Hello,
My computer is very slow all of a sudden and I am getting several ad popups when I open Chrome.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Carla (administrator) on SCARLET_ROSE (01-04-2016 11:42:15)
Running from C:\Users\Carla\Desktop
Loaded Profiles: Carla (Available Profiles: Carla)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
(Spotify Ltd) C:\Users\Carla\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.4.537\AsusWSPanel.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.4.537\ASUSWSLoader.exe [63272 2015-10-12] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-4253610457-426110753-930474911-1001\...\Run: [GoogleChromeAutoLaunch_92C0FC63908EA4D589DA4051E023A4FC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136 2016-03-27] (Google Inc.)
HKU\S-1-5-21-4253610457-426110753-930474911-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-4253610457-426110753-930474911-1001\...\Run: [Spotify Web Helper] => C:\Users\Carla\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-03-24] (Spotify Ltd)
HKU\S-1-5-21-4253610457-426110753-930474911-1001\...\Run: [Spotify] => C:\Users\Carla\AppData\Roaming\Spotify\Spotify.exe [6805616 2016-03-24] (Spotify Ltd)
HKU\S-1-5-21-4253610457-426110753-930474911-1001\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-4253610457-426110753-930474911-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-4253610457-426110753-930474911-1001\...\RunOnce: [Uninstall C:\Users\Carla\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Carla\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.4.537\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.4.537\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.4.537\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-03-27] (AVAST Software)
Startup: C:\Users\Carla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-03-27]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{85da11a5-af96-461a-bbe7-503fc2d20007}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{a93a4c31-0a37-4ae9-82fa-5ed3300f2270}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{dd0fa905-c8ce-4b50-8f29-817dda430a81}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-4253610457-426110753-930474911-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-4253610457-426110753-930474911-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-4253610457-426110753-930474911-1001 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4253610457-426110753-930474911-1001 -> {99FE3EC2-9CC1-4C46-9574-C0185A428BE1} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-03-31] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-27] (AVAST Software)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-31] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll [2016-03-27] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2015-11-26] (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-27] (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-03-27] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-31] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-31] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-23] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-23] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-03-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-03-27] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-03-31] (Microsoft Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2015-11-26] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-27]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\McAfee\MSK => not found
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Carla\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Carla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-01]
CHR Extension: (Google Docs) - C:\Users\Carla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-01]
CHR Extension: (Google Drive) - C:\Users\Carla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (YouTube) - C:\Users\Carla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-01]
CHR Extension: (Google Search) - C:\Users\Carla\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
CHR Extension: (Google Sheets) - C:\Users\Carla\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-01]
CHR Extension: (Google Docs Offline) - C:\Users\Carla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Avast Online Security) - C:\Users\Carla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-03-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Carla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-01]
CHR Extension: (Gmail) - C:\Users\Carla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-01]
CHR HKLM-x32\...\Chrome\Extension: [aaffhmecfaelkngcbnfdkcckmillnoki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-27]
CHR HKLM-x32\...\Chrome\Extension: [nogdfjjfhknacchjpiccacoimeelkajb] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88400 2015-11-26] (Perfect World Entertainment Inc)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-19] (ASUS Cloud Corporation) [File not signed]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-27] (AVAST Software)
S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [263168 2013-07-03] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2823920 2016-03-20] (Microsoft Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [203296 2016-03-19] (Microsoft Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-03-27] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-03-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-03-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-03-27] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-03-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-03-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-03-27] (AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.)
U5 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [670056 2014-06-25] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-27] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek )
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-01 11:35 - 2016-04-01 11:37 - 00033095 _____ C:\Users\Carla\Desktop\Addition.txt
2016-04-01 11:33 - 2016-04-01 11:42 - 00019947 _____ C:\Users\Carla\Desktop\FRST.txt
2016-04-01 11:33 - 2016-04-01 11:42 - 00000000 ____D C:\FRST
2016-04-01 11:28 - 2016-04-01 11:33 - 02374144 _____ (Farbar) C:\Users\Carla\Desktop\FRST64.exe
2016-03-30 21:26 - 2016-03-30 21:26 - 00002439 _____ C:\Users\Carla\Desktop\Outlook 2016.lnk
2016-03-30 16:10 - 2016-03-30 23:02 - 00000000 ____D C:\Users\Carla\AppData\LocalLow\uTorrent
2016-03-30 13:29 - 2016-03-30 13:29 - 01498747 _____ C:\Users\Carla\Desktop\(68) Facebook.html
2016-03-30 13:29 - 2016-03-30 13:29 - 00000000 ____D C:\Users\Carla\Desktop\(68) Facebook_files
2016-03-29 00:31 - 2016-03-29 00:31 - 00138627 _____ C:\Users\Carla\Desktop\Wish _ gold sealing wax.html
2016-03-29 00:31 - 2016-03-29 00:31 - 00000000 ____D C:\Users\Carla\Desktop\Wish _ gold sealing wax_files
2016-03-29 00:29 - 2016-03-29 00:29 - 00052610 _____ C:\Users\Carla\Desktop\Wish _ retail 1set=1pcs Wax stamp sealing wax spoon vintage wood handle sealing wax spoon anti hot wax spoon Postcard.html
2016-03-29 00:29 - 2016-03-29 00:29 - 00000000 ____D C:\Users\Carla\Desktop\Wish _ retail 1set=1pcs Wax stamp sealing wax spoon vintage wood handle sealing wax spoon anti hot wax spoon Postcard_files
2016-03-28 13:47 - 2016-03-28 13:47 - 00356272 _____ C:\Users\Carla\Desktop\Grocery Bag Holder _ Make It and Love It.html
2016-03-28 13:47 - 2016-03-28 13:47 - 00000000 ____D C:\Users\Carla\Desktop\Grocery Bag Holder _ Make It and Love It_files
2016-03-28 13:28 - 2016-03-28 13:28 - 00003172 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1459196909
2016-03-28 13:28 - 2016-03-28 13:28 - 00001084 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-03-28 13:28 - 2016-03-28 13:28 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-03-28 13:28 - 2016-03-28 13:27 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-03-27 12:05 - 2016-03-27 11:47 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-03-27 11:50 - 2016-03-27 16:47 - 00002013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-03-27 11:50 - 2016-03-27 16:47 - 00002007 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-03-27 11:50 - 2016-03-27 11:50 - 00000000 ____D C:\Users\Carla\AppData\Roaming\AVAST Software
2016-03-27 11:48 - 2016-03-27 12:06 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-03-27 11:48 - 2016-03-27 11:49 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-03-27 11:48 - 2016-03-27 11:49 - 00463744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-03-27 11:48 - 2016-03-27 11:49 - 00287016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-03-27 11:48 - 2016-03-27 11:49 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-03-27 11:48 - 2016-03-27 11:47 - 00165344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-03-27 11:48 - 2016-03-27 11:47 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-03-27 11:48 - 2016-03-27 11:47 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-03-27 11:48 - 2016-03-27 11:47 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-03-27 11:47 - 2016-03-27 11:47 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-03-27 11:43 - 2016-03-28 13:27 - 00000000 ____D C:\Program Files\AVAST Software
2016-03-27 11:38 - 2016-03-28 13:27 - 00000000 ____D C:\ProgramData\AVAST Software
2016-03-24 20:29 - 2016-03-24 20:29 - 00472023 _____ C:\Users\Carla\Desktop\Lumbar Support Pillow.pdf
2016-03-24 18:45 - 2016-03-24 18:45 - 00410776 _____ C:\Users\Carla\Desktop\kolaches recipe - Google Search.html
2016-03-24 18:45 - 2016-03-24 18:45 - 00000000 ____D C:\Users\Carla\Desktop\kolaches recipe - Google Search_files
2016-03-24 14:39 - 2016-03-24 14:39 - 00124498 _____ C:\Users\Carla\Desktop\World Themes for Preschoolers _ Geography Subscription for Preschoolers.html
2016-03-24 14:39 - 2016-03-24 14:39 - 00000000 ____D C:\Users\Carla\Desktop\World Themes for Preschoolers _ Geography Subscription for Preschoolers_files
2016-03-24 14:37 - 2016-03-24 14:37 - 00119194 _____ C:\Users\Carla\Desktop\Little Passports - A Global Online Adventure for Children and Kids (educational games, activities, learning, toys).html
2016-03-24 14:37 - 2016-03-24 14:37 - 00000000 ____D C:\Users\Carla\Desktop\Little Passports - A Global Online Adventure for Children and Kids (educational games, activities, learning, toys)_files
2016-03-23 12:54 - 2016-03-23 12:54 - 00065355 _____ C:\Users\Carla\Desktop\Message Received _ Belgian Malinois K-9 Police Dogs _ Ruidoso Malinois.html
2016-03-23 12:54 - 2016-03-23 12:54 - 00000000 ____D C:\Users\Carla\Desktop\Message Received _ Belgian Malinois K-9 Police Dogs _ Ruidoso Malinois_files
2016-03-21 19:14 - 2016-03-27 16:46 - 00001163 _____ C:\Users\Carla\AppData\Roaming\Microsoft\Windows\Start Menu\Metro Color Match.lnk
2016-03-21 19:14 - 2016-03-27 16:46 - 00001139 _____ C:\Users\Carla\Desktop\Metro Color Match.lnk
2016-03-21 19:14 - 2016-03-21 19:14 - 00000000 ____D C:\Users\Carla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Metro Color Match
2016-03-21 19:14 - 2016-03-21 19:14 - 00000000 ____D C:\Program Files (x86)\fastrac software
2016-03-17 00:32 - 2016-03-17 00:32 - 00420888 _____ C:\Users\Carla\Desktop\Jon's Experian Credit Report 3-17-16.pdf
2016-03-17 00:15 - 2016-03-17 00:15 - 00215112 _____ C:\Users\Carla\Desktop\Jared's Experian Credit Report 3-17-16.pdf
2016-03-12 19:00 - 2016-03-12 19:00 - 00011890 _____ C:\Users\Carla\Downloads\Krakens-Revenge-Roster-5.xlsx
2016-03-12 18:33 - 2016-03-12 18:33 - 00050180 _____ C:\Users\Carla\Downloads\Sea-Wraith-Roster (1).xlsx
2016-03-12 18:32 - 2016-03-12 19:45 - 00019690 _____ C:\Users\Carla\Downloads\Sea-Wraith-Roster.xlsx
2016-03-10 22:04 - 2016-03-10 22:04 - 00034854 _____ C:\Users\Carla\Downloads\Krakens-Revenge-Roster (5).xlsx
2016-03-10 22:04 - 2016-03-10 22:04 - 00034854 _____ C:\Users\Carla\Downloads\Krakens-Revenge-Roster (4).xlsx
2016-03-10 22:04 - 2016-03-10 22:04 - 00034854 _____ C:\Users\Carla\Downloads\Krakens-Revenge-Roster (3).xlsx
2016-03-10 22:01 - 2016-03-10 22:01 - 00034854 _____ C:\Users\Carla\Downloads\Krakens-Revenge-Roster (2).xlsx
2016-03-10 16:41 - 2016-03-10 17:53 - 00000000 ____D C:\Users\Carla\Desktop\New folder
2016-03-10 02:30 - 2016-03-10 02:55 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-10 02:24 - 2016-03-10 02:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-10 02:24 - 2016-03-10 02:24 - 00000000 ____D C:\Program Files\CCleaner
2016-03-09 19:10 - 2016-03-09 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2015
2016-03-09 19:10 - 2014-08-28 23:09 - 04200664 _____ (Amyuni Technologies hxxp://www.amyuni.com) C:\WINDOWS\SysWOW64\cdintf400.dll
2016-03-09 19:05 - 2016-03-09 19:07 - 00000000 ____D C:\Users\Carla\Desktop\Quicken H&B 2015
2016-03-09 19:00 - 2016-03-27 16:47 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-03-09 19:00 - 2016-03-09 19:00 - 00000000 ____D C:\Users\Carla\AppData\Local\Apple
2016-03-09 19:00 - 2016-03-09 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-03-09 19:00 - 2016-03-09 19:00 - 00000000 ____D C:\ProgramData\Apple Computer
2016-03-09 19:00 - 2016-03-09 19:00 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-03-09 19:00 - 2016-03-09 19:00 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-03-09 18:59 - 2016-03-09 18:59 - 00000000 ____D C:\Users\Carla\AppData\LocalLow\Apple Computer
2016-03-09 00:56 - 2016-02-24 02:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 00:56 - 2016-02-23 23:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 00:56 - 2016-02-23 23:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 00:56 - 2016-02-23 23:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 00:56 - 2016-02-23 23:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 00:56 - 2016-02-23 22:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 00:56 - 2016-02-23 22:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 00:56 - 2016-02-23 22:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 00:55 - 2016-02-23 22:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 00:55 - 2016-02-23 22:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 00:55 - 2016-02-23 22:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 00:54 - 2016-02-24 02:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 00:54 - 2016-02-23 23:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 00:54 - 2016-02-23 22:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 00:54 - 2016-02-23 22:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 00:53 - 2016-02-24 01:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 00:53 - 2016-02-24 01:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 00:53 - 2016-02-23 23:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 00:53 - 2016-02-23 22:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 00:53 - 2016-02-23 22:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 00:53 - 2016-02-23 21:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 00:53 - 2016-02-23 21:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 00:52 - 2016-02-24 01:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 00:52 - 2016-02-23 23:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 00:52 - 2016-02-23 23:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 00:51 - 2016-02-29 22:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 00:51 - 2016-02-29 22:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 00:51 - 2016-02-24 02:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 00:51 - 2016-02-24 02:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 00:51 - 2016-02-24 02:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 00:51 - 2016-02-24 01:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 00:51 - 2016-02-24 01:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 00:51 - 2016-02-24 01:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 00:51 - 2016-02-24 01:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 00:51 - 2016-02-24 00:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 00:51 - 2016-02-23 23:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 00:51 - 2016-02-23 23:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 00:51 - 2016-02-23 23:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 00:51 - 2016-02-23 23:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 00:50 - 2016-02-24 02:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 00:50 - 2016-02-24 01:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 00:50 - 2016-02-24 01:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 00:50 - 2016-02-24 01:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 00:50 - 2016-02-24 01:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 00:50 - 2016-02-24 01:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 00:50 - 2016-02-24 01:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 00:50 - 2016-02-24 01:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 00:50 - 2016-02-24 01:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 00:50 - 2016-02-24 00:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 00:50 - 2016-02-23 23:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 00:50 - 2016-02-23 23:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 00:50 - 2016-02-23 23:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 00:50 - 2016-02-23 23:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 00:50 - 2016-02-23 23:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 00:50 - 2016-02-23 23:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 00:50 - 2016-02-23 23:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 00:50 - 2016-02-23 23:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 00:50 - 2016-02-23 23:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 00:50 - 2016-02-23 23:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 00:50 - 2016-02-23 23:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 00:49 - 2016-02-24 01:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 00:49 - 2016-02-24 01:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 00:49 - 2016-02-24 00:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 00:49 - 2016-02-24 00:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 00:49 - 2016-02-24 00:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 00:49 - 2016-02-24 00:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 00:49 - 2016-02-24 00:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 00:49 - 2016-02-24 00:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 00:49 - 2016-02-24 00:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 00:49 - 2016-02-23 23:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 00:49 - 2016-02-23 23:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 00:49 - 2016-02-23 23:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 00:49 - 2016-02-23 23:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 00:49 - 2016-02-23 23:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 00:49 - 2016-02-23 23:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 00:49 - 2016-02-23 23:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 00:49 - 2016-02-23 23:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 00:49 - 2016-02-23 23:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 00:49 - 2016-02-23 23:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 00:49 - 2016-02-23 23:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 00:49 - 2016-02-23 22:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 00:48 - 2016-02-24 01:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 00:48 - 2016-02-24 00:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 00:48 - 2016-02-24 00:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 00:48 - 2016-02-24 00:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 00:48 - 2016-02-24 00:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 00:48 - 2016-02-23 23:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 00:48 - 2016-02-23 23:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 00:48 - 2016-02-23 23:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 00:48 - 2016-02-23 23:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 00:48 - 2016-02-23 23:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 00:48 - 2016-02-23 23:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 00:48 - 2016-02-23 22:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 00:47 - 2016-02-24 01:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 00:47 - 2016-02-24 01:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 00:47 - 2016-02-24 00:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 00:47 - 2016-02-24 00:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 00:47 - 2016-02-24 00:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 00:47 - 2016-02-24 00:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 00:47 - 2016-02-23 23:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 00:47 - 2016-02-23 23:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 00:46 - 2016-02-24 02:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 00:46 - 2016-02-24 02:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 00:46 - 2016-02-24 01:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 00:46 - 2016-02-24 00:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 00:46 - 2016-02-24 00:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 00:46 - 2016-02-24 00:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 00:46 - 2016-02-24 00:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 00:46 - 2016-02-24 00:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 00:46 - 2016-02-24 00:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 00:46 - 2016-02-24 00:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 00:46 - 2016-02-24 00:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 00:46 - 2016-02-24 00:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 00:46 - 2016-02-24 00:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 00:46 - 2016-02-24 00:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 00:46 - 2016-02-23 23:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 00:46 - 2016-02-23 23:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 00:46 - 2016-02-23 23:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 00:46 - 2016-02-23 23:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 00:46 - 2016-02-23 23:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 00:46 - 2016-02-23 23:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 00:46 - 2016-02-23 23:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 00:46 - 2016-02-23 22:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 00:45 - 2016-02-24 00:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 00:45 - 2016-02-24 00:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 00:45 - 2016-02-24 00:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 00:45 - 2016-02-24 00:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 00:45 - 2016-02-24 00:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 00:45 - 2016-02-24 00:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 00:45 - 2016-02-24 00:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 00:45 - 2016-02-24 00:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 00:45 - 2016-02-24 00:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 00:45 - 2016-02-24 00:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 00:45 - 2016-02-23 23:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 00:45 - 2016-02-23 23:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 00:45 - 2016-02-23 23:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 00:45 - 2016-02-23 23:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 00:45 - 2016-02-23 23:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 00:45 - 2016-02-23 23:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 00:45 - 2016-02-23 23:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 00:45 - 2016-02-23 23:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 00:45 - 2016-02-23 23:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 00:45 - 2016-02-23 23:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 00:45 - 2016-02-23 23:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 00:44 - 2016-02-24 00:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 00:44 - 2016-02-24 00:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 00:44 - 2016-02-23 23:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 00:44 - 2016-02-23 23:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 00:44 - 2016-02-23 23:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 00:44 - 2016-02-23 23:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 00:44 - 2016-02-23 23:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-09 00:44 - 2016-02-23 23:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 00:44 - 2016-02-23 23:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-08 17:33 - 2016-03-27 16:46 - 00002087 _____ C:\Users\Carla\Desktop\PE-DESIGN NEXT.lnk
2016-03-07 21:25 - 2016-03-07 21:26 - 38472170 _____ C:\Users\Carla\Desktop\PE Design NEXT - Instruction Manual.pdf
2016-03-07 20:33 - 2016-03-06 23:01 - 189012022 ____N C:\Users\Carla\Desktop\record20160306182348.3gpp
2016-03-05 19:51 - 2016-03-05 19:51 - 00231011 _____ C:\Users\Carla\Desktop\AngelicaS.html
2016-03-05 19:51 - 2016-03-05 19:51 - 00000000 ____D C:\Users\Carla\Desktop\AngelicaS_files
2016-03-05 19:49 - 2016-03-05 19:49 - 00263490 _____ C:\Users\Carla\Desktop\AngelicaS_ Ohoy!!.html
2016-03-05 19:49 - 2016-03-05 19:49 - 00000000 ____D C:\Users\Carla\Desktop\AngelicaS_ Ohoy!!_files
2016-03-05 18:58 - 2016-03-05 19:00 - 00000000 ____D C:\Users\Carla\Desktop\House and Garden
2016-03-05 18:58 - 2016-03-05 18:59 - 00000000 ____D C:\Users\Carla\Desktop\Vacations
2016-03-05 18:51 - 2016-03-05 18:51 - 00024654 _____ C:\Users\Carla\Desktop\prod_10560.html
2016-03-05 18:42 - 2016-03-29 17:54 - 00000000 ____D C:\Users\Carla\Desktop\Pirates
2016-03-05 18:41 - 2016-03-05 18:42 - 00000000 ____D C:\Users\Carla\Desktop\Pets
2016-03-04 17:19 - 2016-03-04 17:19 - 00434180 _____ C:\Users\Carla\Desktop\Travel Channel - Travel Shows, Inspiration, and Expert Advice.html
2016-03-04 17:19 - 2016-03-04 17:19 - 00000000 ____D C:\Users\Carla\Desktop\Travel Channel - Travel Shows, Inspiration, and Expert Advice_files
2016-03-02 16:42 - 2016-03-02 16:42 - 00034854 _____ C:\Users\Carla\Downloads\Krakens-Revenge-Roster.xlsx
2016-03-02 16:42 - 2016-03-02 16:42 - 00034854 _____ C:\Users\Carla\Downloads\Krakens-Revenge-Roster (1).xlsx
2016-03-02 15:48 - 2016-03-02 15:48 - 00154690 _____ C:\Users\Carla\Desktop\Custom Family Cookbooks - Family Cookbook Project _ Groupon.html
2016-03-02 15:48 - 2016-03-02 15:48 - 00000000 ____D C:\Users\Carla\Desktop\Custom Family Cookbooks - Family Cookbook Project _ Groupon_files
2016-03-02 15:44 - 2016-03-05 18:59 - 00000000 ____D C:\Users\Carla\Desktop\Family Cookbook Project - Sample Cookbook and Options_files
2016-03-02 15:44 - 2016-03-02 15:44 - 00017258 _____ C:\Users\Carla\Desktop\Family Cookbook Project - Sample Cookbook and Options.html
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-01 11:35 - 2015-12-22 19:09 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-01 10:59 - 2015-08-22 20:51 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A142E756-7590-47F4-A2F8-EE7B093FEBC9}
2016-04-01 10:58 - 2015-09-02 18:00 - 00000000 ____D C:\Users\Carla\AppData\Local\Spotify
2016-04-01 10:58 - 2015-08-22 20:53 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-01 10:58 - 2015-08-22 20:41 - 00000093 _____ C:\Users\Carla\AppData\Roaming\sp_data.sys
2016-04-01 10:57 - 2015-09-02 17:58 - 00000000 ____D C:\Users\Carla\AppData\Roaming\Spotify
2016-04-01 10:56 - 2015-08-23 02:51 - 00000000 __SHD C:\Users\Carla\IntelGraphicsProfiles
2016-04-01 02:45 - 2015-08-22 20:53 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-01 02:28 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-01 02:28 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-31 19:50 - 2015-10-30 00:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-31 19:46 - 2014-09-27 15:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-03-31 16:52 - 2015-08-22 21:35 - 00000000 ____D C:\Users\Carla\AppData\Roaming\uTorrent
2016-03-31 13:26 - 2015-08-22 20:48 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-03-31 13:26 - 2015-08-22 20:48 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-03-31 01:19 - 2016-02-04 22:12 - 00000000 ____D C:\Users\Carla\Documents\Outlook Files
2016-03-30 16:36 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-30 16:36 - 2015-08-23 02:37 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-30 13:48 - 2015-08-22 20:54 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-30 01:25 - 2015-12-17 00:41 - 00000000 ____D C:\Users\Carla
2016-03-30 01:02 - 2015-12-17 01:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-29 16:59 - 2015-08-22 21:33 - 00000000 ____D C:\Users\Carla\AppData\Local\calibre-cache
2016-03-29 16:58 - 2015-08-22 21:31 - 00000000 ____D C:\Users\Carla\AppData\Roaming\calibre
2016-03-28 14:34 - 2015-10-29 23:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-27 16:47 - 2016-02-21 20:46 - 00000648 _____ C:\Users\Carla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uploaded.lnk
2016-03-27 16:47 - 2015-12-17 00:53 - 00001564 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-27 16:47 - 2015-12-17 00:38 - 00001283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2016-03-27 16:47 - 2015-11-19 14:29 - 00002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-03-27 16:47 - 2015-11-19 14:29 - 00002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-03-27 16:47 - 2015-11-19 14:29 - 00002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-03-27 16:47 - 2015-11-19 14:29 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-03-27 16:47 - 2015-11-19 14:29 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-03-27 16:47 - 2015-11-19 14:29 - 00002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-03-27 16:47 - 2015-11-19 14:29 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-03-27 16:47 - 2015-09-25 18:48 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-27 16:47 - 2015-09-02 18:00 - 00001902 _____ C:\Users\Carla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-03-27 16:47 - 2015-08-23 17:55 - 00001154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2016-03-27 16:47 - 2015-08-23 17:54 - 00001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2016-03-27 16:47 - 2015-08-23 17:53 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2016-03-27 16:47 - 2015-08-23 17:53 - 00001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-03-27 16:47 - 2015-08-23 17:49 - 00001586 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-03-27 16:47 - 2015-08-23 17:49 - 00001416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2016-03-27 16:47 - 2015-08-23 03:02 - 00002407 _____ C:\Users\Carla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-27 16:47 - 2014-09-27 15:55 - 00002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk
2016-03-27 16:46 - 2015-11-03 19:48 - 00001017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Family Tree Maker 2014.lnk
2016-03-27 16:46 - 2015-08-22 21:37 - 00000885 _____ C:\Users\Carla\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-03-27 14:05 - 2015-10-30 00:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-03-27 12:21 - 2015-12-23 02:11 - 00000000 ____D C:\Users\Carla\.oracle_jre_usage
2016-03-27 12:21 - 2015-12-23 02:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-27 12:20 - 2015-12-23 02:10 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-03-27 12:20 - 2015-12-23 02:09 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-22 21:01 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-20 13:54 - 2015-12-01 21:57 - 00000000 ____D C:\AdwCleaner
2016-03-18 22:40 - 2015-08-23 17:43 - 00000000 ____D C:\Users\Carla\AppData\Local\Adobe
2016-03-18 22:33 - 2015-12-22 19:09 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-03-10 19:24 - 2015-08-23 22:36 - 00000000 ____D C:\Users\Carla\Desktop\GEP
2016-03-10 18:02 - 2015-08-23 03:02 - 00000000 ___RD C:\Users\Carla\OneDrive
2016-03-10 02:30 - 2015-12-17 00:32 - 00000000 ___DC C:\WINDOWS\Panther
2016-03-10 02:24 - 2015-12-17 06:13 - 00002864 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-03-09 19:22 - 2015-08-23 10:44 - 00000000 ____D C:\Program Files (x86)\Quicken
2016-03-09 19:10 - 2015-08-23 10:44 - 00000126 _____ C:\WINDOWS\QUICKEN.INI
2016-03-09 19:03 - 2015-11-21 19:34 - 00000000 ____D C:\Users\Carla\AppData\Roaming\Apple Computer
2016-03-09 18:49 - 2015-12-17 00:33 - 04961896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-09 18:46 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-09 18:46 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-09 18:46 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-09 18:46 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 15:25 - 2015-08-23 10:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 15:16 - 2015-08-23 10:38 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-08 00:12 - 2015-10-30 00:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 00:12 - 2015-10-30 00:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 18:45 - 2015-12-23 02:10 - 00000000 ____D C:\ProgramData\Oracle
2016-03-05 18:58 - 2015-09-17 17:15 - 00000000 ____D C:\Users\Carla\Desktop\Sewing and Crafts
2016-03-03 23:48 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-02 19:20 - 2015-08-23 11:22 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-02 19:01 - 2015-10-30 02:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-02 19:01 - 2015-10-30 00:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-02 19:01 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-02 19:01 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-02 19:01 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-02 19:01 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-02 19:01 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-02 19:01 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-02 19:01 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\system32\Dism
==================== Files in the root of some directories =======
2015-09-25 18:43 - 2015-09-25 18:43 - 0000132 _____ () C:\Users\Carla\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2015-08-22 20:41 - 2016-04-01 10:58 - 0000093 _____ () C:\Users\Carla\AppData\Roaming\sp_data.sys
2015-08-22 21:10 - 2015-08-22 21:10 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-12-17 00:37 - 2015-12-17 00:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-09-27 15:54 - 2012-09-07 04:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-09-27 15:54 - 2009-07-22 03:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-09-27 15:54 - 2012-09-07 04:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Carla\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-28 14:46
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Carla (2016-04-01 11:43:24)
Running from C:\Users\Carla\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-17 08:12:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4253610457-426110753-930474911-500 - Administrator - Disabled)
Carla (S-1-5-21-4253610457-426110753-930474911-1001 - Administrator - Enabled) => C:\Users\Carla
DefaultAccount (S-1-5-21-4253610457-426110753-930474911-503 - Limited - Disabled)
Guest (S-1-5-21-4253610457-426110753-930474911-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4253610457-426110753-930474911-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4253610457-426110753-930474911-1001\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BCL easyConverter SDK 3 (Word Version) 64 (HKLM\...\{350CC85B-CA59-4F85-909D-8E4CDBF532FA}) (Version: 3.0.64 - BCL Technologies)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
calibre (HKLM-x32\...\{EEFFE01E-F594-42EE-815D-50B8A17985B7}) (Version: 2.49.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
Family Tree Maker 2014 (HKLM-x32\...\Family Tree Maker 2014) (Version: 22.0.207 - Ancestry.com, Inc.)
Family Tree Maker 2014 (Version: 22.0.207 - Ancestry.com, Inc.) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Free 3GPP to MP3 Converter (HKU\S-1-5-21-4253610457-426110753-930474911-1001\...\Free 3GPP to MP3 Converter) (Version: 1.0 - Conversion Helper)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HandBrake 0.9.8 (HKLM-x32\...\HandBrake) (Version: 0.9.8 - )
HP ENVY 4500 series Basic Device Software (HKLM\...\{6915424E-704F-4F5D-9057-9C7B406B36DB}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
InPixio Photo Clip Demo (HKU\S-1-5-21-4253610457-426110753-930474911-1001\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 6.00 - Avanquest)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
MasterCook 15 (HKLM-x32\...\{1E492158-401F-434B-957B-477D6B5A46AA}) (Version: 15.00.21 - Valusoft Cosmi)
Maxx Audio Installer (x64) (Version: 2.6.6168.8 - Waves Audio Ltd.) Hidden
Metro Color Match (HKLM-x32\...\Metro Color Match) (Version: 1.0 - fastrac software)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6741.2021 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PE-DESIGN NEXT (HKLM-x32\...\{041EDAC5-853E-4A10-A0C8-ED0CF7769306}) (Version: 9.13.0000 - Brother Industries, Ltd.)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Product Improvement Study for HP ENVY 4500 series (HKLM\...\{58139103-BACF-4BDC-B71C-955F9164ADA6}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Quicken 2015 (HKLM-x32\...\{00C2D443-43D9-4550-ABEA-318288E23E57}) (Version: 24.1.10.4 - Intuit)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.44 (x32 Version: 1.48.2066.44 - Avast Software) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-4253610457-426110753-930474911-1001\...\Spotify) (Version: 1.0.25.127.g58007b4c - Spotify AB)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WD My Cloud (HKLM\...\{3082756C-2147-411F-AE6A-9DCEF0121903}) (Version: 1.0.7.5 - Western Digital Technologies, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.4.537 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4253610457-426110753-930474911-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Carla\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4253610457-426110753-930474911-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0116E835-773A-408F-9882-3DD2440163E7} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-11-21] ()
Task: {03291C7C-D9B1-4BA8-B4DE-C6D743DEEBFC} - System32\Tasks\{9C3F1DCD-AAEC-475A-844C-7A5166623C98} => pcalua.exe -a C:\Users\Carla\AppData\Roaming\InetStat\inetstat.exe -c /uninstall
Task: {1A414855-F452-4838-AEC6-500CFB3CC68A} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {2915E4AE-2BC5-46B5-9207-53FA7E693E1C} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24] (Realtek Semiconductor)
Task: {38B6F9F5-3307-4609-90C9-16A173BC0097} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {4F5796B0-AC13-49E0-8DE6-43C90F1BE9CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-22] (Google Inc.)
Task: {4F865524-AE71-4BC7-BFF1-7A87AFD5A8F3} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {5C990402-77B5-401D-A65B-28CCC1686D74} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {613C689F-D1E2-451B-84E9-D9AC714061B7} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {620670C3-0A84-47C9-80D3-012608E97CD0} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {6A16C7F9-2377-492A-B717-F56902CB1E32} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {6CCD7445-B1ED-468B-AC34-BD9F67C93976} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {73C4F45D-1E30-44EC-B93A-96EF6B46A1E1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7D3AA2E5-DE44-4464-BEEB-318A1BAF6056} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24] (Realtek Semiconductor)
Task: {7EBA0C5E-48F1-4524-87C7-68CAAC30F193} - \Rest Comp -> No File <==== ATTENTION
Task: {9B38E1CF-CF77-4385-9AF2-20A165C62C02} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-23] (Adobe Systems Incorporated)
Task: {A1803640-2246-4511-A090-AC4EDF6085F1} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
Task: {A80E562D-F8F6-485A-B449-01A6445ABFB3} - System32\Tasks\SafeZone scheduled Autoupdate 1459196909 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-02-01] (Avast Software)
Task: {AA02914B-9928-4011-83D4-8E620B50EE37} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-20] (Microsoft Corporation)
Task: {B1A57871-CFB0-4936-81F7-92FC9F183F68} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
Task: {B3DB3B30-7789-41CA-853B-EC67F06D3A6A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {BE3EA5BD-DDB6-496F-ACCA-5515E556BFD9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {C210A379-E36E-4191-BDD2-F0CCB1482EAE} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-06-01] (McAfee, Inc.)
Task: {C5F5B12D-59B8-4AEA-B00D-1B97A1FB7108} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {C64B6140-07FD-43AB-B6D9-8E9F67835930} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-22] (Google Inc.)
Task: {C9E40B9B-7F33-431B-A457-AB0C7C815B58} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D08D593F-57CC-4701-BAE6-830419190CC3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-27] (AVAST Software)
Task: {D91D22E4-9316-4025-8328-488AF10DC969} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-20] (Microsoft Corporation)
Task: {ED52439F-F0EF-4FE3-B284-E1C3A91F1126} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-03-31] (Microsoft Corporation)
Task: {EE08B05C-F8D4-49D8-B178-65C9CA8EF01E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {EE858591-D700-41CE-9582-6EE89D729D09} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {FEC08F17-45E2-417C-8A1D-D53AD41FE30E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-11-08 12:53 - 2016-03-20 13:10 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-10-30 00:18 - 2015-10-30 00:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-01 16:58 - 2016-02-23 04:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 16:58 - 2016-02-23 04:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-03-14 15:37 - 2016-03-31 19:43 - 08919240 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2015-12-17 13:40 - 2015-12-06 21:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-01 16:57 - 2016-02-23 01:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 18:08 - 2016-01-04 18:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 18:08 - 2016-01-04 18:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 23:31 - 2016-01-15 22:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 23:31 - 2016-01-15 22:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-21 20:29 - 2016-01-21 20:29 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-27 11:47 - 2016-03-27 11:47 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-03-27 11:47 - 2016-03-27 11:47 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-29 14:06 - 2016-03-29 14:06 - 02846208 _____ () C:\Program Files\AVAST Software\Avast\defs\16032901\algo.dll
2016-03-27 11:47 - 2016-03-27 11:47 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-03-31 16:37 - 2016-03-31 16:37 - 02846208 _____ () C:\Program Files\AVAST Software\Avast\defs\16033102\algo.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2016-03-27 11:47 - 2016-03-27 11:47 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-01-21 20:29 - 2016-01-21 20:29 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-21 20:29 - 2016-01-21 20:29 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-03-30 13:48 - 2016-03-27 00:58 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\libglesv2.dll
2016-03-30 13:48 - 2016-03-27 00:58 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\libegl.dll
2016-03-30 13:48 - 2016-03-27 00:58 - 17545880 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 06:25 - 2016-04-01 10:58 - 00000832 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4253610457-426110753-930474911-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{27117297-3F1F-4C81-A53D-A936D2CF82B1}D:\neverwinter_en\neverwinter\live\gameclient.exe] => (Block) D:\neverwinter_en\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{A075FFFF-2269-46DC-AFCE-90D9546C01BA}D:\neverwinter_en\neverwinter\live\gameclient.exe] => (Block) D:\neverwinter_en\neverwinter\live\gameclient.exe
FirewallRules: [{E52061D9-3CB0-49B1-A2AA-086EB542E5E8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{16E0995A-756C-4562-BC0F-3E6835FFCEF7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E8E0489C-B801-4504-94FE-4783A7C1FD9B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{82F59DDD-6A4E-4343-932A-41607F4B55AB}C:\users\carla\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\carla\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{FB61823D-A41B-4F6B-8CE5-62CCD7431C55}C:\users\carla\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\carla\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E633D1A8-DA9C-4599-91D3-23D49253A14B}C:\users\carla\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\carla\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4E00F816-AB92-4BCC-AC8C-EE757CE7CC92}C:\users\carla\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\carla\appdata\roaming\spotify\spotify.exe
FirewallRules: [{05C5E708-E17F-4161-BE3B-BDA6FA7F9663}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8326F87D-E069-410C-9E32-2D2E7B3B4B8B}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{4E54DE8A-D473-44FA-BCCC-AD302CFAEC0E}] => (Allow) LPort=5357
FirewallRules: [{E9E33335-EAC3-40F5-B092-6563DC8680DB}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3D126412-69B2-4A64-97F4-D6307F1F0916}] => (Allow) C:\Users\Carla\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1EAC72DF-BABF-4DC8-845C-CF509B81B9ED}] => (Allow) C:\Users\Carla\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{82A55DE4-E150-48F6-A8A5-CF0CA750527B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{FFB506CD-5295-4744-A234-B19F07F56E5F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
10-03-2016 22:43:26 Installed calibre
17-03-2016 23:39:48 Scheduled Checkpoint
22-03-2016 21:00:12 Windows Update
31-03-2016 19:56:09 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/01/2016 01:58:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1843
Error: (04/01/2016 01:58:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1843
Error: (04/01/2016 01:58:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/01/2016 01:28:33 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (04/01/2016 12:04:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10407
Error: (04/01/2016 12:04:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10407
Error: (04/01/2016 12:04:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/01/2016 12:04:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7844
Error: (04/01/2016 12:04:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7844
Error: (04/01/2016 12:04:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (04/01/2016 03:36:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The GamesAppIntegrationService service terminated unexpectedly. It has done this 1 time(s).
Error: (04/01/2016 03:36:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_228b3ea service to connect.
Error: (04/01/2016 03:36:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_228b3ea service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (04/01/2016 03:36:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (04/01/2016 01:58:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (04/01/2016 12:03:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (03/31/2016 10:26:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (03/31/2016 07:59:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (03/31/2016 07:52:52 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}
Error: (03/31/2016 04:52:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_1f6abf service to connect.
CodeIntegrity:
===================================
Date: 2016-03-31 19:48:21.090
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-24 17:35:50.072
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-24 17:35:49.988
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-24 17:13:12.826
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-24 17:13:12.787
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-24 14:20:39.198
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-24 14:20:39.175
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-24 14:20:39.123
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-24 14:20:39.099
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-24 14:20:38.381
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Celeron® CPU N2840 @ 2.16GHz
Percentage of memory in use: 52%
Total physical RAM: 3982.68 MB
Available physical RAM: 1907.86 MB
Total Virtual: 6344.37 MB
Available Virtual: 3944.68 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:81.01 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.34 GB) (Free:43.12 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 543DAE44)
Partition: GPT.
==================== End of Addition.txt ============================