Inactive Step Three Completed

Status
Not open for further replies.
C

Chelsey Zero

Posts: 32   +0
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
Ran by Zee (administrator) on SIEGFRIED (01-10-2015 16:51:49)
Running from C:\Users\Zee\Downloads
Loaded Profiles: Zee (Available Profiles: Zee)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Kromtech) C:\Program Files\Kromtech\Common\AccountService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Kromtech) C:\Program Files\Kromtech\PCKeeper\OneClickFixService.exe
() C:\Windows\SysWOW64\PSIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Kromtech) C:\Program Files\Kromtech\PCKeeper\PCKeeperService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Zee\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kromtech) C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe
(Spotify Ltd) C:\Users\Zee\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Zee\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Spotify Ltd) C:\Users\Zee\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Zee\AppData\Roaming\Spotify\Spotify.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Kromtech) C:\Program Files\Kromtech\PCKeeper\PCKElevatedHost.exe
(Microsoft Corporation) C:\Users\Zee\AppData\Local\Temp\C65D3B7E-EC07-47A2-9746-18E216493CBC\DismHost.exe
(Microsoft Corporation) C:\Users\Zee\AppData\Local\Temp\2951A43F-82C0-4437-910E-3CF35233E96A\DismHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(reimage) C:\Program Files\Reimage\Reimage Repair\Reimage.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\DNS Unlocker\dnselsmore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-07-31] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-18] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Kufab] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Zee\AppData\Local\79ABD6~1\Gefok.dat"
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\...\Run: [Driver Support] => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe /applicationMode:systemTray /showWelcome:false
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\...\Run: [Spotify Web Helper] => C:\Users\Zee\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-19] (Spotify Ltd)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\...\Run: [GoogleChromeAutoLaunch_429EA7A6AFFDF60B477DCFBFAB034A53] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-07] (Google Inc.)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\...\Run: [PCKeeper2] => C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe [915888 2015-07-07] (Kromtech)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55358992 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\...\Run: [Spotify] => C:\Users\Zee\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-19] (Spotify Ltd)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-219251710-3609435933-1062541636-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 12.127.16.67 12.127.17.71
Tcpip\..\Interfaces\{517C7435-7394-4CC6-8FE0-CF55D21C445A}: [NameServer] 82.163.143.172,82.163.142.174
Tcpip\..\Interfaces\{517C7435-7394-4CC6-8FE0-CF55D21C445A}: [DhcpNameServer] 12.127.16.67 12.127.17.71

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130850026659167361&GUID=2110083A-08F2-4835-8264-2C2F9B6B5A02
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-219251710-3609435933-1062541636-1001 -> DefaultScope {15573B70-CEDB-46CA-BD97-1204A59CA0EA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-219251710-3609435933-1062541636-1001 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3333527&octid=EB_ORIGINAL_CTID&ISID=M28A9DCAE-80E4-4101-A319-3EE6422D513D&SearchSource=58&CUI=&UM=8&UP=SP2C45CFA0-8759-45E5-9B51-F5036DD4D3BB&D=063015&q={searchTerms}&SSPV=SP302TA_sp_ie
SearchScopes: HKU\S-1-5-21-219251710-3609435933-1062541636-1001 -> {15573B70-CEDB-46CA-BD97-1204A59CA0EA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-219251710-3609435933-1062541636-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2014-12-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-12-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.4 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2010-06-20] (Wacom, Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://search.genieo.com/?v=genTugM","hxxp://maclab.academyart.edu/wiki/projects/maclab/blog","hxxps://wirelessauth1.academyart.edu/login.html?redirect=www.gstatic.com/generate_204","hxxp://www.academyart.edu/","hxxp://vosteran.com/?f=7&a=vst_ggbc_14_48_ch&cd=2XzuyEtN2Y1L1Qzu0EtDtA0FyEzy0D0Dzz0E0EyB0Bzy0DtBtN0D0Tzu0StCtDyCtDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0EyE0B0D0E0DyCtG0FtBtA0BtGtD0AzzzztGzztDtBzztGtD0CtD0F0DtDyC0D0AyCyCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtDyD0A0EyBzyzytG0BtByCtAtGyE0Bzy0EtG0AyByCzytGzy0F0EtB0DtAzztCzytAtD0B2Q&cr=1720223081&ir=","hxxp://www.trovi.com/?gd=&ctid=CT3333527&octid=EB_ORIGINAL_CTID&ISID=M28A9DCAE-80E4-4101-A319-3EE6422D513D&SearchSource=55&CUI=&UM=8&UP=SP2C45CFA0-8759-45E5-9B51-F5036DD4D3BB&D=063015&SSPV=SP302TA_sp_ch"
CHR Profile: C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-06-30]
CHR Extension: (Entanglement Web App) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-09-10]
CHR Extension: (Your Second Phone) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgcliennfocnaoenlkmlhoakpaflpgo [2015-09-10]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-09-10]
CHR Extension: (Google Drive) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-30]
CHR Extension: (AdBlock for Grooveshark) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfoohbomhfjbdpdipnenfaoandbhkbmg [2015-06-30]
CHR Extension: (Adblock Plus) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-08]
CHR Extension: (Learn Italian - Molto Bene) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\dadgddaepklpemjojmnhgdjmmkmefihe [2015-09-10]
CHR Extension: (Pixlr-o-matic) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2015-09-10]
CHR Extension: (AdBlock) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-30]
CHR Extension: (Cut the Rope) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2015-09-10]
CHR Extension: (ExhibitCore Floor Planner) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkppejbflghogimlfghbaigiekmjpalf [2015-09-10]
CHR Extension: (Skyrama) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlehaidnnmjjkhgbbiombcdifogolhap [2015-09-10]
CHR Extension: (Wave Accounting) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\knpkfcpnjfbniadmfchjpcigfhookhaa [2015-09-10]
CHR Extension: (Evernote Web) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2015-09-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-17]
CHR Extension: (Skype Click to Call) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-08]
CHR Extension: (TumTaster) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nanfbkacbckngfcklahdgfagjlghfbgm [2015-06-30]
CHR Extension: (GW2TP) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchjpcdehbipdfjapdmgnoljndealpbd [2015-06-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-08]
CHR Extension: (Tumblr Savior) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2015-06-30]
CHR Extension: (My Chrome Theme) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-06-30]
CHR Extension: (Instagram for Chrome) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2015-06-30]
CHR Extension: (Gir Theme) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pifnaclcibjejklkfjegfcbagcdkidim [2015-06-30]
CHR Extension: (BodBot Personal Fit Trainer) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppnkdiaelidjhcebhmgemlpnghbdgjhk [2015-09-10]
CHR Extension: (Extutil) - C:\Users\Zee\AppData\Local\Temp\D8ADFCCA-EE7E-442C-9999-C4D14FEF360B [2015-06-30]
CHR Extension: (Managera) - C:\Users\Zee\AppData\Local\Temp\39fdaae5-8e0e-493c-88ec-e05c3be06e42 [2015-06-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 5965d732; c:\Program Files (x86)\ProcessProc\ProcessProc.dll [2662912 2015-06-30] () [File not signed]
R2 AccountService; C:\Program Files\Kromtech\Common\AccountService.exe [211248 2015-02-04] (Kromtech) <==== ATTENTION
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-18] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-07-31] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-07-31] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-07-31] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-07-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation)
R2 PCKeeper2Service; C:\Program Files\Kromtech\PCKeeper\PCKeeperService.exe [191792 2015-07-07] (Kromtech) <==== ATTENTION
R2 PCKeeperOcfService; C:\Program Files\Kromtech\PCKeeper\OneClickFixService.exe [1136856 2015-07-07] (Kromtech) <==== ATTENTION
U2 ProtexisLicensing; C:\WINDOWS\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7743472 2015-08-19] (Reimage®)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70416 2013-09-23] (ASUS Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-07-31] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-07-31] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-07-31] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 fileHiders; C:\Windows\System32\DRIVERS\fileHiders.sys [32696 2015-07-07] () <==== ATTENTION
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-31] (Intel Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows (R) Win 7 DDK provider)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [460872 2013-03-08] (RTS Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
S1 {91975f83-f39c-43cf-aad4-0b3396b0f6db}Gw64; system32\drivers\{91975f83-f39c-43cf-aad4-0b3396b0f6db}Gw64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-01 16:51 - 2015-10-01 16:53 - 00025588 _____ C:\Users\Zee\Downloads\FRST.txt
2015-10-01 16:51 - 2015-10-01 16:51 - 00000000 ____D C:\FRST
2015-10-01 16:50 - 2015-10-01 16:50 - 02192384 _____ (Farbar) C:\Users\Zee\Downloads\FRST64.exe
2015-10-01 16:48 - 2015-10-01 16:48 - 00002259 _____ C:\WINDOWS\epplauncher.mif
2015-10-01 16:48 - 2015-10-01 16:48 - 00000000 ____D C:\151a20f458a77dea01ad33b5a9c5
2015-10-01 16:47 - 2015-10-01 16:47 - 00000000 ____D C:\Users\Zee\Desktop\Surrealism
2015-10-01 16:46 - 2015-10-01 16:48 - 14243008 _____ (Microsoft Corporation) C:\Users\Zee\Downloads\mseinstall64.exe
2015-10-01 16:22 - 2015-10-01 16:26 - 00000000 ____D C:\ReimageUndo
2015-10-01 16:04 - 2015-10-01 16:04 - 00004272 _____ C:\WINDOWS\System32\Tasks\ReimageUpdater
2015-10-01 16:03 - 2015-10-01 16:21 - 00000000 ____D C:\rei
2015-10-01 16:03 - 2015-10-01 16:04 - 00000000 ____D C:\ProgramData\Reimage Protector
2015-10-01 16:03 - 2015-10-01 16:04 - 00000000 ____D C:\Program Files\Reimage
2015-10-01 16:03 - 2015-10-01 16:03 - 00001919 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2015-10-01 16:03 - 2015-10-01 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2015-10-01 16:00 - 2015-10-01 16:05 - 00000139 _____ C:\WINDOWS\Reimage.ini
2015-10-01 15:57 - 2015-10-01 16:06 - 00772016 _____ (Reimage®) C:\Users\Zee\Downloads\reimagerepair.exe
2015-09-30 14:53 - 2015-09-30 21:41 - 00000000 ____D C:\Users\Zee\Desktop\School
2015-09-28 17:24 - 2015-09-28 18:52 - 37822087 _____ C:\Users\Zee\Desktop\Death Acolyte.psd
2015-09-24 16:50 - 2015-09-24 16:50 - 00001767 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-24 16:50 - 2015-09-24 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-24 16:49 - 2015-09-24 16:50 - 00000000 ____D C:\Program Files\iTunes
2015-09-24 16:49 - 2015-09-24 16:49 - 00000000 ____D C:\Program Files\iPod
2015-09-24 16:49 - 2015-09-24 16:49 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-24 16:45 - 2015-09-24 16:45 - 00000000 ____D C:\Program Files\Bonjour
2015-09-24 16:45 - 2015-09-24 16:45 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-24 16:44 - 2015-09-24 16:44 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-09-24 16:44 - 2015-09-24 16:44 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-19 22:58 - 2015-09-19 22:58 - 00484118 _____ C:\Users\Zee\Downloads\ROTTEN LOUSY KID (1).wmv
2015-09-19 22:53 - 2015-09-19 22:53 - 00484118 _____ C:\Users\Zee\Downloads\ROTTEN LOUSY KID.wmv
2015-09-19 22:44 - 2015-09-19 22:44 - 02579068 _____ C:\Users\Zee\Downloads\Starboard.wmv
2015-09-19 22:44 - 2015-09-19 22:44 - 01575776 _____ C:\Users\Zee\Downloads\GROSSEST.wmv
2015-09-19 22:43 - 2015-09-19 22:44 - 01897812 _____ C:\Users\Zee\Downloads\TRASHY HALLOWEEN.wmv
2015-09-19 22:43 - 2015-09-19 22:44 - 01359536 _____ C:\Users\Zee\Downloads\HOLIDAY SHAYE.wmv
2015-09-19 22:43 - 2015-09-19 22:43 - 02410506 _____ C:\Users\Zee\Downloads\Thrift Store.wmv
2015-09-19 22:43 - 2015-09-19 22:43 - 01738540 _____ C:\Users\Zee\Downloads\OUT FOR A PUSH.wmv
2015-09-19 22:43 - 2015-09-19 22:43 - 01721926 _____ C:\Users\Zee\Downloads\Happy-Turkey-Day-excerpt.wmv
2015-09-19 22:42 - 2015-09-19 22:42 - 02572102 _____ C:\Users\Zee\Downloads\WIRE THERAPY.wmv
2015-09-19 22:42 - 2015-09-19 22:42 - 00541092 _____ C:\Users\Zee\Downloads\WASHROOM1.wmv
2015-09-19 22:28 - 2015-09-19 22:28 - 00456208 _____ C:\Users\Zee\Downloads\hollywood-hello.wmv
2015-09-16 20:35 - 2015-09-16 20:37 - 00000000 ____D C:\Users\Zee\Downloads\twins
2015-09-16 20:34 - 2015-09-16 20:34 - 06951980 _____ C:\Users\Zee\Downloads\twins.zip
2015-09-14 21:24 - 2015-09-20 00:06 - 00000000 ____D C:\Users\Zee\Desktop\10 artists
2015-09-14 11:04 - 2015-09-14 21:46 - 00000000 ____D C:\Users\Zee\Desktop\illustration 3
2015-09-13 23:37 - 2015-09-13 23:37 - 00026352 _____ C:\WINDOWS\System32\Tasks\DNSELSMORE
2015-09-13 23:37 - 2015-09-13 23:37 - 00000000 ____D C:\Program Files (x86)\DNS Unlocker
2015-09-10 22:48 - 2015-09-10 22:49 - 00384435 _____ C:\Users\Zee\Downloads\MtOXgOVF.htm
2015-09-09 19:30 - 2015-09-09 19:43 - 00000000 ____D C:\Users\Zee\Desktop\horror movie bruhs
2015-09-09 10:02 - 2015-07-22 07:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-09 10:02 - 2015-07-22 06:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-09 10:02 - 2015-07-17 07:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-09 10:02 - 2015-07-17 07:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-09 10:02 - 2015-07-09 09:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-09 10:02 - 2015-07-03 14:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-09 10:02 - 2015-07-03 07:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-09 10:02 - 2015-06-27 04:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-09 10:02 - 2015-06-19 10:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-09 10:01 - 2015-09-02 19:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-09 10:01 - 2015-09-02 19:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-09 10:01 - 2015-09-02 11:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-09 10:01 - 2015-09-02 10:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-09 10:00 - 2015-07-13 12:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-08 21:52 - 2015-08-26 19:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-08 21:52 - 2015-08-26 11:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-08 21:52 - 2015-08-26 11:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-08 21:52 - 2015-08-26 11:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-08 21:52 - 2015-08-26 11:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-08 21:52 - 2015-08-26 07:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-08 21:52 - 2015-08-26 07:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-08 21:52 - 2015-08-26 07:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-08 21:52 - 2015-08-26 07:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-08 21:52 - 2015-08-26 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-08 21:52 - 2015-08-26 07:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-08 21:52 - 2015-08-26 07:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-08 21:52 - 2015-08-22 11:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-08 21:52 - 2015-08-22 10:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-08 21:52 - 2015-07-30 10:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-08 21:52 - 2015-07-30 09:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-08 21:51 - 2015-09-01 19:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-08 21:51 - 2015-09-01 19:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 21:51 - 2015-09-01 19:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 21:51 - 2015-09-01 19:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 21:51 - 2015-09-01 19:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-08 21:51 - 2015-08-22 10:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 21:51 - 2015-08-22 10:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 21:51 - 2015-08-22 10:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 21:51 - 2015-08-22 10:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-08 21:51 - 2015-08-22 09:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 21:51 - 2015-08-22 09:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 21:51 - 2015-08-22 09:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-08 21:51 - 2015-08-22 09:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 21:51 - 2015-08-22 09:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-08 21:51 - 2015-08-22 09:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 21:51 - 2015-08-22 09:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-08 21:51 - 2015-08-22 09:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-08 21:51 - 2015-08-22 09:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-08 21:51 - 2015-08-22 09:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-08 21:51 - 2015-08-22 09:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-08 21:51 - 2015-08-22 09:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-08 21:51 - 2015-08-22 09:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-08 21:51 - 2015-08-22 09:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 21:51 - 2015-08-22 09:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-08 21:51 - 2015-08-22 09:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-08 21:51 - 2015-08-22 09:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-08 21:51 - 2015-08-22 09:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-08 21:51 - 2015-08-22 09:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-08 21:51 - 2015-08-22 09:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-08 21:51 - 2015-08-22 09:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-08 21:51 - 2015-08-22 08:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-08 21:51 - 2015-08-22 08:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-08 21:51 - 2015-08-03 14:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-08 21:51 - 2015-08-03 14:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-08 21:51 - 2015-08-01 07:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-08 21:51 - 2015-07-31 20:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-08 21:51 - 2015-07-31 20:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-08 21:51 - 2015-07-31 20:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 21:51 - 2015-07-31 20:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-08 21:51 - 2015-07-31 20:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-08 21:51 - 2015-07-22 07:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 21:51 - 2015-07-22 07:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 21:51 - 2015-07-22 07:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 21:51 - 2015-07-22 07:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 21:51 - 2015-07-18 11:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 21:51 - 2015-07-18 11:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 21:51 - 2015-07-18 11:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 21:51 - 2015-07-18 11:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 21:50 - 2015-07-13 20:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-05 18:46 - 2015-09-05 19:34 - 00000000 ____D C:\Users\Zee\Desktop\Modeling!

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-01 16:53 - 2014-11-27 14:58 - 00000000 ____D C:\Users\Zee\AppData\Roaming\Skype
2015-10-01 16:50 - 2014-11-27 17:13 - 00000000 ____D C:\Users\Zee\AppData\Roaming\Spotify
2015-10-01 16:16 - 2015-01-04 01:09 - 01109883 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-01 16:10 - 2014-11-28 11:57 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-219251710-3609435933-1062541636-1001
2015-10-01 16:00 - 2015-02-17 23:52 - 00370176 ___SH C:\Users\Zee\Downloads\Thumbs.db
2015-10-01 16:00 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-01 15:59 - 2014-11-27 06:45 - 00000062 _____ C:\Users\Zee\AppData\Roaming\sp_data.sys
2015-10-01 15:53 - 2014-11-27 14:58 - 00000000 ____D C:\ProgramData\Skype
2015-10-01 15:49 - 2015-01-04 00:55 - 00000000 ____D C:\Users\Zee
2015-10-01 15:49 - 2014-11-27 17:13 - 00000000 ____D C:\Users\Zee\AppData\Local\Spotify
2015-10-01 15:48 - 2013-08-22 07:46 - 00309754 _____ C:\WINDOWS\setupact.log
2015-10-01 15:48 - 2013-08-22 07:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-01 11:37 - 2015-08-21 23:37 - 00000356 _____ C:\WINDOWS\Tasks\Superclean.job
2015-10-01 11:07 - 2015-01-14 16:41 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{02322EC3-D53D-42A4-A9E7-58E4F825D3A4}
2015-10-01 11:06 - 2015-08-12 00:10 - 00000000 ____D C:\ProgramData\Kromtech
2015-09-30 14:41 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-29 20:58 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-28 17:10 - 2015-01-22 18:25 - 00523264 ___SH C:\Users\Zee\Desktop\Thumbs.db
2015-09-27 19:15 - 2014-12-16 20:17 - 00000000 ____D C:\Users\Zee\AppData\Local\CrashDumps
2015-09-27 13:12 - 2014-09-24 00:15 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-25 23:25 - 2015-08-11 23:51 - 00000000 ____D C:\Program Files (x86)\HaapPy2SAve
2015-09-25 15:28 - 2014-11-28 13:00 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2015-09-25 15:28 - 2014-02-05 15:50 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2015-09-24 16:49 - 2015-02-12 16:11 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-24 16:44 - 2015-02-12 16:12 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-24 14:34 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-21 10:39 - 2012-07-26 00:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-14 18:18 - 2015-03-13 21:58 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-14 18:18 - 2015-03-13 21:58 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 11:40 - 2015-04-29 16:43 - 00000000 ____D C:\Users\Zee\Desktop\patches
2015-09-12 11:41 - 2014-11-30 19:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-11 11:19 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-10 19:41 - 2013-08-22 07:44 - 00346784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-10 19:39 - 2014-12-13 15:50 - 00000000 ____D C:\ProgramData\Norton
2015-09-10 19:39 - 2014-09-24 00:03 - 00824762 _____ C:\WINDOWS\PFRO.log
2015-09-10 19:34 - 2014-09-23 23:53 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 19:34 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-10 11:20 - 2012-08-01 18:36 - 00000000 ____D C:\WINDOWS\Log
2015-09-10 11:18 - 2014-11-27 17:05 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-09-09 19:39 - 2014-11-27 06:50 - 00000000 ____D C:\Users\Zee\AppData\Local\Google
2015-09-01 13:41 - 2015-01-04 00:44 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-01 13:31 - 2015-08-11 23:50 - 00000000 ____D C:\Program Files (x86)\Haappiy2Save
2015-09-01 13:31 - 2015-07-10 06:39 - 00000000 ___HD C:\$Windows.~BT
2015-09-01 13:30 - 2015-08-11 23:51 - 00000000 ____D C:\Program Files (x86)\Mahjong
2015-09-01 13:30 - 2015-07-07 14:54 - 00000000 ____D C:\Program Files (x86)\RAndoMPrice
2015-09-01 13:26 - 2015-06-30 13:11 - 00000000 ____D C:\Program Files (x86)\CUtThePricce

==================== Files in the root of some directories =======

2015-07-05 18:43 - 2015-08-17 13:17 - 0000024 _____ () C:\Users\Zee\AppData\Roaming\appdataFr25.bin
2014-11-27 06:45 - 2015-10-01 15:59 - 0000062 _____ () C:\Users\Zee\AppData\Roaming\sp_data.sys
2014-11-27 17:17 - 2015-05-07 15:17 - 0000198 _____ () C:\Users\Zee\AppData\Roaming\WB.CFG
2014-11-29 12:17 - 2014-12-16 20:17 - 0000001 _____ () C:\Users\Zee\AppData\Local\DSI.DAT
2014-12-16 20:17 - 2014-12-16 20:17 - 0022528 _____ () C:\Users\Zee\AppData\Local\dsisetup1758372652.exe
2014-12-01 17:17 - 2014-12-01 17:17 - 0022528 _____ () C:\Users\Zee\AppData\Local\dsisetup3652680462.exe
2014-11-29 12:17 - 2014-11-29 12:17 - 0022528 _____ () C:\Users\Zee\AppData\Local\dsisetup880681402.exe
2015-01-04 00:48 - 2015-01-04 00:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-04-26 05:42 - 2012-09-07 04:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-26 05:42 - 2009-07-22 03:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-26 05:42 - 2012-09-07 04:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.VBS


Some files in TEMP:
====================
C:\Users\Zee\AppData\Local\Temp\aff_setup0.exe
C:\Users\Zee\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Zee\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Zee\AppData\Local\Temp\Quarantine.exe
C:\Users\Zee\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Zee\AppData\Local\Temp\Setup.exe
C:\Users\Zee\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Zee\AppData\Local\Temp\sqlite3.dll
C:\Users\Zee\AppData\Local\Temp\supoptsetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-01 16:10

==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-09-2015
Ran by Zee (2015-10-01 16:53:45)
Running from C:\Users\Zee\Downloads
Windows 8.1 (X64) (2015-01-04 08:34:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-219251710-3609435933-1062541636-500 - Administrator - Disabled)
Guest (S-1-5-21-219251710-3609435933-1062541636-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-219251710-3609435933-1062541636-1005 - Limited - Enabled)
Zee (S-1-5-21-219251710-3609435933-1062541636-1001 - Administrator - Enabled) => C:\Users\Zee

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AccountService (Version: 1.1.66 - Kromtech) Hidden <==== ATTENTION
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.04 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.5 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0018 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5710.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bamboo (HKLM\...\Pen Tablet Driver) (Version: - Wacom Technology Corp.)
Bamboo (HKLM-x32\...\Pen Tablet Driver) (Version: - )
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Corel Painter Essentials 4 (HKLM-x32\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: - Corel Corporation)
Corel Painter Essentials 4 (x32 Version: 4.0 - Corel Corporation) Hidden
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CutterProc (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{285bff21}) (Version: - Software Publisher) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DNS Unlocker version 1.4 (HKLM-x32\...\{E1527582-8509-4011-B922-29E3FB548882}_is1) (Version: 1.4 - www.dnsunlocker.com) <==== ATTENTION
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.5 - Google Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.0.0.2023 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.10.1550 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
KeysScript (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{5965d732}) (Version: - KeysScript) <==== ATTENTION
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mischief-Free (HKLM-x32\...\Mischief-Free) (Version: - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
PCKeeper (Version: 2.2.1198 - Kromtech) Hidden <==== ATTENTION
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.2.2 - Reimage) <==== ATTENTION
SectionDouble (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{bfd46d07}) (Version: - Software Publisher) <==== ATTENTION
SeekerInstance (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{442b8ad0}) (Version: - Software Publisher) <==== ATTENTION
SegmentAssister (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{4aad814a}) (Version: - Software Publisher) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-219251710-3609435933-1062541636-1001\...\Spotify) (Version: 1.0.14.124.g4dfabc51 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
UMPlayer (HKLM-x32\...\{F7A991BC-C432-4CE6-836A-E81A09708A72}) (Version: 0.98.0 - InstallX, LLC) <==== ATTENTION
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.5 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.4 - Wacom Technology Corp.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse (09/17/2013 1.0.0.186) (HKLM\...\D9E691DCEE7D3B9B7C62A7F5C2EAABBB9335DC9A) (Version: 09/17/2013 1.0.0.186 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

12-09-2015 11:28:56 Windows Update
19-09-2015 14:11:37 Scheduled Checkpoint
26-09-2015 20:07:31 Scheduled Checkpoint
01-10-2015 16:28:01 Reimage Repair Restore Point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-25 22:26 - 2015-05-07 22:59 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F9E3D5E-CAE3-4717-99F6-C99D307875D3} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-08-19] (ASUS)
Task: {1072C687-680A-43AF-BB0A-62EC5EBF22AA} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-07-01] (ASUSTeK Computer Inc.)
Task: {143714DD-E834-4367-87AC-B3F5293E506E} - System32\Tasks\PCKeeper updater => C:\ProgramData\Kromtech\installer.exe [2015-08-12] () <==== ATTENTION
Task: {1BAE2485-5CF5-4DDF-B046-33C0609851E5} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {2488AD7E-6C56-40DD-8D65-458EAB9059DC} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-07-01] (ASUSTeK Computer Inc.)
Task: {2D3E8533-2D08-4AFF-A434-8094A2312967} - \Optimizer Pro Schedule -> No File <==== ATTENTION
Task: {598E7255-4798-4426-B4AE-C28479F47217} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-09] ()
Task: {626E0AF7-A6FA-4795-8DC5-1D5E684D3D7D} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {790FEB5B-6A9C-4CA9-9199-8D2A5E214C3A} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-08-19] (Reimage®) <==== ATTENTION
Task: {7CC57533-9D97-44A1-B152-F6E3A5E6651B} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-07-23] (ASUS)
Task: {8EA1ABF3-53B0-419A-963B-A66BEFC0059D} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-08-16] (ASUSTeK Computer Inc.)
Task: {9BF44206-88DA-4F3C-9124-80B1CBB3ACC8} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe [2015-08-11] () <==== ATTENTION
Task: {A5A96FEA-5CCA-432E-9AAE-AEEE080EC12F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {AEF96A65-EDE6-4957-96ED-100E893BDE18} - System32\Tasks\DNSELSMORE => C:\Program Files (x86)\DNS Unlocker\dnselsmore.exe [2015-09-10] ()
Task: {BAEFFCC5-DB8E-4E39-9CC4-5DAE481D3688} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {DFE18502-F82F-406D-A8DB-2726801F03BB} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-09-23] (AsusTek)
Task: {EF300D23-BAC7-4055-9D85-18E41BB175E9} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {FEB8FE1D-F8D2-4793-B3FC-4069ACABE950} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {FFAA63C6-EC79-47F4-A9C1-5CFDCBAC64D5} - System32\Tasks\Superclean => c:\programdata\{79f8ffd1-2cde-2270-79f8-8ffd12cdff44}\hqghumeaylnlf.exe [2014-08-21] (Super PC Tools Ltd) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Superclean.job => c:\programdata\{79f8ffd1-2cde-2270-79f8-8ffd12cdff44}\hqghumeaylnlf.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-18 23:10 - 2012-12-18 23:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2015-07-07 08:12 - 2015-07-07 08:12 - 00102104 _____ () C:\Program Files\Kromtech\PCKeeper\OneClickFixServicePS.dll
2015-07-07 08:12 - 2015-07-07 08:12 - 00091864 _____ () C:\Program Files\Kromtech\PCKeeper\RegistryCleanerComponentPS.dll
2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 _____ () C:\WINDOWS\SysWOW64\PSIService.exe
2013-07-23 10:54 - 2013-07-23 10:54 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2015-07-07 08:12 - 2015-07-07 08:12 - 00104664 _____ () C:\Program Files\Kromtech\PCKeeper\ZBAnalyticsCore.dll
2015-07-07 08:12 - 2015-07-07 08:12 - 00092888 _____ () C:\Program Files\Kromtech\PCKeeper\SharedNativeLibraryPS.dll
2015-07-07 08:12 - 2015-07-07 08:12 - 00060632 _____ () C:\Program Files\Kromtech\PCKeeper\ZBAnalytics.dll
2015-07-07 08:12 - 2015-07-07 08:12 - 00092888 _____ () C:\Program Files\Kromtech\PCKeeper\DiskCleanerComponentPS.dll
2015-08-19 01:56 - 2015-08-19 01:56 - 06908904 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2015-09-13 23:37 - 2015-09-10 00:45 - 00537088 _____ () C:\Program Files (x86)\DNS Unlocker\dnselsmore.exe
2013-08-16 11:03 - 2013-08-16 11:03 - 00023040 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-08-19 18:16 - 2013-08-19 18:16 - 00015440 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-03-13 22:02 - 2015-09-19 13:29 - 45067320 _____ () C:\Users\Zee\AppData\Roaming\Spotify\libcef.dll
2015-08-11 23:57 - 2015-08-07 17:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-11 23:57 - 2015-08-07 17:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-03-13 22:02 - 2015-09-19 13:29 - 01649208 _____ () C:\Users\Zee\AppData\Roaming\Spotify\libglesv2.dll
2015-03-13 22:02 - 2015-09-19 13:29 - 00080952 _____ () C:\Users\Zee\AppData\Roaming\Spotify\libegl.dll
2014-02-05 15:35 - 2013-05-31 14:30 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-11 23:57 - 2015-08-07 17:13 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-219251710-3609435933-1062541636-1001\...\genieo.com -> hxxp://search.genieo.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-219251710-3609435933-1062541636-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Zee\Pictures\kyo__dir_en_grey_6_by_b_d_m-d4pc1yf.jpg
DNS Servers: 82.163.143.172 - 82.163.142.174
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{24A3CFC7-DC3A-41AC-8FCC-FBD3E2436175}] => (Allow) LPort=1886
FirewallRules: [UDP Query User{12624CEA-9999-455F-8369-EDBC3A72F3BD}C:\users\zee\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\zee\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{074D0EA3-7AD4-4FA0-8CB8-04816893677C}C:\users\zee\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\zee\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F0CB8D95-464E-4A72-9A8A-A916BF410B58}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{85A01085-837A-468E-A685-76754D560FEF}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{120D943B-D0E8-4584-A88F-6293FCE84FF3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{49E3C26E-B00C-4DAD-A72A-32C95B879E69}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{EC0905EE-F270-4C3F-836F-B46229F1208B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{E6D5A438-3BBD-44DB-BD0C-545AE350CCD5}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{9E835905-E224-44C0-A818-B972D817FB78}] => (Allow) LPort=1900
FirewallRules: [{DB976C7D-0F91-4268-89D9-93C9888B22BF}] => (Allow) LPort=2869
FirewallRules: [{7DDB678C-AD17-4EE6-8C24-64C1BF85C773}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [TCP Query User{60DFB641-F121-4DE6-B9A3-40BFEA3BC39E}C:\users\zee\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\zee\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5216045F-D8C8-4456-B1A3-42FF71F14E09}C:\users\zee\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\zee\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4815EBCF-7CF8-47FC-B6DF-6A04BD3B981A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F262BE96-5486-4B03-A9D9-823777E2B6B0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7804B62C-ABED-4E69-8FF9-3C709B0BB145}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5933F2EC-E4EE-40C6-B905-13C989057203}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{627DCA8E-451F-4E27-8AF6-A1707768893F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6448602B-44F9-4AEA-B4D5-B2A173BF99AE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E50DC0C1-7B40-4A21-98E0-A52B894F5447}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D7FFD41F-6F8D-4A12-A72E-44E4F956857F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1806AEA5-551A-492E-B9E5-24B2E4560894}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9A87C24A-1C90-4632-92A3-1BE49649F0E0}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/01/2015 04:48:46 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: Siegfried)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.

Error: (10/01/2015 04:48:35 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: Siegfried)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.

Error: (10/01/2015 04:27:57 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {fd8c7195-6730-4e1b-86f7-f0f2f4acf7f7}

Error: (10/01/2015 03:51:58 PM) (Source: MsiInstaller) (EventID: 1002) (User: Siegfried)
Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'

Error: (10/01/2015 12:12:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1250

Error: (10/01/2015 12:12:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1250

Error: (10/01/2015 12:12:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/30/2015 11:18:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 486891

Error: (09/30/2015 11:18:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 486891

Error: (09/30/2015 11:18:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (10/01/2015 04:11:03 PM) (Source: DCOM) (EventID: 10010) (User: Siegfried)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (10/01/2015 03:55:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Security Center service hung on starting.

Error: (10/01/2015 03:51:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (10/01/2015 03:48:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:46:21 AM on ‎10/‎1/‎2015 was unexpected.

Error: (09/30/2015 03:03:34 PM) (Source: Win32k) (EventID: 253) (User: )
Description: A pointer device does not have a mandatory coordinate property.

Error: (09/30/2015 03:02:36 PM) (Source: Win32k) (EventID: 253) (User: )
Description: A pointer device does not have a mandatory coordinate property.

Error: (09/30/2015 02:32:51 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: A duplicate name has been detected on the TCP network. The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.

Error: (09/30/2015 11:35:14 AM) (Source: DCOM) (EventID: 10010) (User: Siegfried)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (09/30/2015 11:34:44 AM) (Source: DCOM) (EventID: 10010) (User: Siegfried)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (09/30/2015 11:02:54 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.31.31.115.
The computer with the IP address 10.31.31.9 did not allow the name to be claimed by
this computer.


CodeIntegrity:
===================================
Date: 2015-10-01 16:23:25.810
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-10-01 16:23:25.608
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-10-01 16:02:19.163
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-10-01 16:02:18.917
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-24 19:55:14.212
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-24 19:55:14.057
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-21 15:47:00.785
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-21 15:47:00.581
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-19 22:55:29.016
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-19 22:55:28.846
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 86%
Total physical RAM: 3979.84 MB
Available physical RAM: 543.69 MB
Total Virtual: 7051.84 MB
Available Virtual: 2039.34 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:444.21 GB) (Free:312.83 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 95DBDAD9)

Partition: GPT.

==================== End of Addition.txt ============================
 
Do NOT create multiple topics regarding same computer.
This topic is closed.
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
796
uber_beetle
uber_beetle
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back