Hi I keep getting this message from Nortons to Download and run Nortons Power Eraser.
I have Run Nortons Power Eraser and it did fix some problems but this message keep coming up constantly. I have re run the program and it comes up that everything is ok. I tried to do some research as to why this would be happening which has led me to posting this topic incase it is malwaye or spyware or something imbedded in the computer that nortons does not recognise.
this is my sons computer that it is happening to so I cant say exactly what he has been doing on it but he is big at online gaming and trying to download cheats/hacks for his games and automatic mouse clickers. I hope this information helps and that you can help me sort out what is going on with this computer. thanks in advance.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by tyson (administrator) on 2-GOOD-4-YOU (05-08-2015 11:07:45)
Running from C:\Users\tyson\Desktop
Loaded Profiles: tyson (Available Profiles: tyson)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\n360.exe
(Mindspark) C:\Program Files (x86)\Undeaddies_bj\bar\1.bin\bjbarsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\n360.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(System SoftLab) C:\Program Files (x86)\Spyware Process Detector\spd323.exe
(Mindspark) C:\Program Files (x86)\Undeaddies_bj\bar\1.bin\APPINTEGRATOR.EXE
(Mindspark) C:\Program Files (x86)\Undeaddies_bj\bar\1.bin\AppIntegrator64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-17] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM-x32\...\Run: [gmsd_au_75] => [X]
HKLM-x32\...\Run: [Undeaddies EPM Support] => C:\Program Files (x86)\Undeaddies_bj\bar\1.bin\bjmedint.exe [12824 2015-07-18] (Mindspark)
HKLM-x32\...\Run: [Undeaddies AppIntegrator 32-bit] => C:\Program Files (x86)\Undeaddies_bj\bar\1.bin\AppIntegrator.exe [230424 2015-07-18] (Mindspark)
HKLM-x32\...\Run: [Undeaddies AppIntegrator 64-bit] => C:\Program Files (x86)\Undeaddies_bj\bar\1.bin\AppIntegrator64.exe [265752 2015-07-18] (Mindspark)
HKU\S-1-5-21-2629672351-3235976141-394711740-1001\...\Run: [spdetector3] => C:\Program Files (x86)\Spyware Process Detector\spd323.exe [435200 2013-03-08] (System SoftLab)
HKU\S-1-5-21-2629672351-3235976141-394711740-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1610664 2015-07-30] (Valve Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.7.0.11
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.hot...&cc=AU&unqvl=90
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.7.0.11
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.7.0.11
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.7.0.11
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-2629672351-3235976141-394711740-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-2629672351-3235976141-394711740-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.hot...&cc=au&unqvl=90
HKU\S-1-5-21-2629672351-3235976141-394711740-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...=5.5&ar=msnhome
HKU\S-1-5-21-2629672351-3235976141-394711740-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-2629672351-3235976141-394711740-1001 - (No Name) - {2b6d0223-234f-4ebd-95b5-3d05cfa291ad} - C:\Program Files (x86)\Undeaddies_bj\bar\1.bin\bjSrcAs.dll (Mindspark)
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.hot...&cc=AU&unqvl=90
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.hot...&cc=AU&unqvl=90
SearchScopes: HKLM-x32 -> {d0287e19-d8e7-4ed6-9afc-0ad2b565d7b7} URL = http://int.search.tb...or={searchTerms}
SearchScopes: HKU\S-1-5-21-2629672351-3235976141-394711740-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.se...t=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2629672351-3235976141-394711740-1001 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.hot...&cc=AU&unqvl=90
SearchScopes: HKU\S-1-5-21-2629672351-3235976141-394711740-1001 -> {d0287e19-d8e7-4ed6-9afc-0ad2b565d7b7} URL = http://int.search.tb...or={searchTerms}
BHO: No Name -> {20C8A4E4-B07E-49E5-AFEE-7533695314C8} -> No File
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-15] (Google Inc.)
BHO: No Name -> {E0461D6A-385A-4CA3-B9D8-2383DF2591C4} -> No File
BHO-x32: Search Assistant BHO -> {3d0740b0-2c6f-4414-bc4f-3b778104253a} -> C:\Program Files (x86)\Undeaddies_bj\bar\1.bin\bjSrcAs.dll [2015-07-18] (Mindspark)
BHO-x32: Toolbar BHO -> {56720efe-4ccf-4d00-947d-da33e8a7d3cf} -> C:\Program Files (x86)\Undeaddies_bj\bar\1.bin\bjbar.dll [2015-07-18] (Mindspark)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-15] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Undeaddies - {f017cbdf-9abf-40ec-b851-17baef0cfb36} - C:\Program Files (x86)\Undeaddies_bj\bar\1.bin\bjbar.dll [2015-07-18] (Mindspark)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)
Toolbar: HKU\S-1-5-21-2629672351-3235976141-394711740-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-15] (Google Inc.)
Toolbar: HKU\S-1-5-21-2629672351-3235976141-394711740-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-06-16] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-06-16] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-06-16] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-06-16] (Lavasoft Limited)
Winsock: Catalog9 16 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-06-16] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-06-16] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-06-16] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-06-16] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-06-16] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-06-16] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{883DAA76-D97C-4CD0-B6B8-54FF95E2B738}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{BEA8E17A-26AB-413F-AF3D-47927D2BC284}: [DhcpNameServer] 127.0.0.1
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin HKU\S-1-5-21-2629672351-3235976141-394711740-1001: @nsroblox.roblox.com/launcher -> C:\Users\tyson\AppData\Local\Roblox\Versions\version-f14afd2ae3d44173\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2629672351-3235976141-394711740-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\tyson\AppData\Local\Roblox\Versions\version-f14afd2ae3d44173\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFPlgn [2015-08-01]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe [282016 2015-07-17] (Symantec Corporation)
R2 Undeaddies_bjService; C:\Program Files (x86)\Undeaddies_bj\bar\1.bin\bjbarsvc.exe [90648 2015-07-18] (Mindspark)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 0313861422811714mcinstcleanup; C:\Users\tyson\AppData\Local\Temp\031386~1.EXE -cleanup -nolog [X]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-04-01] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20150728.001\BHDrvx64.sys [1650936 2015-07-24] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20150804.001\IDSvia64.sys [692984 2015-07-10] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150804.001\ENG64.SYS [138488 2015-07-10] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150804.001\EX64.SYS [2146040 2015-07-10] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605020.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-22] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys
S1 pfnfd_1_10_0_8; system32\drivers\pfnfd_1_10_0_8.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-05 11:07 - 2015-08-05 11:08 - 00021877 _____ C:\Users\tyson\Desktop\FRST.txt
2015-08-05 11:07 - 2015-08-05 11:07 - 00000000 ____D C:\FRST
2015-08-05 11:04 - 2015-08-05 11:04 - 02169856 _____ (Farbar) C:\Users\tyson\Desktop\FRST64.exe
2015-08-01 22:24 - 2015-08-01 22:24 - 00008006 _____ C:\Users\tyson\Desktop\wohwoh.rbxl
2015-08-01 21:30 - 2015-08-01 21:30 - 00009688 _____ C:\Users\tyson\Desktop\Place1.rbxl
2015-08-01 05:18 - 2015-08-01 05:18 - 00000000 ____D C:\NPE
2015-07-30 18:56 - 2015-07-30 18:56 - 00000000 ____D C:\Windows\SysWOW64\X86
2015-07-30 18:56 - 2015-07-30 18:56 - 00000000 ____D C:\Windows\SysWOW64\AMD64
2015-07-30 18:56 - 2015-07-30 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightningDownloader
2015-07-30 18:55 - 2015-07-31 06:55 - 00000000 ____D C:\ProgramData\{7b07e0dc-3ac8-85e3-7b07-7e0dc3ac8370}
2015-07-29 18:09 - 2015-08-05 10:39 - 00000000 ____D C:\Users\tyson\AppData\Local\NPE
2015-07-29 18:09 - 2015-07-29 18:09 - 00000000 ____D C:\Users\tyson\AppData\Roaming\LightningDownloader
2015-07-29 18:08 - 2015-07-30 18:56 - 00002075 _____ C:\Users\Public\Desktop\LightningDownloader.lnk
2015-07-29 18:08 - 2015-07-30 18:56 - 00000000 ____D C:\Program Files (x86)\LightningDownloader
2015-07-29 18:05 - 2015-08-03 18:11 - 00000000 ____D C:\Program Files (x86)\Avira Browser Safety
2015-07-29 18:04 - 2015-07-30 20:07 - 00000000 ____D C:\Program Files (x86)\CuitThePrice
2015-07-29 18:04 - 2015-07-30 18:55 - 00000000 ____D C:\ProgramData\2824990498962711343
2015-07-28 18:35 - 2015-07-25 23:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-26 10:56 - 2015-07-26 10:56 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2015-07-26 10:40 - 2015-07-26 10:40 - 00000000 ____D C:\Users\tyson\AppData\Roaming\ATI
2015-07-26 10:40 - 2015-07-26 10:40 - 00000000 ____D C:\Users\tyson\AppData\Local\ATI
2015-07-26 10:40 - 2015-07-26 10:40 - 00000000 ____D C:\ProgramData\ATI
2015-07-25 21:43 - 2015-07-25 21:43 - 00000407 _____ C:\Users\tyson\Desktop\CD Drive - Shortcut.lnk
2015-07-25 20:43 - 1997-03-24 16:42 - 00314368 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2015-07-25 18:47 - 2015-07-25 18:47 - 00000000 ____D C:\Users\tyson\Documents\Flight Simulator X Files
2015-07-25 18:31 - 2015-07-25 18:31 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-07-25 18:31 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-07-25 18:31 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-07-25 18:31 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-07-25 18:31 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-07-25 18:31 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-07-25 18:31 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-07-25 18:31 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-07-25 18:31 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-07-25 18:31 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-07-25 18:31 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-07-25 18:31 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-07-25 18:31 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-07-25 18:31 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-07-25 18:31 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-07-25 18:31 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-07-25 18:31 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-07-25 18:31 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-07-25 18:31 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-07-25 18:31 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-07-25 18:31 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-07-25 18:31 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-07-25 18:31 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-07-25 18:08 - 2015-07-25 18:08 - 00000000 ____D C:\Windows\PCHEALTH
2015-07-25 17:58 - 2015-07-25 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2015-07-25 17:53 - 2015-08-01 05:39 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-25 17:53 - 2015-07-25 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-22 15:06 - 2015-07-15 00:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-22 15:06 - 2015-07-15 00:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-22 15:06 - 2015-07-15 00:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-22 15:06 - 2015-07-15 00:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-18 18:55 - 2015-07-18 18:56 - 00000000 ____D C:\Users\tyson\AppData\Local\Undeaddies_bj
2015-07-18 18:55 - 2015-07-18 18:55 - 00000000 ____D C:\Program Files (x86)\Undeaddies_bj
2015-07-15 15:56 - 2015-07-10 05:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 15:56 - 2015-07-10 04:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 15:56 - 2015-07-10 02:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 15:56 - 2015-07-10 01:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 15:56 - 2015-07-10 01:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 15:56 - 2015-07-10 01:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 15:56 - 2015-07-10 01:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 15:56 - 2015-07-10 01:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 15:56 - 2015-07-10 01:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 15:56 - 2015-07-10 01:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 15:56 - 2015-07-10 01:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 15:56 - 2015-07-10 01:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 15:56 - 2015-07-10 01:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 15:56 - 2015-06-27 13:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 15:56 - 2015-06-27 13:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 15:56 - 2015-06-27 12:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 15:55 - 2015-07-03 07:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 15:55 - 2015-07-03 06:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 15:55 - 2015-07-03 06:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 15:55 - 2015-07-03 06:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 15:55 - 2015-07-03 06:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 15:55 - 2015-07-03 05:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 15:55 - 2015-07-03 05:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 15:55 - 2015-07-03 04:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 15:55 - 2015-07-02 08:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 15:55 - 2015-07-02 07:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 15:55 - 2015-06-30 08:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 15:55 - 2015-06-30 01:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 15:55 - 2015-06-30 01:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 15:55 - 2015-06-30 01:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 15:55 - 2015-06-30 01:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 15:55 - 2015-06-28 15:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 15:55 - 2015-06-28 15:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 15:55 - 2015-06-28 15:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 15:55 - 2015-06-28 15:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 15:55 - 2015-06-28 02:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 15:55 - 2015-06-27 13:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 15:55 - 2015-06-27 13:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 15:55 - 2015-06-27 13:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 15:55 - 2015-06-27 12:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 15:55 - 2015-06-27 12:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 15:55 - 2015-06-27 12:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 15:55 - 2015-06-27 11:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 15:55 - 2015-06-27 11:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 15:55 - 2015-06-27 09:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 15:55 - 2015-06-27 09:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 15:55 - 2015-06-25 12:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 15:55 - 2015-06-16 08:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 15:55 - 2015-06-16 08:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 15:55 - 2015-06-16 07:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 15:55 - 2015-06-16 07:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 15:55 - 2015-06-16 06:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 15:55 - 2015-06-16 05:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 15:55 - 2015-05-31 07:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 15:55 - 2015-05-31 05:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 15:55 - 2015-05-31 05:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 15:55 - 2015-05-12 04:17 - 01201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-07-15 15:55 - 2015-05-08 03:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-15 15:55 - 2015-05-08 03:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-15 15:55 - 2015-05-08 02:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-15 15:55 - 2015-05-08 02:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-15 15:55 - 2015-05-08 01:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 15:55 - 2015-05-08 01:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-15 15:55 - 2015-05-04 01:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 15:55 - 2015-05-04 00:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 15:55 - 2015-05-04 00:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-15 15:55 - 2015-05-04 00:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-15 15:55 - 2015-05-03 10:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-15 15:55 - 2015-04-30 09:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-15 15:55 - 2015-04-25 12:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-15 15:55 - 2014-11-05 05:25 - 00059712 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-15 15:55 - 2014-11-05 05:25 - 00051008 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-15 15:55 - 2014-11-04 16:55 - 00026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-15 15:55 - 2014-11-04 16:54 - 00108544 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-15 15:55 - 2014-11-04 16:54 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-15 15:55 - 2014-11-04 16:54 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-15 15:54 - 2015-06-16 08:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 15:54 - 2015-06-16 08:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 15:54 - 2015-06-16 08:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 15:54 - 2015-06-16 08:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 15:54 - 2015-06-16 08:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 15:54 - 2015-06-16 07:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 15:54 - 2015-06-16 07:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 15:54 - 2015-06-16 07:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 15:54 - 2015-06-16 07:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 15:54 - 2015-06-16 07:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 15:54 - 2015-06-16 07:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 15:54 - 2015-06-16 07:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 15:54 - 2015-06-16 07:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 15:54 - 2015-06-16 07:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 15:54 - 2015-06-16 07:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 15:54 - 2015-06-16 07:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 15:54 - 2015-06-16 07:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 15:54 - 2015-06-16 07:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 15:54 - 2015-06-16 07:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 15:54 - 2015-06-16 06:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 15:54 - 2015-06-16 06:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 15:54 - 2015-06-16 06:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 15:54 - 2015-06-16 06:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 15:54 - 2015-06-16 06:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 15:54 - 2015-06-16 06:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 15:54 - 2015-06-16 06:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 15:54 - 2015-06-16 06:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 15:54 - 2015-06-16 06:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 15:54 - 2015-06-16 06:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 15:54 - 2015-06-16 06:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 15:54 - 2015-06-16 06:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 15:54 - 2015-06-16 06:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 15:54 - 2015-06-16 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 15:54 - 2015-06-11 13:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 15:54 - 2015-06-11 02:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 15:54 - 2015-05-12 23:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 15:54 - 2015-04-28 23:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-15 15:54 - 2015-04-28 23:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-15 15:53 - 2015-06-16 15:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 15:53 - 2015-06-16 15:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 15:53 - 2015-05-02 09:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-15 15:52 - 2015-05-12 02:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-15 15:52 - 2015-05-08 02:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 15:52 - 2015-05-04 01:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 15:52 - 2015-05-04 00:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 15:52 - 2015-04-24 01:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-15 15:52 - 2015-04-24 01:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-13 14:06 - 2015-07-13 14:06 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-07-11 12:24 - 2015-07-26 10:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-07-10 23:39 - 2015-08-02 04:39 - 00000000 ___HD C:\$Windows.~BT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-05 11:02 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-05 11:01 - 2015-01-31 13:29 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5A7B1E5E-C99B-4552-A99D-6E23B999896F}
2015-08-05 10:49 - 2014-07-03 11:20 - 02000227 _____ C:\Windows\WindowsUpdate.log
2015-08-05 10:28 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\system32\NDF
2015-08-05 10:27 - 2015-01-31 12:54 - 00000081 _____ C:\Users\tyson\AppData\Roaming\sp_data.sys
2015-08-04 18:02 - 2015-05-13 19:10 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-08-04 18:02 - 2015-05-13 19:10 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-08-04 18:00 - 2014-03-18 20:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-04 17:59 - 2015-07-01 20:11 - 00000000 ____D C:\Users\tyson\AppData\Local\CrashDumps
2015-08-03 20:52 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-02 09:03 - 2015-01-31 12:59 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2629672351-3235976141-394711740-1001
2015-08-02 08:54 - 2015-03-05 07:23 - 00000000 ____D C:\Games
2015-08-02 04:46 - 2014-05-17 06:47 - 00000000 ____D C:\Windows\Panther
2015-08-01 21:23 - 2015-02-01 11:59 - 00000000 ____D C:\Users\tyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2015-08-01 21:23 - 2015-02-01 11:53 - 00001378 _____ C:\Users\tyson\Desktop\ROBLOX Studio.lnk
2015-08-01 19:25 - 2015-02-01 11:57 - 00001366 _____ C:\Users\tyson\Desktop\ROBLOX Player.lnk
2015-08-01 05:32 - 2015-01-31 12:59 - 00000000 ___DO C:\Users\tyson\OneDrive
2015-08-01 05:30 - 2013-08-23 00:46 - 00027514 _____ C:\Windows\setupact.log
2015-08-01 05:30 - 2013-08-23 00:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-01 05:16 - 2013-08-22 23:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-31 17:00 - 2015-06-20 05:39 - 00000000 ____D C:\Users\tyson\AppData\Roaming\Auto Mouse Click by MurGee.com
2015-07-29 18:57 - 2013-08-23 01:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-07-29 18:10 - 2015-02-02 03:39 - 00000000 ____D C:\ProgramData\Norton
2015-07-29 15:37 - 2013-08-23 01:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-29 15:37 - 2013-08-22 23:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-07-28 18:30 - 2015-04-14 11:40 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-26 10:50 - 2015-02-02 03:59 - 00003206 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-07-26 10:50 - 2015-02-02 03:58 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2015-07-26 10:49 - 2015-07-05 11:07 - 00002275 _____ C:\Users\Public\Desktop\Norton 360 Premier.LNK
2015-07-26 10:48 - 2013-08-23 00:44 - 00346384 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-26 10:47 - 2014-03-18 19:54 - 00077620 _____ C:\Windows\PFRO.log
2015-07-26 10:45 - 2015-01-31 12:50 - 00000000 ____D C:\Users\tyson
2015-07-25 20:44 - 2014-07-03 11:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-25 18:31 - 2015-03-05 07:28 - 00104553 _____ C:\Windows\DirectX.log
2015-07-24 20:28 - 2015-01-31 14:06 - 00000000 ____D C:\Users\tyson\AppData\Local\Google
2015-07-22 15:17 - 2015-02-02 03:59 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-07-22 15:17 - 2015-02-02 03:59 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-07-21 20:20 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\rescache
2015-07-19 18:29 - 2015-01-31 12:53 - 00000363 _____ C:\Users\tyson\Downloads\RecentPlaces.lnk
2015-07-19 18:23 - 2015-04-14 11:40 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-19 18:23 - 2013-08-23 01:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-19 18:23 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\WinStore
2015-07-19 18:20 - 2015-01-31 12:53 - 00000000 ____D C:\Users\tyson\AppData\Local\VirtualStore
2015-07-15 17:59 - 2015-02-07 06:24 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 17:59 - 2015-02-07 06:24 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 17:58 - 2015-01-31 15:03 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 07:10 - 2015-05-16 19:46 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 07:10 - 2015-04-18 19:04 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
==================== Files in the root of some directories =======
2015-01-31 12:54 - 2015-08-05 10:27 - 0000081 _____ () C:\Users\tyson\AppData\Roaming\sp_data.sys
2014-07-03 11:25 - 2014-07-03 11:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-17 06:02 - 2012-09-07 21:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-05-17 06:02 - 2009-07-22 20:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-17 06:02 - 2012-09-07 21:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Files to move or delete:
====================
C:\ProgramData\SetStretch.VBS
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-26 20:33
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
Ran by tyson (2015-08-05 11:08:31)
Running from C:\Users\tyson\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2629672351-3235976141-394711740-500 - Administrator - Disabled)
Guest (S-1-5-21-2629672351-3235976141-394711740-501 - Limited - Disabled)
tyson (S-1-5-21-2629672351-3235976141-394711740-1001 - Administrator - Enabled) => C:\Users\tyson
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 Premier (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Premier (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Premier (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Catalyst Install Manager (HKLM\...\{04883BF4-5CC9-AC05-057E-5D77EE738513}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
Auto Mouse Click v6.0 (HKLM-x32\...\{F5E3859D-0720-41F0-BAF5-4CBCDFD8F406}_is1) (Version: 6.0 - MurGee.com)
Avira Browser Safety (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
bestadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== ATTENTION
CutTuhEPrice (HKLM-x32\...\{A2C98B47-B5F4-94AA-281D-4135416774CF}) (Version: - )
Game Explorer Categories - casual (HKLM-x32\...\WildTangentGameProvider-asus-casual) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - enthusiast (HKLM-x32\...\WildTangentGameProvider-asus-enthusiast) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - family (HKLM-x32\...\WildTangentGameProvider-asus-family) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - kids (HKLM-x32\...\WildTangentGameProvider-asus-kids) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - touch (HKLM-x32\...\WildTangentGameProvider-asus-touch) (Version: 3.2.0.6 - WildTangent, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
LightningDownloader (HKLM-x32\...\{0F44DC3H-6E62-4961-A14B-95323C512F9B}_is1) (Version: 1.0 - LightningDownloader)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Norton 360 Premier (HKLM-x32\...\N360) (Version: 22.5.2.15 - Symantec Corporation)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Player for tyson (HKU\S-1-5-21-2629672351-3235976141-394711740-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Studio for tyson (HKU\S-1-5-21-2629672351-3235976141-394711740-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Spyware Process Detector v3.23.2 (HKLM-x32\...\Spyware Process Detector_is1) (Version: 3.23.2 - System SoftLab)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Undeaddies Internet Explorer Toolbar (HKLM-x32\...\Undeaddies_bjbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.2 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (03/18/2014 6.0.0.35) (HKLM\...\DAA6E0EEB715139C1CEA332C78AB4609FB3C211B) (Version: 03/18/2014 6.0.0.35 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
World of Tanks (HKU\S-1-5-21-2629672351-3235976141-394711740-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2629672351-3235976141-394711740-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\tyson\AppData\Local\Roblox\Versions\version-f14afd2ae3d44173\RobloxProxy64.dll (ROBLOX Corporation)
==================== Restore Points =========================
15-07-2015 16:10:51 Windows Update
19-07-2015 18:20:27 Windows Update
22-07-2015 22:17:06 Windows Update
25-07-2015 17:51:22 Installed Steam
29-07-2015 15:35:52 Windows Update
01-08-2015 05:22:37 Norton_Power_Eraser_20150801052235059
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 23:25 - 2013-08-22 23:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3CE71C20-A6E8-4A8B-AEFD-692FA4BB41EB} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-20] (Symantec Corporation)
Task: {46673790-328E-4A10-B706-95C246E5F0B4} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-12] (ASUS)
Task: {47F8A701-FF75-4F05-B808-0E98138D9032} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {4A2759A6-A15F-48A7-B1C7-68CF61B446F7} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {4EC1E502-C010-4DEB-8395-1A05B7A834DD} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {5568B230-B24C-4E52-8B8A-1E4C598E88CB} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-15] (ASUSTek Computer Inc.)
Task: {64037C97-642E-44D8-89EB-82DF8AB62B98} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {6E3D3BE7-3EA0-492D-B92C-E5FC69FAEDB3} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-03] (ASUS)
Task: {6FBC2244-6DBF-44D9-83EC-B0B09EBFDCF7} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-20] (Symantec Corporation)
Task: {751661A8-72EA-44B7-B220-14E0AF4E951D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {9FEF29F6-4A8B-495F-B7BE-06E3D566D93D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {A5B45C23-30CD-4092-92AF-6950A52DA6EB} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {BD44C765-CD13-4FA5-B102-E5B40C239927} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-04-01] (AsusTek)
Task: {F021648C-B76A-485C-8690-A434AE109381} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-12] ()
Task: {F0C4D9FA-E463-4B96-A74C-D21492E76199} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\WSCStub.exe [2015-07-17] (Symantec Corporation)
Task: {FD369C32-90E7-485E-BA6E-338A21CB2959} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-28] (ASUSTek Computer Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
==================== Loaded Modules (Whitelisted) ==============
2014-02-12 10:08 - 2014-02-12 10:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-02-24 20:59 - 2014-02-24 20:59 - 00109056 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSHomeCloudAPI.dll
2014-04-03 07:46 - 2014-04-03 07:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-03 07:46 - 2014-04-03 07:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-03 07:46 - 2014-04-03 07:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-03 07:46 - 2014-04-03 07:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\tyson\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2629672351-3235976141-394711740-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tyson\AppData\Local\Microsoft\Windows\INetCache\IE\V65DE3IL\IMG_0042[1].JPG
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{51D12F63-EB9D-465D-8D70-EF1DE5F3A30A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{B7385461-FAE8-4ED3-B46E-97B2398AFFB5}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6AFB8AF8-ADCD-43D1-9F7B-8D415F96F79A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{673B9328-1A5A-411A-B99F-9BFD8A6AD859}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/04/2015 05:59:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.17924, time stamp: 0x55959290
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336
Exception code: 0xc0000005
Fault offset: 0x000000000003d85e
Faulting process id: 0x858
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
Faulting package full name: GWXUX.exe4
Faulting package-relative application ID: GWXUX.exe5
Error: (07/31/2015 04:44:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program RobloxPlayerBeta.exe version 0.206.0.62132 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2664
Start Time: 01d0cb5563cfe537
Termination Time: 513
Application Path: C:\Users\tyson\AppData\Local\Roblox\Versions\version-f14afd2ae3d44173\RobloxPlayerBeta.exe
Report Id: 921fc051-374f-11e5-826f-7824af23aa57
Faulting package full name:
Faulting package-relative application ID:
Error: (07/31/2015 04:09:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17840, time stamp: 0x555fe1bb
Faulting module name: jscript9.dll, version: 11.0.9600.17923, time stamp: 0x559457fb
Exception code: 0xc0000005
Fault offset: 0x00013c31
Faulting process id: 0x29d8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
Error: (07/30/2015 05:48:19 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/27/2015 08:42:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fsx.exe, version: 10.0.60905.0, time stamp: 0x44fd0a92
Faulting module name: KERNEL32.DLL, version: 6.3.9600.17415, time stamp: 0x545049be
Exception code: 0xc0000005
Fault offset: 0x00016fbb
Faulting process id: 0xa54
Faulting application start time: 0xfsx.exe0
Faulting application path: fsx.exe1
Faulting module path: fsx.exe2
Report Id: fsx.exe3
Faulting package full name: fsx.exe4
Faulting package-relative application ID: fsx.exe5
Error: (07/27/2015 08:35:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fsx.exe, version: 10.0.60905.0, time stamp: 0x44fd0a92
Faulting module name: atiumdag.dll, version: 9.14.10.984, time stamp: 0x52124dd6
Exception code: 0xc0000005
Fault offset: 0x00037ece
Faulting process id: 0x1bd4
Faulting application start time: 0xfsx.exe0
Faulting application path: fsx.exe1
Faulting module path: fsx.exe2
Report Id: fsx.exe3
Faulting package full name: fsx.exe4
Faulting package-relative application ID: fsx.exe5
Error: (07/27/2015 04:52:19 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/27/2015 12:28:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fsx.exe, version: 10.0.60905.0, time stamp: 0x44fd0a92
Faulting module name: ai_player.dll, version: 10.0.60905.0, time stamp: 0x44fd0f32
Exception code: 0xc0000005
Fault offset: 0x00031319
Faulting process id: 0xb88
Faulting application start time: 0xfsx.exe0
Faulting application path: fsx.exe1
Faulting module path: fsx.exe2
Report Id: fsx.exe3
Faulting package full name: fsx.exe4
Faulting package-relative application ID: fsx.exe5
Error: (07/27/2015 12:07:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fsx.exe, version: 10.0.60905.0, time stamp: 0x44fd0a92
Faulting module name: atiumdag.dll, version: 9.14.10.984, time stamp: 0x52124dd6
Exception code: 0xc000041d
Fault offset: 0x00037eaa
Faulting process id: 0xb34
Faulting application start time: 0xfsx.exe0
Faulting application path: fsx.exe1
Faulting module path: fsx.exe2
Report Id: fsx.exe3
Faulting package full name: fsx.exe4
Faulting package-relative application ID: fsx.exe5
Error: (07/27/2015 12:07:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fsx.exe, version: 10.0.60905.0, time stamp: 0x44fd0a92
Faulting module name: atiumdag.dll, version: 9.14.10.984, time stamp: 0x52124dd6
Exception code: 0xc0000005
Fault offset: 0x00037eaa
Faulting process id: 0xb34
Faulting application start time: 0xfsx.exe0
Faulting application path: fsx.exe1
Faulting module path: fsx.exe2
Report Id: fsx.exe3
Faulting package full name: fsx.exe4
Faulting package-relative application ID: fsx.exe5
System errors:
=============
Error: (08/05/2015 10:39:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home.
Error: (08/05/2015 10:28:17 AM) (Source: DCOM) (EventID: 10010) (User: 2-GOOD-4-YOU)
Description: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}
Error: (08/04/2015 08:08:45 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
Error: (08/04/2015 08:08:44 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
Error: (08/04/2015 07:34:40 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
Error: (08/04/2015 07:34:39 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
Error: (08/04/2015 07:34:31 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
Error: (08/04/2015 07:34:30 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
Error: (08/04/2015 07:34:28 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
Error: (08/04/2015 07:34:28 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
Microsoft Office:
=========================
Error: (08/04/2015 05:59:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792455959290ntdll.dll6.3.9600.17736550f4336c0000005000000000003d85e85801d0ce8b8419751cC:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dllc2860266-3a7e-11e5-8272-7824af23aa57
Error: (07/31/2015 04:44:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: RobloxPlayerBeta.exe0.206.0.62132266401d0cb5563cfe537513C:\Users\tyson\AppData\Local\Roblox\Versions\version-f14afd2ae3d44173\RobloxPlayerBeta.exe921fc051-374f-11e5-826f-7824af23aa57
Error: (07/31/2015 04:09:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17840555fe1bbjscript9.dll11.0.9600.17923559457fbc000000500013c3129d801d0cb576388f464C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\jscript9.dllbc9f83c0-374a-11e5-826f-7824af23aa57
Error: (07/30/2015 05:48:19 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/27/2015 08:42:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fsx.exe10.0.60905.044fd0a92KERNEL32.DLL6.3.9600.17415545049bec000000500016fbba5401d0c8581c2b041fC:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exeC:\Windows\SYSTEM32\KERNEL32.DLL21c4fa4d-344c-11e5-826e-7824af23aa57
Error: (07/27/2015 08:35:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fsx.exe10.0.60905.044fd0a92atiumdag.dll9.14.10.98452124dd6c000000500037ece1bd401d0c857b09e8152C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exeC:\Windows\SYSTEM32\atiumdag.dll3c27f56a-344b-11e5-826e-7824af23aa57
Error: (07/27/2015 04:52:19 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/27/2015 12:28:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: fsx.exe10.0.60905.044fd0a92ai_player.dll10.0.60905.044fd0f32c000000500031319b8801d0c7ac72416ca0C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exeC:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\ai_player.dll96048977-33a2-11e5-826e-7824af23aa57
Error: (07/27/2015 12:07:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: fsx.exe10.0.60905.044fd0a92atiumdag.dll9.14.10.98452124dd6c000041d00037eaab3401d0c7ac3569f497C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exeC:\Windows\SYSTEM32\atiumdag.dllac73b80c-339f-11e5-826e-7824af23aa57
Error: (07/27/2015 12:07:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: fsx.exe10.0.60905.044fd0a92atiumdag.dll9.14.10.98452124dd6c000000500037eaab3401d0c7ac3569f497C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exeC:\Windows\SYSTEM32\atiumdag.dllaa3524fb-339f-11e5-826e-7824af23aa57
==================== Memory info ===========================
Processor: AMD A8-5550M APU with Radeon HD Graphics
Percentage of memory in use: 37%
Total physical RAM: 7378.4 MB
Available physical RAM: 4630.14 MB
Total Virtual: 16594.4 MB
Available Virtual: 10328.36 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:199.76 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:398.07 GB) (Free:397.93 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: FA5FB210)
Partition: GPT Partition Type.
==================== End of log ============================