5DC3-FDA0-4252-8ECC-2E45709A5538} | DhcpNameServer : 172.16.42.1 [(Private Address) (XX)] -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{AF7D5DC3-FDA0-4252-8ECC-2E45709A5538} | DhcpNameServer : 172.16.42.1 [(Private Address) (XX)] -> Not selected
    [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
    [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected
    [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
    [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected

    ¤¤¤ Tasks : 0 ¤¤¤

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 +++++
    --- User ---
    [MBR] 3333d17b8346eaf3a52d574d68674083
    [BSP] fc7fd815814c04093863581343d86ec3 : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: Samsung SSD 840 PRO Series +++++
    --- User ---
    [MBR] 9b439f36bc604d75c45901bc7b958de9
    [BSP] d53afa85bd02ea920a69b7e86dbb069c : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 121752 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive2: WD My Passport 0748 USB Device +++++
    --- User ---
    [MBR] 7e0209274a376866f65b70de778171f3
    [BSP] 724625df71a3cd6a81826b28fc73005f : Windows XP MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907696 MB [Windows XP Bootstrap | Windows XP Bootloader]
    User = LL1 ... OK
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive3: WD My Passport 0748 USB Device +++++
    --- User ---
    [MBR] 3ff1014a3d02ca3e4c40406b66418ecb
    [BSP] 6c5aa63a9f2fabcb2fa4ee857932c2bf : Windows XP MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953836 MB [Windows XP Bootstrap | Windows XP Bootloader]
    User = LL1 ... OK
    Error reading LL2 MBR! ([32] The request is not supported. )


    ============================================
    RKreport_SCN_02062015_201503.log - RKreport_SCN_05302015_061321.log - RKreport_SCN_05302015_232113.log
     
  6. JudasI

    JudasI TS Rookie Topic Starter

    # AdwCleaner v4.205 - Logfile created 30/05/2015 at 23:35:23
    # Updated 21/05/2015 by Xplode
    # Database : 2015-05-25.3 [Server]
    # Operating system : Windows 8.1 (x64)
    # Username : Brennan - BBPC
    # Running from : C:\Users\Brennan\Desktop\adwcleaner_4.205.exe
    # Option : Cleaning

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKCU\Software\Search Extensions
    Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local;<local>

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17416


    -\\ Mozilla Firefox v38.0.1 (x86 en-US)


    *************************

    AdwCleaner[S1].txt - [941 bytes] - [30/05/2015 23:35:23]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [999 bytes] ##########
     
  7. JudasI

    JudasI TS Rookie Topic Starter

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.8.5 (05.30.2015:1)
    OS: Windows 8.1 x64
    Ran by Brennan on Sat 05/30/2015 at 23:37:41.75
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ~~~ Services

    ~~~ Tasks

    ~~~ Registry Values

    ~~~ Registry Keys

    ~~~ Files

    ~~~ Folders

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sat 05/30/2015 at 23:38:30.25
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  8. JudasI

    JudasI TS Rookie Topic Starter

    I'm starting to suspect some of the websites (E-cig shops) I made purchases on as the problem (not sure which one) , after some googlin' I read that other people have had similar issues when shopping on E-cig sites. (none are named though) I doubt it is the owners themselves but maybe they are not using proper encryption for credit card purchases? I'm usually pretty on top of updates and I have a subscription for both an Anti-virus and Malwarebytes and each runs a scan daily on my PC.
     
  9. JudasI

    JudasI TS Rookie Topic Starter

    Malwarebytes didn't detect anything.
     
  10. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    Yeah, I don't see anything malicious on your computer.
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...