Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Removing One System Care [Solved]

Started by arsenicpanda , Oct 15 2015 01:58 PM

  • This topic is locked This topic is locked

#1
arsenicpanda
Posted 15 October 2015 - 01:58 PM

arsenicpanda

    New Member

  • Member
  • Pip
  • 4 posts

Greetings!  A few days ago One System Care appeared on my computer.  I thought it looked fishy, but it didn't seem to affect my computer's performance.  Although, this is a new computer, so I might have not noticed if it was.  Anyway, I just now realized that it was probably malware, so I uninstalled it.  I then realized that it might have left things behind, so I came here from Norton's website to ask how to make sure it's been completely removed from my computer.  I also removed the TrumpWeb extension and Zotero extension from Google Chrome either before or after running the scan,I performed the FRST64 scan.  I wasn't sure if I should run the scan again, so I didn't just to be safe.  Anyway, here are my results:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-10-2015
Ran by Amanda (administrator) on DAGA (15-10-2015 15:44:53)
Running from C:\Users\Amanda\Desktop
Loaded Profiles: Amanda (Available Profiles: Amanda)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start10\Start10_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\N360.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\N360.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
() C:\Program Files\WindowsApps\Microsoft.BingFinance_4.6.169.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Money.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\syswow64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\coNatHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent, Inc.) C:\Windows\Temp\nsl77EB.tmp\Deleted\GamesAppService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\IME\SHARED\ImeBroker.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.13571.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Intel Corporation) C:\Windows\syswow64\IntelCpHeciSvc.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.4.9241.0_x64__8wekyb3d8bbwe\Solitaire.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-03] (NVIDIA Corporation)
HKLM\...\Run: [Onboard] => C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe [3164536 2013-06-19] (Western Digital Technologies, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-05-31] ()
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-06-18] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5524336 2013-06-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{feb360bb-9bef-4744-9e91-b5b696b8761e}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKU\S-1-5-21-2963124140-1568448306-220867630-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.5.0.19
HKU\S-1-5-21-2963124140-1568448306-220867630-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-2963124140-1568448306-220867630-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2963124140-1568448306-220867630-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-10-06] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-06] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-10-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-06] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-10-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-10-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-10-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-10-06] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-06] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-10-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2015-10-13] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [{EBA722F5-038F-4CAF-9EE2-545A221628BC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFPlgn [2015-10-09]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://start.toshiba.com/?cid=C001B2Y
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-06]
CHR Extension: (Google Docs) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-06]
CHR Extension: (Google Drive) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-06]
CHR Extension: (YouTube) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Adblock Plus) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-06]
CHR Extension: (OneTab) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2015-10-06]
CHR Extension: (Norton Security Toolbar) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-10-06]
CHR Extension: (Google Search) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-06]
CHR Extension: (Session Buddy) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2015-10-06]
CHR Extension: (Tabs Outliner) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eggkanocgddhmamlbiijnphhppkpkmkl [2015-10-06]
CHR Extension: (Google Sheets) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-06]
CHR Extension: (Google Docs Offline) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-06]
CHR Extension: (AdBlock) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-06]
CHR Extension: (IE Tab) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2015-10-06]
CHR Extension: (Norton Identity Safe) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-06]
CHR Extension: (rikaikun) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2015-10-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-10-06]
CHR Extension: (Pocket) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2015-10-06]
CHR Extension: (Norton Security Toolbar) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-10-06]
CHR Extension: (Ghostery) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-10-06]
CHR Extension: (Norton Safe) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-10-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-06]
CHR Extension: (Tumblr Savior) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2015-10-06]
CHR Extension: (Gmail) - C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-06]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-06]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-06]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S2 ASUS Flip Service; C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe [17688 2015-07-07] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2842808 2015-09-26] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-10-13] (WildTangent)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2013-08-22] (HP) [File not signed]
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [150256 2015-06-09] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359864 2015-07-01] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-06] (Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\N360.exe [282016 2015-09-24] (Symantec Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 Start10; C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe [219664 2015-02-03] (Stardock Software, Inc)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-06-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270192 2013-06-18] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [101368 2015-09-23] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\BASHDefs\20151008.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605040.018\ccSetx64.sys [173808 2015-09-23] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-08-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-08-20] (Symantec Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [132360 2015-06-15] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [255728 2015-06-09] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\IPSDefs\20151014.001\IDSvia64.sys [767216 2015-10-06] (Symantec Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-25] (Intel Corporation)
R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [214016 2015-07-10] (Microsoft Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [183584 2015-06-12] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20151014.054\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20151014.054\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-28] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-08-28] (Realsil Semiconductor Corporation)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [214016 2015-07-10] (Microsoft Corporation)
R1 SRTSP; C:\Windows\system32\drivers\N360x64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605040.018\SRTSPX64.SYS [50936 2015-09-23] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605040.018\SYMEFASI64.SYS [1620720 2015-09-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605040.018\SymELAM.sys [24192 2015-09-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-10-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605040.018\Ironx64.SYS [297720 2015-09-23] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [212056 2015-07-06] (Windows ® Win 7 DDK provider)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125008 2015-08-13] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-15 15:44 - 2015-10-15 15:45 - 00030172 _____ C:\Users\Amanda\Desktop\FRST.txt
2015-10-15 15:44 - 2015-10-15 15:44 - 00000000 ____D C:\FRST
2015-10-15 15:42 - 2015-10-15 15:44 - 02196992 _____ (Farbar) C:\Users\Amanda\Desktop\FRST64.exe
2015-10-15 15:24 - 2015-10-15 15:24 - 00016148 _____ C:\Windows\system32\DAGA_Amanda_HistoryPrediction.bin
2015-10-14 21:01 - 2015-10-14 21:01 - 00001300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-10-14 21:01 - 2015-10-14 21:01 - 00001288 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-10-14 20:56 - 2015-10-14 20:57 - 00686768 _____ (Adobe Systems Incorporated) C:\Users\Amanda\Downloads\CreativeCloudSet-Up.exe
2015-10-13 21:41 - 2015-10-13 21:41 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\Legacy Games
2015-10-13 21:39 - 2015-10-13 21:39 - 00000000 ____D C:\Program Files (x86)\WildGames
2015-10-13 21:08 - 2015-10-13 21:08 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\Macromedia
2015-10-13 21:05 - 2015-10-13 21:05 - 00002480 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - wildgames.lnk
2015-10-13 21:05 - 2015-10-13 21:05 - 00002464 ____N C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
2015-10-13 21:05 - 2015-10-13 21:05 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\WildTangent
2015-10-13 21:04 - 2015-10-13 21:04 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Amanda\Downloads\SkypeSetup.exe
2015-10-13 21:04 - 2015-10-13 21:04 - 01133760 _____ (WildTangent) C:\Users\Amanda\Downloads\Setup-wildgames!efbede1226764e1d94d82981737552ed.exe
2015-10-12 04:43 - 2015-10-12 04:43 - 00000895 _____ C:\Users\Amanda\AppData\Local\recently-used.xbel
2015-10-12 04:43 - 2015-10-12 04:43 - 00000000 ____D C:\Users\Amanda\AppData\Local\gtk-2.0
2015-10-12 04:43 - 2015-10-12 04:43 - 00000000 ____D C:\Users\Amanda\.thumbnails
2015-10-12 04:33 - 2015-10-13 07:35 - 00000000 ____D C:\Users\Amanda\.gimp-2.8
2015-10-12 04:33 - 2015-10-12 04:33 - 00000941 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-10-12 04:33 - 2015-10-12 04:33 - 00000000 ____D C:\Users\Amanda\AppData\Local\gegl-0.2
2015-10-12 04:32 - 2015-10-12 04:33 - 00000000 ____D C:\Program Files\GIMP 2
2015-10-12 04:31 - 2015-10-12 04:32 - 91931728 _____ (The GIMP Team ) C:\Users\Amanda\Downloads\gimp-2.8.14-setup-1.exe
2015-10-11 21:28 - 2015-10-11 21:28 - 00000000 ____D C:\Users\Amanda\AppData\Local\Microsoft Help
2015-10-11 18:10 - 2015-10-11 18:14 - 00000000 ____D C:\Users\Amanda\Downloads\Reno and Elena Comics
2015-10-10 12:53 - 2015-10-10 12:53 - 00003562 _____ C:\Windows\System32\Tasks\HPLJCustParticipation
2015-10-10 12:53 - 2015-10-10 12:53 - 00001356 _____ C:\Users\Public\Desktop\HP Color LaserJet Pro MFP M476 – Help & Learn Center.lnk
2015-10-10 12:53 - 2015-10-10 12:53 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\Hewlett-Packard Company
2015-10-10 12:52 - 2015-10-10 12:52 - 00001331 _____ C:\Users\Public\Desktop\HP LJ M476 Scan.lnk
2015-10-10 12:52 - 2015-10-10 12:52 - 00000199 _____ C:\Windows\SysWOW64\msiexec.log
2015-10-10 12:52 - 2015-10-10 12:52 - 00000000 ____D C:\Users\Public\Desktop\HP
2015-10-10 12:52 - 2015-10-10 12:52 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\HpUpdate
2015-10-10 12:52 - 2015-10-10 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-10-10 12:52 - 2015-10-10 12:52 - 00000000 ____D C:\Program Files\HP
2015-10-10 12:51 - 2015-10-10 12:51 - 00000261 _____ C:\Windows\system32\AddPort.ini
2015-10-10 12:51 - 2015-10-10 12:51 - 00000000 ____D C:\Users\Amanda\Desktop\HP
2015-10-10 12:50 - 2015-10-10 12:53 - 00000000 ____D C:\Program Files (x86)\HP
2015-10-10 12:49 - 2015-10-10 12:53 - 00000000 ____D C:\ProgramData\HP
2015-10-10 12:48 - 2013-08-19 18:05 - 00957776 _____ (Hewlett-Packard) C:\Windows\system32\hpptsplj476_x64.dll
2015-10-10 12:48 - 2013-08-19 18:05 - 00789840 _____ (Hewlett-Packard) C:\Windows\SysWOW64\hpptsplj476.dll
2015-10-10 12:48 - 2013-05-14 17:23 - 00528208 _____ (Hewlett-Packard) C:\Windows\system32\hpwia2_lj476.dll
2015-10-10 12:48 - 2013-04-05 10:31 - 00557088 _____ (Hewlett-Packard) C:\Windows\system32\hpzjcd01.dll
2015-10-10 12:48 - 2010-10-21 17:15 - 00217656 _____ (Hewlett Packard) C:\Windows\system32\hppscancoins64.dll
2015-10-10 12:43 - 2015-10-10 12:48 - 125069576 _____ C:\Users\Amanda\Downloads\LJPro-MFP-M476-Full-Solution-13302.exe
2015-10-09 19:20 - 2015-10-09 19:27 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\vlc
2015-10-09 19:20 - 2015-10-09 19:20 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\dvdcss
2015-10-09 10:13 - 2015-10-09 10:13 - 00000000 ____D C:\Users\Amanda\IdeaProjects
2015-10-09 08:18 - 2015-10-09 08:20 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-10-09 03:31 - 2015-10-09 03:31 - 00000732 _____ C:\Windows\PFRO.log
2015-10-08 15:16 - 2015-10-08 15:19 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\Apple Computer
2015-10-08 15:16 - 2015-10-08 15:16 - 00000000 ____D C:\Users\Amanda\AppData\Local\Apple Computer
2015-10-08 15:16 - 2015-10-08 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-08 15:16 - 2015-10-08 15:16 - 00000000 ____D C:\ProgramData\Apple Computer
2015-10-08 15:16 - 2015-10-08 15:16 - 00000000 ____D C:\Program Files\iTunes
2015-10-08 15:16 - 2015-10-08 15:16 - 00000000 ____D C:\Program Files\iPod
2015-10-08 15:16 - 2015-10-08 15:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-10-08 15:15 - 2015-10-08 15:15 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-08 15:15 - 2015-10-08 15:15 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-10-08 15:15 - 2015-10-08 15:15 - 00000000 ____D C:\Users\Amanda\AppData\Local\Apple
2015-10-08 15:15 - 2015-10-08 15:15 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-10-08 15:14 - 2015-10-08 15:16 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-08 15:14 - 2015-10-08 15:15 - 00000000 ____D C:\ProgramData\Apple
2015-10-08 15:14 - 2015-10-08 15:14 - 00000000 ____D C:\Users\Amanda\AppData\Local\CEF
2015-10-08 15:14 - 2015-10-08 15:14 - 00000000 ____D C:\Program Files\Bonjour
2015-10-08 15:14 - 2015-10-08 15:14 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-10-08 15:13 - 2015-10-08 15:13 - 00000000 ____D C:\Users\Amanda\AppData\LocalLow\Adobe
2015-10-08 14:45 - 2015-10-09 16:07 - 00003972 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-08 14:44 - 2015-10-14 21:00 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-08 14:44 - 2015-10-08 14:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-08 14:44 - 2015-10-08 14:44 - 00002126 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-10-08 14:43 - 2015-10-14 21:00 - 00000000 ____D C:\ProgramData\Adobe
2015-10-08 14:43 - 2015-10-08 15:13 - 167601944 _____ (Apple Inc.) C:\Users\Amanda\Downloads\iTunes6464Setup.exe
2015-10-08 14:42 - 2015-10-14 20:57 - 00000000 ____D C:\Users\Amanda\AppData\Local\Adobe
2015-10-08 04:35 - 2015-10-08 04:35 - 00003628 _____ C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher
2015-10-08 04:34 - 2015-10-08 04:34 - 00065640 _____ C:\Windows\system32\ASGCoInstaller_x64.dll
2015-10-08 04:34 - 2015-10-08 04:34 - 00000000 ____D C:\ProgramData\SetupTPDriver
2015-10-08 04:28 - 2015-10-08 04:34 - 00000000 ____D C:\Windows\system32\MRT
2015-10-08 04:28 - 2015-08-26 18:37 - 134753440 ____N (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-08 04:23 - 2015-10-08 04:23 - 00000000 ____D C:\Windows\system32\SleepStudy
2015-10-07 19:43 - 2015-10-07 19:43 - 00000000 ____D C:\Users\Amanda\AppData\Local\Cyberlink
2015-10-07 18:22 - 2015-10-07 18:22 - 00002162 _____ C:\Users\Amanda\Desktop\JDownloader 2.lnk
2015-10-07 18:21 - 2015-10-07 18:21 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-10-07 18:13 - 2015-10-12 03:37 - 00000000 ____D C:\Users\Amanda\AppData\Local\JDownloader v2.0
2015-10-07 18:04 - 2015-10-07 18:04 - 00004125 _____ C:\Users\Amanda\Desktop\Fall 2015 - Shortcut.lnk
2015-10-07 17:54 - 2015-10-07 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-10-07 17:54 - 2015-10-07 17:54 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-10-07 17:51 - 2015-10-07 17:51 - 01110476 _____ C:\Users\Amanda\Downloads\7z920.exe
2015-10-07 17:45 - 2015-10-07 17:45 - 00001141 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-10-07 17:45 - 2015-10-07 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-10-07 17:33 - 2015-10-07 17:33 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-10-07 17:27 - 2015-10-07 17:29 - 28849904 _____ C:\Users\Amanda\Downloads\vlc-2.2.1-win32.exe
2015-10-07 13:12 - 2015-10-07 13:12 - 00000000 ____D C:\Users\Amanda\Documents\Textures
2015-10-07 13:12 - 2015-10-07 13:12 - 00000000 ____D C:\Users\Amanda\Documents\Story Ideas
2015-10-07 13:12 - 2015-10-07 13:12 - 00000000 ____D C:\Users\Amanda\Documents\Stories
2015-10-07 13:10 - 2015-10-07 13:12 - 00000000 ____D C:\Users\Amanda\Documents\School
2015-10-07 13:10 - 2015-10-07 13:10 - 00000000 ____D C:\Users\Amanda\Documents\RiffTrax
2015-10-07 13:10 - 2015-10-07 13:10 - 00000000 ____D C:\Users\Amanda\Documents\Recordings
2015-10-07 13:09 - 2015-10-07 13:10 - 00000000 ____D C:\Users\Amanda\Documents\Receipts
2015-10-07 13:09 - 2015-10-07 13:09 - 00000000 ____D C:\Users\Amanda\Documents\Quotes
2015-10-07 13:09 - 2015-10-07 13:09 - 00000000 ____D C:\Users\Amanda\Documents\Quizzes
2015-10-07 13:09 - 2015-10-07 13:09 - 00000000 ____D C:\Users\Amanda\Documents\PS3
2015-10-07 13:09 - 2015-10-07 13:09 - 00000000 ____D C:\Users\Amanda\Documents\PS Vita
2015-10-07 12:54 - 2015-10-07 12:54 - 00000000 ____D C:\Users\Amanda\Documents\Programming
2015-10-07 12:54 - 2015-10-07 12:54 - 00000000 ____D C:\Users\Amanda\Documents\Princess Maker 2
2015-10-07 12:54 - 2015-10-07 12:54 - 00000000 ____D C:\Users\Amanda\Documents\PPSSPP
2015-10-07 12:54 - 2015-10-07 12:54 - 00000000 ____D C:\Users\Amanda\Documents\Other Tabletop RPGs
2015-10-07 12:53 - 2015-10-07 12:54 - 00000000 ____D C:\Users\Amanda\Documents\Other
2015-10-07 12:53 - 2015-10-07 12:53 - 00000000 ___RD C:\Users\Amanda\Documents\My Notes
2015-10-07 12:53 - 2015-10-07 12:53 - 00000000 ____D C:\Users\Amanda\Documents\OneNote Notebooks
2015-10-07 12:53 - 2015-10-07 12:53 - 00000000 ____D C:\Users\Amanda\Documents\Old Stories
2015-10-07 12:53 - 2015-10-07 12:53 - 00000000 ____D C:\Users\Amanda\Documents\Names
2015-10-07 12:53 - 2015-10-07 12:53 - 00000000 ____D C:\Users\Amanda\Documents\My Digital Editions
2015-10-07 12:53 - 2015-10-07 12:53 - 00000000 ____D C:\Users\Amanda\Documents\My Books
2015-10-07 12:47 - 2015-10-07 12:47 - 00000000 ____D C:\Users\Amanda\Documents\Materials
2015-10-07 12:47 - 2015-10-07 12:47 - 00000000 ____D C:\Users\Amanda\Documents\KiSS Dolls
2015-10-07 12:47 - 2015-10-07 12:47 - 00000000 ____D C:\Users\Amanda\Documents\Icons
2015-10-07 12:47 - 2015-10-07 12:47 - 00000000 ____D C:\Users\Amanda\Documents\Humour
2015-10-07 12:46 - 2015-10-07 12:46 - 00000000 ____D C:\Users\Public\Documents\Hewlett-Packard
2015-10-07 12:35 - 2015-10-15 12:00 - 00003544 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-10-07 12:29 - 2015-10-10 12:53 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-10-07 12:22 - 2013-09-04 08:54 - 00444192 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn155.dll
2015-10-07 12:22 - 2013-09-04 08:50 - 00442656 _____ (Hewlett Packard Corporation) C:\Windows\SysWOW64\hpcc3155.DLL
2015-10-07 12:21 - 2013-09-04 08:57 - 00593184 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.DLL
2015-10-07 11:48 - 2015-10-07 12:36 - 00000000 ____D C:\Users\Amanda\Documents\Games
2015-10-07 11:48 - 2015-10-07 11:48 - 00000000 ____D C:\Users\Amanda\Documents\Fax
2015-10-07 11:38 - 2015-10-07 11:47 - 00000000 ____D C:\Users\Amanda\Documents\Exalted Collection
2015-10-07 11:37 - 2015-10-07 11:37 - 00000000 ____D C:\Users\Amanda\Documents\Dungeons and Dragons
2015-10-07 11:37 - 2015-10-07 11:37 - 00000000 ____D C:\Users\Amanda\Documents\Downloaded Fanfiction
2015-10-07 11:37 - 2015-10-07 11:37 - 00000000 ____D C:\Users\Amanda\Documents\Cosplay
2015-10-07 11:37 - 2015-10-07 11:37 - 00000000 ____D C:\Users\Amanda\Documents\Call of Cthulhu
2015-10-07 11:37 - 2015-10-07 11:37 - 00000000 ____D C:\Users\Amanda\Documents\Artwork
2015-10-07 00:18 - 2015-10-07 00:18 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\ASUS Flip
2015-10-06 22:28 - 2015-10-06 22:28 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\JetBrains
2015-10-06 22:28 - 2015-10-06 22:28 - 00000000 ____D C:\Users\Amanda\.android
2015-10-06 22:27 - 2015-10-06 22:27 - 00000000 ____D C:\Users\Amanda\.IdeaIC14
2015-10-06 21:46 - 2015-10-06 21:46 - 00001062 _____ C:\Users\Public\Desktop\IntelliJ IDEA Community Edition 14.1.5.lnk
2015-10-06 21:46 - 2015-10-06 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2015-10-06 21:46 - 2015-10-06 21:46 - 00000000 ____D C:\Program Files (x86)\JetBrains
2015-10-06 21:44 - 2015-10-06 22:31 - 00000000 ____D C:\Users\Amanda\.oracle_jre_usage
2015-10-06 21:44 - 2015-10-06 21:44 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-10-06 21:44 - 2015-10-06 21:44 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\Sun
2015-10-06 21:44 - 2015-10-06 21:44 - 00000000 ____D C:\Users\Amanda\AppData\LocalLow\Sun
2015-10-06 21:44 - 2015-10-06 21:44 - 00000000 ____D C:\ProgramData\Oracle
2015-10-06 21:44 - 2015-10-06 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-06 21:16 - 2015-07-09 20:37 - 07337472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NL7Data0011.dll
2015-10-06 21:16 - 2015-07-09 20:36 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWB70011.dll
2015-10-06 21:16 - 2015-07-09 20:26 - 00736256 _____ (Microsoft Corporation) C:\Windows\system32\MSWB70011.dll
2015-10-06 21:16 - 2015-07-09 20:25 - 07702528 _____ (Microsoft Corporation) C:\Windows\system32\NL7Models0011.dll
2015-10-06 21:16 - 2015-07-09 20:25 - 07562240 _____ (Microsoft Corporation) C:\Windows\system32\NL7Data0011.dll
2015-10-06 21:16 - 2015-07-09 20:25 - 02455040 _____ (Microsoft Corporation) C:\Windows\system32\NL7Lexicons0011.dll
2015-10-06 21:16 - 2015-06-17 18:05 - 00002060 _____ C:\Windows\system32\noise.jpn
2015-10-06 21:16 - 2015-03-27 14:34 - 00002060 _____ C:\Windows\SysWOW64\noise.jpn
2015-10-06 21:15 - 2015-10-06 21:15 - 00001049 _____ C:\Users\Amanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2015-10-06 21:12 - 2015-10-09 18:30 - 00000000 ____D C:\Users\Amanda\AppData\Local\Comms
2015-10-06 21:11 - 2015-10-06 18:25 - 01110944 _____ (Symantec Corporation) C:\Users\Amanda\Downloads\NortonN360Downloader.exe
2015-10-06 21:07 - 2015-10-06 21:07 - 00002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2015-10-06 21:07 - 2015-10-06 21:07 - 00002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2015-10-06 21:07 - 2015-10-06 21:07 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2015-10-06 21:07 - 2015-10-06 21:07 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2015-10-06 21:07 - 2015-10-06 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2015-10-06 21:00 - 2015-10-06 21:00 - 02880680 _____ (Microsoft Corporation) C:\Users\Amanda\Downloads\Setup.X86.en-US_HomeStudentRetail_41948583-7743-4eb8-b8a3-d1e2393e4ce5_TX_PR_.exe
2015-10-06 21:00 - 2015-10-06 21:00 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-06 20:57 - 2015-10-06 20:57 - 00000000 ____D C:\Users\Amanda\AppData\Local\MicrosoftEdge
2015-10-06 20:54 - 2015-10-06 20:54 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\awsRun
2015-10-06 20:50 - 2015-10-06 18:22 - 00002339 _____ C:\Users\Amanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-06 20:50 - 2015-10-06 18:22 - 00000000 ___RD C:\Users\Amanda\OneDrive
2015-10-06 20:49 - 2015-10-06 20:49 - 00000000 ____D C:\Users\Amanda\AppData\Local\NVIDIA
2015-10-06 20:48 - 2015-10-06 20:48 - 00000000 ____D C:\Users\Amanda\AppData\Local\Publishers
2015-10-06 20:47 - 2015-10-12 04:43 - 00000000 ____D C:\Users\Amanda
2015-10-06 20:47 - 2015-10-10 21:01 - 00000000 ____D C:\Users\Amanda\AppData\Local\Packages
2015-10-06 20:47 - 2015-10-08 15:14 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\Adobe
2015-10-06 20:47 - 2015-10-06 20:47 - 00016148 _____ C:\Windows\system32\DESKTOP-E96I5HG_defaultuser0_HistoryPrediction.bin
2015-10-06 20:47 - 2015-10-06 20:47 - 00000020 ___SH C:\Users\Amanda\ntuser.ini
2015-10-06 20:47 - 2015-10-06 20:47 - 00000000 ___RD C:\Users\Amanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-06 20:47 - 2015-10-06 20:47 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\WebStorage
2015-10-06 20:47 - 2015-10-06 20:47 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\Intel
2015-10-06 20:47 - 2015-10-06 20:47 - 00000000 ____D C:\Users\Amanda\AppData\Local\VirtualStore
2015-10-06 20:47 - 2015-10-06 20:47 - 00000000 ____D C:\Users\Amanda\AppData\Local\TileDataLayer
2015-10-06 20:47 - 2015-09-11 21:43 - 00000000 ___RD C:\Users\Amanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-06 20:47 - 2015-09-11 21:43 - 00000000 ___RD C:\Users\Amanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-06 20:47 - 2015-09-11 21:43 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-06 20:47 - 2015-09-11 21:16 - 00000000 __RSD C:\Users\Amanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-06 20:27 - 2015-10-06 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-10-06 20:27 - 2015-10-06 21:44 - 00000000 ____D C:\Program Files\Java
2015-10-06 20:25 - 2015-10-06 20:25 - 00000000 ____D C:\Users\Amanda\AppData\LocalLow\Oracle
2015-10-06 19:49 - 2015-10-06 21:45 - 204485464 _____ C:\Users\Amanda\Downloads\ideaIC-14.1.5.exe
2015-10-06 19:49 - 2015-10-06 20:25 - 195200088 _____ (Oracle Corporation) C:\Users\Amanda\Downloads\jdk-8u60-windows-x64.exe
2015-10-06 19:32 - 2015-10-06 22:32 - 00000000 ____D C:\ProgramData\Stardock
2015-10-06 19:32 - 2015-10-06 19:32 - 00000000 ____D C:\Users\Public\Documents\Stardock
2015-10-06 19:32 - 2015-10-06 19:32 - 00000000 ____D C:\Users\Amanda\AppData\Local\Stardock
2015-10-06 19:32 - 2015-10-06 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2015-10-06 19:31 - 2015-10-06 19:31 - 00000000 ____D C:\Users\Amanda\Downloads\Stardock
2015-10-06 19:31 - 2015-10-06 19:31 - 00000000 ____D C:\Users\Amanda\AppData\Local\NetworkTiles
2015-10-06 19:31 - 2015-10-06 19:31 - 00000000 ____D C:\Program Files (x86)\Stardock
2015-10-06 19:28 - 2015-10-06 19:29 - 35450280 _____ C:\Users\Amanda\Downloads\Start10_1.02_setup_sd.exe
2015-10-06 19:12 - 2015-10-15 07:57 - 00000000 ____D C:\Users\Amanda\AppData\Local\CrashDumps
2015-10-06 19:01 - 2015-10-06 19:01 - 00000000 ____D C:\Windows\System32\Tasks\Western Digital
2015-10-06 18:59 - 2015-10-06 18:59 - 00000000 ____D C:\Users\Amanda\AppData\Local\Western_Digital_Technolog
2015-10-06 18:59 - 2015-10-06 18:59 - 00000000 ____D C:\Users\Amanda\AppData\Local\Western Digital
2015-10-06 18:58 - 2015-10-09 03:34 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2015-10-06 18:58 - 2015-10-06 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2015-10-06 18:58 - 2015-10-06 18:58 - 00000000 ____D C:\Program Files\Western Digital
2015-10-06 18:58 - 2015-10-06 18:58 - 00000000 ____D C:\Program Files\Common Files\Western Digital
2015-10-06 18:58 - 2015-10-06 18:58 - 00000000 ____D C:\Program Files (x86)\Western Digital
2015-10-06 18:57 - 2015-10-06 18:58 - 00000000 ____D C:\ProgramData\Western Digital
2015-10-06 18:55 - 2015-10-06 18:55 - 00014464 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam64.sys
2015-10-06 18:55 - 2015-10-06 18:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-10-06 18:43 - 2015-10-14 10:49 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-06 18:43 - 2015-10-06 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-06 18:42 - 2015-10-15 14:47 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-06 18:42 - 2015-10-11 18:47 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-06 18:42 - 2015-10-06 18:43 - 00000000 ____D C:\Users\Amanda\AppData\Local\Google
2015-10-06 18:42 - 2015-10-06 18:43 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-06 18:42 - 2015-10-06 18:42 - 00003966 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-06 18:42 - 2015-10-06 18:42 - 00003734 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-06 18:41 - 2015-10-06 18:41 - 00929872 _____ (Google Inc.) C:\Users\Amanda\Downloads\ChromeSetup.exe
2015-10-06 18:30 - 2015-10-15 10:27 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2015-10-06 18:28 - 2015-10-06 18:28 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-10-06 18:28 - 2015-10-06 18:28 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-10-06 18:28 - 2015-10-06 18:28 - 00003376 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-10-06 18:28 - 2015-10-06 18:28 - 00002388 _____ C:\Users\Public\Desktop\Norton 360.LNK
2015-10-06 18:28 - 2015-10-06 18:28 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-10-06 18:27 - 2015-10-06 18:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-10-06 18:27 - 2015-10-06 18:27 - 00003834 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-10-06 18:27 - 2015-10-06 18:27 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2015-10-06 18:27 - 2015-10-06 18:27 - 00000000 ____D C:\Program Files (x86)\Norton 360
2015-10-06 18:25 - 2015-10-06 18:30 - 00000000 ____D C:\ProgramData\Norton
2015-10-06 18:25 - 2015-10-06 18:25 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-10-06 18:23 - 2015-10-15 10:15 - 00000165 _____ C:\Users\Amanda\AppData\Roaming\sp_data.sys
2015-10-06 18:23 - 2015-10-09 08:20 - 00000000 ____D C:\ProgramData\USBChargerPlus
2015-10-06 18:23 - 2015-10-06 18:24 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\DropboxOEM
2015-10-06 18:23 - 2015-10-06 18:23 - 00000000 ____D C:\Users\Amanda\AppData\Local\DropboxOEM
2015-10-06 18:19 - 2015-10-06 18:19 - 00016148 _____ C:\Windows\system32\DESKTOP-E96I5HG_Amanda_HistoryPrediction.bin
2015-09-27 01:50 - 2015-09-27 01:50 - 00625848 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2015-09-27 01:50 - 2015-09-27 01:50 - 00381128 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2015-09-27 01:50 - 2015-09-27 01:50 - 00323792 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2015-09-27 01:50 - 2015-09-27 01:50 - 00079544 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2015-09-27 00:07 - 2015-09-27 00:07 - 00430264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2015-09-27 00:07 - 2015-09-27 00:07 - 00257736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2015-09-27 00:07 - 2015-09-27 00:07 - 00234192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2015-09-27 00:07 - 2015-09-27 00:07 - 00075960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-15 15:20 - 2015-09-11 21:43 - 00000000 ____D C:\Windows\system32\sru
2015-10-15 14:51 - 2015-07-10 08:22 - 00000275 _____ C:\Windows\WindowsUpdate.log
2015-10-15 12:00 - 2015-07-29 03:28 - 00003534 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-10-15 10:41 - 2015-09-11 21:43 - 00000000 ____D C:\Windows\AppReadiness
2015-10-15 10:14 - 2015-07-29 03:26 - 00315923 _____ C:\Windows\SysWOW64\Gms.log
2015-10-14 21:01 - 2015-07-29 03:06 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-14 18:08 - 2015-09-11 21:34 - 00000000 ____D C:\Windows\CbsTemp
2015-10-13 21:43 - 2015-07-18 02:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-13 21:39 - 2015-07-18 02:58 - 00000000 ____D C:\ProgramData\WildTangent
2015-10-13 21:39 - 2015-07-18 02:58 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-10-10 12:33 - 2015-09-11 21:43 - 00000000 ____D C:\Windows\system32\NDF
2015-10-09 08:17 - 2015-09-11 20:59 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-10-09 03:32 - 2015-09-11 21:18 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-09 03:31 - 2015-09-11 21:30 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-08 04:35 - 2015-07-29 03:28 - 00000000 ____D C:\Program Files\DIFX
2015-10-08 04:35 - 2015-07-29 03:22 - 00042780 _____ C:\Windows\DPINST.LOG
2015-10-08 04:35 - 2015-07-18 02:57 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-10-08 04:34 - 2015-08-28 00:37 - 04532304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-10-08 04:34 - 2015-08-28 00:37 - 04047288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-10-08 04:34 - 2015-08-28 00:37 - 00988672 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2015-10-08 04:34 - 2015-08-28 00:37 - 00609592 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-10-08 00:05 - 2015-07-18 02:57 - 00875126 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-07 23:10 - 2015-09-11 20:55 - 00012560 _____ C:\Windows\setupact.log
2015-10-07 21:50 - 2015-07-29 03:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-07 19:43 - 2015-07-29 03:38 - 00000000 ____D C:\ProgramData\CyberLink
2015-10-07 04:53 - 2015-09-11 21:43 - 00000000 ____D C:\Windows\appcompat
2015-10-06 21:17 - 2015-09-11 21:48 - 00000000 ____D C:\Windows\OCR
2015-10-06 21:15 - 2015-09-11 21:43 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2015-10-06 21:00 - 2015-09-11 21:43 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-06 20:47 - 2015-09-11 21:43 - 00000000 ___RD C:\Windows\PrintDialog
2015-10-06 20:47 - 2015-09-11 21:43 - 00000000 ___RD C:\Windows\MiracastView
2015-10-06 20:47 - 2015-09-11 21:43 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-10-06 20:47 - 2015-07-29 03:41 - 00006311 _____ C:\Windows\SysWOW64\AsPowerCfg.log
2015-10-06 20:47 - 2015-07-18 03:15 - 00000000 ____D C:\Windows\Log
2015-10-06 20:41 - 2015-09-11 21:52 - 00000000 ___DC C:\Windows\Panther
2015-10-06 20:40 - 2015-09-11 21:43 - 00000000 ____D C:\Windows\rescache
2015-10-06 20:26 - 2015-09-11 21:43 - 00000000 ____D C:\Windows\system32\restore
2015-10-06 18:29 - 2015-09-11 21:30 - 00032768 ___SH C:\Windows\system32\config\ELAM
2015-10-06 18:28 - 2015-09-11 21:43 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-10-06 18:27 - 2015-07-29 03:20 - 00000000 ____D C:\ProgramData\Intel
2015-10-06 18:21 - 2015-09-11 20:54 - 00263016 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-02 13:36 - 2015-09-11 21:44 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-02 13:36 - 2015-09-11 21:44 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-23 20:52 - 2015-06-30 20:14 - 00101368 _____ (ASUS Corporation) C:\Windows\system32\Drivers\AsusTP.sys
 
==================== Files in the root of some directories =======
 
2015-10-06 18:23 - 2015-10-15 10:15 - 0000165 _____ () C:\Users\Amanda\AppData\Roaming\sp_data.sys
2015-10-12 04:43 - 2015-10-12 04:43 - 0000895 _____ () C:\Users\Amanda\AppData\Local\recently-used.xbel
2015-09-11 21:00 - 2015-09-11 21:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-06 20:16
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-10-2015
Ran by Amanda (2015-10-15 15:45:50)
Running from C:\Users\Amanda\Desktop
Windows 10 Home (X64) (2015-10-07 00:43:57)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2963124140-1568448306-220867630-500 - Administrator - Disabled)
Amanda (S-1-5-21-2963124140-1568448306-220867630-1001 - Administrator - Enabled) => C:\Users\Amanda
DefaultAccount (S-1-5-21-2963124140-1568448306-220867630-503 - Limited - Disabled)
Guest (S-1-5-21-2963124140-1568448306-220867630-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASUS FlipLock (HKLM\...\{7C7F8DAC-8ADA-4B86-BCB6-48B6FFB673DD}) (Version: 1.0.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.11.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.77 - ICEpower a/s)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP Color LaserJet Pro MFP M476 (HKLM-x32\...\{4b849805-3b07-4b35-874a-705c0d103672}) (Version: 10.0.13302.320 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
HPCLJProMFPM476 (HKLM-x32\...\{C44C593D-3009-4D03-910E-243050C5E193}) (Version: 0.05.0000 - Hewlett-Packard)
HPDXP (x32 Version: 3.0.26.15 - HP) Hidden
HPLJDXPHelper (x32 Version: 060.048.005 - HP) Hidden
HPLJUTCore (x32 Version: 008.000.0001 - HP) Hidden
HPLJUTM476 (x32 Version: 010.000.0001 - HP) Hidden
hppLaserJetService (x32 Version: 009.033.00906 - Hewlett-Packard) Hidden
hppM476LaserJetService (x32 Version: 001.034.00634 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 100.040.00198 - Hewlett Packard) Hidden
hpStatusAlertsM476 (x32 Version: 100.046.00121 - Hewlett-Packard) Hidden
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.8 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4240 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel® WiDi (HKLM\...\{76FAF7E1-52D0-49F7-A627-E78303F9C7EF}) (Version: 6.0.39.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (x32 Version: 1.1.347 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IntelliJ IDEA Community Edition 14.1.5 (HKLM-x32\...\IntelliJ IDEA Community Edition 14.1.5) (Version: 141.2735.5 - JetBrains s.r.o.)
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jojo's Fashion Show World Tour (x32 Version: 2.2.0.98 - WildTangent) Hidden
LJDXPHelperUI (x32 Version: 060.048.005 - HP) Hidden
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.4229.1029 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Murder She Wrote 2 (x32 Version: 3.0.2.48 - WildTangent) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 22.5.4.24 - Symantec Corporation)
NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.4229.1029 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.4229.1029 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.4229.1029 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7534 - Realtek Semiconductor Corp.)
Satisfashion (x32 Version: 2.2.0.95 - WildTangent) Hidden
Stardock Start10 (HKLM-x32\...\Stardock Start10) (Version: 1.02 - Stardock Software, Inc.)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{2F540611-6560-470F-924A-5F52EFA9156F}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A95E3E66-D5A4-404E-997D-02562AA492E8}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{EC54143B-24CC-47D2-AB39-0F5701988BA4}) (Version: 2.1.0.11 - Western Digital Technologies, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.14 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.0.11.16 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (08/01/2015 10.0.0.5) (HKLM\...\B267A462F49A1ACD7A2EC5C262BA0DC7D7B23891) (Version: 08/01/2015 10.0.0.5 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2963124140-1568448306-220867630-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Restore Points =========================
 
08-10-2015 15:15:17 Installed iTunes
14-10-2015 15:04:14 Windows Update
14-10-2015 15:05:04 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 07:04 - 2015-07-10 07:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0076A7E2-A15D-42F3-8A56-774E9622772C} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2013-04-16] (Hewlett Packard)
Task: {01541C94-2EE6-4DE4-B932-D41A26B72819} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {02C3BE0F-3B0B-4C92-B855-02DC3E1717EA} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {0CD15E24-6E0D-4C08-AFF2-FD64D4256B68} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {1A73CF78-DA21-4059-B684-5C58312656F9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\WSCStub.exe [2015-09-23] (Symantec Corporation)
Task: {27899574-367E-4314-9C5B-323E332140D3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {2A620A7B-3025-42B3-A76E-124F6333BDE3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {2F257307-7DF6-4759-BF24-2F4D193AB9F8} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {35875674-9D9A-4884-9B80-994B32ACA1FB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-09-26] (Microsoft Corporation)
Task: {387A4F20-606C-46E2-A151-DDDBB8393007} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-17] (Realtek Semiconductor)
Task: {56ACF810-248E-44F0-AF9B-886A0CD69E13} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {56D182FF-1C42-415B-9081-90C9019666FE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {64D81ADA-9EF0-4312-BFE7-3202A6F4A299} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation)
Task: {6A63F311-B634-4722-A602-DE779B4D1FF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-06] (Google Inc.)
Task: {77EB46BC-0979-4EF6-AEBE-391DFDCE9AFB} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {811C8C9A-F1FA-40F2-905F-E55EC682F128} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-17] (Realtek Semiconductor)
Task: {85E362F5-BD15-4D5C-A907-B423D65B3224} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {8F07A5B6-7F83-4E95-A33E-43F6C8E482A5} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-09-23] (AsusTek)
Task: {95081FEB-A86E-44B6-9367-D34F24F6C51A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-06] (Google Inc.)
Task: {9A5671C5-3E70-4A83-9D03-8E8EFF4822D8} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {A0E3265C-A5CE-4BBB-AFE3-BE8CA3D6F306} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {A36DD29C-90CC-41EE-96EA-BEB31EAFB875} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {B6F9F27B-F011-4352-BF53-1BAC75A32503} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation)
Task: {B7BF1A54-1368-48BB-838F-7C9D2EA0C25C} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {CC219F74-0678-4B4A-86B4-12CD2CA5F74A} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2015-05-29] (ASUSTek Computer INC.)
Task: {CDC230FC-62BD-46C7-A466-9D24CFCA4495} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {E3CEA6F6-E45D-42A1-A468-D791B8D07DE4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-09-26] (Microsoft Corporation)
Task: {E4189DB1-62DA-40A2-BCB4-E4DA02D54DD5} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-06-09] (ASUS)
Task: {E9376826-D0FC-40F9-B0AD-22B80BC99E24} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation)
Task: {FADC01BB-A30A-4128-9396-917FAA6B61AF} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-07-10 07:00 - 2015-07-10 07:00 - 00028160 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-07-10 07:00 - 2015-09-11 21:40 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-07-10 07:00 - 2015-07-10 07:00 - 00009216 _____ () C:\Windows\System32\WppRecorderUM.dll
2015-09-11 20:59 - 2015-07-13 13:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-18 02:56 - 2015-09-11 21:39 - 00403968 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-06 21:00 - 2015-09-26 22:46 - 00161448 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-07-29 03:39 - 2014-04-14 21:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-07-10 07:00 - 2015-09-11 21:41 - 02498296 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-07-17 05:44 - 2015-07-01 09:23 - 00404920 _____ () C:\Windows\system32\igfxTray.exe
2015-05-29 19:10 - 2015-05-29 19:10 - 00505200 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
2015-10-10 11:36 - 2015-10-10 11:36 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.6.169.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Money.exe
2015-07-10 07:00 - 2015-09-11 21:41 - 02498296 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-09-11 19:02 - 2015-09-11 19:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-10-06 21:08 - 2015-10-06 21:08 - 08901800 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 07:00 - 2015-09-11 21:40 - 06579712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-10 07:00 - 2015-09-11 21:40 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-07-10 07:00 - 2015-07-10 07:00 - 00226816 _____ () C:\Windows\System32\mtf.dll
2015-07-10 07:00 - 2015-07-10 07:00 - 00257024 _____ () C:\Windows\System32\mtfserver.dll
2015-10-07 00:33 - 2015-10-07 00:34 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-10-07 00:33 - 2015-10-07 00:34 - 10814464 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-10-11 12:05 - 2015-10-11 12:06 - 00173056 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.4.9241.0_x64__8wekyb3d8bbwe\CellNativeClientUniversal.dll
2015-10-07 00:29 - 2015-10-07 00:30 - 04485808 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.4.9241.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2015-06-24 04:07 - 2015-06-24 04:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-06-09 23:25 - 2015-06-09 23:25 - 00035376 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-06-09 23:25 - 2015-06-09 23:25 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-05-29 19:09 - 2015-05-29 19:09 - 00214384 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\Ledger.dll
2015-05-29 19:10 - 2015-05-29 19:10 - 00114032 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\zlib1.dll
2015-07-29 03:15 - 2015-06-03 17:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-04-27 13:24 - 2013-04-27 13:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2015-10-10 11:36 - 2015-10-10 11:36 - 12427264 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.6.169.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Money.dll
2015-10-09 08:24 - 2015-10-09 08:24 - 00938496 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.6.169.0_x86__8wekyb3d8bbwe\SQLite3Wrapper.dll
2015-10-07 00:08 - 2015-10-07 00:08 - 03517616 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.6.169.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll
2015-10-07 00:08 - 2015-10-07 00:08 - 00645120 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.6.169.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
2015-07-10 07:00 - 2015-07-10 07:00 - 00226816 _____ () C:\Windows\SYSTEM32\mtf.dll
2015-10-06 18:43 - 2015-09-23 22:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-10-06 18:43 - 2015-09-23 22:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2963124140-1568448306-220867630-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Amanda\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\ami (5).png
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0FD0CC3E-5A48-4543-8417-1C630DF58760}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{846D8695-7713-4550-A0AB-1AFA4C2A8E17}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{CB32EFDC-71F4-4175-8D49-1C624881541A}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{93BEB29C-C954-4D63-9829-FC072F044D98}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe
FirewallRules: [{5BBA0EDE-2608-46BF-8A13-FF6661CFA470}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{ACEE3A72-72D6-43C1-94F7-029AF222B482}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{697EFE11-2371-478F-83A5-60F3219C6B71}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{19A72A74-4D20-46E0-BA10-6887A55EA87E}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{80BF0FAF-E3FB-441A-B231-71AEFA08C798}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{212C90B6-1B07-4A48-9E1D-CEE3B3245519}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D0D2049-F597-4DB9-929B-B1C8FFAC68D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5567222B-233F-461C-9D75-2BD0341E0970}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B417EFFC-63BE-4C4D-BC2E-078367ED6B54}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3DD4AFD3-C4EB-4CFA-9D6C-0C3E91839E03}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M476\bin\SendAFax.exe
FirewallRules: [{790D7925-1FD9-46D3-A8DA-BEAF480A7D22}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M476\bin\FaxPrinterUtility.exe
FirewallRules: [{4DAFA49C-0687-4A47-8976-712496AF34D9}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M476\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{233D28B6-811B-4509-9845-F65C867853F6}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M476\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{2F36DE0A-22C3-459F-877F-BFBC73412DA0}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M476\bin\DigitalWizards.exe
FirewallRules: [{31D7B678-015F-42C4-92EF-00A9724DC857}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M476\bin\FaxApplications.exe
FirewallRules: [{BD22ADDE-41B3-4D54-B50B-D1409345456D}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M476\bin\EWSProxy.exe
FirewallRules: [{2CDE35E4-1DAD-4434-BC83-DB621720D83C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/15/2015 10:14:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Daga.local already in use; will try Daga-2.local instead
 
Error: (10/15/2015 10:14:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister    4 Daga.local. Addr 192.168.1.91
 
Error: (10/15/2015 10:14:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.91:5353   16 Daga.local. AAAA 2602:0306:BCA8:6F40:C18D:FE9C:124D:85B9
 
Error: (10/15/2015 09:19:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109
 
Error: (10/15/2015 09:19:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1109
 
Error: (10/15/2015 09:19:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/15/2015 07:59:35 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5508) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
 
Error: (10/15/2015 07:59:35 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5508) An attempt to create the file "C:\Windows\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).
 
Error: (10/15/2015 07:59:25 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5508) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
 
Error: (10/15/2015 07:59:25 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5508) An attempt to create the file "C:\Windows\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).
 
 
System errors:
=============
Error: (10/14/2015 08:32:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
 
 Code: 8 0x0 0x0
 
Error: (10/14/2015 08:32:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
 
 Code: 4 0x0 0x0
 
Error: (10/14/2015 08:32:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
 
 Code: 1 0xc 0x6
 
Error: (10/14/2015 08:27:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP LaserJet Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/10/2015 11:36:44 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: CRT RTM.
 
Error: (10/09/2015 06:27:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
 
 Code: 8 0x0 0x0
 
Error: (10/09/2015 06:27:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
 
 Code: 4 0x0 0x0
 
Error: (10/09/2015 06:27:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
 
 Code: 1 0x0 0x6
 
Error: (10/09/2015 08:20:23 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (10/09/2015 08:20:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 52%
Total physical RAM: 8094.47 MB
Available physical RAM: 3833.62 MB
Total Virtual: 13948.71 MB
Available Virtual: 7319.46 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:930.75 GB) (Free:246.67 GB) NTFS
Drive d: (<THE_TWILIGHT_SAGA_ECLIPSE>) (CDROM) (Total:7.92 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C642963B)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

Edited by arsenicpanda, 15 October 2015 - 02:15 PM.

  • 0

Advertisements

#2
Essexboy
Posted 17 October 2015 - 08:03 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Looks clean to me :)
 
But lets run a few tests to be sure

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download Junkware Removal Tool to your desktop.
  • Right-mouse click JRT.exe and select "Run as Administrator" the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • post the contents of JRT.txt into your next message.

  • 0

#3
arsenicpanda
Posted 17 October 2015 - 11:19 AM

arsenicpanda

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Fix result of Farbar Recovery Scan Tool (x64) Version:15-10-2015
Ran by Amanda (2015-10-17 12:59:50) Run:1
Running from C:\Users\Amanda\Desktop
Loaded Profiles: Amanda (Available Profiles: Amanda)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
 
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2963124140-1568448306-220867630-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2963124140-1568448306-220867630-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.8.10240 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {D2A441C2-CBF2-4151-8734-9BE99C7BE757}.
Unable to cancel {DFAC62A0-CCAD-492D-9B36-682841FAECED}.
Unable to cancel {C6864EC2-7D5C-4C91-BAC8-DDEFD8AA4B0B}.
0 out of 3 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 1.1 GB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 13:01:48 ====
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 10 Home x64
Ran by Amanda on Sat 10/17/2015 at 13:14:17.21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
Successfully deleted: [Task] C:\Windows\system32\tasks\DropboxOEM
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\Amanda\AppData\Roaming\sp_data.sys
 
 
 
~~~ Folders
 
 
 
~~~ Chrome
 
 
[C:\Users\Amanda\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Amanda\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Amanda\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Amanda\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 10/17/2015 at 13:16:54.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

  • 0

#4
Essexboy
Posted 17 October 2015 - 11:41 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Are you experiencing any problems ?


  • 0

#5
arsenicpanda
Posted 17 October 2015 - 11:43 AM

arsenicpanda

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Nope, it works great!  Thank you so much!  Also, can I remove FRST, JRT, and the text documents from laptop now?


Edited by arsenicpanda, 17 October 2015 - 11:43 AM.

  • 0

#6
Essexboy
Posted 17 October 2015 - 11:44 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#7
arsenicpanda
Posted 17 October 2015 - 11:51 AM

arsenicpanda

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Do I need to save these to my desktop or can I save them anywhere?  Also, should I delete FRST and JRT before or after running these?  Also also, Norton decided delfix_1.010.exe was not secure and deleted, so what should I do about that?  Oh, will uninstalling and reinstalling Java with JavaRa change the directories and contents for Java, specifically the jdk?  What I'm trying to ask is: will I need to alter the settings for the Java compiler I use for class (IntelliJ)?


Edited by arsenicpanda, 17 October 2015 - 12:07 PM.

  • 0

#8
Essexboy
Posted 17 October 2015 - 12:34 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Delfix will delete FRST and JRT it is a safe programme to use

Yes the Java directories are set to default
  • 0

#9
Essexboy
Posted 18 October 2015 - 07:33 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP