Inactive Credit Card info stolen, suspect virus/trojan.

J

JudasI

Posts: 8   +0
I have a relatively new credit card that I have only really used for online purchases which info was stolen and attempted to make (failed) purchases with, I haven't really used it much besides online and I doubt it was a local fraud because one of the purchases was at a clothing store half a world away. Anyway.... My antivirus/Malwarebytes are comming up with nothing, here's FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by B (administrator) on B on 30-05-2015 00:51:48
Running from C:\Users\Bn\Desktop
Loaded Profiles: Brennan (Available Profiles: )
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
() C:\Program Files (x86)\Everything\Everything.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Akamai Technologies, Inc.) C:\Users\Brennan\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Brennan\AppData\Local\Akamai\netsession_win.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AsDLNAServerReal.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4056\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5765\Battle.net.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-22] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1391416 2013-06-21] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [bdruninstaller] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after (the data entry has 9 more characters).
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [817072 2015-05-05] (Webroot)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Brennan\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\...\Run: [GalaxyClient] => [X]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-ca/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll [2015-02-26] (Webroot)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-30] (Oracle Corporation)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll [2015-02-26] (Webroot)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-30] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 172.16.42.1

FireFox:
========
FF ProfilePath: C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-18] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-18] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-30] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\donottrackplus@abine.com [2015-05-29]
FF Extension: WOT - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-05-29]
FF Extension: Bitdefender QuickScan - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-05-28]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-09-07]
FF Extension: Add to Amazon Wish List Button - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\amznUWL2@amazon.com.xpi [2015-02-03]
FF Extension: ZenMate Security & Privacy VPN - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\firefox@zenmate.com.xpi [2015-04-21]
FF Extension: YouTube High Definition - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-02-01]
FF Extension: Adblock Plus - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-07]
FF Extension: DownThemAll! - C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Profiles\atztfykn.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-02-16]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2014-10-16]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [1656464 2013-08-08] (ASUSTeK Computer Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 Everything; C:\Program Files (x86)\Everything\Everything.exe [1048576 2014-08-05] () [File not signed] <==== ATTENTION
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1743928 2015-05-28] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6516792 2015-05-28] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-22] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-22] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-22] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-12-27] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-07] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [817072 2015-05-05] (Webroot)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (http://www.asmedia.com.tw) [File not signed]
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-27] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-22] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-05-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
R1 tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [285208 2013-09-27] (Trend Micro Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-06] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [116224 2015-05-05] (Webroot)
S3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [41040 2015-02-26] (Webroot)
R3 cpuz137; \??\C:\Users\Brennan\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-30 00:51 - 2015-05-30 00:51 - 00019775 _____ () C:\Users\Brennan\Desktop\FRST.txt
2015-05-30 00:51 - 2015-05-30 00:51 - 00000000 ____D () C:\FRST
2015-05-30 00:48 - 2015-05-30 00:48 - 02108928 _____ (Farbar) C:\Users\Brennan\Desktop\FRST64.exe
2015-05-30 00:35 - 2015-05-30 00:34 - 00561248 _____ (Oracle Corporation) C:\Users\Brennan\Desktop\jxpiinstall.exe
2015-05-29 22:45 - 2015-05-29 22:45 - 00000010 _____ () C:\Users\Brennan\AppData\Local\sponge.last.runtime.cache
2015-05-29 22:44 - 2015-05-29 22:44 - 00421616 _____ () C:\Users\Brennan\AppData\Local\census.cache
2015-05-29 22:44 - 2015-05-29 22:44 - 00178750 _____ () C:\Users\Brennan\AppData\Local\ars.cache
2015-05-29 22:41 - 2015-05-29 22:41 - 00000036 _____ () C:\Users\Brennan\AppData\Local\housecall.guid.cache
2015-05-29 22:41 - 2013-09-27 19:56 - 00285208 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-05-29 22:30 - 2015-05-29 22:32 - 00000000 ____D () C:\AdwCleaner
2015-05-29 22:28 - 2015-05-29 22:28 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BBPC-Windows-8.1-(64-bit).dat
2015-05-29 22:28 - 2015-05-29 22:28 - 00000000 ____D () C:\RegBackup
2015-05-28 21:46 - 2015-05-28 21:46 - 00000000 ____D () C:\Windows\LastGood.Tmp
2015-05-28 21:46 - 2015-05-28 21:46 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-05-28 21:46 - 2015-04-03 06:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-05-28 21:46 - 2015-04-03 06:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-05-28 05:27 - 2015-05-28 05:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2015-05-27 22:49 - 2015-05-27 22:51 - 00000000 ____D () C:\Users\Brennan\Documents\Heroes of the Storm
2015-05-27 22:28 - 2015-05-27 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-05-27 00:16 - 2015-05-27 00:16 - 00000000 ____D () C:\Users\Brennan\Documents\BioWare
2015-05-27 00:16 - 2015-05-27 00:16 - 00000000 ____D () C:\ProgramData\EA Core
2015-05-26 00:43 - 2015-05-26 00:44 - 15624032 _____ (FinalWire Ltd. ) C:\Users\Brennan\Desktop\aida64extreme520.exe
2015-05-26 00:42 - 2015-05-26 00:43 - 109047601 _____ () C:\Users\Brennan\Desktop\CINEBENCH_R15.zip
2015-05-25 04:28 - 2015-05-25 04:28 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\QuickScan
2015-05-21 01:43 - 2015-05-21 22:32 - 00000000 ____D () C:\Users\Brennan\Documents\The Witcher 3
2015-05-19 00:38 - 2015-05-20 04:49 - 00000000 ____D () C:\Program Files\PeerBlock
2015-05-19 00:38 - 2015-05-19 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
2015-05-18 21:14 - 2015-05-18 21:14 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\NVIDIA
2015-05-18 21:10 - 2015-05-29 22:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-18 21:10 - 2015-05-12 23:52 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-18 21:10 - 2015-05-12 23:52 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-18 21:10 - 2015-05-12 23:52 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-18 21:10 - 2015-05-11 23:27 - 22945424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-18 21:10 - 2015-05-11 23:27 - 15048816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-18 21:10 - 2015-05-11 23:27 - 13263568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-18 21:10 - 2015-05-11 23:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-18 21:10 - 2015-05-11 23:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-05-18 21:10 - 2015-05-11 23:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-18 21:10 - 2015-05-11 23:27 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-05-18 21:10 - 2015-05-11 23:27 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-05-18 21:10 - 2015-05-11 23:27 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-05-18 21:10 - 2015-05-11 23:27 - 00117576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-05-18 21:10 - 2015-05-11 23:27 - 00112784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-18 21:10 - 2015-05-11 23:27 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-18 21:10 - 2015-05-11 23:27 - 00039056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-05-18 21:10 - 2015-05-11 20:30 - 06872392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-18 21:10 - 2015-05-11 20:30 - 03490448 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-18 21:10 - 2015-05-11 20:30 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-18 21:10 - 2015-05-11 20:30 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-18 21:10 - 2015-05-11 20:30 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-18 21:10 - 2015-05-11 20:30 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-18 21:10 - 2015-05-11 19:34 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-18 21:10 - 2015-05-11 10:01 - 04391871 _____ () C:\Windows\system32\nvcoproc.bin
2015-05-18 20:58 - 2015-05-18 20:58 - 00000000 ____D () C:\Users\Brennan\AppData\Local\GalaxyCommunicationService
2015-05-18 19:24 - 2015-05-19 03:28 - 00000000 ____D () C:\GOG Games
2015-05-18 19:21 - 2015-05-18 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-05-18 19:21 - 2015-05-18 19:21 - 00000000 ____D () C:\ProgramData\GOG.com
2015-05-18 19:21 - 2015-05-18 19:21 - 00000000 ____D () C:\Program Files (x86)\GalaxyClient
2015-05-17 19:02 - 2015-05-17 19:18 - 00000000 ____D () C:\Program Files (x86)\TuneUpMedia
2015-05-17 19:02 - 2015-05-17 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp
2015-05-17 19:01 - 2015-05-28 10:28 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\TuneUpMedia
2015-05-17 18:59 - 2015-05-18 07:03 - 00000000 ____D () C:\ProgramData\TuneUpMedia
2015-05-17 18:43 - 2015-05-17 18:43 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaHuman
2015-05-17 18:43 - 2015-05-17 18:43 - 00000000 ____D () C:\Users\Brennan\AppData\Local\MediaHuman
2015-05-17 18:43 - 2015-05-17 18:43 - 00000000 ____D () C:\Program Files (x86)\MediaHuman
2015-05-15 04:34 - 2015-05-15 04:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-15 02:42 - 2015-05-15 02:42 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\dvdcss
2015-05-13 04:28 - 2015-04-30 13:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 04:28 - 2015-04-30 13:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 01:05 - 2015-04-30 16:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 01:05 - 2015-04-30 15:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 01:05 - 2015-04-24 14:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 01:05 - 2015-04-21 10:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 01:05 - 2015-04-21 09:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 01:05 - 2015-04-21 09:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 01:05 - 2015-04-21 09:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 01:05 - 2015-04-21 09:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 01:05 - 2015-04-21 09:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 01:05 - 2015-04-21 09:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 01:05 - 2015-04-21 09:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 01:05 - 2015-04-21 09:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-13 01:05 - 2015-04-21 09:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 01:05 - 2015-04-21 09:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 01:05 - 2015-04-21 09:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 01:05 - 2015-04-21 09:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-13 01:05 - 2015-04-21 09:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 01:05 - 2015-04-21 09:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 01:05 - 2015-04-21 08:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 01:05 - 2015-04-21 08:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 01:05 - 2015-04-21 08:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-13 01:05 - 2015-04-21 08:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 01:05 - 2015-04-21 08:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 01:05 - 2015-04-21 08:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 01:05 - 2015-04-21 08:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 01:05 - 2015-04-21 08:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 01:05 - 2015-04-21 08:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 01:05 - 2015-04-21 08:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-13 01:05 - 2015-04-21 08:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 01:05 - 2015-04-21 08:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 01:05 - 2015-04-21 08:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 01:05 - 2015-04-21 08:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-13 01:05 - 2015-04-21 08:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 01:05 - 2015-04-21 08:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 01:05 - 2015-04-21 08:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 01:05 - 2015-04-21 08:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 01:05 - 2015-04-21 08:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 01:05 - 2015-04-21 08:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 01:05 - 2015-04-21 08:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 01:05 - 2015-04-21 08:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 01:05 - 2015-04-21 07:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 01:05 - 2015-04-21 07:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 01:05 - 2015-04-13 15:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 01:05 - 2015-04-09 18:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 01:05 - 2015-04-09 17:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 01:05 - 2015-04-09 17:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-13 01:05 - 2015-04-09 17:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 01:05 - 2015-04-09 17:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-13 01:05 - 2015-04-08 15:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 01:05 - 2015-04-02 17:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-13 01:05 - 2015-04-02 17:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 01:05 - 2015-04-01 15:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-13 01:05 - 2015-04-01 15:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-13 01:05 - 2015-03-31 20:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-13 01:05 - 2015-03-31 19:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-13 01:05 - 2015-03-29 22:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 01:05 - 2015-03-26 20:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 01:05 - 2015-03-26 19:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 01:05 - 2015-03-26 19:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 01:05 - 2015-03-19 18:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-13 01:05 - 2015-03-17 10:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-13 01:05 - 2015-03-12 21:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-13 01:05 - 2015-03-12 21:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-13 01:05 - 2015-03-12 19:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-13 01:05 - 2015-03-12 18:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-13 01:05 - 2015-03-12 17:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-13 01:05 - 2015-03-12 17:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-13 01:05 - 2015-03-10 18:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 01:05 - 2015-03-10 18:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 01:05 - 2015-03-08 19:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-13 01:05 - 2015-03-05 20:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 01:05 - 2015-03-05 19:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-13 01:05 - 2015-03-05 19:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 01:05 - 2015-03-04 16:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 01:05 - 2015-03-03 18:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-13 01:05 - 2015-03-03 18:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 01:05 - 2015-02-17 16:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-13 01:05 - 2015-01-29 17:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-09 22:36 - 2015-05-09 22:36 - 00000000 ____D () C:\Users\Brennan\Documents\Diablo III
2015-05-09 03:21 - 2015-05-09 03:21 - 00000000 ____D () C:\ProgramData\Intel
2015-05-09 03:21 - 2013-09-03 16:52 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-05-09 03:20 - 2015-05-09 03:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-05-09 03:20 - 2013-09-03 16:52 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-05-09 03:20 - 2013-09-03 16:52 - 00099288 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2015-05-09 03:19 - 2015-05-09 03:19 - 00000000 ____D () C:\Users\Brennan\AppData\Local\Akamai
2015-05-09 00:53 - 2015-05-09 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2015-05-08 22:19 - 2015-05-08 22:28 - 00000000 ____D () C:\Program Files (x86)\StarCraft
2015-05-08 22:19 - 2015-05-08 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft
2015-05-04 02:57 - 2015-05-04 19:47 - 00014973 _____ () C:\Users\Brennan\Documents\TombRaider.log
2015-05-04 02:42 - 2015-05-04 02:42 - 00000000 ____D () C:\Users\Brennan\AppData\Local\Skyrim

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-30 00:51 - 2014-09-07 03:03 - 00000000 ____D () C:\Users\Brennan\AppData\Local\Battle.net
2015-05-30 00:51 - 2014-09-07 00:16 - 01437935 _____ () C:\Windows\WindowsUpdate.log
2015-05-30 00:40 - 2014-09-07 00:23 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1379302413-3029893464-1618603415-1001
2015-05-30 00:36 - 2014-09-07 02:37 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-30 00:36 - 2014-09-07 02:10 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-30 00:35 - 2014-09-07 02:37 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-05-30 00:32 - 2014-03-18 03:03 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-30 00:13 - 2015-02-01 00:58 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-30 00:06 - 2014-09-07 02:16 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-30 00:00 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-29 23:04 - 2014-09-07 00:19 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B290231-A5A9-4985-9A56-73A9003BCD79}
2015-05-29 22:38 - 2014-09-07 02:35 - 00000000 _____ () C:\Windows\Path.idx
2015-05-29 22:33 - 2015-02-08 03:29 - 00000000 ____D () C:\Users\Brennan\AppData\Local\CrashDumps
2015-05-29 22:33 - 2015-02-01 00:58 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-29 22:33 - 2014-09-07 02:15 - 01048576 _____ () C:\Windows\PE_Rom.dll
2015-05-29 22:33 - 2014-09-07 00:25 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-29 22:33 - 2014-09-07 00:19 - 00000000 ___DO () C:\Users\Brennan\OneDrive
2015-05-29 22:33 - 2013-08-22 07:46 - 00056720 _____ () C:\Windows\setupact.log
2015-05-29 22:33 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-29 22:23 - 2014-09-07 02:16 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\vlc
2015-05-29 22:07 - 2014-10-16 22:57 - 00000000 ____D () C:\ProgramData\WRData
2015-05-29 21:35 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-29 21:15 - 2014-09-07 02:38 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-29 17:33 - 2014-09-07 04:27 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-29 17:25 - 2014-09-07 02:44 - 00000000 ____D () C:\ProgramData\Origin
2015-05-29 00:30 - 2014-09-07 04:27 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-05-28 21:47 - 2014-09-07 00:37 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-28 05:44 - 2014-09-07 02:33 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\Azureus
2015-05-27 22:49 - 2014-09-07 03:03 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-05-26 00:09 - 2014-09-10 23:46 - 00000659 _____ () C:\Windows\MB.idx
2015-05-24 00:10 - 2014-09-07 00:18 - 00000000 ____D () C:\Users\Brennan
2015-05-22 18:47 - 2014-09-07 02:31 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-22 18:47 - 2014-09-07 02:31 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-22 18:47 - 2014-09-07 02:31 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-22 18:47 - 2014-09-07 02:31 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-21 07:29 - 2014-09-07 04:26 - 00259541 _____ () C:\Windows\DirectX.log
2015-05-19 22:48 - 2015-04-04 21:03 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-19 22:48 - 2015-04-04 21:03 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-19 22:48 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-18 21:11 - 2014-09-07 00:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-18 21:10 - 2014-09-07 00:37 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-05-18 21:10 - 2014-09-07 00:37 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-05-18 21:10 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\Help
2015-05-18 12:20 - 2015-03-24 01:13 - 00000000 ____D () C:\Users\Brennan\AppData\Local\PokerStars
2015-05-18 10:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-05-18 08:00 - 2014-09-07 02:16 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-18 08:00 - 2014-09-07 02:16 - 00000000 ____D () C:\Users\Brennan\AppData\Local\Adobe
2015-05-17 19:18 - 2014-09-07 00:21 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\Mozilla
2015-05-17 19:02 - 2015-04-11 22:40 - 00000000 ____D () C:\Program Files\iTunes
2015-05-17 18:59 - 2014-09-07 04:26 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-17 06:54 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-16 21:19 - 2014-09-15 04:57 - 00000000 ____D () C:\Users\Brennan\Documents\StarCraft II
2015-05-15 02:17 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-14 21:08 - 2015-02-01 00:58 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-14 21:08 - 2015-02-01 00:58 - 00003652 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 06:25 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
2015-05-14 03:54 - 2013-08-22 07:44 - 00337808 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 03:48 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-14 03:48 - 2013-08-22 06:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 04:28 - 2014-09-07 02:22 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 04:27 - 2014-09-07 02:22 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 04:26 - 2014-03-18 02:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-11 23:27 - 2015-01-08 12:41 - 42718864 _____ () C:\Windows\system32\nvcompiler.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 37741712 _____ () C:\Windows\SysWOW64\nvcompiler.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 30478992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 17540416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 16145176 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 15858728 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 14455296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 12849056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 11790144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 10972304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-11 23:27 - 2015-01-08 12:41 - 03363224 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 02971776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 01050256 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 00878816 _____ () C:\Windows\system32\nvmcumd.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 00502896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 00176064 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-05-11 23:27 - 2015-01-08 12:41 - 00031710 _____ () C:\Windows\system32\nvinfo.pb
2015-05-11 10:48 - 2014-09-07 03:03 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-05-10 20:59 - 2014-12-12 12:58 - 00113152 ___SH () C:\Users\Brennan\Desktop\Thumbs.db
2015-05-09 03:21 - 2014-09-07 01:11 - 00000000 ____D () C:\Program Files\Intel
2015-05-09 03:21 - 2014-09-07 00:41 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-05-09 03:20 - 2014-09-07 01:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-05 20:57 - 2014-10-16 22:57 - 00166128 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2015-05-05 20:57 - 2014-10-16 22:57 - 00116224 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2015-05-05 20:57 - 2014-10-16 22:57 - 00103816 _____ (Webroot) C:\Windows\system32\WRusr.dll
2015-05-05 10:59 - 2014-09-07 02:26 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 10:59 - 2014-09-07 02:26 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-02 05:16 - 2014-12-27 20:41 - 00000000 ____D () C:\Users\Brennan\Documents\My Games
2015-05-01 23:42 - 2015-03-21 20:06 - 00000000 ____D () C:\Users\Brennan\AppData\Roaming\Skype

==================== Files in the root of some directories =======

2015-05-29 22:44 - 2015-05-29 22:44 - 0178750 _____ () C:\Users\Brennan\AppData\Local\ars.cache
2015-05-29 22:44 - 2015-05-29 22:44 - 0421616 _____ () C:\Users\Brennan\AppData\Local\census.cache
2015-02-21 04:30 - 2015-02-21 04:35 - 1065984 _____ () C:\Users\Brennan\AppData\Local\file__0.localstorage
2015-05-29 22:41 - 2015-05-29 22:41 - 0000036 _____ () C:\Users\Brennan\AppData\Local\housecall.guid.cache
2015-05-29 22:45 - 2015-05-29 22:45 - 0000010 _____ () C:\Users\Brennan\AppData\Local\sponge.last.runtime.cache
2014-09-07 11:48 - 2014-09-07 11:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Brennan\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Brennan\AppData\Local\Temp\i4jdel0.exe
C:\Users\Brennan\AppData\Local\Temp\InstHelper.exe
C:\Users\Brennan\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Brennan\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Brennan\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Brennan\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Brennan\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Brennan\AppData\Local\Temp\nvStInst.exe
C:\Users\Brennan\AppData\Local\Temp\Quarantine.exe
C:\Users\Brennan\AppData\Local\Temp\sonarinst.exe
C:\Users\Brennan\AppData\Local\Temp\sqlite3.dll
C:\Users\Brennan\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Brennan\AppData\Local\Temp\System.Data.SQLite840d3472-6440-4344-b6d9-3bc08ae900ff.dll
C:\Users\Brennan\AppData\Local\Temp\vlc-2.2.1-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-26 03:05

==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Brennan at 2015-05-30 00:52:01
Running from C:\Users\Brennan\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1379302413-3029893464-1618603415-500 - Administrator - Disabled)
Brennan (S-1-5-21-1379302413-3029893464-1618603415-1001 - Administrator - Enabled) => C:\Users\Brennan
Guest (S-1-5-21-1379302413-3029893464-1618603415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1379302413-3029893464-1618603415-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{F5526D9D-13AD-4270-8707-AC921D168299}) (Version: 1.0.0.2 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
calibre 64bit (HKLM\...\{F914E24C-BFF9-4D72-9775-60126B4BC51E}) (Version: 2.15.0 - Kovid Goyal)
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version: - Techland)
ComicRack v0.9.176 (HKLM\...\ComicRack) (Version: v0.9.176 - cYo Soft)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.7.5339 - Corsair)
Corsair Link(TM) USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version: - Corsair Memory, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Curse Client (HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Everything 1.3.4.686 (x86) (HKLM-x32\...\Everything) (Version: - )
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version: - Ubisoft Montreal)
Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
MediaHuman Audio Converter version 1.9.4 (HKLM-x32\...\MediaHuman Audio Converter_is1) (Version: 1.9.4 - MediaHuman)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 352.86 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Plex Media Server (HKLM-x32\...\{7425d872-d65d-42c9-8c6d-7a8a529a4b50}) (Version: 0.9.1107 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1107 - Plex, Inc.) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Retro/Grade (HKLM-x32\...\Steam App 222660) (Version: - 24 Caret Games)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Slender: The Arrival (HKLM-x32\...\Steam App 252330) (Version: - Blue Isle Studios)
Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.4.0 - GOG.com)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
TuneUp 2.5.3.0 (HKLM-x32\...\TuneUpMedia) (Version: 2.5.3.0 - TuneUp Media, Inc.)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.6.0.0 - Azureus Software, Inc.)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.8.88 - Webroot)
WinDirStat 1.1.2 (HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\...\WinDirStat) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1379302413-3029893464-1618603415-1001_Classes\CLSID\{418a8b95-f713-48e2-a750-5408b148059c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points =========================

17-05-2015 18:59:35 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
18-05-2015 19:22:03 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
21-05-2015 07:29:26 Installed DirectX
29-05-2015 17:11:12 Scheduled Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12335B71-5348-4889-BDF2-F79EAA2DCDE0} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-08-08] ()
Task: {3966B19E-B510-4F89-BF9B-2953FA4CB50B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-01] (Google Inc.)
Task: {4C9C18C9-CEDA-481C-8468-2D6C7D2E54A9} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.)
Task: {50DBE5B2-511F-4AF4-8A02-0043F3F88D29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-01] (Google Inc.)
Task: {601C58BA-CED3-4BF1-B6F9-3A07B0AC660A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-18] (Adobe Systems Incorporated)
Task: {7136D575-8F34-4203-AA86-1C2430CF1E66} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe [2013-08-29] (ASUSTeK Computer Inc.)
Task: {73848DA8-B7C2-470A-8AFF-D24ED5A056C1} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {8723A4C0-8CED-4EF3-9422-46E86CEAF027} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {A0A2AB67-A690-484D-924A-401C6624BEA0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C374461E-3A75-4C0A-A3C0-F616E8E789C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {DAA124C8-E1CB-4644-9976-E86FA7D56354} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe [2014-08-14] ()
Task: {E5670D5B-C130-4FDB-B01E-EA8575D9F3B8} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {E61D86D2-2D6F-4FF6-932D-67FE4236F1E1} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {FE2E3F9B-B440-4A5E-A80A-4C174F7F0FFB} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2013-07-24] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-18 21:10 - 2015-05-11 20:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-07 00:38 - 2013-07-04 03:32 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2014-10-12 05:21 - 2014-08-05 18:01 - 01048576 _____ () C:\Program Files (x86)\Everything\Everything.exe
2014-09-08 00:28 - 2014-12-27 20:07 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-09-07 01:53 - 2014-08-14 14:17 - 03104768 _____ () C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
2014-09-07 02:09 - 2013-07-24 10:16 - 01425208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2014-09-07 02:09 - 2013-08-08 14:34 - 01225528 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2014-09-07 02:10 - 2012-05-03 10:40 - 00258048 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe
2014-09-07 02:09 - 2013-08-08 14:34 - 01221912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
2014-09-07 00:38 - 2015-05-29 22:33 - 00029184 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-09-07 00:38 - 2013-07-04 03:32 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-03-31 03:03 - 2015-05-22 18:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-09-07 01:53 - 2014-05-15 13:55 - 00203264 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbRobbins.dll
2014-09-07 01:53 - 2014-05-15 13:55 - 00203776 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll
2014-09-07 02:09 - 2013-08-07 19:11 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2014-09-07 02:09 - 2013-03-13 17:12 - 00870912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2014-09-07 02:09 - 2013-08-08 14:41 - 02747392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2014-09-07 02:09 - 2013-08-29 15:59 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2014-09-07 02:09 - 2013-06-24 15:59 - 01173504 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\Network iControl.dll
2014-09-07 02:10 - 2013-09-05 15:46 - 02064384 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\WiFiGO.dll
2014-09-07 02:08 - 2013-06-04 17:41 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2014-09-07 02:09 - 2013-08-07 19:11 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2014-09-07 02:09 - 2013-08-08 14:35 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll
2014-09-07 02:10 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
2014-09-07 02:09 - 2013-08-07 19:11 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
2014-09-07 02:09 - 2013-08-07 19:11 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
2014-09-07 02:11 - 2013-06-24 13:45 - 00062976 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi Engine\IsSupported.dll
2014-09-07 02:10 - 2010-09-23 11:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll
2014-09-07 02:10 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\Aszip.dll
2014-09-07 02:09 - 2013-07-31 20:05 - 05773588 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2014-09-07 02:09 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2014-09-07 02:09 - 2013-08-08 14:34 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2014-09-07 02:09 - 2013-08-08 14:34 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2014-09-07 02:09 - 2013-08-08 14:34 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2014-09-07 02:09 - 2013-08-08 14:34 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2014-09-07 02:09 - 2013-08-08 14:34 - 00904704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\UsbPowerManager.dll
2014-09-07 02:10 - 2012-05-02 18:04 - 00233472 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\AudioProjection.dll
2014-09-07 02:10 - 2013-08-07 18:43 - 00176128 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\DLCapPP.dll
2014-09-07 02:10 - 2010-12-14 17:46 - 00067584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\CoreAudioCap.dll
2014-09-07 02:10 - 2013-06-11 12:06 - 00425984 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\awiscale.DLL
2014-09-07 02:10 - 2010-10-29 18:58 - 00221184 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\JpegCD.DLL
2014-09-07 02:10 - 2013-08-06 20:04 - 02502656 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\xH264E.DLL
2014-09-07 02:10 - 2013-08-29 17:48 - 00610304 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGOInsHelp.dll
2014-09-07 02:10 - 2013-01-31 22:59 - 00515072 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HelpWin8.dll
2014-09-07 02:10 - 2012-01-12 16:44 - 00475136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HookKey.dll
2014-09-07 02:10 - 2013-06-13 17:37 - 00156160 _____ () C:\Program Files (x86)\InstallShield Installation Information\{1DF11DAD-D427-4E1D-ABB6-04CB881EBE06}\CloudAPI\CloudAPI.dll
2014-09-07 02:10 - 2013-03-21 19:38 - 00716800 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiMoveHelp.dll
2014-09-07 02:10 - 2012-04-25 14:47 - 00659456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\PhoneCtrlAPI.dll
2014-09-07 02:10 - 2012-02-06 21:08 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\pngio.dll
2015-05-09 03:20 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-05-11 10:48 - 2015-05-11 10:48 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\libcef.dll
2015-05-11 10:48 - 2015-05-11 10:48 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\libGLESv2.dll
2015-05-11 10:48 - 2015-05-11 10:48 - 00908288 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\platforms\qwindows.dll
2015-05-11 10:48 - 2015-05-11 10:48 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\libEGL.dll
2015-05-11 10:48 - 2015-05-11 10:48 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\imageformats\qgif.dll
2015-05-11 10:48 - 2015-05-11 10:48 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\imageformats\qico.dll
2015-05-11 10:48 - 2015-05-11 10:48 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\imageformats\qjpeg.dll
2015-05-11 10:48 - 2015-05-11 10:48 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\imageformats\qmng.dll
2015-05-11 10:48 - 2015-05-11 10:48 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\imageformats\qsvg.dll
2015-05-11 10:48 - 2015-05-11 10:48 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\imageformats\qtiff.dll
2015-05-11 10:48 - 2015-05-11 10:48 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\qml\QtQuick.2\qtquick2plugin.dll
2015-05-11 10:48 - 2015-05-11 10:48 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-05-11 10:48 - 2015-05-11 10:48 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5765\qml\QtQml\Models.2\modelsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Brennan\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1379302413-3029893464-1618603415-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Brennan\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 172.16.42.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)
 
==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{45410BCF-985E-4352-8068-A7F830125797}] => (Allow) LPort=2869
FirewallRules: [{53DE0128-BA13-4D23-822F-596C953B5C52}] => (Allow) LPort=1900
FirewallRules: [{C4F7991D-9CD3-4143-81BD-71BD3A4421BD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BDF5A9D0-758B-4EF0-8FE9-1171D1F4E1E7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3DEE9AFA-B876-4D03-8623-60B06CE8B1D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DF01AB10-40A7-4B22-97C5-955C3BEC3B56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0FAD44A8-F554-4B08-A28D-027E6E557F3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7FD0E482-75CC-421A-A63E-C9E1A76DE407}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DE5A6CA5-6C53-48BC-9FD9-01E527448F08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{697FE735-077B-4C9E-A8C6-F8EC7D846F6C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4A065315-BF97-40DF-AC34-2EFA71570E06}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C261B3F6-601A-471F-83AF-BF801CE1F40F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F4AD0279-3844-4FCE-9CA3-F1584616A59F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{4A6B38B2-D441-43CB-9750-ACEC18508272}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{19CEC44C-679C-42FB-8639-3757E307C522}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{4078971F-C13C-4511-846A-A42AD62419F6}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{32C234C4-E1F9-4194-8835-9977D6B279D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8C4F8407-E3BC-441B-BD1F-3C2A5D789BB3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5F31E294-7F56-44AE-A16B-CA0788DBC665}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{62691F20-C826-477A-84DD-F194A449ADBE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{637FE632-33FA-493D-A69C-8ACBD840627E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{6CAFF828-FBAF-4405-8402-2279BDC8FD5B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{9F3AA864-6138-44D0-B7F9-50101FBE341B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{A98418C6-C5AE-4C59-9738-8995144B672A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{88354A00-2B16-43FF-95D5-87648DBECFD0}] => (Allow) LPort=2869
FirewallRules: [{61F70A43-8533-4362-83E6-CDEB4A4098CF}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{8DF738C9-E805-47A5-AE93-B96CB830F8D7}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [UDP Query User{02F0CEDA-EF37-4720-BAD1-43F4C5234EAA}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [TCP Query User{4012C323-493E-426D-AD3E-B6EC867CB71B}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [UDP Query User{58A9C3C4-F60D-4C84-8922-F52AC7EC8F81}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [{D9E8D4A5-AF6F-46B7-839A-EBF46856DA38}] => (Allow) E:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{90A0F649-F977-4418-AD46-E202A22C5728}] => (Allow) E:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{CE102D28-8354-4224-BD97-14818AF14414}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{4D02521D-632E-486D-B114-461CB0DD5B8C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{D3984958-AEFF-44BB-AC26-F02A0DF02EC6}] => (Allow) E:\Program Files\StarCraft II\StarCraft II.exe
FirewallRules: [{B3F6A42C-188E-4E7B-B592-FA4DC747B71C}] => (Allow) E:\Program Files\StarCraft II\StarCraft II.exe
FirewallRules: [{F9C0D6B6-A5D5-4491-BD30-7424E223D1C5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9DE1ADCD-FAC8-418C-9E63-4D261FED6014}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{89F61924-03F4-4364-A91A-E3484CC4E4F1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9A28A409-9F9F-41AE-8A71-47DF8461D337}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E9DA0604-F7BE-408D-A80C-3D8C081B3628}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{93557496-FC1A-48BF-908D-0444614A4CD1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{A43CBC83-149D-4D9B-A88D-3F8334A8CF93}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{BFFD801B-4818-4250-BC8F-88971C90CC71}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{162BADC9-0D07-4895-8475-0BB6ED3A524B}] => (Allow) E:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{598EA479-FBC2-432B-8A9F-3BDA634232F2}] => (Allow) E:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{E4554AC8-DE8B-42DB-B9D4-4DDC912639A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{657EBE31-9D4F-40D4-8176-ACD1278E521F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{DA80A388-BC21-4362-BBFA-B82447990180}] => (Allow) E:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{96219CE4-EAF2-440D-B67B-8592A7ACDD36}] => (Allow) E:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{EFBB9E29-96C9-4251-B58A-C200F30D9ED4}] => (Allow) E:\SteamLibrary\SteamApps\common\RetroGrade\RetroGrade.exe
FirewallRules: [{A4626563-D74A-40BD-BF9C-5C79A372224C}] => (Allow) E:\SteamLibrary\SteamApps\common\RetroGrade\RetroGrade.exe
FirewallRules: [{87BBD53D-6087-4393-B566-5957E769D5D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{283C96D1-C4D5-4CF3-8566-2F7811BB2935}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [TCP Query User{239D390D-5DA1-4F12-8FB1-407CACCD495B}E:\program files\starcraft ii\versions\base32283\sc2.exe] => (Allow) E:\program files\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{204FFEE8-0BC7-457F-892A-464F44FC67BC}E:\program files\starcraft ii\versions\base32283\sc2.exe] => (Allow) E:\program files\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{7BBE887F-7A40-4E2D-83E5-2239238D4167}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{DA3C35AA-5751-4CAE-B0AD-030E07AD84D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{6A5B9619-6657-453E-97C7-93928603851A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F3763C0D-667C-41A6-8E24-E909CFD4CA75}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{ED310387-5BC2-40E7-A65F-4327D1E9491D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{506CE8B2-348C-4CB7-AE80-B1BDA3492FB9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CDFDF9A0-AACA-4B89-B97D-2FE019C69349}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{CD63D3E9-9E7E-4FA8-BAFD-BEA3EDADF704}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{2C125E1F-996D-4519-89E4-ABB6EB2613D7}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{C5D6E781-F075-419A-8BBE-8EC7FD54448D}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{A97AA946-4FDF-483B-8037-A6813067B0D6}] => (Allow) C:\Users\Brennan\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{D630D046-95BF-4C58-A5A6-CB8E04A254E8}] => (Allow) C:\Users\Brennan\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{5ABA0A39-D73D-4473-A04B-4C8550B5CF4B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{B120BDC3-4BA3-4E02-B156-44AE189B9BB6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{CCFE61D7-BE0C-42DC-886D-2B94980CF15C}E:\program files\starcraft ii\versions\base32283\sc2.exe] => (Allow) E:\program files\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{42AB110F-4A67-42F8-A26C-B1152CA40315}E:\program files\starcraft ii\versions\base32283\sc2.exe] => (Allow) E:\program files\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{43798EFC-2050-4A9A-8877-0790683DDB4D}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [UDP Query User{BB587B9E-3309-4189-80EB-6C7F30744EDA}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [TCP Query User{ED584CD6-4DEB-413A-8DC6-2C02AD7F8251}C:\programdata\battle.net\agent\agent.3632\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3632\agent.exe
FirewallRules: [UDP Query User{5551CEFC-B896-46CB-A2FC-FD3654850A6A}C:\programdata\battle.net\agent\agent.3632\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3632\agent.exe
FirewallRules: [{C33370D7-B779-48C9-BA02-4930CBB0F82D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{BD38EBC4-00AD-4581-B0DC-980FED655A4E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{C2A93EDE-B30A-4ECA-A160-2C43D3E36419}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{81FB4336-9FB5-4EA7-97AB-02D5A2CF80EF}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{03F9CFF1-5800-4A53-BBD2-FC8775BA407E}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8D11CB30-97FD-463B-BF07-3FC0FCDB4FB1}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{07BE5E39-AEC3-47C4-8AE5-A1620277ECC9}] => (Allow) E:\SteamLibrary\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{F9806801-2DA4-4A77-B911-530727D724CD}] => (Allow) E:\SteamLibrary\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{23B60606-7551-49E0-BD7D-8CCED77D5F4A}] => (Allow) E:\SteamLibrary\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{BC8E20F0-F9E8-428B-8948-AAC80C44D31C}] => (Allow) E:\SteamLibrary\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{8A2DCC1C-73E8-436F-88E8-E14EA5530319}] => (Allow) E:\SteamLibrary\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{2D1839AD-38C5-449E-8CDD-82E463ED24A5}] => (Allow) E:\SteamLibrary\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{EFF2AE02-220B-49F4-B64C-12359F6DB811}] => (Allow) E:\SteamLibrary\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{683D59D3-A11E-4CB9-9ED5-F0F0F7C60357}] => (Allow) E:\SteamLibrary\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{DC0C83DA-404F-4DE7-95A7-4EF3A74B25C9}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{E5F5E8D5-7326-4415-B7EA-2193FB0157D8}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{5AEECD8E-DC5F-45BB-AA77-4297564C9BAE}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{D4078A96-232A-4BEF-9D28-901064677A0D}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{97BF3B99-9513-4A0D-A158-86246EA8CDEA}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{C0A69DE3-6D06-44B0-B855-E4CB8124A44E}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{2E05609A-170E-42F7-B134-7EE655672714}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{D1CD0DFA-ACCF-4943-B8AE-23387781C616}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{8E3E49B6-BA20-4ADE-B658-717827CBE834}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
FirewallRules: [{6D12A8B0-892A-42CC-8968-EADBE71C5293}] => (Allow) E:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{35095477-F6BE-468F-87D2-534EFD62546E}] => (Allow) E:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{5C120E8D-814F-4475-A058-702F37C215C9}] => (Allow) E:\Program Files\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{D64D2B81-60C5-4E87-BAAB-A744AC583ED8}] => (Allow) E:\Program Files\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [TCP Query User{196E6E74-8C1A-454D-AF81-951EEC3A0994}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{51E0B6EF-3B05-44BA-994D-BEB1486787A0}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [{732033D5-8011-4E54-8042-607DA188F62B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2ECD3CAD-589E-46D3-89EA-A5FC7519ACF2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2C136912-7972-4970-8A94-D80CDF1B1B1C}] => (Allow) E:\SteamLibrary\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{65C4BC12-D820-4A8F-823D-6D8E4DDFE9F7}] => (Allow) E:\SteamLibrary\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{E80F2583-ED13-4103-88DB-F638FEEA73BF}] => (Allow) E:\Program Files\BFH Beta 2\bfh.exe
FirewallRules: [{BAE9F625-B9C5-4FC1-B12F-DCBC0900140D}] => (Allow) E:\Program Files\BFH Beta 2\bfh.exe
FirewallRules: [{B4297513-FD23-425F-9F03-016F76C7F4E0}] => (Allow) E:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{8C7E52D0-E4ED-49A0-B990-275F59CCDE8D}] => (Allow) E:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{D5484211-7E0C-4F67-80AF-8BA1617B2E9D}] => (Allow) E:\SteamLibrary\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{A14ADC1A-D12B-4534-9D6D-7590C52555EF}] => (Allow) E:\SteamLibrary\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{39650208-D0FB-44E8-BE7C-3CFF444D9D36}] => (Allow) E:\Program Files\Battlefield 4\bf4_x86.exe
FirewallRules: [{F9A5BB6D-23DE-461A-9DE5-D9EDF76C6AF5}] => (Allow) E:\Program Files\Battlefield 4\bf4_x86.exe
FirewallRules: [{C0BC7539-4685-49C9-A1B1-AA6036A45950}] => (Allow) E:\Program Files\Battlefield 4\bf4.exe
FirewallRules: [{77F5F5FC-3F5C-47B1-A909-AABE176B94C2}] => (Allow) E:\Program Files\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{0B4707A1-417B-437F-A3BE-EB47AFD32AB3}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{38E23036-5F75-4472-9240-86AD06147575}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [{7330FEA9-DAAC-4E73-B29A-6246BBAF8414}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{0E123DC9-0DFA-424B-9DEA-17B9CE6307E6}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [TCP Query User{3258598D-1BE8-4550-BD58-B6B45004BEEE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{140A7847-446D-42B3-A10F-B9898948F811}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{F2C3D0BF-12DC-4890-BDEB-17D94AEAE208}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{B3679746-E1EF-42C8-A7E8-E406A7E3E38B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A81D3204-5697-43A6-A276-CFC3F19ADEF8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0868F236-1F75-4A96-8B1E-DA392C139098}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{AFFF8FAA-EC2F-477B-977F-1983060418F4}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{DE785C34-3ECA-4458-AB2E-49AD06257E09}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{1D0B0519-18C1-4347-B4E5-43C385C1E030}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{87CC93C0-1CA9-453F-945C-2D3C27ABCC6C}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{3C3A754D-2E87-4ACC-B477-EA1EE4305D16}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{87E41F14-1CA2-4E85-8905-31F14AF8E695}] => (Allow) E:\SteamLibrary\SteamApps\common\CoJ Gunslinger\CoJGunslinger.exe
FirewallRules: [{580A197E-4419-4645-B7A0-ECB428573CA6}] => (Allow) E:\SteamLibrary\SteamApps\common\CoJ Gunslinger\CoJGunslinger.exe
FirewallRules: [{6FA508D8-BCE1-4691-8901-4B5F289C0FAA}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{5433EB05-75AE-4870-94AC-AFC342EF18CE}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{AAE70AAA-765C-4D4F-A1C9-3007649EE1EA}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{D031F244-9B8D-4BCC-85DC-8E7072012C91}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{E143BE82-0BBB-48E7-BF74-2FCCCF9442A8}] => (Allow) E:\SteamLibrary\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{02E9ACA8-8702-4458-A16B-03DFCF4A3839}] => (Allow) E:\SteamLibrary\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{B8ACBAA4-3B9F-401B-B2A3-D9E8A4C1D399}] => (Allow) E:\SteamLibrary\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{7DCCE1BB-F2E6-4E9F-86E6-0952F89FB1BA}] => (Allow) E:\SteamLibrary\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{4CCCC24F-AAAE-44DC-8B03-A92F649EC1F6}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{F80272C5-75A4-4C4C-A16D-A024F561CA4B}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{C2E9BAD3-2DA6-4B15-AAEE-C31F37E9D6DC}] => (Allow) E:\SteamLibrary\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{5884AFE6-857C-4BD5-826C-8FE2C6974FDD}] => (Allow) E:\SteamLibrary\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{09AF597A-7A22-4578-B55F-37A456737F50}] => (Allow) E:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{D9B4716E-A1E5-4417-BC64-D73109A68FF4}] => (Allow) E:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E2DFE113-8980-49D5-B2C1-752903144EEC}] => (Allow) E:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{EBE2D689-122A-4666-8348-58F24D58FE72}] => (Allow) E:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{53C96116-3FFA-4959-BF03-89FF102DF621}] => (Allow) E:\SteamLibrary\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{2F1B5E7F-B289-4F4B-8A41-30B598526711}] => (Allow) E:\SteamLibrary\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [TCP Query User{500039BF-3E04-448A-9D2C-E8486E5890E9}C:\users\brennan\desktop\downloader_starcraft_combo_enus.exe] => (Allow) C:\users\brennan\desktop\downloader_starcraft_combo_enus.exe
FirewallRules: [UDP Query User{03A5E77B-AC0D-48B8-9C75-596AB67E2A5F}C:\users\brennan\desktop\downloader_starcraft_combo_enus.exe] => (Allow) C:\users\brennan\desktop\downloader_starcraft_combo_enus.exe
FirewallRules: [TCP Query User{304DAD77-FC3C-4726-B65D-396A02BCA790}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
FirewallRules: [UDP Query User{29DE7C95-9426-40BD-B5B8-C90C296060F7}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
FirewallRules: [TCP Query User{67F7647B-F56D-4A00-91A5-6901FBCB525B}C:\users\brennan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\brennan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{6798599B-494C-4CCD-9DA9-BFE5D986A0DA}C:\users\brennan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\brennan\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{D679F8E8-2924-4D44-8861-E21132D60A13}E:\program files\diablo iii\diablo iii.exe] => (Allow) E:\program files\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{C041CF2A-6F7D-40DE-82DA-A183FE3E7807}E:\program files\diablo iii\diablo iii.exe] => (Allow) E:\program files\diablo iii\diablo iii.exe
FirewallRules: [{FF451835-03BE-46DD-B6AB-265907F6DFC0}] => (Allow) E:\Program Files\Battlefield 4\bf4_x86.exe
FirewallRules: [{F43D5B81-342A-4375-A9F0-A5443B261C92}] => (Allow) E:\Program Files\Battlefield 4\bf4_x86.exe
FirewallRules: [{841F599A-DC75-4495-B7BA-542E5E8A326C}] => (Allow) E:\Program Files\Battlefield 4\bf4.exe
FirewallRules: [{3038603C-24E9-42A0-B202-CB876F9D6455}] => (Allow) E:\Program Files\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{7FCA6A3C-BAB1-4B23-B842-1EE23E03EFDA}E:\program files\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) E:\program files\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{1584B100-9A63-450E-A54E-E4DBDA09DE32}E:\program files\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) E:\program files\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [TCP Query User{22C1C306-4E72-4D0C-9787-160F465AC723}E:\program files\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) E:\program files\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{8B3EAFD6-A6BF-4CE6-A389-AD7008CBE655}E:\program files\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) E:\program files\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [{66F44D58-2933-4212-A5F1-617CEA1EB28E}] => (Allow) E:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{34858EC0-C19B-40DD-922C-716424E8E740}] => (Allow) E:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{40B7CD2D-497A-474D-B685-51CFB54CCFAC}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
FirewallRules: [{FC34F831-C208-489B-BC29-87192303CB2F}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
FirewallRules: [{4369D37F-5C36-4AEF-BBDD-E2E53D09B243}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\ASUSDMS.exe
FirewallRules: [{50A62CCE-D7E4-4A5A-B1E1-05F948A53912}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\ASUSDMS.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/29/2015 10:33:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0x40010006
Fault offset: 0x00014598
Faulting process id: 0x1470
Faulting application start time: 0xDipAwayMode.exe0
Faulting application path: DipAwayMode.exe1
Faulting module path: DipAwayMode.exe2
Report Id: DipAwayMode.exe3
Faulting package full name: DipAwayMode.exe4
Faulting package-relative application ID: DipAwayMode.exe5

Error: (05/29/2015 10:06:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0x40010006
Fault offset: 0x00014598
Faulting process id: 0x1970
Faulting application start time: 0xDipAwayMode.exe0
Faulting application path: DipAwayMode.exe1
Faulting module path: DipAwayMode.exe2
Report Id: DipAwayMode.exe3
Faulting package full name: DipAwayMode.exe4
Faulting package-relative application ID: DipAwayMode.exe5

Error: (05/29/2015 04:59:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0x40010006
Fault offset: 0x00014598
Faulting process id: 0x17c4
Faulting application start time: 0xDipAwayMode.exe0
Faulting application path: DipAwayMode.exe1
Faulting module path: DipAwayMode.exe2
Report Id: DipAwayMode.exe3
Faulting package full name: DipAwayMode.exe4
Faulting package-relative application ID: DipAwayMode.exe5

Error: (05/28/2015 07:47:20 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SC2.exe version 2.1.10.35237 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 24e8

Start Time: 01d0994972ca7cf9

Termination Time: 4294967295

Application Path: E:\Program Files\StarCraft II\Versions\Base32283\SC2.exe

Report Id: 7078f1e7-0548-11e5-82d6-240a641cef89

Faulting package full name:

Faulting package-relative application ID:

Error: (05/27/2015 06:31:00 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume System Reserved was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)

Error: (05/24/2015 00:42:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0x40010006
Fault offset: 0x00014598
Faulting process id: 0x1360
Faulting application start time: 0xDipAwayMode.exe0
Faulting application path: DipAwayMode.exe1
Faulting module path: DipAwayMode.exe2
Report Id: DipAwayMode.exe3
Faulting package full name: DipAwayMode.exe4
Faulting package-relative application ID: DipAwayMode.exe5

Error: (05/20/2015 11:58:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume System Reserved was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)

Error: (05/19/2015 01:43:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0x40010006
Fault offset: 0x00014598
Faulting process id: 0x112c
Faulting application start time: 0xDipAwayMode.exe0
Faulting application path: DipAwayMode.exe1
Faulting module path: DipAwayMode.exe2
Report Id: DipAwayMode.exe3
Faulting package full name: DipAwayMode.exe4
Faulting package-relative application ID: DipAwayMode.exe5

Error: (05/19/2015 00:38:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0x40010006
Fault offset: 0x00014598
Faulting process id: 0x131c
Faulting application start time: 0xDipAwayMode.exe0
Faulting application path: DipAwayMode.exe1
Faulting module path: DipAwayMode.exe2
Report Id: DipAwayMode.exe3
Faulting package full name: DipAwayMode.exe4
Faulting package-relative application ID: DipAwayMode.exe5

Error: (05/18/2015 09:12:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0x40010006
Fault offset: 0x00014598
Faulting process id: 0xe48
Faulting application start time: 0xDipAwayMode.exe0
Faulting application path: DipAwayMode.exe1
Faulting module path: DipAwayMode.exe2
Report Id: DipAwayMode.exe3
Faulting package full name: DipAwayMode.exe4
Faulting package-relative application ID: DipAwayMode.exe5


System errors:
=============
Error: (05/29/2015 10:32:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel(R) Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (05/29/2015 10:32:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (05/29/2015 10:32:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (05/29/2015 10:32:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel(R) Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (05/29/2015 10:32:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (05/29/2015 10:32:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AsusFanControlService service terminated unexpectedly. It has done this 1 time(s).

Error: (05/29/2015 10:32:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ASUS HM Com Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/29/2015 10:32:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Apple Mobile Device Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (05/29/2015 10:29:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/29/2015 10:29:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable


Microsoft Office:
=========================
Error: (05/29/2015 10:33:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade4001000600014598147001d09a9a2af86827C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll6a037bef-068d-11e5-82d9-240a641cef89

Error: (05/29/2015 10:06:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade4001000600014598197001d09a965b6a0f64C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll9ac3d41d-0689-11e5-82d8-240a641cef89

Error: (05/29/2015 04:59:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade400100060001459817c401d09a6b749fd576C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dllb9af880c-065e-11e5-82d7-240a641cef89

Error: (05/28/2015 07:47:20 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SC2.exe2.1.10.3523724e801d0994972ca7cf94294967295E:\Program Files\StarCraft II\Versions\Base32283\SC2.exe7078f1e7-0548-11e5-82d6-240a641cef89

Error: (05/27/2015 06:31:00 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: System ReservedThe parameter is incorrect. (0x80070057)

Error: (05/24/2015 00:42:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade4001000600014598136001d095f524cfb7efC:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll63ad7aed-01e8-11e5-82d6-240a641cef89

Error: (05/20/2015 11:58:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: System ReservedThe parameter is incorrect. (0x80070057)

Error: (05/19/2015 01:43:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade4001000600014598112c01d0920fe4265800C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll23470066-fe03-11e4-82d5-240a641cef89

Error: (05/19/2015 00:38:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade4001000600014598131c01d09206c925e245C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll080f9199-fdfa-11e4-82d4-240a641cef89

Error: (05/18/2015 09:12:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1741554504ade4001000600014598e4801d091ea096e321cC:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll484bf7ee-fddd-11e4-82d3-240a641cef89


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 15%
Total physical RAM: 16321.53 MB
Available physical RAM: 13712.96 MB
Total Pagefile: 18753.53 MB
Available Pagefile: 15498.59 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.9 GB) (Free:65.6 GB) NTFS
Drive e: (Western Digital Blue 1TB) (Fixed) (Total:931.51 GB) (Free:441.1 GB) NTFS
Drive f: (My Passport) (Fixed) (Total:1862.98 GB) (Free:522.44 GB) NTFS
Drive g: (My Passport) (Fixed) (Total:931.48 GB) (Free:787.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 52905511)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 5290551E)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 606F16DA)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: E90B94AA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of log ============================
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================

I don't see much so far....

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

  • Close all the running programs
  • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

redtarget.gif
Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.


(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
RogueKiller V10.7.0.0 [May 25 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Brennan [Administrator]
Started from : C:\Users\Brennan\Desktop\RogueKiller.exe
Mode : Delete -- Date : 05/30/2015 23:21:42

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 14 ¤¤¤
[PUM.Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Not selected
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Not selected
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Not selected
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\GalaxyCommunication ("C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe") -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GalaxyCommunication ("C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe") -> Not selected
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 172.16.42.1 [(Private Address) (XX)] -> Not selected
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 172.16.42.1 [(Private Address) (XX)] -> Not selected
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AF7D5DC3-FDA0-4252-8ECC-2E45709A5538} | DhcpNameServer : 172.16.42.1 [(Private Address) (XX)] -> Not selected
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{AF7D5DC3-FDA0-4252-8ECC-2E45709A5538} | DhcpNameServer : 172.16.42.1 [(Private Address) (XX)] -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 +++++
--- User ---
[MBR] 3333d17b8346eaf3a52d574d68674083
[BSP] fc7fd815814c04093863581343d86ec3 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Samsung SSD 840 PRO Series +++++
--- User ---
[MBR] 9b439f36bc604d75c45901bc7b958de9
[BSP] d53afa85bd02ea920a69b7e86dbb069c : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 121752 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: WD My Passport 0748 USB Device +++++
--- User ---
[MBR] 7e0209274a376866f65b70de778171f3
[BSP] 724625df71a3cd6a81826b28fc73005f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907696 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: WD My Passport 0748 USB Device +++++
--- User ---
[MBR] 3ff1014a3d02ca3e4c40406b66418ecb
[BSP] 6c5aa63a9f2fabcb2fa4ee857932c2bf : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953836 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )


============================================
RKreport_SCN_02062015_201503.log - RKreport_SCN_05302015_061321.log - RKreport_SCN_05302015_232113.log
 
# AdwCleaner v4.205 - Logfile created 30/05/2015 at 23:35:23
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Brennan - BBPC
# Running from : C:\Users\Brennan\Desktop\adwcleaner_4.205.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Search Extensions
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local;<local>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v38.0.1 (x86 en-US)


*************************

AdwCleaner[S1].txt - [941 bytes] - [30/05/2015 23:35:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [999 bytes] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.5 (05.30.2015:1)
OS: Windows 8.1 x64
Ran by Brennan on Sat 05/30/2015 at 23:37:41.75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 05/30/2015 at 23:38:30.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
I'm starting to suspect some of the websites (E-cig shops) I made purchases on as the problem (not sure which one) , after some googlin' I read that other people have had similar issues when shopping on E-cig sites. (none are named though) I doubt it is the owners themselves but maybe they are not using proper encryption for credit card purchases? I'm usually pretty on top of updates and I have a subscription for both an Anti-virus and Malwarebytes and each runs a scan daily on my PC.
 
You must log in or register to reply here.

Similar threads

wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
797
uber_beetle
uber_beetle

Latest posts

Back