Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Malware?


  • This topic is locked This topic is locked

#1
BunnyRae

BunnyRae

    New Member

  • Member
  • Pip
  • 1 posts

Hello.  I believe my computer has been infected and currently, I've had to uninstall my chosen browser (Google Chrome) to try and work out some bugs.  However, when I went to reinstall it, it keeps popping up with the 'Thank You' message yet nothing ever downloads or installs.  I'm stuck trying to figure out what to do, and my only guess is that what's causing this is a virus or some type of malware.  Although I'm still unsure, and as I'm not exactly the most educated when it comes to the more complex side of technology, I'd appreciate some help!

 

Before I uninstalled Chrome, it completely reset itself out of no where and would close within, at the most, a minute or two after opening it.  Extensions would not be added (adblock) as a "Network Error" message popped up, which had happened to me before, and the fix I had done beforehand was to uninstall and reinstall.  I had adware issues, but I believe I removed them (this would, sadly, be the second time adware has happened to come onto my laptop.)

 

If there is any more information needed, please don't hesitate to ask.  I need all the help I can get!  :D

 

Here are the scans I believe are needed:

 

FRST.txt

 

ave Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Kiley (administrator) on RAETHEBUNNY on 06-07-2015 23:52:55
Running from C:\Users\Kiley\Desktop
Loaded Profiles: Kiley (Available Profiles: Kiley)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
() C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
() C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
() C:\ProgramData\KingsIsle Entertainment\Wizard101\PatchClient\BankA\WizardLauncher.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-17] (Intel Corporation)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-19] ()
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-1796366696-18281509-364535379-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1796366696-18281509-364535379-1001\...\MountPoints2: {636f9604-d960-11e4-826d-801934b8028a} - "D:\VZW_Software_upgrade_assistant.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2015-02-12]
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1796366696-18281509-364535379-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-1796366696-18281509-364535379-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-07-06] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-07-06] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\..\Interfaces\{373AD9C6-5721-4DF3-A044-765121762284}: [DhcpNameServer] 13.6.0.88
Tcpip\..\Interfaces\{BC87AACA-BF2F-430A-9AA4-5B97CB0DA39B}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-07-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-07-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-22] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2015-05-01] (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-25] (Google Inc.)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Kiley\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Kiley\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-25]
CHR Extension: (Google Search) - C:\Users\Kiley\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-25]
CHR Extension: (Music Plus) - C:\Users\Kiley\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkoahhffagalogcdebnipnnbnkokfkbi [2015-07-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kiley\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-25]
CHR Extension: (Google Wallet) - C:\Users\Kiley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-25]
CHR Extension: (Gmail) - C:\Users\Kiley\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS Flip Service; C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe [7680 2014-07-02] (ASUS) [File not signed]
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-19] (ASUS Cloud Corporation) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
R2 DAMSvc; C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe [4259808 2014-05-22] (Nuance Communications, Inc.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-17] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-17] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2013-10-17] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-17] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [295752 2014-04-22] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-07-29] (ASUS Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-17] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-17] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-17] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-17] (Intel Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-08] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-08] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3434464 2014-03-13] (Intel Corporation)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-24] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 23:52 - 2015-07-06 23:53 - 00018395 _____ C:\Users\Kiley\Desktop\FRST.txt
2015-07-06 23:52 - 2015-07-06 23:52 - 02112512 _____ (Farbar) C:\Users\Kiley\Desktop\FRST64.exe
2015-07-06 23:52 - 2015-07-06 23:52 - 00000000 ____D C:\FRST
2015-07-06 23:42 - 2015-07-06 23:42 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-06 23:42 - 2015-07-06 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-06 23:42 - 2015-07-06 23:42 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-06 23:13 - 2015-07-06 23:13 - 00003242 _____ C:\Windows\System32\Tasks\{76EF189C-E67A-4D2C-A312-A5016A4A1F2B}
2015-07-06 23:12 - 2015-07-06 23:12 - 00000000 _____ C:\Users\Kiley\AppData\Local\Temp.dat
2015-07-06 23:10 - 2015-07-06 23:10 - 00000000 ____D C:\Program Files (x86)\Pearltrees Extension
2015-07-06 23:06 - 2015-07-06 23:24 - 00000412 _____ C:\Windows\Tasks\PhoneManager.job
2015-07-06 23:06 - 2015-07-06 23:06 - 00280255 _____ C:\Users\Kiley\Downloads\Nintendo 3DS Emulator.jse
2015-07-06 23:06 - 2015-07-06 23:06 - 00003298 _____ C:\Windows\System32\Tasks\PhoneManager
2015-07-06 23:05 - 2015-07-06 23:05 - 00280253 _____ C:\Users\Kiley\Downloads\Bravely Default Rom.jse
2015-06-30 21:00 - 2015-06-30 21:01 - 39608231 _____ C:\Users\Kiley\Downloads\CLRBrowserSourcePlugin-20140909x86.zip
2015-06-30 20:57 - 2015-06-30 20:58 - 48985385 _____ C:\Users\Kiley\Downloads\CLRBrowserSourcePlugin-20140909x64.zip
2015-06-30 20:17 - 2015-06-30 20:45 - 00000000 ____D C:\Users\Kiley\Documents\Wizard101 Vids
2015-06-30 20:17 - 2015-06-30 20:17 - 02778464 _____ C:\Users\Kiley\Downloads\HC2Setup (1).exe
2015-06-30 20:17 - 2015-06-30 20:17 - 00000971 _____ C:\Users\Kiley\Desktop\HyperCam 2.lnk
2015-06-30 20:17 - 2015-06-30 20:17 - 00000000 ____D C:\Users\Kiley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2
2015-06-30 20:17 - 2015-06-30 20:17 - 00000000 ____D C:\Program Files (x86)\HyperCam 2
2015-06-30 20:16 - 2015-06-30 20:16 - 00000000 ____D C:\Users\Kiley\Documents\HyperCam3
2015-06-30 20:15 - 2015-06-30 20:15 - 15686520 _____ C:\Users\Kiley\Downloads\SolveigMM_HyperCam_3_5_1211_29.exe
2015-06-27 19:39 - 2015-06-30 20:09 - 00000000 ____D C:\Users\Kiley\Documents\Wizard101
2015-06-25 11:04 - 2015-07-06 23:36 - 00000000 ____D C:\AdwCleaner
2015-06-25 11:03 - 2015-06-25 11:03 - 02244096 _____ C:\Users\Kiley\Downloads\adwcleaner_4.207.exe
2015-06-24 15:00 - 2015-06-24 15:00 - 00001789 _____ C:\Users\Public\Desktop\Play Wizard101 Test.lnk
2015-06-24 15:00 - 2015-06-24 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KingsIsle Entertainment
2015-06-24 14:58 - 2015-06-24 14:58 - 09432696 _____ (Acresso Software Inc.) C:\Users\Kiley\Downloads\InstallWizard101Test.exe
2015-06-24 14:58 - 2015-06-24 14:58 - 09432696 _____ (Acresso Software Inc.) C:\Users\Kiley\Downloads\InstallWizard101Test (1).exe
2015-06-22 10:06 - 2015-06-22 10:06 - 00000000 ____D C:\Users\Kiley\AppData\Local\FalloutNV
2015-06-21 20:10 - 2015-06-21 20:10 - 00000000 ____D C:\Users\Kiley\Documents\Thief
2015-06-21 14:35 - 2015-06-21 14:51 - 00000000 ____D C:\Users\Kiley\AppData\Local\The Witcher
2015-06-21 14:35 - 2015-06-21 14:35 - 00000000 ____D C:\Users\Kiley\Documents\The Witcher
2015-06-21 14:33 - 2015-06-21 14:33 - 00000000 ____D C:\Users\Public\Documents\The Witcher
2015-06-21 11:52 - 2015-06-21 11:53 - 00006272 _____ C:\Users\Kiley\Documents\New track 11.wmv.sfk
2015-06-21 11:52 - 2015-06-21 11:52 - 00794648 _____ C:\Users\Kiley\Documents\New track 11.wmv.sfap0
2015-06-21 11:46 - 2015-06-21 11:52 - 04901475 _____ C:\Users\Kiley\Documents\New track 11.wmv
2015-06-21 10:35 - 2015-06-21 10:39 - 00006728 _____ C:\Users\Kiley\Documents\New track 10.wmv.sfk
2015-06-21 10:35 - 2015-06-21 10:35 - 00852248 _____ C:\Users\Kiley\Documents\New track 10.wmv.sfap0
2015-06-21 10:28 - 2015-06-21 10:35 - 02157475 _____ C:\Users\Kiley\Documents\New track 10.wmv
2015-06-21 09:05 - 2015-07-01 16:43 - 00055864 _____ C:\Users\Kiley\Documents\gravity cp 13.veg
2015-06-21 09:05 - 2015-06-28 11:09 - 00060448 _____ C:\Users\Kiley\Documents\gravity cp 13.veg.bak
2015-06-21 09:05 - 2015-06-21 09:05 - 00018376 _____ C:\Users\Kiley\Documents\livestreaming.veg
2015-06-21 09:04 - 2015-06-21 09:05 - 01045627 _____ C:\Users\Kiley\Documents\livestreaming online.wmv
2015-06-20 20:41 - 2015-06-20 20:41 - 00000221 _____ C:\Users\Kiley\Desktop\The Witcher Enhanced Edition.url
2015-06-20 15:27 - 2015-06-20 15:27 - 00000222 _____ C:\Users\Kiley\Desktop\Long Live The Queen.url
2015-06-19 14:14 - 2015-06-19 14:14 - 07878008 _____ (Microsoft Corporation) C:\Users\Kiley\Downloads\Xbox360_64Eng (1).exe
2015-06-19 14:14 - 2015-06-19 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-06-19 14:14 - 2015-06-19 14:14 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2015-06-19 14:04 - 2015-06-19 14:04 - 07878008 _____ (Microsoft Corporation) C:\Users\Kiley\Downloads\Xbox360_64Eng.exe
2015-06-17 01:06 - 2015-06-17 01:06 - 00000000 ____D C:\Program Files (x86)\Wild Wild Taxi
2015-06-14 17:16 - 2015-06-14 17:16 - 00000219 _____ C:\Users\Kiley\Desktop\Left 4 Dead 2.url
2015-06-14 15:30 - 2015-06-14 17:15 - 00000000 ____D C:\Users\Kiley\AppData\Roaming\Talisman
2015-06-14 15:23 - 2015-06-14 15:23 - 00000222 _____ C:\Users\Kiley\Desktop\Talisman Digital Edition.url
2015-06-14 14:01 - 2015-06-14 14:01 - 00000000 ____D C:\Users\Kiley\AppData\Local\GWX
2015-06-10 08:57 - 2015-06-10 08:58 - 62889760 _____ (MediaFire) C:\Users\Kiley\Downloads\MediaFireDesktop-1.4.29.10845-windows-PRODUCTION.exe
2015-06-10 01:18 - 2015-05-27 07:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 01:18 - 2015-05-27 07:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 01:18 - 2015-05-22 20:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 01:18 - 2015-05-22 20:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 01:18 - 2015-05-22 20:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 01:18 - 2015-05-22 20:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 01:18 - 2015-05-22 20:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 01:18 - 2015-05-22 19:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 01:18 - 2015-05-22 19:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 01:18 - 2015-05-22 19:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 01:18 - 2015-05-22 19:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-10 01:18 - 2015-05-22 19:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-10 01:18 - 2015-05-22 19:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 01:18 - 2015-05-22 19:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 01:18 - 2015-05-22 19:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 01:18 - 2015-05-22 19:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 01:18 - 2015-05-22 19:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-10 01:18 - 2015-05-22 19:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 01:18 - 2015-05-22 19:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 01:18 - 2015-05-22 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 01:18 - 2015-05-22 12:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 01:18 - 2015-05-22 12:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 01:18 - 2015-05-22 12:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 01:18 - 2015-05-22 11:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 01:18 - 2015-05-22 11:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 01:18 - 2015-05-22 11:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 01:18 - 2015-05-22 11:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 01:18 - 2015-05-22 11:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 01:18 - 2015-05-22 11:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-10 01:18 - 2015-05-22 11:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 01:18 - 2015-05-22 11:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-10 01:18 - 2015-05-22 11:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-10 01:18 - 2015-05-22 11:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 01:18 - 2015-05-22 11:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 01:18 - 2015-05-22 11:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 01:18 - 2015-05-22 10:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 01:18 - 2015-05-22 10:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 01:18 - 2015-05-22 10:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-10 01:18 - 2015-05-22 10:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 01:18 - 2015-05-22 10:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 01:17 - 2015-05-25 06:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 01:17 - 2015-05-25 06:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 01:17 - 2015-05-21 09:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 01:17 - 2015-04-24 19:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 01:17 - 2015-04-24 19:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 01:17 - 2015-04-15 23:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-10 01:17 - 2015-04-13 15:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-06-10 01:17 - 2015-04-13 15:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-06-10 01:17 - 2015-04-09 17:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-10 01:17 - 2015-04-09 17:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-10 01:17 - 2015-04-08 15:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-06-10 01:17 - 2015-04-08 15:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-10 01:17 - 2015-04-01 15:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-10 01:17 - 2015-04-01 15:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-10 01:17 - 2015-03-31 21:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-10 01:17 - 2015-03-31 21:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-10 01:17 - 2015-03-31 21:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-10 01:17 - 2015-03-31 21:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-10 01:17 - 2015-03-31 20:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-10 01:17 - 2015-03-31 20:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-10 01:17 - 2015-03-31 20:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-10 01:17 - 2015-03-31 19:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-10 01:17 - 2015-03-31 19:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-10 01:17 - 2015-03-31 19:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-10 01:17 - 2015-03-31 19:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-10 01:17 - 2015-03-31 19:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-10 01:17 - 2015-03-31 19:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-10 01:17 - 2015-03-19 20:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-06-10 01:17 - 2015-03-19 20:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-06-10 01:17 - 2015-03-19 19:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-06-10 01:17 - 2015-03-19 19:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-06-10 01:17 - 2015-03-01 18:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-06-10 01:17 - 2015-03-01 18:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-06-07 15:46 - 2015-07-06 23:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-07 15:46 - 2015-06-23 09:30 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-06 18:43 - 2015-06-06 18:44 - 20319368 _____ C:\Users\Kiley\Downloads\DPT_setup.exe
2015-06-06 16:09 - 2015-06-06 16:09 - 00000222 _____ C:\Users\Kiley\Desktop\Invisible Apartment.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 23:52 - 2015-01-02 13:54 - 00000000 ____D C:\Users\Kiley\AppData\Roaming\Skype
2015-07-06 23:50 - 2014-11-13 09:39 - 01837025 _____ C:\Windows\WindowsUpdate.log
2015-07-06 23:43 - 2015-01-02 13:41 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1796366696-18281509-364535379-1001
2015-07-06 23:39 - 2015-01-22 21:29 - 00004986 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for RAETHEBUNNY-Kiley RaeTheBunny
2015-07-06 23:39 - 2015-01-02 13:37 - 00000093 _____ C:\Users\Kiley\AppData\Roaming\sp_data.sys
2015-07-06 23:38 - 2015-05-26 18:48 - 00003878 _____ C:\Windows\setupact.log
2015-07-06 23:38 - 2015-02-02 16:36 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-06 23:38 - 2015-01-07 17:16 - 00000000 ____D C:\Users\Kiley\AppData\Local\LogMeIn Hamachi
2015-07-06 23:38 - 2015-01-02 13:37 - 00000000 ___DO C:\Users\Kiley\OneDrive
2015-07-06 23:37 - 2013-08-22 07:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-06 23:37 - 2013-08-22 06:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-06 23:17 - 2015-01-02 13:47 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-06 23:11 - 2015-01-15 15:17 - 00000000 ____D C:\ProgramData\84443902809303256
2015-07-06 23:00 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-06 18:27 - 2015-01-02 13:40 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DD0FA325-942C-4745-9FEB-8CEA48661DF3}
2015-07-06 12:12 - 2015-05-23 13:04 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-07-06 12:12 - 2015-05-10 21:27 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-07-06 12:09 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-05 03:08 - 2015-01-02 13:59 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-01 16:28 - 2014-03-18 02:54 - 00047000 _____ C:\Windows\PFRO.log
2015-06-30 22:04 - 2015-01-02 23:32 - 00000000 ____D C:\Users\Kiley\AppData\Roaming\OBS
2015-06-25 11:24 - 2015-01-22 21:21 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-25 11:16 - 2015-01-02 13:46 - 00000000 ____D C:\Users\Kiley\AppData\Local\Google
2015-06-25 11:16 - 2015-01-02 13:46 - 00000000 ____D C:\Users\Kiley\AppData\Local\Deployment
2015-06-25 11:10 - 2015-01-15 15:24 - 00000000 __SHD C:\Users\Kiley\AppData\Local\EmieBrowserModeList
2015-06-25 11:10 - 2015-01-02 13:53 - 00000000 __SHD C:\Users\Kiley\AppData\Local\EmieUserList
2015-06-25 11:10 - 2015-01-02 13:53 - 00000000 __SHD C:\Users\Kiley\AppData\Local\EmieSiteList
2015-06-25 11:01 - 2014-09-24 08:40 - 00000000 ____D C:\ProgramData\Skype
2015-06-25 10:59 - 2015-05-20 20:02 - 00000024 _____ C:\Users\Kiley\AppData\Roaming\appdataFr25.bin
2015-06-24 15:00 - 2015-05-02 11:11 - 00000000 ____D C:\ProgramData\KingsIsle Entertainment
2015-06-24 15:00 - 2014-11-13 09:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-24 11:40 - 2015-01-02 23:32 - 00000000 ____D C:\Program Files (x86)\OBS
2015-06-23 23:40 - 2013-08-22 08:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-22 10:06 - 2015-02-16 20:09 - 00000000 ____D C:\Users\Kiley\Documents\My Games
2015-06-22 10:06 - 2015-01-02 23:30 - 00283948 _____ C:\Windows\DirectX.log
2015-06-21 14:36 - 2015-02-11 15:57 - 00000000 ____D C:\Users\Kiley\AppData\Local\CrashDumps
2015-06-20 20:41 - 2015-01-02 15:04 - 00000000 ____D C:\Users\Kiley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-20 15:28 - 2015-01-12 19:43 - 00000000 ____D C:\Users\Kiley\AppData\Roaming\RenPy
2015-06-19 20:02 - 2013-08-22 08:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-19 20:02 - 2013-08-22 08:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-19 14:03 - 2014-03-18 03:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-16 21:54 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\rescache
2015-06-16 17:24 - 2015-02-22 17:17 - 00010160 _____ C:\Users\Kiley\Documents\Here's To The Zeros.veg
2015-06-16 16:27 - 2015-01-12 19:43 - 00000000 ____D C:\Users\Kiley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\sakevisual
2015-06-14 12:18 - 2013-08-22 07:44 - 05316376 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-14 12:14 - 2015-01-02 13:35 - 00000000 ____D C:\Users\Kiley
2015-06-14 12:14 - 2013-08-22 08:36 - 00000000 ___RD C:\Windows\ToastData
2015-06-14 12:14 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 03:19 - 2015-01-04 06:54 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 03:14 - 2015-01-04 06:54 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-07 16:03 - 2015-01-02 13:36 - 00000000 ____D C:\Users\Kiley\AppData\Local\Packages
2015-06-07 09:33 - 2015-04-17 16:43 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-07 09:33 - 2015-04-17 16:43 - 00000000 ____D C:\Windows\system32\appraiser

==================== Files in the root of some directories =======

2015-05-20 20:02 - 2015-06-25 10:59 - 0000024 _____ () C:\Users\Kiley\AppData\Roaming\appdataFr25.bin
2015-02-26 19:32 - 2015-05-09 13:45 - 0000020 _____ () C:\Users\Kiley\AppData\Roaming\appdataFr3.bin
2015-02-12 18:06 - 2015-02-12 18:06 - 0000168 _____ () C:\Users\Kiley\AppData\Roaming\settings.xml
2015-01-02 13:37 - 2015-07-06 23:39 - 0000093 _____ () C:\Users\Kiley\AppData\Roaming\sp_data.sys
2015-01-15 15:29 - 2015-01-15 15:29 - 0000064 _____ () C:\Users\Kiley\AppData\Local\cbd2053fb955d92f21f77782f2096790
2015-05-26 18:55 - 2015-05-26 18:55 - 0011720 _____ () C:\Users\Kiley\AppData\Local\Temp-log.txt
2015-07-06 23:12 - 2015-07-06 23:12 - 0000000 _____ () C:\Users\Kiley\AppData\Local\Temp.dat
2014-11-13 09:36 - 2014-11-13 09:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-13 10:00 - 2014-03-25 18:11 - 0000137 _____ () C:\ProgramData\RefreshReg.vbs
2014-09-24 08:40 - 2014-03-26 13:50 - 0000124 _____ () C:\ProgramData\SetStretch.cmd
2014-09-24 08:40 - 2009-07-22 03:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-09-24 08:40 - 2012-09-07 04:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\RefreshReg.vbs
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS

Some files in TEMP:
====================
C:\Users\Kiley\AppData\Local\Temp\Nintendo3DSEmulator.exe-1436249189371.exe
C:\Users\Kiley\AppData\Local\Temp\Quarantine.exe
C:\Users\Kiley\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-07-04 08:07

==================== End of log ============================

 

 

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Kiley at 2015-07-06 23:54:02
Running from C:\Users\Kiley\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1796366696-18281509-364535379-500 - Administrator - Disabled)
Guest (S-1-5-21-1796366696-18281509-364535379-501 - Limited - Disabled)
Kiley (S-1-5-21-1796366696-18281509-364535379-1001 - Administrator - Enabled) => C:\Users\Kiley

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

100% Orange Juice (HKLM-x32\...\Steam App 282800) (Version:  - Orange_Juice)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
ASUS FlipLock (HKLM\...\{7C7F8DAC-8ADA-4B86-BCB6-48B6FFB673DD}) (Version: 1.0.5 - ASUS)
ASUS GIFTBOX Desktop (HKLM-x32\...\{9110969C-A4E5-4112-93A3-A8686BF7444C}) (Version: 1.0.2 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.19 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Child of Light (HKLM-x32\...\Steam App 256290) (Version:  - Ubisoft Montréal)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dragon Assistant 3 (HKLM-x32\...\{4693847A-7139-4CF4-B274-916C046C9E50}) (Version: 3.2.30 - Nuance Communications, Inc.)
Dragon Assistant 3 Language Data Pack en_US (HKLM-x32\...\{532A5345-1A42-4C55-B56E-CE753D0BAA02}) (Version: 3.2.30 - Nuance Communications, Inc.)
Fable - The Lost Chapters (HKLM-x32\...\Steam App 204030) (Version:  - Lionhead Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b9007812-6a61-4dfc-8a0c-4c726c7dc43f}) (Version: 17.0.1 - Intel Corporation)
Invisible Apartment (HKLM-x32\...\Steam App 351790) (Version:  - Milan Kazarka)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Lego Harry Potter (HKLM-x32\...\Steam App 21130) (Version:  - TT Games)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Long Live The Queen (HKLM-x32\...\Steam App 251990) (Version:  - Hanako Games)
Mabinogi (HKLM-x32\...\Steam App 212200) (Version:  - NEXON Korea Corp.)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1796366696-18281509-364535379-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7299 - Realtek Semiconductor Corp.)
Seduce Me the Otome (HKLM-x32\...\Steam App 367120) (Version:  - Michaela Laws)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Talisman: Digital Edition (HKLM-x32\...\Steam App 247000) (Version:  - Nomad Games Limited)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD PROJEKT RED)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Town of Salem (HKLM-x32\...\Steam App 334230) (Version:  - BlankMediaGames)
Valkyria Chronicles™ (HKLM-x32\...\Steam App 294860) (Version:  - SEGA)
Vampire: The Masquerade - Bloodlines (HKLM-x32\...\Steam App 2600) (Version:  - Troika Games)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D264BD11-6A9B-11E4-A4F7-F04DA23A5C58}) (Version: 13.0.428 - Sony)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
Windows 8 Codec Pack 2.0.2 (HKLM-x32\...\Windows 8 - Codec Pack) (Version: 2.0.2 - Windows 8 Codec Pack)
Windows Driver Package - ASUS (ATP) Mouse  (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wizard101 (HKU\S-1-5-21-1796366696-18281509-364535379-1001\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Wizard101 Test (HKLM-x32\...\{3BE3AEEB-268C-49F9-8B1E-B4989E90E2F9}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1796366696-18281509-364535379-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1796366696-18281509-364535379-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Kiley\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

18-06-2015 20:49:42 Scheduled Checkpoint
21-06-2015 14:33:39 Installed DirectX
24-06-2015 14:59:28 Installed Wizard101 Test
03-07-2015 03:30:43 Scheduled Checkpoint
06-07-2015 23:40:33 Removed Java 8 Update 31

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1505AA2F-4505-4EA8-95E6-DD3FF8C6810B} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {16A1A026-4294-4B1F-9776-15B11A574FB7} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-07-17] (Realtek Semiconductor)
Task: {1DF643EB-9FB6-4438-B71A-D1B8145ED8EE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-28] (Microsoft Corporation)
Task: {23F7A5AD-CA85-417A-A205-9499ECC01D16} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {2490B17E-3BFA-49CD-8D40-1A9983FF7C6D} - System32\Tasks\ASUS GIFTBOX Desktop => C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [2014-08-07] (ASUS)
Task: {27DA65DE-6855-479C-9657-F8F1201E423A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: {2D1BCD02-10B3-4BF2-8E1F-A9322599A7C6} - System32\Tasks\{76EF189C-E67A-4D2C-A312-A5016A4A1F2B} => pcalua.exe -a "C:\Program Files (x86)\Pearltrees Extension\Pearltrees Extension.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {363C0CF3-656D-481D-B0FE-64BDD2D4C99D} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {610391EB-A0AB-445C-9B5F-8AE556CB1A21} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {6297F6CC-A792-43C5-95B2-26726B843117} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {695168A6-BA4B-46E0-B64A-3EB5EB07EFCD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-07-16] (Realtek Semiconductor)
Task: {6F1DDA2C-42AD-42F3-AECE-2DFC2315EF08} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-06-03] (ASUS)
Task: {7EC387DD-B5C2-4256-AAC5-FF1E1DA1994D} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {7EC6D122-82D8-4847-A9C9-C0F5C9716D31} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {B00D57C7-8B84-4777-B53B-8B13E9DEAD04} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {B2300440-5D27-4950-BFCF-0281ED53A79A} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {D659BEC1-EBCD-4AD1-BBE0-93218A93E440} - System32\Tasks\Microsoft Office 15 Sync Maintenance for RAETHEBUNNY-Kiley RaeTheBunny => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-28] (Microsoft Corporation)
Task: {DDFB9619-45F4-4D1C-A8C8-589F6F243EDE} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-07-29] (AsusTek)
Task: {E30761C4-2143-47BE-A242-7AFDF51E8463} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated)
Task: {EE4D67DD-0F44-4BEC-AF96-22BE2441C51C} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1796366696-18281509-364535379-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {FC771E18-BEF9-4B01-8981-660899F526AC} - System32\Tasks\PhoneManager => c:\programdata\{fe390fe6-a0f4-f2bb-fe39-90fe6a0f3f9a}\nintendo3dsemulator.exe-1436249189371.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\PhoneManager.job => c:\programdata\{fe390fe6-a0f4-f2bb-fe39-90fe6a0f3f9a}\nintendo3dsemulator.exe-1436249189371.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2014-07-02 15:38 - 2014-07-02 15:38 - 00016896 _____ () C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
2015-01-22 21:21 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-04 09:44 - 2013-12-04 09:44 - 00200168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 09:44 - 2013-12-04 09:44 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 09:44 - 2013-12-04 09:44 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2015-03-17 18:45 - 2015-01-27 08:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-05-02 11:11 - 2015-06-03 16:21 - 01382408 _____ () C:\ProgramData\KingsIsle Entertainment\Wizard101\PatchClient\BankA\WizardLauncher.exe
2014-07-02 15:38 - 2014-07-02 15:38 - 00009216 _____ () C:\Program Files\ASUS\ASUS FlipLock\WMIProc.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2015-01-23 04:32 - 2015-01-23 04:32 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-02-02 16:40 - 2015-04-16 10:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-02-02 16:40 - 2015-04-22 19:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-02-02 16:40 - 2015-06-04 11:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-02-02 16:40 - 2015-04-22 19:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-02-02 16:40 - 2015-04-22 19:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-02-02 16:39 - 2014-12-01 14:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-02-02 16:39 - 2014-12-01 14:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-02-02 16:39 - 2014-12-01 14:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-02-02 16:39 - 2014-12-01 14:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-02-02 16:39 - 2014-12-01 14:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-02-02 16:39 - 2015-06-04 11:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-01-23 04:29 - 2015-01-23 04:29 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2015-02-02 16:39 - 2015-05-11 12:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-11-13 09:29 - 2013-10-23 14:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-05-02 11:11 - 2015-04-29 17:33 - 00077824 _____ () C:\ProgramData\KingsIsle Entertainment\Wizard101\PatchClient\BankA\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Kiley\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1796366696-18281509-364535379-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kiley\Pictures\Bunny\2.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CDEF66B8-5ED7-4CA9-A001-4728EB4B600B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{c8af949a-c2cb-457b-8251-aa4440a442f1}] => (Allow) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe
FirewallRules: [{FA581A9E-7458-4C90-BECE-07F077F38662}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{50311DFC-685C-4CB7-878E-FC39E2A4CD47}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{58FF0308-5ABE-4981-9A44-075CFCEFA47A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D350D523-5C25-480A-B2FE-82462822E53A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2C3B57A6-1295-4A39-BBFF-4EA8197F593D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3D456CD3-1CAA-4AD2-BD62-E0EF4764E6EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{5C9044BA-BAA4-4C7A-8935-0EB54B5929F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{CCA0216C-80FA-42DC-9068-CD52C8131F30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{34144CAB-3E36-4191-88B5-267125F12D83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{499957CF-753B-4E80-B2C5-03C844B8AC8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{688062A5-E79C-475B-A857-C991270CB427}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{6A9EF7CE-1C2A-483F-9524-D04EDB3FDE4A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{40AA1F83-EE21-4C4F-9E27-63C858921F3C}] => (Allow) C:\Users\Kiley\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C81BD30A-6424-4A56-BF84-674EAE76480F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vampire The Masquerade - Bloodlines\vampire.exe
FirewallRules: [{3B574B56-9A41-49F4-89BB-47EF6DB18F3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vampire The Masquerade - Bloodlines\vampire.exe
FirewallRules: [{B8B67B64-882B-4A8B-BF16-1274F619B354}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{D302F9E2-65AB-41B0-89E7-220A0FF2A5B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{2DCC8AB3-83F1-4DC0-8F27-1FE905DA7EAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{311CCDE0-612D-429E-A113-FEABFD9A112C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{24C502B6-E4EE-41BE-A831-16E70A2E601F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{0E36CF65-552D-4870-946E-61E2316C563F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{AFACA6E7-D28A-429E-9EC6-0A937DC1080D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{52CE014C-A017-41E2-82E9-B8ED6C39DBA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{3FF38F05-4D62-443C-9257-66FE4F0E6C47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{BB66A354-E441-4D76-A3B5-682AC164779C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{C00BF601-26BA-47F4-838A-FBA50AA4459F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\100 Orange Juice\100orange.exe
FirewallRules: [{F03904DD-91CC-4278-BE00-DBAD8F06408E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\100 Orange Juice\100orange.exe
FirewallRules: [{FFD579FC-C5DA-4209-ACCE-510BFFEBC3BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{CCB3726B-8F1B-4902-9D0D-7F6E9E9B8B4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{9F379A64-D29D-406F-BB51-8871B38F1EBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{5A07325B-91BE-4CCC-8DAB-505F2192AAC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{7F9B9714-07F5-4A34-9879-E58AE6FB22B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{43849F88-7BE5-48AD-B8F3-C9D65852042E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{50097237-EEF0-4C61-BA9D-42AB6EA97941}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mabinogi\nxsteam.exe
FirewallRules: [{B4C73739-3826-43A7-B483-6653A35E19EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mabinogi\nxsteam.exe
FirewallRules: [{C137F61C-B211-4C88-9F00-4EADD4C30CF9}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{67D6B590-EC86-4994-8500-B09A5C5040DB}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{0F1B3A8D-4100-4978-BBC6-F8687181E9AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{FB9A73A5-A778-45B4-B7F2-36869F228057}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{58DA9385-E998-4B23-8B58-1E4C4AF43B0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{C3DB6744-9A5A-47FF-87F1-3D144DE28BAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{78A23EC4-8873-46BD-849B-F88BB1F700F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{8F5307F7-2E71-47F7-8ED9-A605A0CB9722}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{94E45413-94AE-475B-BF90-EC1121DFB225}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{F0A98BB3-C88D-444E-B7C3-FC56C4F67832}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{D54007EE-4114-411F-AF73-7776C238686C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fable The Lost Chapters\Fable.exe
FirewallRules: [{7EAE9E21-26AF-4FA4-9FE5-CA5FD91A12C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fable The Lost Chapters\Fable.exe
FirewallRules: [{7B15B15D-A57C-451D-BB32-A28D5950A72D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Seduce Me the Otome\Seduce Me Official.exe
FirewallRules: [{63D473CE-41AB-4544-B72A-776954B46CF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Seduce Me the Otome\Seduce Me Official.exe
FirewallRules: [{06FF9BE6-C9BC-4D69-BD32-2032FBCC9B48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Invisible Apartment\ia1.exe
FirewallRules: [{FD5BB4AF-0FB6-4959-B69D-1CF66ACC8477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Invisible Apartment\ia1.exe
FirewallRules: [{9EBA6686-A945-4022-861C-B306C9F43994}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{57F6520B-FC71-483A-92AB-3ECCF00DA73E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{B4DFB741-EB0F-480E-8324-D36DF7A2617D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{A28B3167-49DD-46F7-830E-A465B694FF42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{5C4F0BC7-F9F7-4F3E-B707-11FCCE456443}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{EAB88D6A-E596-4A15-A5A9-EB09664F1140}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{293F3664-8526-4DE7-9089-142DBB8FED95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe
FirewallRules: [{8BF8C648-64A5-4193-8BD0-6248AFAC1474}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe
FirewallRules: [{7A27E483-E183-4C74-B991-C4C7DAD6AA91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{A6030B51-AE22-4160-80F8-64A47097B1C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{E4547EA5-2A6A-47F9-A7F9-FDAEB5DAF729}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{A9BF34F0-E305-47E9-8760-4BC662E4F74D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{E1FDF38D-5327-433A-8D3B-5A9CB2070607}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{058C94FC-53D9-4272-9E87-884FB222745D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{1586C61D-42D2-4C0C-812C-F692057D53EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{2FA64EB2-46D9-47F7-86B3-744C794E17AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{37056BAC-1C55-4C93-8FC3-4C16E059AFBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5211F5CA-6341-49D7-A0B0-F33FA4CBAD40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{92EA848F-978B-4CC5-B12E-23011E2F7353}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Child of Light\ChildofLight.exe
FirewallRules: [{1626CE30-31EC-4A39-9E57-FAFF2241A578}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Child of Light\ChildofLight.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/06/2015 11:30:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.3.9600.17667 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b3c

Start Time: 01d0b87d9368cd4d

Termination Time: 0

Application Path: C:\Windows\Explorer.EXE

Report Id: fdf97501-2470-11e5-8285-801934b8028a

Faulting package full name:

Faulting package-relative application ID:

Error: (07/06/2015 07:37:50 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (07/06/2015 00:09:45 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (07/04/2015 07:37:47 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (07/03/2015 07:37:47 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (07/02/2015 07:37:48 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (07/01/2015 07:37:47 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (06/30/2015 07:37:48 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (06/30/2015 11:14:45 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CProcess::GetProcessFullName   Unable to get the image full name for the process( ID=10700), GLE=31.

Error: (06/29/2015 07:37:49 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

System errors:
=============
Error: (07/06/2015 11:40:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (07/06/2015 11:37:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (07/06/2015 11:37:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (07/06/2015 11:37:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (07/06/2015 11:37:11 PM) (Source: DCOM) (EventID: 10010) (User: RAETHEBUNNY)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (07/06/2015 11:36:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Platform and Thermal Framework Low Power Mode Service Application service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/06/2015 11:36:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® PROSet/Wireless Registry Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/06/2015 11:36:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/06/2015 11:36:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® ME Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/06/2015 11:36:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bluetooth OBEX Service service terminated unexpectedly.  It has done this 1 time(s).

Microsoft Office:
=========================
Error: (07/06/2015 11:30:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.17667b3c01d0b87d9368cd4d0C:\Windows\Explorer.EXEfdf97501-2470-11e5-8285-801934b8028a

Error: (07/06/2015 07:37:50 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (07/06/2015 00:09:45 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (07/04/2015 07:37:47 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (07/03/2015 07:37:47 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (07/02/2015 07:37:48 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (07/01/2015 07:37:47 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (06/30/2015 07:37:48 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (06/30/2015 11:14:45 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CProcess::GetProcessFullName   Unable to get the image full name for the process( ID=10700), GLE=31.

Error: (06/29/2015 07:37:49 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

CodeIntegrity Errors:
===================================
  Date: 2015-06-02 00:26:56.067
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-02 00:26:55.957
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-02 00:26:55.848
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-02 00:26:55.740
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-02 00:26:55.628
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-02 00:26:55.516
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-02 00:26:55.402
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-02 00:26:55.293
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-02 00:26:55.171
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-02 00:26:55.046
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 33%
Total physical RAM: 8075.16 MB
Available physical RAM: 5394 MB
Total Virtual: 9355.16 MB
Available Virtual: 6033.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:910.4 GB) (Free:494.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F6E0596D)

Partition: GPT Partition Type.

==================== End of log ============================

 


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

First
Re-install Chrome

Unless you did this yourself, malware has changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants. We need to resolve this.

1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chrome via control panel .
Note: When asked about user data or settings you must remove this also so please check the box.
5. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
6. Import your bookmarks back into Chrome
7. Sign back in to your Chrome browser so that your bookmarks sync with your online account.

Let me know when that is done.

Thanks
Joe
  • 0

#3
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP