Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer running slower than it should in some cases.. Bing keeps open


  • This topic is locked This topic is locked

#1
Incoming

Incoming

    Member

  • Member
  • PipPipPip
  • 400 posts

When I go to make a new folder it takes like 15 seconds for the folder to show up, and the same for when I'm uploading images sometimes..

 

Also, Bing keeps opening up in new windows. I came back yesterday from an idle an there were like 15 sessions of bing. I need to have Mcafee and safeconnect running in order to connect to my school's internet so maybe that's why but it's pretty annoying.

 

Edit: posted extras only by accident heres the normal one:

 

--

OTL logfile created on: 2/5/2015 9:34:00 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Brian\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17498)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.89 Gb Total Physical Memory | 5.18 Gb Available Physical Memory | 65.63% Memory free
15.89 Gb Paging File | 11.88 Gb Available in Paging File | 74.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 910.40 Gb Total Space | 838.79 Gb Free Space | 92.13% Space Free | Partition Type: NTFS
 
Computer Name: BRIAN-PC | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/02/05 09:33:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brian\Downloads\OTL.exe
PRC - [2015/01/26 22:44:13 | 000,843,592 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/01/11 17:13:10 | 000,300,360 | ---- | M] (Impulse Point, LLC) -- C:\Program Files (x86)\SafeConnect\SafeConnectClient.exe
PRC - [2014/12/31 10:57:51 | 000,567,880 | ---- | M] () -- C:\Program Files (x86)\puush\puush.exe
PRC - [2014/12/26 15:39:42 | 001,676,344 | ---- | M] (Spotify Ltd) -- C:\Users\Brian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/10/27 17:37:08 | 003,095,840 | ---- | M] (Nota Inc.) -- C:\Program Files (x86)\Gyazo\GyStation.exe
PRC - [2014/05/09 02:27:16 | 000,121,288 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
PRC - [2014/05/08 12:56:44 | 000,209,720 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2014/05/07 18:41:08 | 000,303,928 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2014/04/30 16:39:44 | 000,009,216 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe
PRC - [2014/04/30 16:39:42 | 000,018,944 | ---- | M] () -- C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
PRC - [2014/04/11 18:41:18 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
PRC - [2014/04/02 16:46:10 | 000,058,440 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2014/03/27 15:00:12 | 019,723,888 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2014/03/26 17:24:44 | 000,115,512 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2014/03/26 14:37:04 | 001,165,688 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2014/03/26 14:36:30 | 001,206,648 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2014/03/18 13:51:44 | 000,406,328 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2014/01/20 21:57:40 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/01/20 21:57:06 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/12/09 17:27:02 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/12/09 17:26:24 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2013/12/09 17:26:24 | 000,131,544 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2013/05/02 13:26:48 | 000,432,528 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
PRC - [2013/01/14 20:08:00 | 000,206,448 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2013/01/14 20:08:00 | 000,037,040 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2012/11/27 16:06:00 | 000,345,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
PRC - [2012/11/27 16:06:00 | 000,333,416 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
PRC - [2012/11/27 16:06:00 | 000,132,712 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
PRC - [2012/11/27 16:06:00 | 000,075,368 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
PRC - [2012/11/19 12:12:34 | 000,176,520 | ---- | M] (Impulse Point, LLC) -- C:\Program Files (x86)\SafeConnect\scManager.sys
PRC - [2012/05/28 12:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2011/11/21 16:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2015/01/26 22:44:10 | 009,171,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\pdf.dll
MOD - [2015/01/26 22:44:06 | 001,117,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libglesv2.dll
MOD - [2015/01/26 22:44:05 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libegl.dll
MOD - [2014/12/31 11:38:37 | 000,774,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\7230212927709d8f1309a0c8383dd492\System.Runtime.Remoting.ni.dll
MOD - [2014/12/31 11:38:30 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\0f06c6152e5384e75e9517c79ed500d4\System.Configuration.ni.dll
MOD - [2014/12/31 11:33:29 | 005,467,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49201f5658aca21352debffb85ff41df\System.Xml.ni.dll
MOD - [2014/12/31 11:33:25 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6b1a3043fa76fc0f83502099411d2a10\System.Windows.Forms.ni.dll
MOD - [2014/12/31 11:33:17 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\828956d62d94914af63efc7fb36d1120\System.Drawing.ni.dll
MOD - [2014/12/31 11:32:41 | 007,995,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\4976746d2f27ea6b60301a84d6c3e4be\System.ni.dll
MOD - [2014/12/31 11:32:33 | 011,500,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5bd3374f05d46ba0563f44d032209f08\mscorlib.ni.dll
MOD - [2014/12/31 10:57:51 | 000,567,880 | ---- | M] () -- C:\Program Files (x86)\puush\puush.exe
MOD - [2014/12/28 13:51:45 | 008,897,696 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\1033\GrooveIntlResource.dll
MOD - [2014/10/11 13:06:16 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/10/11 13:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/04/11 18:41:18 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
MOD - [2014/04/02 16:46:10 | 000,117,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
MOD - [2014/04/02 16:46:10 | 000,037,936 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
MOD - [2014/04/02 16:46:10 | 000,020,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
MOD - [2014/04/02 16:46:10 | 000,018,992 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2015/01/27 12:25:58 | 000,177,680 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2015/01/27 12:25:54 | 000,241,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2014/12/05 20:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/11/12 00:06:52 | 002,449,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/10/30 23:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/09/21 22:05:56 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/21 22:05:56 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/15 22:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/15 19:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/15 19:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 02:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/04/30 16:39:44 | 000,009,216 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe -- (ASUS Flip Service)
SRV:64bit: - [2014/03/18 05:13:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 05:13:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 05:13:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 05:13:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 05:13:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 05:13:14 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/17 22:10:44 | 000,282,072 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:64bit: - [2014/03/14 01:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 00:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 02:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/01/17 20:37:48 | 003,816,176 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2014/01/17 20:37:30 | 000,284,912 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2014/01/17 20:37:08 | 000,632,048 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2014/01/17 20:36:42 | 000,154,864 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2013/12/04 10:44:08 | 000,200,168 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV:64bit: - [2013/10/17 21:24:42 | 000,148,160 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyCriticalService.exe -- (DptfPolicyCriticalService)
SRV:64bit: - [2013/10/17 21:24:42 | 000,126,952 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyLpmService.exe -- (DptfPolicyLpmService)
SRV:64bit: - [2013/10/17 21:24:42 | 000,117,704 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfParticipantProcessorService.exe -- (DptfParticipantProcessorService)
SRV:64bit: - [2013/10/17 21:24:42 | 000,116,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyConfigTDPService.exe -- (DptfPolicyConfigTDPService)
SRV:64bit: - [2013/08/27 16:32:30 | 000,828,376 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/08/27 16:32:14 | 000,747,520 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2013/08/22 06:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 06:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 06:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 06:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 06:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 05:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 05:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 04:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 04:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 04:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 04:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 04:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 04:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 04:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 04:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2015/02/04 18:20:06 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/01/28 22:48:59 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/12/11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/11/18 15:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/08/15 22:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/05/09 02:27:16 | 000,121,288 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe -- (iBtSiva)
SRV - [2014/03/26 17:24:44 | 000,115,512 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2014/03/26 14:37:04 | 001,165,688 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2014/03/26 14:36:30 | 001,206,648 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2014/03/17 22:10:52 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/03/14 01:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/01/20 21:57:06 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/12/09 17:27:02 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/12/09 17:26:24 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/12/09 17:26:24 | 000,131,544 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2013/08/21 22:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 21:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/05/02 13:26:48 | 000,432,528 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe -- (DACoreService)
SRV - [2013/01/14 20:08:00 | 000,206,448 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2012/11/27 16:06:00 | 000,132,712 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2012/11/19 12:12:34 | 000,176,520 | ---- | M] (Impulse Point, LLC) [Auto | Running] -- C:\Program Files (x86)\SafeConnect\scManager.sys -- (SCManager)
SRV - [2011/11/21 16:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2015/01/27 12:26:00 | 000,069,168 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2015/01/27 12:25:58 | 000,339,392 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2015/01/27 12:25:57 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2015/01/27 12:25:57 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2015/01/27 12:25:55 | 000,309,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2015/01/27 12:25:55 | 000,178,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2015/01/22 03:48:19 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/12/11 19:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2014/10/12 21:43:17 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/10/12 21:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/10/12 21:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/10/09 20:58:57 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/09/21 22:06:16 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/21 22:06:16 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/21 21:49:43 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/08/15 23:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/08/14 19:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 10:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 10:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 06:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/15 00:37:02 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/05/09 02:27:38 | 000,192,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
DRV:64bit: - [2014/05/01 08:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/22 13:47:46 | 001,424,184 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2014/03/31 14:43:00 | 000,071,952 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
DRV:64bit: - [2014/03/27 15:00:12 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2014/03/26 14:37:38 | 000,140,600 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2014/03/19 22:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/18 05:13:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 05:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 05:13:02 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 05:13:01 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2014/03/18 05:13:01 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 05:13:01 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 05:13:00 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 05:13:00 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 05:13:00 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 04:45:41 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2014/03/18 04:45:41 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2014/03/17 22:10:32 | 003,729,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/03/16 21:43:32 | 000,450,520 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2014/03/13 12:21:36 | 003,434,464 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwbw02.sys -- (NETwNb64)
DRV:64bit: - [2014/03/09 22:18:08 | 000,842,456 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2014/03/08 15:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/01 15:32:31 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2014/03/01 15:32:31 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/12/09 17:26:24 | 000,100,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013/11/06 03:18:12 | 000,631,656 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/10/17 21:24:40 | 000,494,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfManager.sys -- (DptfManager)
DRV:64bit: - [2013/10/17 21:24:40 | 000,289,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevProc.sys -- (DptfDevProc)
DRV:64bit: - [2013/10/17 21:24:40 | 000,116,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevPch.sys -- (DptfDevPch)
DRV:64bit: - [2013/10/17 21:24:38 | 000,145,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevDram.sys -- (DptfDevDram)
DRV:64bit: - [2013/10/07 20:47:18 | 000,020,280 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV:64bit: - [2013/08/22 08:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 08:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 07:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 07:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 07:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 07:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 07:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 07:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 07:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 07:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 07:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 07:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 07:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 07:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 07:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 07:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 07:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 07:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 07:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 07:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 07:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 07:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 07:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 07:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 07:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 07:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 07:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 07:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 07:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 06:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 06:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 06:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 06:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 06:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 06:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 06:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 06:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 06:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 06:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 06:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 06:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 06:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 06:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 06:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 06:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 06:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 06:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 06:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 06:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 03:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 18:02:12 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2013/08/13 18:02:12 | 000,021,920 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:64bit: - [2013/08/13 18:02:10 | 000,029,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\INETMON.sys -- (INETMON)
DRV:64bit: - [2013/08/13 18:02:08 | 000,021,408 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:64bit: - [2013/08/12 18:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 19:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 13:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 14:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/09 01:35:38 | 000,329,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2013/06/18 10:05:45 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2013/06/18 09:45:58 | 011,518,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2013/06/18 09:45:26 | 000,460,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2012/10/03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/05 22:17:18 | 000,017,280 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2013/07/02 18:45:52 | 000,019,768 | ---- | M] (ASUSTek Computer Inc.) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/02 19:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...=IE10TR&pc=ASJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...=IE10TR&pc=ASJB
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2015/01/27 12:26:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2014/12/31 11:01:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Extensions
[2015/01/24 18:42:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\xdsfdpk4.default\extensions
[2015/01/28 22:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/01/28 22:49:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampglhhaehmknkedmgfpgdmpemfhekja\0.7.2_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\15.114.0.1_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.9.202_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gijclepbhbekkghfmcdfkpmbkbefcokp\1.37_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa\1.1.2_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic\7.1.7_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.5.4_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem\7.0.5_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\3.1_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\odhjkapjdlmmadkepnmlkpadnnnnoebm\0.0.0.3_0\
CHR - Extension: No name found = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/08/22 08:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20150127122646.dll (McAfee, Inc.)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20150127122646.dll (McAfee, Inc.)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [DptfPolicyLpmServiceHelper] C:\Windows\SysNative\DptfPolicyLpmServiceHelper.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_33867C28B656A822A918F4DBE57AA168] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)
O4 - HKCU..\Run: [puush] C:\Program Files (x86)\puush\puush.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [Spotify] C:\Users\Brian\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Brian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: sharepoint.com ([studentlasalleedu] https in Trusted sites)
O15 - HKCU\..Trusted Domains: sharepoint.com ([studentlasalleedu-my] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 139.84.10.205
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34142315-9C1C-440F-AACB-EADDDB8F3AD2}: DhcpNameServer = 139.84.10.205
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B70C057-017D-4B3F-8185-39CB2E615201}: DhcpNameServer = 139.84.10.205
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/02/02 19:43:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2015/02/02 19:43:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2015/02/02 19:43:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2015/02/02 10:42:22 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\Diagnostics
[2015/01/28 22:48:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/01/27 12:26:46 | 000,118,416 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\MfeOtlkAddin.dll
[2015/01/27 12:26:46 | 000,090,576 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysWow64\MfeOtlkAddin.dll
[2015/01/27 12:26:46 | 000,069,168 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeelamk.sys
[2015/01/27 12:26:46 | 000,024,168 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysWow64\MFEOtlk.dll
[2015/01/27 12:26:45 | 000,309,400 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2015/01/27 12:26:45 | 000,178,840 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeapfk.sys
[2015/01/27 12:26:45 | 000,106,112 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2015/01/27 12:26:45 | 000,010,288 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2015/01/27 12:26:39 | 000,771,096 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys
[2015/01/27 12:26:09 | 000,339,392 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2015/01/27 12:26:09 | 000,177,680 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2015/01/27 12:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2015/01/27 12:26:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2015/01/27 12:25:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2015/01/27 12:24:27 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\McAfee
[2015/01/27 12:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2015/01/27 12:23:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2015/01/26 01:03:52 | 000,000,000 | ---D | C] -- C:\Users\Brian\Documents\New folder (4)
[2015/01/26 00:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
[2015/01/26 00:04:33 | 000,000,000 | ---D | C] -- C:\xampp
[2015/01/22 12:55:37 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\ElevatedDiagnostics
[2015/01/22 03:48:07 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/01/22 03:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/01/22 03:47:45 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/01/22 03:47:45 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015/01/22 03:47:45 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/01/22 03:47:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/01/22 03:47:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/01/21 22:04:02 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\TS3Client
[2015/01/21 22:03:31 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2015/01/21 22:03:27 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\TeamSpeak 3 Client
[2015/01/21 17:51:51 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Apple Computer
[2015/01/21 17:51:51 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\Apple Computer
[2015/01/21 17:51:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015/01/21 17:51:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2015/01/21 17:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015/01/21 17:50:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015/01/21 17:50:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2015/01/21 17:50:37 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2015/01/21 17:50:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2015/01/21 17:50:05 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\Apple
[2015/01/21 17:50:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2015/01/21 17:49:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2015/01/21 17:49:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2015/01/21 17:49:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2015/01/21 17:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2015/01/21 17:49:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2015/01/21 17:04:51 | 000,000,000 | ---D | C] -- C:\Users\Brian\Documents\New folder (3)
[2015/01/21 17:04:49 | 000,000,000 | ---D | C] -- C:\Users\Brian\Documents\New folder (2)
[2015/01/21 17:04:41 | 000,000,000 | ---D | C] -- C:\Users\Brian\Documents\History Class
[2015/01/21 15:01:00 | 000,000,000 | -HSD | C] -- C:\Users\Brian\AppData\Local\EmieBrowserModeList
[2015/01/16 11:18:53 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\uTorrent
[2015/01/15 23:00:56 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
[2015/01/11 17:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SafeConnect
[2015/01/08 23:15:48 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Gyazo
[2015/01/08 20:45:27 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2015/01/08 16:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
[2015/01/08 16:39:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gyazo
[2015/01/07 18:58:47 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\Programs
 
========== Files - Modified Within 30 Days ==========
 
[2015/02/05 09:32:27 | 000,000,093 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\sp_data.sys
[2015/02/05 09:32:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/02/05 03:20:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/02/05 02:40:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/04 14:43:39 | 000,021,596 | ---- | M] () -- C:\Users\Brian\Documents\First assignment Brian Foran.zip
[2015/02/03 22:27:52 | 000,000,024 | ---- | M] () -- C:\Users\Brian\jagexappletviewer.preferences
[2015/02/03 22:27:28 | 000,000,044 | ---- | M] () -- C:\Users\Brian\jagex_cl_oldschool_LIVE.dat
[2015/02/03 15:40:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/02 10:35:00 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/02/02 10:34:59 | 2478,792,703 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/27 12:26:00 | 000,069,168 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeelamk.sys
[2015/01/27 12:25:58 | 000,339,392 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2015/01/27 12:25:58 | 000,177,680 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2015/01/27 12:25:57 | 000,771,096 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys
[2015/01/27 12:25:57 | 000,118,416 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\MfeOtlkAddin.dll
[2015/01/27 12:25:57 | 000,106,112 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2015/01/27 12:25:56 | 000,010,288 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2015/01/27 12:25:55 | 000,309,400 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2015/01/27 12:25:55 | 000,178,840 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeapfk.sys
[2015/01/27 12:25:50 | 000,090,576 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysWow64\MfeOtlkAddin.dll
[2015/01/27 12:25:50 | 000,024,168 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysWow64\MFEOtlk.dll
[2015/01/26 11:23:15 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/01/26 11:23:15 | 000,739,076 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/01/26 11:23:15 | 000,138,670 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/01/22 03:48:19 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/01/22 03:47:51 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/01/21 22:03:31 | 000,001,257 | ---- | M] () -- C:\Users\Brian\Desktop\TeamSpeak 3 Client.lnk
[2015/01/21 17:51:50 | 000,001,797 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/01/21 17:22:06 | 000,007,579 | ---- | M] () -- C:\Users\Brian\Documents\Pin_Fish.jpg
[2015/01/21 17:16:20 | 000,110,040 | ---- | M] () -- C:\Users\Brian\Documents\Pin_SD.jpg
[2015/01/21 17:07:09 | 000,016,160 | ---- | M] () -- C:\Users\Brian\Documents\Pin_COde.jpeg
[2015/01/21 17:05:03 | 000,006,990 | ---- | M] () -- C:\Users\Brian\Documents\Pin_Cat.jpg
[2015/01/16 11:19:08 | 000,000,901 | ---- | M] () -- C:\Users\Brian\Desktop\DownloadStuff.lnk
[2015/01/16 11:19:08 | 000,000,881 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2015/01/15 23:03:13 | 000,000,044 | ---- | M] () -- C:\Users\Brian\jagex_cl_runescape_LIVE.dat
[2015/01/15 23:00:56 | 000,002,076 | ---- | M] () -- C:\Users\Brian\Desktop\RuneScape.lnk
[2015/01/12 13:10:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2015/01/11 17:14:02 | 000,000,782 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SafeConnect.lnk
[2015/01/08 20:45:20 | 980,673,529 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2015/01/08 16:39:33 | 000,001,020 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Gyazo.lnk
[2015/01/08 16:39:33 | 000,001,020 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Gyazo GIF.lnk
[2015/01/08 16:39:33 | 000,000,996 | ---- | M] () -- C:\Users\Public\Desktop\Gyazo.lnk
[2015/01/08 16:39:33 | 000,000,996 | ---- | M] () -- C:\Users\Public\Desktop\Gyazo GIF.lnk
 
========== Files Created - No Company Name ==========
 
[2015/02/04 14:43:39 | 000,021,596 | ---- | C] () -- C:\Users\Brian\Documents\First assignment Brian Foran.zip
[2015/01/27 12:26:58 | 000,002,146 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee VirusScan Scan Messages.lnk
[2015/01/22 03:47:51 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/01/21 22:03:31 | 000,001,257 | ---- | C] () -- C:\Users\Brian\Desktop\TeamSpeak 3 Client.lnk
[2015/01/21 17:51:50 | 000,001,797 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/01/21 17:50:04 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2015/01/21 17:22:09 | 000,007,579 | ---- | C] () -- C:\Users\Brian\Documents\Pin_Fish.jpg
[2015/01/21 17:16:13 | 000,110,040 | ---- | C] () -- C:\Users\Brian\Documents\Pin_SD.jpg
[2015/01/21 17:07:03 | 000,016,160 | ---- | C] () -- C:\Users\Brian\Documents\Pin_COde.jpeg
[2015/01/21 17:04:58 | 000,006,990 | ---- | C] () -- C:\Users\Brian\Documents\Pin_Cat.jpg
[2015/01/16 11:19:08 | 000,000,901 | ---- | C] () -- C:\Users\Brian\Desktop\DownloadStuff.lnk
[2015/01/16 11:19:08 | 000,000,881 | ---- | C] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2015/01/15 23:03:13 | 000,000,044 | ---- | C] () -- C:\Users\Brian\jagex_cl_runescape_LIVE.dat
[2015/01/15 23:00:56 | 000,002,106 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
[2015/01/15 23:00:56 | 000,002,076 | ---- | C] () -- C:\Users\Brian\Desktop\RuneScape.lnk
[2015/01/12 13:10:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2015/01/11 17:13:04 | 000,000,782 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SafeConnect.lnk
[2015/01/08 20:45:20 | 980,673,529 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2015/01/08 16:39:33 | 000,001,020 | ---- | C] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Gyazo.lnk
[2015/01/08 16:39:33 | 000,001,020 | ---- | C] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Gyazo GIF.lnk
[2015/01/08 16:39:33 | 000,000,996 | ---- | C] () -- C:\Users\Public\Desktop\Gyazo.lnk
[2015/01/08 16:39:33 | 000,000,996 | ---- | C] () -- C:\Users\Public\Desktop\Gyazo GIF.lnk
[2014/12/31 23:05:31 | 000,000,024 | ---- | C] () -- C:\Users\Brian\jagexappletviewer.preferences
[2014/12/26 16:43:56 | 000,000,044 | ---- | C] () -- C:\Users\Brian\jagex_cl_oldschool_LIVE.dat
[2014/12/26 16:43:56 | 000,000,024 | R--- | C] () -- C:\Users\Brian\random.dat
[2014/12/26 15:30:04 | 000,000,093 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\sp_data.sys
[2014/08/04 19:40:20 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/08/04 19:34:10 | 000,313,688 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014/06/29 23:37:30 | 000,004,606 | ---- | C] () -- C:\Windows\SysWow64\DptfInvalidPolicyRemover.ini
[2014/06/29 23:31:30 | 000,068,608 | ---- | C] () -- C:\Windows\SysWow64\igfxexps32.dll
[2014/06/29 23:31:19 | 000,342,944 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2014/06/29 23:31:13 | 000,183,296 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/06/29 23:31:13 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2014/05/14 23:43:59 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2014/05/14 23:43:59 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2014/05/14 23:43:59 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS
[2014/03/18 05:13:28 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/03/18 05:13:03 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/27 16:00:08 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2013/08/22 10:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 10:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 09:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 02:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/21 18:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
[2015/01/01 01:09:29 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/30 19:15:33 | 021,197,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/30 17:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 04:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 04:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/12/26 15:32:00 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\ASUS Flip
[2015/01/08 23:15:48 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Gyazo
[2014/12/27 00:00:15 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\LolClient
[2015/01/01 13:41:41 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\NetBeans
[2014/12/31 10:57:37 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\puush
[2014/12/26 16:33:42 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Riot Games
[2015/02/05 01:54:31 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Spotify
[2014/12/26 16:16:20 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Sublime Text 2
[2015/01/21 23:07:36 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\TS3Client
[2015/01/21 18:05:44 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\uTorrent
[2014/12/26 15:33:35 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\WildTangent
 
========== Purity Check ==========
 
 
 
< End of report >
 

 

--

OTL Extras logfile created on: 2/5/2015 9:34:00 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Brian\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17498)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.89 Gb Total Physical Memory | 5.18 Gb Available Physical Memory | 65.63% Memory free
15.89 Gb Paging File | 11.88 Gb Available in Paging File | 74.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 910.40 Gb Total Space | 838.79 Gb Free Space | 92.13% Space Free | Partition Type: NTFS
 
Computer Name: BRIAN-PC | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D5229E4-5F0B-46D3-A7FE-3047D0E4CB27}" = rport=139 | protocol=6 | dir=out | app=system | 
"{1D3E06B2-FEB9-4E42-8E32-E14B1C04DBEF}" = lport=139 | protocol=6 | dir=in | app=system | 
"{1E1D3F06-8F0D-42C3-BDDC-EF3968589F40}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{2F50A140-7AEF-4E20-A132-A5C2DFC8ECFA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{39DA281A-9591-43A1-AC41-80B948473066}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{405C8B0A-EF88-4B3D-962F-43112EB787DB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{4E20BDF7-01FA-4CCD-9777-1F3E8A8D7184}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4F1118C0-48A1-4847-AD25-EFE71E252C63}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{570BC8C4-4F58-4079-9069-31E2867CE1B8}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{57E1C323-67DB-4339-A821-03E7F0BA923D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6AAFADB3-587B-4493-8C89-3378554D31FA}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{6CE5BC8A-3674-45F3-8D71-064AA6BFD76E}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{743504CE-BA83-479F-8332-86C857CB962B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe | 
"{7A9D0399-1D41-460F-9748-B9F5D28983F6}" = lport=138 | protocol=17 | dir=in | app=system | 
"{830236A8-5FB9-4ED0-A73B-8F315FCECCF0}" = rport=138 | protocol=17 | dir=out | app=system | 
"{8883D6D5-6F08-4BB3-AE67-F54688140DCA}" = lport=137 | protocol=17 | dir=in | app=system | 
"{958A3BFA-DC6B-4999-8D7F-67BF95A23E1D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{95E6939B-C156-4D14-8A43-F21BAAE81EA9}" = rport=137 | protocol=17 | dir=out | app=system | 
"{BAE5B44E-B154-4304-A600-765F0116E0F3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{BB8642BF-4724-48BE-AC10-E2A31FC5329A}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{BC85ED9E-F02E-4623-A037-9976B526A968}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D9767CF1-A4D5-4607-AC6A-5F282D3015B0}" = lport=445 | protocol=6 | dir=in | app=system | 
"{F2364A99-EC6F-425F-B0CC-651B1B9A90AB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{F982E3C7-993E-47DE-93E4-1020E885FEF6}" = rport=445 | protocol=6 | dir=out | app=system | 
"{FAD4C305-9898-4C5E-A4EA-776DC23E4444}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01484955-0085-407A-8961-9C5203228C2F}" = dir=out | name=asus photodirector | 
"{01C93711-58ED-4107-8CE2-60AE56386A95}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{023D3ABE-F218-42FF-9205-B733346332C3}" = dir=out | name=twitter | 
"{0B77AA6B-D46D-4F35-97ED-264978F37B50}" = dir=out | name=asus webstorage | 
"{1003593A-0CF4-4880-82F5-3F2DC544B485}" = dir=out | name=netflix | 
"{10E30148-0C81-4328-8927-A2FB09CD5D2F}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"{152A69F6-F0CA-4440-85F4-DA52A4965153}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe | 
"{17203326-FB1D-4C79-BFEE-4157DC456D2C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{1A393B90-D15E-448F-A630-647F4E3D6E63}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe | 
"{1A58E785-EED8-409E-9ECF-8D68A5E151B6}" = dir=out | name=@{microsoft.zunemusic_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{1B916A67-C425-4FAC-BC24-48C30090D465}" = dir=out | name=@{microsoft.zunemusic_2.6.653.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{1CEA44A9-8A20-482A-A907-E1D9965ED7F1}" = dir=out | name=zinio | 
"{1E91DA99-5359-444A-A744-9FA4FF2D1BCF}" = dir=in | name=skype | 
"{1F9E2E27-C3E9-4450-9C42-DFDD1696791D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{20B0DFB5-C661-4924-B7A0-DFB920A5AF94}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.253_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{22CCB0A2-6D16-43A8-8BEC-C64669459FA6}" = dir=out | name=fresh paint | 
"{283E4850-30AF-44DA-9BDD-FF28C2F95598}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{28C8C3B2-A8CF-4E9F-9F57-C616E00D5999}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{2AFADC95-1558-4C91-B03C-19A5264768C5}" = dir=out | name=line | 
"{2E62F9AE-128D-4AEA-A0B3-ADA5BC676FFD}" = dir=out | name=@{microsoft.bingsports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | 
"{2F288818-1CFB-44C2-902E-0914C9F1C8E0}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{32BBBEB6-961D-4407-9EF6-210B402266D4}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{38B9C497-50F8-4B16-984B-E8A22DE59294}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{3A64065D-ECEE-4CEE-9A04-085675FDCAA9}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe | 
"{3BA2288A-D15B-4FC7-96D0-DFC941822B86}" = dir=out | name=- games app - | 
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | 
"{45E8EC50-48A8-482D-92FA-A3818BA1542A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{46CC0664-7CA0-4BAD-BED8-F75D2C028777}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{4DF8FDE7-1C0D-4947-AA19-5789B9E38969}" = dir=out | name=@{magix.musicmakerjam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} | 
"{524D6842-F845-4475-98AC-3A63C689E014}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{531DE4B0-F8A8-4409-89A5-B8404B0703DE}" = dir=in | name=skype | 
"{53C84D0C-CBE4-4A23-B709-10462785A7E3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{5565755B-5CB6-466B-91F6-A7D43D4B9582}" = protocol=17 | dir=in | app=c:\users\brian\appdata\roaming\utorrent\utorrent.exe | 
"{55982B7A-5AB1-4FFE-A269-52CF6FD6439F}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | 
"{56EE432A-E088-44DA-9D6F-25A48EEF847B}" = dir=out | name=windows_ie_ac_001 | 
"{57597149-D7DC-4A77-B6F3-16FED5E6BB62}" = dir=in | name=onenote | 
"{5805D51E-C584-49FD-A56F-32058A34BFD3}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{5AB2E289-A95A-4248-B4D1-6018A87C60FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5CE51EE4-B0F8-4A43-84FF-C69DB2AC9D90}" = dir=in | name=asus webstorage | 
"{5D6EB7B1-B337-47FF-8E49-68795506F760}" = dir=out | name=twitter | 
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | 
"{635CBD1C-E39E-4FAC-9171-59A8359EBC5F}" = dir=out | name=skype | 
"{65A71AC6-EE40-417A-9CD5-5E0D9EBC4F7F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6A299B42-9990-4625-A797-144060D7F951}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe | 
"{6A41217F-1A2B-4BC2-AF6F-4F3D71443DA1}" = dir=out | name=@{microsoft.bingsports_3.0.4.244_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | 
"{6AB29432-FDE7-460F-A1D0-9AC8900434A4}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{6C75ACC4-75CF-476B-87F6-8A2141DC24A4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{6EF4AD86-B4D8-4F01-9814-45182065780E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{717700C0-4F40-4C12-AB43-7BA1C6E4BB44}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{77188536-4C91-4978-8931-1A69CE7AECE7}" = dir=out | name=onenote | 
"{77590092-EECB-4D01-B6CF-F0DFBC9705CC}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.236_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{788F2374-9A36-4002-8155-A2382AAD6BB1}" = dir=out | name=@{magix.musicmakerjam_2.1.1032.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} | 
"{79EB85DF-DC29-4BDA-A0D6-92E0969EB481}" = dir=in | name=zinio | 
"{7B2F9E4F-9D70-4803-A887-DBD4609DD408}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{81347D4D-87D1-436D-B693-5BA380E057A6}" = dir=out | name=@{microsoft.bingnews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | 
"{81C84275-E942-4708-B0AD-A55593F58DB1}" = dir=out | name=netflix | 
"{8272353B-52CA-4468-9A9E-B8FC3EA8FB1E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{83DCEE77-32BB-4F5D-82C8-A48251B19F3C}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe | 
"{86CF1611-D782-4CC5-BA1B-B72E3496C24E}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe | 
"{89FFA063-7661-4FF2-93E0-11A7E9514BA4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8B0B9C33-F5B2-41A5-ADBC-6AB49B177C54}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{8BDDBBD4-99C5-4CA0-B181-26D473C3806E}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"{8CD12BC0-A3B5-44AD-99A4-C76B3496EB0D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8E4187CD-6271-4EF5-9256-F74C5DC9348B}" = protocol=58 | dir=in | app=system | 
"{8F46C8E8-57E8-44A7-98EE-A5ED804A554A}" = dir=in | name=zinio | 
"{90304421-0724-4778-96A3-40D150B7FC29}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe | 
"{925270EC-33AC-4643-8DD4-190A926F68C7}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{96F21202-2D57-4F53-8BBA-A7CFB9A59D67}" = protocol=6 | dir=out | app=system | 
"{97334CA0-0D60-49C5-8098-767721930695}" = dir=out | name=zinio | 
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{9EF44226-7F33-4E4A-8E7F-FE27CF104EEB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{A0CA6F30-791B-478B-85D5-7DABAA2484BD}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe | 
"{A19897C9-5538-4CED-BF27-8DEB286016DC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A25E0D74-B69F-42F4-BB1F-E908DACECB28}" = dir=in | name=onenote | 
"{A4E491A2-6293-4A5B-83E1-FB1B69A0A480}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.254_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{A6882706-94C0-4B78-9288-1643B42E282A}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{A7B4DD36-0E55-4FC7-B5A7-F5E6A00EAA87}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{A880EFE0-A501-47DB-9240-997B032230BC}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe | 
"{AB1CA002-B51D-4430-B4EF-A919A0E1C0AD}" = dir=out | name=@{microsoft.bingweather_3.0.4.249_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} | 
"{ABD0DCE7-633C-443C-A98F-328D5C22F608}" = dir=out | name=skype | 
"{AD599A48-F399-4E6B-A070-FEBB5CA419CD}" = dir=out | name=flipboard | 
"{AE222E5A-873F-4144-B390-129A3B74E458}" = dir=out | name=- games app - | 
"{AEA882D5-A3D9-49C1-B16C-FFDF0399A1DF}" = protocol=6 | dir=in | app=c:\users\brian\appdata\roaming\utorrent\utorrent.exe | 
"{B0B73733-75DA-44A5-9753-A25611E5BD95}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B5FFA6A1-C0D9-4DDC-B97C-8FE4CD93C69C}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe | 
"{B78B32E6-78BC-4C15-842F-96D553C974A5}" = dir=out | name=asus webstorage | 
"{B80669FD-77AD-4153-BDB0-D0FB3DD8C316}" = dir=out | name=@{microsoft.bingweather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{B9FE9A2B-4293-449B-9294-0FEE7972DB03}" = dir=in | name=flipboard | 
"{BAB7B9B0-4779-4C88-96E2-87C87C3211FE}" = dir=out | name=fresh paint | 
"{BAB98457-44AD-4C60-81D5-17A89365C3C5}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{BF576C57-D6B6-441D-AE12-C6D1678D800F}" = dir=in | name=asus webstorage | 
"{C1630DEB-7C6D-4DEE-850A-00DE2B68B40E}" = dir=in | name=@{magix.musicmakerjam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} | 
"{C219019C-50CC-400C-952B-B7B179572D11}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{C3A1AFD7-18B2-4412-BFDF-BB9A8EEED92B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C5A043B8-A3AE-4293-9840-101DB7D17CC8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{CA5C85FC-0FE3-4000-A09F-E6C110B60A86}" = dir=out | name=@{microsoft.zunevideo_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{CCE0066D-3FCC-4DBE-952B-104EFC23036E}" = dir=out | name=@{microsoft.bingfinance_3.0.2.234_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | 
"{CCFA3DC2-2CA8-4861-A44D-1DEC814A39AD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe | 
"{CD6FBA07-8E7E-4463-A11C-A4E0FDCACCE7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe | 
"{CE5EF832-6EDB-4CDE-8A06-FA6D3156B26F}" = dir=in | name=@{magix.musicmakerjam_2.1.1032.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} | 
"{CFC597CC-A68A-4078-9E7A-255D9F671E7E}" = dir=out | name=@{microsoft.bingnews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | 
"{D1C2C02E-FD75-48FD-A539-9AEF8851BD13}" = dir=out | name=@{microsoft.bingtravel_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | 
"{D1DB56A5-C81E-4107-A50F-E43D42960E83}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{D46F611F-4806-4BB9-96FA-4BBCDA13448B}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | 
"{D6FC864B-A57B-421C-8D09-FA984D56A608}" = dir=out | name=line | 
"{D768BFAC-6C75-49A6-A8DF-F222FDEB9E98}" = dir=out | name=asus powerdirector | 
"{DA05B500-21FA-4563-B42B-3140FC68AC06}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DAF221D9-9306-49BE-9363-D6903B06DA7E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | 
"{E150FAD9-991F-488F-8021-1EEE8A050412}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{E5705032-6001-4FC4-B27B-E9DBAFB529B7}" = dir=out | name=onenote | 
"{E75F3952-9C55-4AC4-8723-149127726504}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{EA6AD8A9-6946-4138-B752-25F78D0E562E}" = dir=out | name=windows_ie_ac_001 | 
"{EB214840-8BBD-4F96-A740-C33FA85F7F0B}" = dir=out | name=@{microsoft.bingtravel_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | 
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | 
"{ED62014D-6609-4580-A074-4C96BB447D62}" = dir=out | name=@{microsoft.zunevideo_2.6.434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{F52E8103-04D1-4EC7-9EED-8532E388F26D}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | 
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | 
"{FC2D9745-FEC9-44A6-9ECD-DF5114CD48F5}" = dir=out | name=flipboard | 
"{FEB8C6B8-0410-4A72-B752-400518D9A42E}" = dir=out | name=@{microsoft.bingfinance_3.0.4.253_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | 
"TCP Query User{4A6F2B0E-BFEC-4BDC-A95B-9DAFE8E6C5E7}C:\users\brian\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\brian\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{50E6082E-5DA3-4F25-A49F-6D5CD44AB459}C:\users\brian\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\brian\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{A16D5117-A480-4CF5-9217-E9BF50FBEAB7}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{FB3869AA-2151-44D3-AFFF-E7FA4A6E084D}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{4020F2B7-1C08-42A7-8F1F-3BEC737F9B37}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{62138417-74C0-4F68-82BB-90E27BFBF8AB}C:\users\brian\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\brian\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{D2F9F9A2-33E5-48D6-A8F3-7B9CF7546FC5}C:\users\brian\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\brian\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{ECDA1026-1FB7-45D1-AC22-B0DA6AC934ED}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86418025F0}" = Java 8 Update 25 (64-bit)
"{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}" = iTunes
"{302600C1-6BDF-4FD1-1405-148929CC1385}" = Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1419.2)
"{51AC86D3-C431-48AD-9195-0D6C930D07CD}" = Intel® Smart Connect Technology
"{64A3A4F4-B792-11D6-A78A-00B0D0180250}" = Java SE Development Kit 8 Update 25 (64-bit)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7C7F8DAC-8ADA-4B86-BCB6-48B6FFB673DD}" = ASUS FlipLock
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 333.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 333.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client
"{B5E49E64-0C1B-49AD-AE21-119CE68750E9}" = Intel® PROSet/Wireless WiFi Software
"{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}" = Apple Mobile Device Support
"{dd372384-a281-47d6-8ef4-19cc622dce4e}" = Intel® PRO/Wireless Driver
"AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3" = Windows Driver Package - ASUS (ATP) Mouse  (03/17/2014 1.0.0.207)
"nbi-glassfish-mod-4.1.0.13.0" = GlassFish Server Open Source Edition 4.1
"nbi-nb-base-8.0.2.0.201411181905" = NetBeans IDE 8.0.2
"O365ProPlusRetail - en-us" = Microsoft Office 365 ProPlus - en-us
"Sublime Text 2_is1" = Sublime Text 2.0.2
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1" = Dragon Assistant Application en-US version 1.5.7
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AEFF024-F0D0-4AD6-8231-FF51949E91E0}" = McAfee Agent
"{4C0C1E4E-D3B1-4496-98EC-DA14D45EC855}_is1" = Dragon Assistant Language Data en-US version 1.1.3
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{55762F9A-FCE3-45d5-817B-051218658423}" = CyberLink MediaStory
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}" = Apple Application Support
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{b9007812-6a61-4dfc-8a0c-4c726c7dc43f}" = Intel® PROSet/Wireless Software
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C3592426-531E-4110-911D-BFECE2CE284B}" = puush
"{CCCEAAD4-3D2F-42C1-9AAA-08D458DB3509}" = OldSchool RuneScape Launcher 1.2.3
"{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}" = McAfee VirusScan Enterprise
"{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1" = Dragon Assistant version 1.5.7
"{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1" = Dragon Assistant Core Recognition Service version 1.1.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}" = RuneScape Launcher 1.2.3
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C" = Intel® Dynamic Platform and Thermal Framework
"Google Chrome" = Google Chrome
"InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}" = CyberLink MediaStory
"League of Legends 3.0.1" = League of Legends
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028
"Mozilla Firefox 35.0.1 (x86 en-US)" = Mozilla Firefox 35.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SafeConnect" = SafeConnect
"Steam" = Steam
"Steam App 72850" = The Elder Scrolls V: Skyrim
"xampp" = XAMPP
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2/2/2015 11:41:54 AM | Computer Name = brian-pc | Source = Application Error | ID = 1000
Description = Faulting application name: WLANExt.exe, version: 6.3.9600.16384, time
 stamp: 0x5215e075  Faulting module name: IWMSSvc.dll_unloaded, version: 17.0.0.0,
 time stamp: 0x52d9e2e8  Exception code: 0xc0000005  Fault offset: 0x00000000000d4271
Faulting
 process id: 0x608  Faulting application start time: 0x01d03efdd6784c69  Faulting application
 path: C:\Windows\system32\WLANExt.exe  Faulting module path: IWMSSvc.dll  Report Id:
 02a22e46-aaf2-11e4-8266-a0a8cdac12d6  Faulting package full name:   Faulting package-relative
 application ID: 
 
Error - 2/3/2015 2:45:09 AM | Computer Name = brian-pc | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_16_0_0_296.exe, version:
 16.0.0.296, time stamp: 0x54c2a331  Faulting module name: unknown, version: 0.0.0.0,
 time stamp: 0x00000000  Exception code: 0xc0000005  Fault offset: 0x00817230  Faulting
 process id: 0x1224  Faulting application start time: 0x01d03f6d5a90ecea  Faulting application
 path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe  Faulting
 module path: unknown  Report Id: 317655b5-ab70-11e4-8266-a0a8cdac12d6  Faulting package
 full name:   Faulting package-relative application ID: 
 
Error - 2/3/2015 4:42:18 AM | Computer Name = brian-pc | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files\Microsoft
 Office 15\root\office15\lync.exe.Manifest".Error in manifest or policy file "C:\Program
 Files\Microsoft Office 15\root\office15\UccApi.DLL" on line 1.  Component identity
 found in manifest does not match the identity of the component requested.  Reference
 is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".  Definition
 is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".  Please use
 sxstrace.exe for detailed diagnosis.
 
Error - 2/3/2015 4:48:40 AM | Computer Name = brian-pc | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files\Microsoft
 Office 15\root\office15\lync.exe.Manifest".Error in manifest or policy file "C:\Program
 Files\Microsoft Office 15\root\office15\UccApi.DLL" on line 1.  Component identity
 found in manifest does not match the identity of the component requested.  Reference
 is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".  Definition
 is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".  Please use
 sxstrace.exe for detailed diagnosis.
 
Error - 2/3/2015 5:08:10 AM | Computer Name = brian-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 2/3/2015 5:08:10 AM | Computer Name = brian-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1234
 
Error - 2/3/2015 5:08:10 AM | Computer Name = brian-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1234
 
Error - 2/3/2015 11:04:32 AM | Computer Name = brian-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 2/3/2015 11:04:32 AM | Computer Name = brian-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1187
 
Error - 2/3/2015 11:04:32 AM | Computer Name = brian-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1187
 
[ System Events ]
Error - 2/1/2015 5:22:50 AM | Computer Name = brian-pc | Source = DCOM | ID = 10010
Description = 
 
Error - 2/1/2015 5:23:20 AM | Computer Name = brian-pc | Source = DCOM | ID = 10010
Description = 
 
Error - 2/2/2015 9:51:59 AM | Computer Name = brian-pc | Source = DCOM | ID = 10010
Description = 
 
Error - 2/2/2015 9:52:29 AM | Computer Name = brian-pc | Source = DCOM | ID = 10010
Description = 
 
Error - 2/2/2015 9:52:46 AM | Computer Name = brian-pc | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the McTaskManager service.
 
Error - 2/2/2015 9:53:18 AM | Computer Name = brian-pc | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the McTaskManager service.
 
Error - 2/2/2015 9:58:20 AM | Computer Name = brian-pc | Source = DCOM | ID = 10010
Description = 
 
Error - 2/2/2015 9:58:50 AM | Computer Name = brian-pc | Source = DCOM | ID = 10010
Description = 
 
Error - 2/3/2015 4:42:29 AM | Computer Name = brian-pc | Source = DCOM | ID = 10010
Description = 
 
Error - 2/3/2015 4:42:59 AM | Computer Name = brian-pc | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >

Edited by Incoming, 05 February 2015 - 12:10 PM.

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi as you are running windows 8 I will need to use a different analysis programme

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
Incoming

Incoming

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2015
Ran by Brian (administrator) on BRIAN-PC on 08-02-2015 11:01:53
Running from C:\Users\Brian\Downloads
Loaded Profiles: Brian (Available profiles: Brian)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
Failed to access process -> services.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
() C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\scManager.sys
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
() C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Program Files (x86)\puush\puush.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\SafeConnectClient.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Users\Brian\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Brian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Brian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Brian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Brian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Brian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Google\Update\Install\{574BBF11-9367-4ECF-9A63-BB43BCAA720E}\40.0.2214.111_40.0.2214.94_chrome_updater.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\Installer\setup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-14] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [333416 2012-11-27] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [242792 2013-01-14] (McAfee, Inc.)
HKU\S-1-5-21-162980661-3251784264-1882081728-1001\...\Run: [GoogleChromeAutoLaunch_33867C28B656A822A918F4DBE57AA168] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
HKU\S-1-5-21-162980661-3251784264-1882081728-1001\...\Run: [Spotify] => C:\Users\Brian\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-26] (Spotify Ltd)
HKU\S-1-5-21-162980661-3251784264-1882081728-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-162980661-3251784264-1882081728-1001\...\Run: [Spotify Web Helper] => C:\Users\Brian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-26] (Spotify Ltd)
HKU\S-1-5-21-162980661-3251784264-1882081728-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-12-31] ()
HKU\S-1-5-21-162980661-3251784264-1882081728-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
HKU\S-1-5-21-162980661-3251784264-1882081728-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2014-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SafeConnect.lnk
ShortcutTarget: SafeConnect.lnk -> C:\Program Files (x86)\SafeConnect\SCClient.exe (Impulse Point, LLC)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-162980661-3251784264-1882081728-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-162980661-3251784264-1882081728-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-162980661-3251784264-1882081728-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-162980661-3251784264-1882081728-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20150127122646.dll (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20150127122646.dll (McAfee, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 139.84.10.205
 
FireFox:
========
FF ProfilePath: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\xdsfdpk4.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2015-01-27]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://asus.msn.com/
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-26]
CHR Extension: (LastPlug) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampglhhaehmknkedmgfpgdmpemfhekja [2015-01-31]
CHR Extension: (Google Docs) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-26]
CHR Extension: (Google Drive) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-26]
CHR Extension: (YouTube) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-26]
CHR Extension: (Google Cast) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-12-26]
CHR Extension: (Google Search) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-26]
CHR Extension: (Tampermonkey) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-12-26]
CHR Extension: (Google Sheets) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-26]
CHR Extension: (Golden View for Google+) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gijclepbhbekkghfmcdfkpmbkbefcokp [2014-12-26]
CHR Extension: (NetBeans Connector) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2014-12-26]
CHR Extension: (Crackle) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2014-12-26]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-12-26]
CHR Extension: (SparkChess 7) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2014-12-26]
CHR Extension: (Google Wallet) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-26]
CHR Extension: (Adblock Pro) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2014-12-26]
CHR Extension: (Reversi) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\odhjkapjdlmmadkepnmlkpadnnnnoebm [2014-12-26]
CHR Extension: (Gmail) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-26]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASUS Flip Service; C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe [9216 2014-04-30] (ASUS) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-05-02] (Nuance Communications, Inc.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-17] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-17] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2013-10-17] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-17] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121288 2014-05-09] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-17] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [132712 2012-11-27] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241016 2015-01-27] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [206448 2013-01-14] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [177680 2015-01-27] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 SCManager; C:\Program Files (x86)\SafeConnect\scManager.sys [176520 2012-11-19] (Impulse Point, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-17] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-17] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-17] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-17] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [192456 2014-05-09] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-22] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2015-01-27] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2015-01-27] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2015-01-27] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2015-01-27] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2015-01-27] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339392 2015-01-27] (McAfee, Inc.)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3434464 2014-03-13] (Intel Corporation)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-08 11:01 - 2015-02-08 11:02 - 00024985 _____ () C:\Users\Brian\Downloads\FRST.txt
2015-02-08 11:01 - 2015-02-08 11:01 - 00000000 ____D () C:\FRST
2015-02-08 11:00 - 2015-02-08 11:00 - 02132992 _____ (Farbar) C:\Users\Brian\Downloads\FRST64.exe
2015-02-05 09:40 - 2015-02-05 09:40 - 00077714 _____ () C:\Users\Brian\Downloads\Extras.Txt
2015-02-05 09:39 - 2015-02-05 09:39 - 00157934 _____ () C:\Users\Brian\Downloads\OTL.Txt
2015-02-05 09:33 - 2015-02-05 09:33 - 00602112 _____ (OldTimer Tools) C:\Users\Brian\Downloads\OTL.exe
2015-02-04 14:43 - 2015-02-04 14:43 - 00021596 _____ () C:\Users\Brian\Documents\First assignment Brian Foran.zip
2015-02-04 14:39 - 2015-02-04 14:43 - 00000000 ____D () C:\Users\Brian\Downloads\first assignment sd230
2015-02-04 14:39 - 2015-02-04 14:39 - 00022178 _____ () C:\Users\Brian\Downloads\first assignment sd230.zip
2015-02-02 19:43 - 2015-02-02 19:43 - 13087456 _____ (Microsoft Corporation) C:\Users\Brian\Downloads\Silverlight_x64.exe
2015-02-02 19:43 - 2015-02-02 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-02 19:43 - 2015-02-02 19:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-02-02 19:43 - 2015-02-02 19:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-28 22:48 - 2015-01-28 22:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-27 12:26 - 2015-02-02 10:37 - 00002146 _____ () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee VirusScan Scan Messages.lnk
2015-01-27 12:26 - 2015-01-27 12:26 - 00069168 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeelamk.sys
2015-01-27 12:26 - 2015-01-27 12:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-27 12:26 - 2015-01-27 12:26 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-01-27 12:26 - 2015-01-27 12:25 - 00771096 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfehidk.sys
2015-01-27 12:26 - 2015-01-27 12:25 - 00339392 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfewfpk.sys
2015-01-27 12:26 - 2015-01-27 12:25 - 00309400 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeavfk.sys
2015-01-27 12:26 - 2015-01-27 12:25 - 00178840 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeapfk.sys
2015-01-27 12:26 - 2015-01-27 12:25 - 00177680 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2015-01-27 12:26 - 2015-01-27 12:25 - 00118416 _____ (McAfee, Inc.) C:\Windows\system32\MfeOtlkAddin.dll
2015-01-27 12:26 - 2015-01-27 12:25 - 00106112 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mferkdet.sys
2015-01-27 12:26 - 2015-01-27 12:25 - 00090576 _____ (McAfee, Inc.) C:\Windows\SysWOW64\MfeOtlkAddin.dll
2015-01-27 12:26 - 2015-01-27 12:25 - 00024168 _____ (McAfee, Inc.) C:\Windows\SysWOW64\MFEOtlk.dll
2015-01-27 12:26 - 2015-01-27 12:25 - 00010288 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeclnk.sys
2015-01-27 12:24 - 2015-01-27 12:24 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\McAfee
2015-01-27 12:23 - 2015-01-27 12:26 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-27 12:23 - 2015-01-27 12:25 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-27 12:23 - 2015-01-27 12:23 - 00000000 ____D () C:\Users\Brian\Downloads\McAfee 8.8 Windows
2015-01-27 12:16 - 2015-01-27 12:16 - 59468840 _____ () C:\Users\Brian\Downloads\McAfee 8.8 Windows.zip
2015-01-26 22:08 - 2015-01-26 22:08 - 08520191 _____ () C:\Users\Brian\Downloads\Soulessheart Scams x3 GB Habbo.webm
2015-01-26 01:03 - 2015-01-26 01:03 - 00000000 ____D () C:\Users\Brian\Documents\New folder (4)
2015-01-26 00:09 - 2015-01-26 00:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-01-26 00:04 - 2015-01-26 11:17 - 00000000 ____D () C:\xampp
2015-01-25 23:43 - 2015-01-26 00:00 - 150905704 _____ (Bitnami) C:\Users\Brian\Downloads\xampp-win32-5.6.3-0-VC11-installer.exe
2015-01-25 21:36 - 2015-01-25 21:36 - 00000154 _____ () C:\Users\Brian\Documents\i need a job.txt
2015-01-23 09:58 - 2015-01-23 09:59 - 57935406 _____ () C:\Users\Brian\Downloads\Dash Berlin with ATB vs Niki And The Dove - DJ Ease My Apollo Road.aif
2015-01-22 03:50 - 2015-01-22 03:50 - 00014848 ___SH () C:\Users\Brian\Documents\Thumbs.db
2015-01-22 03:48 - 2015-01-22 03:48 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-22 03:47 - 2015-01-22 03:47 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-22 03:47 - 2015-01-22 03:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-22 03:47 - 2015-01-22 03:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-22 03:47 - 2015-01-22 03:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-22 03:47 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-22 03:47 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-22 03:47 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-22 03:46 - 2015-01-22 03:46 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Brian\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-22 03:46 - 2015-01-22 03:46 - 02186752 _____ () C:\Users\Brian\Downloads\adwcleaner_4.108.exe
2015-01-21 22:04 - 2015-01-21 23:07 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\TS3Client
2015-01-21 22:03 - 2015-01-21 22:03 - 00001257 _____ () C:\Users\Brian\Desktop\TeamSpeak 3 Client.lnk
2015-01-21 22:03 - 2015-01-21 22:03 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-01-21 22:03 - 2015-01-21 22:03 - 00000000 ____D () C:\Users\Brian\AppData\Local\TeamSpeak 3 Client
2015-01-21 21:57 - 2015-01-21 22:01 - 30014480 _____ (TeamSpeak Systems GmbH) C:\Users\Brian\Downloads\TeamSpeak3-Client-win64-3.0.16.exe
2015-01-21 17:51 - 2015-01-21 17:52 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Apple Computer
2015-01-21 17:51 - 2015-01-21 17:51 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-21 17:51 - 2015-01-21 17:51 - 00000000 ____D () C:\Users\Brian\AppData\Local\Apple Computer
2015-01-21 17:51 - 2015-01-21 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-21 17:51 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-01-21 17:50 - 2015-01-21 17:51 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-21 17:50 - 2015-01-21 17:51 - 00000000 ____D () C:\Program Files\iTunes
2015-01-21 17:50 - 2015-01-21 17:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-21 17:50 - 2015-01-21 17:50 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-01-21 17:50 - 2015-01-21 17:50 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-01-21 17:50 - 2015-01-21 17:50 - 00000000 ____D () C:\Users\Brian\AppData\Local\Apple
2015-01-21 17:50 - 2015-01-21 17:50 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-21 17:50 - 2015-01-21 17:50 - 00000000 ____D () C:\Program Files\iPod
2015-01-21 17:50 - 2015-01-21 17:50 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-01-21 17:49 - 2015-01-21 17:50 - 00000000 ____D () C:\ProgramData\Apple
2015-01-21 17:49 - 2015-01-21 17:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-21 17:49 - 2015-01-21 17:49 - 00000000 ____D () C:\Program Files\Bonjour
2015-01-21 17:49 - 2015-01-21 17:49 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-01-21 17:46 - 2015-01-21 17:48 - 122418480 _____ (Apple Inc.) C:\Users\Brian\Downloads\iTunes64Setup.exe
2015-01-21 17:07 - 2015-01-21 17:07 - 00016160 _____ () C:\Users\Brian\Documents\Pin_COde.jpeg
2015-01-21 17:04 - 2015-01-26 17:46 - 00000000 ____D () C:\Users\Brian\Documents\History Class
2015-01-21 17:04 - 2015-01-21 17:04 - 00000000 ____D () C:\Users\Brian\Documents\New folder (3)
2015-01-21 17:04 - 2015-01-21 17:04 - 00000000 ____D () C:\Users\Brian\Documents\New folder (2)
2015-01-21 15:01 - 2015-01-21 15:01 - 00000000 __SHD () C:\Users\Brian\AppData\Local\EmieBrowserModeList
2015-01-21 14:55 - 2015-01-21 15:15 - 00000113 _____ () C:\Users\Brian\Downloads\Gmauler.txt
2015-01-19 17:29 - 2015-01-19 17:29 - 00000912 _____ () C:\Users\Brian\Downloads\Documents - Shortcut.lnk
2015-01-19 17:05 - 2015-01-19 17:05 - 01085440 _____ () C:\Users\Brian\Downloads\puush (1).msi
2015-01-19 04:16 - 2015-01-19 04:16 - 00003505 _____ () C:\Users\Brian\Documents\webstuff.txt
2015-01-16 11:19 - 2015-01-16 11:19 - 00000901 _____ () C:\Users\Brian\Desktop\DownloadStuff.lnk
2015-01-16 11:19 - 2015-01-16 11:19 - 00000881 _____ () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-01-16 11:18 - 2015-01-21 18:05 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\uTorrent
2015-01-15 23:03 - 2015-01-15 23:03 - 00000044 _____ () C:\Users\Brian\jagex_cl_runescape_LIVE.dat
2015-01-15 23:00 - 2015-01-15 23:00 - 00002106 _____ () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2015-01-15 23:00 - 2015-01-15 23:00 - 00002076 _____ () C:\Users\Brian\Desktop\RuneScape.lnk
2015-01-15 23:00 - 2015-01-15 23:00 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2015-01-13 19:27 - 2014-12-19 01:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 19:27 - 2014-12-11 21:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 19:27 - 2014-12-11 19:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-13 19:27 - 2014-12-08 20:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 19:27 - 2014-12-08 14:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-13 19:27 - 2014-12-08 14:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-13 19:27 - 2014-12-08 14:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-13 19:27 - 2014-12-08 14:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-13 19:27 - 2014-12-08 14:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-13 19:27 - 2014-12-08 14:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-13 19:27 - 2014-12-08 14:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-13 19:27 - 2014-12-08 14:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-13 19:27 - 2014-12-05 22:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-13 19:27 - 2014-12-05 20:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 19:27 - 2014-12-05 20:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-13 19:27 - 2014-10-28 23:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-13 19:27 - 2014-10-28 23:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-13 19:27 - 2014-10-28 22:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-13 19:27 - 2014-10-28 22:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-13 19:27 - 2014-10-28 22:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-13 19:27 - 2014-10-28 22:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-13 19:27 - 2014-10-28 22:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-13 19:27 - 2014-10-28 22:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-13 19:27 - 2014-10-28 22:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-13 19:27 - 2014-10-28 22:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-13 19:27 - 2014-10-28 22:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-13 19:27 - 2014-10-28 21:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-13 19:27 - 2014-10-28 20:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-13 19:27 - 2014-10-28 20:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-13 19:27 - 2014-10-28 20:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-13 19:27 - 2014-10-28 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-12 13:10 - 2015-01-12 13:10 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-01-12 10:15 - 2015-01-12 10:15 - 00015177 _____ () C:\Users\Brian\Downloads\Time Sheet Electronic (1).xlsx
2015-01-12 10:09 - 2015-01-12 10:13 - 00015177 _____ () C:\Users\Brian\Downloads\Time Sheet Electronic.xlsx
2015-01-11 17:13 - 2015-02-08 10:56 - 00000000 ____D () C:\Program Files (x86)\SafeConnect
2015-01-11 17:12 - 2015-01-11 17:12 - 01464136 _____ (Impulse Point, LLC) C:\Users\Brian\Downloads\ServiceInstaller.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-08 11:01 - 2014-12-26 15:39 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Spotify
2015-02-08 11:00 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-08 10:59 - 2014-12-26 15:55 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Skype
2015-02-08 10:59 - 2014-12-26 15:34 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0CC840A8-C659-4E3F-B0A3-09A8A640CF6E}
2015-02-08 10:57 - 2014-12-26 15:30 - 00000093 _____ () C:\Users\Brian\AppData\Roaming\sp_data.sys
2015-02-08 05:34 - 2014-08-04 19:27 - 01872633 _____ () C:\Windows\WindowsUpdate.log
2015-02-08 02:20 - 2014-12-31 11:07 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-08 01:45 - 2014-12-26 15:35 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-08 00:45 - 2014-12-26 15:35 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-07 14:01 - 2014-12-26 15:34 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-162980661-3251784264-1882081728-1001
2015-02-07 12:24 - 2014-12-31 23:05 - 00000024 _____ () C:\Users\Brian\jagexappletviewer.preferences
2015-02-07 12:23 - 2014-12-26 16:43 - 00000044 _____ () C:\Users\Brian\jagex_cl_oldschool_LIVE.dat
2015-02-07 12:22 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-06 00:40 - 2014-12-26 15:35 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-06 00:40 - 2014-12-26 15:35 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 21:50 - 2015-01-02 23:42 - 00000000 ____D () C:\Users\Brian\AppData\Local\CrashDumps
2015-02-05 15:43 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-05 15:35 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-04 18:20 - 2014-12-31 11:07 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 09:38 - 2014-12-26 15:39 - 00000000 ____D () C:\Users\Brian\AppData\Local\Spotify
2015-02-03 14:31 - 2014-12-31 10:48 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 14:31 - 2014-12-31 10:48 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-02 10:37 - 2013-08-22 08:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-02 10:35 - 2013-08-22 09:46 - 00034213 _____ () C:\Windows\setupact.log
2015-02-02 10:35 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-02 10:34 - 2014-12-31 11:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-02 10:34 - 2013-08-22 08:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-27 12:26 - 2013-08-22 10:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-01-26 11:23 - 2014-03-18 05:03 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-26 11:18 - 2014-03-18 04:54 - 00009146 _____ () C:\Windows\PFRO.log
2015-01-22 14:22 - 2014-12-26 15:28 - 00000000 ____D () C:\Users\Brian
2015-01-21 15:19 - 2014-12-28 00:53 - 00103424 ___SH () C:\Users\Brian\Downloads\Thumbs.db
2015-01-19 17:05 - 2014-12-31 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\puush
2015-01-18 10:35 - 2015-01-04 12:59 - 00000000 ____D () C:\Users\Brian\Desktop\Shortcuts
2015-01-15 23:03 - 2014-12-26 16:43 - 00000000 ____D () C:\Users\Brian\jagexcache
2015-01-14 04:25 - 2014-12-31 10:24 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 04:18 - 2014-12-31 10:24 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-12 23:24 - 2014-12-26 15:28 - 00000000 ____D () C:\Users\Brian\AppData\Local\Packages
2015-01-09 00:37 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\LiveKernelReports
 
==================== Files in the root of some directories =======
 
2014-12-26 15:30 - 2015-02-08 10:57 - 0000093 _____ () C:\Users\Brian\AppData\Roaming\sp_data.sys
2014-08-04 19:40 - 2014-08-04 19:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-14 23:43 - 2012-09-07 06:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-05-14 23:43 - 2009-07-22 05:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-14 23:43 - 2012-09-07 06:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\Brian\jagex_cl_oldschool_LIVE.dat
C:\Users\Brian\jagex_cl_runescape_LIVE.dat
C:\Users\Brian\random.dat
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-05 07:03
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2015
Ran by Brian at 2015-02-08 11:02:49
Running from C:\Users\Brian\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee VirusScan Enterprise (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan Enterprise Antispyware Module (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-162980661-3251784264-1882081728-1001\...\uTorrent) (Version: 3.4.2.37951 - BitTorrent Inc.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS FlipLock (HKLM\...\{7C7F8DAC-8ADA-4B86-BCB6-48B6FFB673DD}) (Version: 1.0.4 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.9 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0035 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
Dragon Assistant Application en-US version 1.5.7 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.7 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service version 1.1.10 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.10 - Nuance Communications, Inc.)
Dragon Assistant Language Data en-US version 1.1.3 (HKLM-x32\...\{4C0C1E4E-D3B1-4496-98EC-DA14D45EC855}_is1) (Version: 1.1.3 - Nuance Communications, Inc.)
Dragon Assistant version 1.5.7 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.7 - Nuance Communications, Inc.)
GlassFish Server Open Source Edition 4.1 (HKLM\...\nbi-glassfish-mod-4.1.0.13.0) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b9007812-6a61-4dfc-8a0c-4c726c7dc43f}) (Version: 17.0.1 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Agent (HKLM-x32\...\{4AEFF024-F0D0-4AD6-8231-FF51949E91E0}) (Version: 4.6.0.3122 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM-x32\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.03000 - McAfee, Inc.)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
NVIDIA Graphics Driver 333.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.11 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
OldSchool RuneScape Launcher 1.2.3 (HKLM-x32\...\{CCCEAAD4-3D2F-42C1-9AAA-08D458DB3509}) (Version: 1.2.3 - Jagex Ltd)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.28.307.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
SafeConnect (HKLM-x32\...\SafeConnect) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-162980661-3251784264-1882081728-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
TeamSpeak 3 Client (HKU\S-1-5-21-162980661-3251784264-1882081728-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Windows Driver Package - ASUS (ATP) Mouse  (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-162980661-3251784264-1882081728-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
21-01-2015 17:50:07 Installed iTunes
27-01-2015 12:23:38 Installed McAfee Agent.
04-02-2015 09:16:54 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {2D275A2C-82EC-41CA-A736-D20B4CEE9137} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {2E08ACFD-4F06-415C-B43D-1686A8413141} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2014-04-11] ()
Task: {3BBD4B26-BF5F-412B-A0B0-88AE4762F416} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {3D77FD87-5F7A-4622-A9EE-575CF9033CAA} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
Task: {4092B963-FBB2-4FAA-8830-D985E78CAD82} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13] (Realtek Semiconductor)
Task: {46D7DFEF-2D92-43AB-A76A-949241563FE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
Task: {4AE13151-2BCF-4396-95EE-5A25C77B9FB1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {4EDEDA6A-8217-40A6-B1D9-CA612A8EBCE8} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {57D59A34-073F-4740-B98F-0412408AB270} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2015-02-06] ()
Task: {8C2F8141-5AFA-4822-8DDE-13AF91DFA489} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
Task: {8CD341BC-E3A6-4C73-B26A-BD549BFD6C90} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26] (Realtek Semiconductor)
Task: {925CD37F-B874-49B2-9E28-3CB9B026F01C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {929747BF-3ED3-4CFD-9AE3-1AAE5ED68E05} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {A2A1B309-161D-4B38-8DD5-CC2BBA654917} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-12-28] (Microsoft Corporation)
Task: {A9B3A191-4668-4C25-9024-BD2D7B3299D4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
Task: {C4B8570F-DB16-42E6-9861-5610453EA1A3} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {D172FB5D-52F9-46E1-8042-17463EB4FA74} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {F9DB7D17-6B55-42CA-9F49-7303D7A367BB} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2015-02-06] ()
Task: {FD5D31C8-4772-4535-983A-0B3C15F3369D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-12-28] (Microsoft Corporation)
Task: {FEB958B6-E9C9-43BA-8DA7-21EB81947E37} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-12-28] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-08-04 19:34 - 2014-04-29 12:11 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-26 16:18 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-04-30 16:39 - 2014-04-30 16:39 - 00018944 _____ () C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
2013-12-04 10:44 - 2013-12-04 10:44 - 00200168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 10:44 - 2013-12-04 10:44 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 10:44 - 2013-12-04 10:44 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2014-12-28 13:51 - 2014-12-28 13:51 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-01-10 14:41 - 2014-12-31 10:57 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2014-12-26 15:39 - 2014-12-26 15:39 - 00374840 _____ () C:\Users\Brian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2015-02-06 00:45 - 2015-02-05 11:41 - 01043024 _____ () C:\Program Files (x86)\Google\Update\Install\{574BBF11-9367-4ECF-9A63-BB43BCAA720E}\40.0.2214.111_40.0.2214.94_chrome_updater.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-04 20:02 - 2013-05-02 13:26 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2014-08-04 20:02 - 2013-05-02 13:26 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2014-08-04 20:02 - 2013-05-02 13:26 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2014-08-04 20:02 - 2013-05-02 13:26 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2014-08-04 20:02 - 2013-05-02 13:26 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2014-08-04 20:02 - 2013-05-02 13:26 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2014-08-04 20:02 - 2013-05-02 13:25 - 00027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
2014-04-30 16:39 - 2014-04-30 16:39 - 00009216 _____ () C:\Program Files\ASUS\ASUS FlipLock\WMIProc.dll
2007-04-18 19:30 - 2007-04-18 19:30 - 00393216 _____ () C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll
2007-04-18 19:30 - 2007-04-18 19:30 - 00471040 _____ () C:\Program Files (x86)\McAfee\Common Framework\ccme_base.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2014-08-04 19:43 - 2013-12-09 17:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-12-26 15:39 - 2014-12-26 15:39 - 36966968 _____ () C:\Users\Brian\AppData\Roaming\Spotify\Data\libcef.dll
2014-12-26 15:39 - 2014-12-26 15:39 - 00867896 _____ () C:\Users\Brian\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-12-26 15:39 - 2014-12-26 15:39 - 00886840 _____ () C:\Users\Brian\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-12-26 15:39 - 2014-12-26 15:39 - 00108600 _____ () C:\Users\Brian\AppData\Roaming\Spotify\Data\libegl.dll
2014-12-28 13:51 - 2014-12-28 13:51 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2015-02-06 05:46 - 2015-02-04 04:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-06 05:46 - 2015-02-04 04:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-06 05:46 - 2015-02-04 04:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2015-02-06 05:46 - 2015-02-04 04:02 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Registry Areas =====================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-162980661-3251784264-1882081728-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Brian\Pictures\Backgrounds\SurestSign.jpg
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-162980661-3251784264-1882081728-500 - Administrator - Disabled)
Brian (S-1-5-21-162980661-3251784264-1882081728-1001 - Administrator - Enabled) => C:\Users\Brian
Guest (S-1-5-21-162980661-3251784264-1882081728-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-162980661-3251784264-1882081728-1003 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: HID-compliant touch screen
Description: HID-compliant touch screen
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/07/2015 03:57:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/07/2015 03:55:04 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/07/2015 02:08:56 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/07/2015 02:01:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/07/2015 05:10:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1031
 
Error: (02/07/2015 05:10:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1031
 
Error: (02/07/2015 05:10:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/07/2015 05:10:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10802203
 
Error: (02/07/2015 05:10:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10802203
 
Error: (02/07/2015 05:10:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (02/07/2015 02:02:17 PM) (Source: DCOM) (EventID: 10010) (User: brian-pc)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (02/07/2015 02:01:47 PM) (Source: DCOM) (EventID: 10010) (User: brian-pc)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (02/06/2015 04:44:17 AM) (Source: DCOM) (EventID: 10010) (User: brian-pc)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (02/06/2015 04:43:47 AM) (Source: DCOM) (EventID: 10010) (User: brian-pc)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (02/05/2015 10:56:03 AM) (Source: DCOM) (EventID: 10010) (User: brian-pc)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (02/05/2015 10:55:33 AM) (Source: DCOM) (EventID: 10010) (User: brian-pc)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (02/05/2015 10:31:39 AM) (Source: DCOM) (EventID: 10010) (User: brian-pc)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (02/05/2015 10:31:09 AM) (Source: DCOM) (EventID: 10010) (User: brian-pc)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (02/05/2015 07:34:08 AM) (Source: DCOM) (EventID: 10010) (User: brian-pc)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (02/05/2015 07:18:37 AM) (Source: DCOM) (EventID: 10010) (User: brian-pc)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
 
Microsoft Office Sessions:
=========================
Error: (02/07/2015 03:57:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
 
Error: (02/07/2015 03:55:04 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
 
Error: (02/07/2015 02:08:56 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
 
Error: (02/07/2015 02:01:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
 
Error: (02/07/2015 05:10:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1031
 
Error: (02/07/2015 05:10:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1031
 
Error: (02/07/2015 05:10:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/07/2015 05:10:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10802203
 
Error: (02/07/2015 05:10:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10802203
 
Error: (02/07/2015 05:10:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-01-22 04:24:56.974
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-01-16 11:32:50.577
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-01-09 03:57:45.707
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-01-02 02:07:47.886
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-31 11:31:16.738
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 47%
Total physical RAM: 8074.95 MB
Available physical RAM: 4251.52 MB
Total Pagefile: 16266.95 MB
Available Pagefile: 10014.44 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:910.4 GB) (Free:838.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B118416D)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there is no apparent malware visible, so I will empty the temp files and then see what else there is that can be done

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
2015-01-21 15:01 - 2015-01-21 15:01 - 00000000 __SHD () C:\Users\Brian\AppData\Local\EmieBrowserModeList
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\Brian\jagex_cl_oldschool_LIVE.dat
C:\Users\Brian\jagex_cl_runescape_LIVE.dat
C:\Users\Brian\random.dat
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#5
Incoming

Incoming

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
Well whatever it was fixed the folder making problem, maybe from all the stuff runescape would save while I was playing it.. I also deleted a few folders of screenshots it took on the regular so maybe that'd help to.
 
-
 
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2015
Ran by Brian at 2015-02-08 11:24:34 Run:1
Running from C:\Users\Brian\Downloads
Loaded Profiles: Brian (Available profiles: Brian)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CreateRestorePoint:
2015-01-21 15:01 - 2015-01-21 15:01 - 00000000 __SHD () C:\Users\Brian\AppData\Local\EmieBrowserModeList
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\Brian\jagex_cl_oldschool_LIVE.dat
C:\Users\Brian\jagex_cl_runescape_LIVE.dat
C:\Users\Brian\random.dat
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
C:\Users\Brian\AppData\Local\EmieBrowserModeList => Moved successfully.
C:\ProgramData\SetStretch.exe => Moved successfully.
C:\ProgramData\SetStretch.VBS => Moved successfully.
C:\Users\Brian\jagex_cl_oldschool_LIVE.dat => Moved successfully.
C:\Users\Brian\jagex_cl_runescape_LIVE.dat => Moved successfully.
C:\Users\Brian\random.dat => Moved successfully.
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {A3955AE4-A474-49C2-B7BA-16BF8E2E4081}.
Unable to cancel {915A577F-A878-486A-BA5F-F2C1D5C93F9D}.
0 out of 2 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 1.1 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 11:25:41 ====

  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It removed over 1 GB of junk which can slow your system down somewhat

I would recommend that you run a disc defrag now, then when that is done let me know what problems remain

Step by step instructions here http://www.eightforu...indows-8-a.html
  • 0

#7
Incoming

Incoming

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts

I realize it has been 4 days but I am about to run the disc defrag, please leave this open.


  • 0

#8
Incoming

Incoming

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts

OK nevermind, all seems fine.

 

Thanks for the help.


  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix

delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes.

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP