I have a laptop Asus K550J. I'm not exactly sure what is going on, the symptoms are small they almost seem like things are my imagination but wanted to make sure i was safe than sorry. Slowness has started in and I constantly get abode flash player crash warning, twice on one page if the page i have open has a flash video on it, google video's work and play without any such warnings, i have had other such notifications for other programs on my computer but rare and don't even know why they came up, similar box and close program or keep program running option. However i cannot recall what it was specifically. So I am hoping it is nothing, I do my best to keep everything up to date, even flash player. So I'm concerned about whats going on.
November 14th 2016 update:
downloaded files are mysteriously disappearing randomly. Who knows about other files i do not access as frequently.
Here is farbar scan, also it is the first time when using this tool my computer has blocked it, but allowed me to override and run it anyway.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by Owner (administrator) on ASUS (12-11-2016 12:09:18)Running from C:\Users\Owner\DesktopLoaded Profiles: Owner (Available Profiles: Owner)Platform: Windows 8.1 (Update) (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: FF)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(Intel Corporation) C:\Windows\System32\igfxCUIService.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe(Scarlet.Crush Productions) C:\Users\Owner\Desktop\ScpServer\bin\ScpService.exe(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe(Red Software) C:\Program Files\PDFescape Desktop\creator-ws.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe(Intel Corporation) C:\Windows\System32\igfxHK.exe(Intel Corporation) C:\Windows\System32\igfxTray.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Intel Corporation) C:\Windows\System32\igfxEM.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe(ESET spol. s r.o.) C:\Users\Owner\Downloads\esetonlinescanner_enu.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSPanel.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera_crashreporter.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe==================== Registry (Whitelisted) ====================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [915160 2014-05-12] (Conexant Systems, Inc.)HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-09] (Conexant Systems, Inc.)HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe [63272 2014-12-04] ()HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2651088 2016-10-28] (Malwarebytes Corporation)HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [623880 2008-11-18] (Intuit Inc. All rights reserved.)HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exeHKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)HKLM Group Policy restriction on software: C:\Users\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.docx*.com <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.wav*.js <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: C:\Users\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.wma*.com <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.avi*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.divx*.js <====== ATTENTIONHKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.txt*.js <====== ATTENTIONHKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTIONHKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.rar*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTIONHKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.zip*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTIONHKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.png*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\*.js <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.7z*.js <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTIONHKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.png*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.doc*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.7z*.com <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.pub*.com <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTIONHKLM Group Policy restriction on software: ** <====== ATTENTIONHKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.gif*.js <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.png*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTIONHKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTIONHKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.doc*.js <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.wma*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.gif*.com <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.avi*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.txt*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTIONHKLM Group Policy restriction on software: cipher.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.rar*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.zip*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.wav*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.xls*.com <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: syskey.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTIONHKLM Group Policy restriction on software: C:\Users\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTIONHKLM Group Policy restriction on software: C:\Users\*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.png*.com <====== ATTENTIONHKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTIONHKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.png*.scr <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.png*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.docx*.js <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTIONHKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.pub*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTIONHKLM Group Policy restriction on software: *.xls*.js <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: *.png*.js <====== ATTENTIONHKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <====== ATTENTIONHKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTIONHKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTIONHKLM Group Policy restriction on software: *.divx*.com <====== ATTENTIONHKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTIONHKLM Group Policy restriction on software: %programdata%\setstretch.exe <====== ATTENTIONHKLM Group Policy restriction on software: %userprofile%\setstretch.exe <====== ATTENTIONHKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm®Atheros®)HKU\S-1-5-21-1526803253-2289046572-84949769-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074128 2016-03-10] (Valve Corporation)HKU\S-1-5-21-1526803253-2289046572-84949769-1001\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [5716560 2016-03-16] (FreeDownloadManager.ORG)ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Owner\AppData\Local\MEGAsync\ShellExtX64.dll [2016-09-09] ()ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Owner\AppData\Local\MEGAsync\ShellExtX64.dll [2016-09-09] ()ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Owner\AppData\Local\MEGAsync\ShellExtX64.dll [2016-09-09] ()ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Owner\AppData\Local\MEGAsync\ShellExtX32.dll [2016-09-09] ()ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Owner\AppData\Local\MEGAsync\ShellExtX32.dll [2016-09-09] ()ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Owner\AppData\Local\MEGAsync\ShellExtX32.dll [2016-09-09] ()Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-04-28]ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2016-03-06]ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Canada ULC.)Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-04-13]ShortcutTarget: MEGAsync.lnk -> C:\Users\Owner\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{80F47847-F11C-4D35-8FA6-66F7AAB1988F}: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{E859C63C-E16C-4A11-9100-68B1267227CC}: [DhcpNameServer] 209.222.18.222 209.222.18.218Tcpip\..\Interfaces\{EDF205E8-2C6C-4BF6-BF85-E7B908B9F746}: [DhcpNameServer] 192.168.1.1Internet Explorer:==================HKU\S-1-5-21-1526803253-2289046572-84949769-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJBHKU\S-1-5-21-1526803253-2289046572-84949769-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJBSearchScopes: HKU\S-1-5-21-1526803253-2289046572-84949769-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKU\S-1-5-21-1526803253-2289046572-84949769-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-12-23] (IObit)BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-20] (Oracle Corporation)BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-10-28] (FreeDownloadManager.ORG)BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-20] (Oracle Corporation)BHO-x32: PDFescape Desktop Helper -> {E5F815EE-1391-4A6C-A0DD-488E9A6EC0F2} -> C:\Program Files (x86)\PDFescape Desktop\creator-ie-helper.dll [2016-08-16] (Red Software)Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)Toolbar: HKLM-x32 - PDFescape Desktop Toolbar - {BB94CCC5-F838-412D-9760-28A307E376B5} - C:\Program Files (x86)\PDFescape Desktop\creator-ie-plugin.dll [2016-08-16] (Red Software)Handler-x32: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll [2011-01-17] (Intuit, Inc.)Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)FireFox:========FF DefaultProfile: d6e01y3q.defaultFF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\d6e01y3q.default [2016-11-12]FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\d6e01y3q.default -> GoogleFF Extension: (Ad-Aware Ad Block) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\d6e01y3q.default\Extensions\[email protected] [2016-11-03]FF Extension: (Flash Video Downloader - YouTube HD Download [4K]) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\d6e01y3q.default\Extensions\[email protected] [2016-11-12]FF Extension: (MEGA) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\d6e01y3q.default\Extensions\[email protected] [2016-11-11]FF Extension: (Download Ninja - Free Download Manager) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\d6e01y3q.default\Extensions\[email protected] [2016-04-27]FF Extension: (Zoom Page) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\d6e01y3q.default\Extensions\[email protected] [2016-11-07]FF Extension: (Video DownloadHelper) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\d6e01y3q.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-10]FF Extension: (Adblock Plus) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\d6e01y3q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-28]FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDFescape Desktop\resources\pdfescapedesktopfirefoxextensionFF Extension: (PDFescape Desktop Creator) - C:\Program Files\PDFescape Desktop\resources\pdfescapedesktopfirefoxextension [2016-10-24] [not signed]FF HKU\S-1-5-21-1526803253-2289046572-84949769-1001\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.13FF Extension: (Free Download Manager extension) - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.13 [2016-10-06]FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-28] ()FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-28] ()FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-20] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-20] (Oracle Corporation)FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)FF Plugin-x32: PDFescape Desktop -> C:\Program Files (x86)\PDFescape Desktop\np-previewer.dll [2016-08-16] (Red Software)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)Opera:=======OPR Extension: (Adguard AdBlocker) - C:\Users\Owner\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2016-11-05]OPR Extension: (360 Internet Protection) - C:\Users\Owner\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnpeghmjdfdmneiljeibjnemfdkojdhl [2016-11-05]OPR Extension: (Internet Download Accelerator) - C:\Users\Owner\AppData\Roaming\Opera Software\Opera Stable\Extensions\faehphipoljdginnjklhakadmiaehgod [2016-03-08]OPR Extension: (Download Ninja) - C:\Users\Owner\AppData\Roaming\Opera Software\Opera Stable\Extensions\fdknghpepmbcddjgcadpjijlchgojipm [2016-04-08]OPR Extension: (Youtube to MP3 Converter) - C:\Users\Owner\AppData\Roaming\Opera Software\Opera Stable\Extensions\lemijcdigjkjafpnjaepmpmhmladcfdh [2016-03-17]==================== Services (Whitelisted) ====================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe [71168 2014-12-04] (ASUS Cloud Corporation) [File not signed]R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows ® Win 7 DDK provider) [File not signed]R2 Ds3Service; C:\Users\Owner\Desktop\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [File not signed]S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-08-03] (Freemake) [File not signed]R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-17] (Intel Corporation)R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2940704 2015-12-23] (IObit)R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [155088 2016-10-28] (Malwarebytes Corporation)R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [457272 2016-09-29] (NVIDIA Corporation)S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [457272 2016-09-29] (NVIDIA Corporation)R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-09-29] (NVIDIA Corporation)S3 PDFescape Desktop; C:\Program Files\PDFescape Desktop\ws.exe [2142184 2016-08-16] (Red Software)S3 PDFescape Desktop CrashHandler; C:\Program Files\PDFescape Desktop\crash-handler-ws.exe [926184 2016-08-16] (Red Software)R2 PDFescape Desktop Creator; C:\Program Files\PDFescape Desktop\creator-ws.exe [733672 2016-08-16] (Red Software)R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [24576 2011-01-17] (Intuit) [File not signed]S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2008-11-18] (Intuit Inc.) [File not signed]R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [254232 2016-09-09] (RaMMicHaeL)S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation)R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]===================== Drivers (Whitelisted) ======================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-09-19] (ASUS Corporation)R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [77416 2016-10-28] ()R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-09-29] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47672 2016-09-29] (NVIDIA Corporation)R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows ® Win 7 DDK provider)R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [827096 2015-03-12] (Realsil Semiconductor Corporation)R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)U0 msahci; system32\drivers\msahci.sys [X]==================== NetSvcs (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== One Month Created files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2016-11-12 12:09 - 2016-11-12 12:09 - 00056618 _____ C:\Users\Owner\Desktop\FRST.txt2016-11-12 12:08 - 2016-11-12 12:08 - 02411520 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe2016-11-12 10:24 - 2016-11-12 10:24 - 03910208 _____ C:\Users\Owner\Downloads\adwcleaner_6.030(1).exe2016-11-12 10:23 - 2016-11-12 10:23 - 06761600 _____ (ESET spol. s r.o.) C:\Users\Owner\Downloads\esetonlinescanner_enu.exe2016-11-11 17:10 - 2016-11-11 17:10 - 00000000 ____D C:\Users\Owner\Desktop\Kitty2016-11-07 19:25 - 2016-11-07 19:25 - 03910208 _____ C:\Users\Owner\Downloads\adwcleaner_6.030.exe2016-11-07 17:25 - 2016-11-07 17:25 - 00000000 ____D C:\Users\Owner\AppData\Local\ESET2016-11-07 17:24 - 2016-11-07 17:25 - 06761600 _____ (ESET spol. s r.o.) C:\Users\Owner\Desktop\esetonlinescanner_enu.exe2016-11-05 19:22 - 2016-11-05 19:22 - 00002259 _____ C:\Windows\epplauncher.mif2016-11-05 19:18 - 2016-11-05 19:20 - 14324408 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\MSEInstall.exe2016-11-05 15:37 - 2016-11-05 15:37 - 00016604 _____ C:\Users\Owner\Desktop\BirthCertificate-AC334Q3W9UP.pdf2016-11-03 10:27 - 2016-10-25 14:39 - 40123840 _____ C:\Windows\system32\nvcompiler.dll2016-11-03 10:27 - 2016-10-25 14:39 - 35224632 _____ C:\Windows\SysWOW64\nvcompiler.dll2016-11-03 10:27 - 2016-10-25 14:39 - 34701760 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2016-11-03 10:27 - 2016-10-25 14:39 - 28138552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2016-11-03 10:27 - 2016-10-25 14:39 - 19925152 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2016-11-03 10:27 - 2016-10-25 14:39 - 17429080 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2016-11-03 10:27 - 2016-10-25 14:39 - 17348752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2016-11-03 10:27 - 2016-10-25 14:39 - 14397272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2016-11-03 10:27 - 2016-10-25 14:39 - 14033976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2016-11-03 10:27 - 2016-10-25 14:39 - 10912232 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll2016-11-03 10:27 - 2016-10-25 14:39 - 10773504 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2016-11-03 10:27 - 2016-10-25 14:39 - 10324400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2016-11-03 10:27 - 2016-10-25 14:39 - 09113296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2016-11-03 10:27 - 2016-10-25 14:39 - 08913512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll2016-11-03 10:27 - 2016-10-25 14:39 - 08716056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2016-11-03 10:27 - 2016-10-25 14:39 - 03628992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2016-11-03 10:27 - 2016-10-25 14:39 - 03193912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2016-11-03 10:27 - 2016-10-25 14:39 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437570.dll2016-11-03 10:27 - 2016-10-25 14:39 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437570.dll2016-11-03 10:27 - 2016-10-25 14:39 - 01037248 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2016-11-03 10:27 - 2016-10-25 14:39 - 00974272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2016-11-03 10:27 - 2016-10-25 14:39 - 00945208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2016-11-03 10:27 - 2016-10-25 14:39 - 00897080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2016-11-03 10:27 - 2016-10-25 14:39 - 00683640 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll2016-11-03 10:27 - 2016-10-25 14:39 - 00572888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll2016-11-03 10:27 - 2016-10-25 14:39 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll2016-11-03 10:27 - 2016-10-25 14:39 - 00439864 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll2016-11-03 10:27 - 2016-10-25 14:39 - 00436088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll2016-11-03 10:27 - 2016-10-25 14:39 - 00388544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll2016-11-03 10:27 - 2016-10-25 14:39 - 00170688 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2016-11-03 10:27 - 2016-10-25 14:39 - 00148200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2016-10-28 08:42 - 2016-10-28 08:42 - 00366729 _____ C:\Users\Owner\Desktop\PurEcosheet Reusable Dryer Sheets.pdf2016-10-27 10:09 - 2016-10-27 10:09 - 02393925 _____ C:\Users\Owner\Downloads\Meditation Essentials 10 Bliss.pdf2016-10-24 10:11 - 2016-10-24 10:11 - 00193908 _____ C:\Users\Owner\Desktop\2015 Full Portfolio Resume1.pdf2016-10-24 10:04 - 2016-10-24 10:08 - 00000000 ____D C:\Users\Owner\AppData\Roaming\PDFescape Desktop2016-10-24 10:04 - 2016-10-24 10:04 - 00000807 _____ C:\Users\Public\Desktop\PDFescape Desktop.lnk2016-10-24 10:03 - 2016-10-24 10:08 - 00000000 ____D C:\Program Files\PDFescape Desktop2016-10-24 10:03 - 2016-10-24 10:04 - 00000000 ____D C:\Program Files (x86)\PDFescape Desktop2016-10-24 10:03 - 2016-10-24 10:03 - 00000000 ____D C:\Users\Owner\Documents\PDFescape Desktop2016-10-24 10:03 - 2016-10-24 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFescape Desktop2016-10-24 10:01 - 2016-10-24 10:01 - 00000000 ____D C:\ProgramData\PDFescape Desktop2016-10-24 10:00 - 2016-10-24 10:01 - 06010144 _____ (© RedSoftware) C:\Users\Owner\Downloads\PDFescape_Desktop_Installer.exe2016-10-24 09:44 - 2016-06-24 12:58 - 00196248 _____ C:\Users\Owner\Desktop\2015 Full Portfolio Resume.pdf2016-10-23 13:35 - 2016-10-23 13:35 - 06191126 _____ C:\Users\Owner\Downloads\Pure-Dhamma-11-September-2016.pdf2016-10-21 20:10 - 2016-10-25 14:39 - 03933968 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2016-10-21 20:10 - 2016-10-18 14:23 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437557.dll2016-10-21 20:10 - 2016-10-18 14:23 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437557.dll2016-10-21 20:10 - 2016-10-18 14:23 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json2016-10-21 20:10 - 2016-10-18 14:23 - 00000669 _____ C:\Windows\system32\nv-vk64.json2016-10-20 19:02 - 2016-09-09 11:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll2016-10-20 19:02 - 2016-09-09 11:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll2016-10-20 19:02 - 2016-09-09 11:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe2016-10-20 19:02 - 2016-09-09 11:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe2016-10-20 19:01 - 2016-10-20 19:01 - 00001184 _____ C:\Users\Public\Desktop\Intel® Driver Update Utility 2.6.lnk2016-10-20 19:01 - 2016-10-20 19:01 - 00000000 ____D C:\Users\Owner\AppData\Local\Intel2016-10-20 19:01 - 2016-10-20 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility2016-10-20 19:00 - 2016-10-20 19:04 - 00003038 _____ C:\Windows\System32\Tasks\USER_ESRV_SVC_WILLAMETTE2016-10-20 19:00 - 2016-10-20 19:00 - 00000000 ____D C:\Windows\System32\Tasks\Intel2016-10-20 19:00 - 2016-10-20 19:00 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility2016-10-20 19:00 - 2016-10-01 14:15 - 01935808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437306.dll2016-10-20 19:00 - 2016-10-01 14:15 - 01585088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437306.dll2016-10-20 19:00 - 2015-06-04 12:33 - 00021984 _____ C:\Windows\system32\Drivers\semav6msr64.sys2016-10-20 18:59 - 2016-10-20 19:00 - 07491840 _____ (Intel) C:\Users\Owner\Downloads\Intel Driver Update Utility Installer.exe2016-10-20 18:31 - 2016-10-25 13:13 - 00001951 _____ C:\Windows\NvContainerRecovery.bat2016-10-20 18:31 - 2016-10-20 18:31 - 00003824 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2016-10-20 18:31 - 2016-10-20 18:31 - 00003824 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2016-10-20 18:31 - 2016-10-20 18:31 - 00003774 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2016-10-20 18:31 - 2016-10-20 18:31 - 00003762 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2016-10-20 18:31 - 2016-10-20 18:31 - 00003586 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2016-10-20 18:31 - 2016-10-20 18:31 - 00003526 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2016-10-20 18:31 - 2016-10-20 18:31 - 00001430 _____ C:\Users\Public\Desktop\GeForce Experience.lnk2016-10-20 18:31 - 2016-10-20 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation2016-10-20 18:31 - 2016-09-29 21:22 - 01844280 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll2016-10-20 18:31 - 2016-09-29 21:22 - 01756728 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll2016-10-20 18:31 - 2016-09-29 21:22 - 01445944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll2016-10-20 18:31 - 2016-09-29 21:22 - 01318968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll2016-10-20 18:31 - 2016-09-29 21:22 - 00121912 _____ C:\Windows\system32\NvRtmpStreamer64.dll2016-10-20 18:31 - 2016-09-29 21:22 - 00106040 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll2016-10-20 18:31 - 2016-09-29 21:22 - 00095800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll2016-10-20 18:31 - 2016-09-29 21:22 - 00047672 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2016-10-20 18:26 - 2016-10-20 18:30 - 71063336 _____ (NVIDIA Corporation) C:\Users\Owner\Downloads\GeForce_Experience_v3.0.7.34.exe2016-10-20 18:20 - 2016-10-20 18:20 - 00737344 _____ (Oracle Corporation) C:\Users\Owner\Downloads\jxpiinstall.exe2016-10-20 18:09 - 2011-01-12 18:08 - 4173332480 _____ C:\Users\Owner\Desktop\Xenosaga - Episode I - Der Wille zur Macht DVD9 [NTSC - US].ISO2016-10-18 17:11 - 2016-10-18 17:11 - 02495775 _____ C:\Users\Owner\Downloads\Kabbalah of Genesis 21 Kabbalistic & Alchemical Bodies.pdf2016-10-18 12:37 - 2016-10-18 12:37 - 00000000 ____D C:\Users\Public\CyberLink2016-10-18 12:37 - 2016-10-18 12:37 - 00000000 ____D C:\Users\Owner\AppData\Local\CyberLink2016-10-18 12:37 - 2016-10-18 12:37 - 00000000 ____D C:\ProgramData\CyberLink2016-10-18 11:38 - 2016-09-09 15:52 - 00921944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys2016-10-18 11:38 - 2016-09-09 15:14 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys2016-10-18 11:38 - 2016-09-09 07:15 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll2016-10-18 11:38 - 2016-09-09 07:09 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll2016-10-18 11:38 - 2016-09-09 07:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll2016-10-18 11:38 - 2016-09-09 07:03 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll2016-10-18 11:38 - 2016-09-09 07:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll2016-10-18 11:38 - 2016-09-09 06:38 - 00446124 _____ C:\Windows\system32\ApnDatabase.xml2016-10-18 11:38 - 2016-09-03 11:20 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\iscsidsc.dll2016-10-18 11:38 - 2016-09-03 11:06 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll2016-10-18 11:38 - 2016-09-03 10:21 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsidsc.dll2016-10-18 11:38 - 2016-09-03 09:12 - 00512512 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv2016-10-18 11:38 - 2016-09-03 09:05 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll2016-10-18 11:38 - 2016-09-03 08:58 - 00397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv2016-10-18 11:38 - 2016-09-02 07:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll2016-10-18 11:38 - 2016-09-02 07:05 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll2016-10-18 11:38 - 2016-09-01 07:33 - 00377856 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll2016-10-18 11:38 - 2016-09-01 07:33 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll2016-10-18 11:38 - 2016-09-01 07:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll2016-10-18 11:38 - 2016-08-30 07:11 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll2016-10-18 11:38 - 2016-08-29 19:45 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll2016-10-18 11:38 - 2016-08-29 19:18 - 00871936 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll2016-10-18 11:38 - 2016-08-29 19:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll2016-10-18 11:38 - 2016-08-29 19:03 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll2016-10-18 11:38 - 2016-08-22 06:34 - 01628672 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll2016-10-18 08:44 - 2016-09-30 17:22 - 07444312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2016-10-18 08:44 - 2016-09-30 00:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2016-10-18 08:44 - 2016-09-29 23:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2016-10-18 08:44 - 2016-09-29 23:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2016-10-18 08:44 - 2016-09-29 23:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2016-10-18 08:44 - 2016-09-29 23:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2016-10-18 08:44 - 2016-09-29 22:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2016-10-18 08:44 - 2016-09-29 22:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2016-10-18 08:44 - 2016-09-29 22:41 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll2016-10-18 08:44 - 2016-09-29 22:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2016-10-18 08:44 - 2016-09-29 22:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2016-10-18 08:44 - 2016-09-29 22:33 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2016-10-18 08:44 - 2016-09-29 22:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2016-10-18 08:44 - 2016-09-29 22:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2016-10-18 08:44 - 2016-09-29 22:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2016-10-18 08:44 - 2016-09-29 22:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2016-10-18 08:44 - 2016-09-29 22:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2016-10-18 08:44 - 2016-09-29 22:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2016-10-18 08:44 - 2016-09-29 22:11 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll2016-10-18 08:44 - 2016-09-29 22:06 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2016-10-18 08:44 - 2016-09-29 22:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2016-10-18 08:44 - 2016-09-29 22:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2016-10-18 08:44 - 2016-09-29 22:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2016-10-18 08:44 - 2016-09-29 22:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2016-10-18 08:44 - 2016-09-29 21:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2016-10-18 08:44 - 2016-09-29 21:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2016-10-18 08:44 - 2016-09-29 21:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2016-10-18 08:44 - 2016-09-29 21:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2016-10-18 08:44 - 2016-09-17 11:16 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll2016-10-18 08:44 - 2016-09-17 10:53 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll2016-10-18 08:44 - 2016-09-17 10:21 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll2016-10-18 08:44 - 2016-09-17 10:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll2016-10-18 08:44 - 2016-09-17 10:02 - 01446400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2016-10-18 08:44 - 2016-09-13 18:53 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi2016-10-18 08:44 - 2016-09-13 18:53 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe2016-10-18 08:44 - 2016-09-13 18:53 - 01490112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi2016-10-18 08:44 - 2016-09-13 18:53 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe2016-10-18 08:44 - 2016-09-12 15:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll2016-10-18 08:44 - 2016-09-12 14:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll2016-10-18 08:44 - 2016-09-09 07:17 - 04170752 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2016-10-18 08:44 - 2016-09-08 13:41 - 00121176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys2016-10-18 08:44 - 2016-09-08 07:00 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys2016-10-18 08:44 - 2016-09-08 07:00 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys2016-10-18 08:44 - 2016-09-07 15:07 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll2016-10-18 08:44 - 2016-09-07 14:59 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll2016-10-18 08:44 - 2016-09-07 14:59 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll2016-10-18 08:44 - 2016-09-07 14:57 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll2016-10-18 08:44 - 2016-09-07 14:56 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll2016-10-18 08:44 - 2016-08-31 10:22 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll2016-10-18 08:44 - 2016-08-31 09:33 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll2016-10-16 12:27 - 2016-10-16 12:27 - 00001202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk2016-10-16 12:27 - 2016-10-16 12:27 - 00001190 _____ C:\Users\Public\Desktop\paint.net.lnk2016-10-16 12:27 - 2016-10-16 12:27 - 00000000 ____D C:\Program Files\paint.net2016-10-16 12:26 - 2016-10-16 12:28 - 00000000 ____D C:\Users\Owner\AppData\Local\paint.net2016-10-16 11:36 - 2016-10-16 11:36 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll2016-10-16 11:36 - 2016-10-16 11:36 - 00987848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll2016-10-16 11:36 - 2016-10-16 11:36 - 00690016 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll2016-10-16 11:36 - 2016-10-16 11:36 - 00484552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll2016-10-16 11:36 - 2016-10-16 11:36 - 00030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll2016-10-16 11:36 - 2016-10-16 11:36 - 00029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll2016-10-16 11:36 - 2016-10-16 11:36 - 00018600 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll2016-10-16 11:36 - 2016-10-16 11:36 - 00018592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll2016-10-14 15:43 - 2016-10-14 15:43 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Imploded Software2016-10-14 15:43 - 2016-10-14 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Helium Audio Splitter2016-10-14 15:43 - 2016-10-14 15:43 - 00000000 ____D C:\ProgramData\Imploded Software2016-10-14 15:43 - 2016-10-14 15:43 - 00000000 ____D C:\Program Files (x86)\Imploded Software==================== One Month Modified files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2016-11-12 12:09 - 2016-07-31 18:18 - 00000000 ____D C:\FRST2016-11-12 12:01 - 2016-09-10 11:24 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update12016-11-12 12:01 - 2016-09-10 11:24 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update22016-11-12 11:55 - 2016-07-19 11:43 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2016-11-12 10:48 - 2016-03-04 09:38 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1526803253-2289046572-84949769-10012016-11-12 10:46 - 2014-11-21 01:44 - 00865068 _____ C:\Windows\system32\PerfStringBackup.INI2016-11-12 10:46 - 2013-08-22 06:36 - 00000000 ____D C:\Windows\Inf2016-11-12 10:39 - 2016-03-04 09:38 - 00001539 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk2016-11-12 10:39 - 2016-03-04 09:36 - 00000093 _____ C:\Users\Owner\AppData\Roaming\sp_data.sys2016-11-12 10:38 - 2016-07-19 11:43 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2016-11-12 10:38 - 2016-03-06 16:35 - 00000000 __RDO C:\Users\Owner\OneDrive2016-11-12 10:38 - 2016-03-03 15:36 - 00000000 ____D C:\ProgramData\NVIDIA2016-11-12 10:36 - 2013-08-22 07:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT2016-11-12 10:35 - 2016-03-06 16:49 - 00000000 ____D C:\Users\Owner\AppData\Local\CrashDumps2016-11-12 10:35 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\NDF2016-11-12 10:35 - 2013-08-22 06:25 - 00262144 ___SH C:\Windows\system32\config\BBI2016-11-12 10:18 - 2016-03-06 11:36 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B7DB0767-57CE-4816-B106-9D5AFB57ECA3}2016-11-12 10:06 - 2016-03-06 16:03 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit2016-11-11 19:56 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\AppReadiness2016-11-10 18:20 - 2016-03-06 16:29 - 00003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 14573069472016-11-10 18:20 - 2016-03-06 16:29 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk2016-11-10 18:20 - 2016-03-06 16:03 - 00000000 ____D C:\Program Files (x86)\Opera2016-11-08 10:24 - 2016-03-16 19:15 - 00000000 ____D C:\Users\Owner\AppData\Local\ElevatedDiagnostics2016-11-08 09:22 - 2016-03-06 16:06 - 00000000 ____D C:\Users\Owner\AppData\Roaming\vlc2016-11-07 20:28 - 2016-04-13 20:44 - 00000000 ____D C:\AdwCleaner2016-11-07 00:11 - 2016-03-07 21:59 - 03824640 ___SH C:\Users\Owner\Downloads\Thumbs.db2016-11-06 23:21 - 2016-05-10 13:07 - 00000000 ____D C:\ProgramData\ProductData2016-11-06 10:35 - 2016-03-08 22:47 - 04200960 ___SH C:\Users\Owner\Desktop\Thumbs.db2016-11-05 21:50 - 2016-08-10 07:46 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2016-11-05 16:59 - 2016-03-06 16:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 20132016-11-05 10:23 - 2016-07-14 15:33 - 00000000 ____D C:\Users\Owner\Desktop\Transcriptions2016-11-04 16:02 - 2016-07-19 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive2016-11-03 10:48 - 2016-04-11 19:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2016-11-03 10:48 - 2016-04-08 19:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service2016-11-03 10:31 - 2013-08-22 06:25 - 00000234 _____ C:\Windows\win.ini2016-11-03 10:29 - 2016-03-10 22:56 - 00000000 ____D C:\Program Files (x86)\VulkanRT2016-11-03 10:10 - 2013-08-22 08:20 - 00000000 ____D C:\Windows\CbsTemp2016-10-28 20:23 - 2016-05-31 19:50 - 00002388 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Owner2016-10-28 20:23 - 2016-05-31 19:50 - 00000288 _____ C:\Windows\Tasks\Uninstaller_SkipUac_Owner.job2016-10-28 18:41 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed2016-10-28 18:41 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\Macromed2016-10-28 17:33 - 2016-03-06 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit2016-10-28 17:33 - 2016-03-06 16:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit2016-10-27 18:22 - 2016-03-06 16:13 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2016-10-25 14:39 - 2016-07-14 13:35 - 03473368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2016-10-25 14:39 - 2016-07-14 13:35 - 00041344 _____ C:\Windows\system32\nvinfo.pb2016-10-25 13:17 - 2016-07-14 13:36 - 06386232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll2016-10-25 13:17 - 2016-07-14 13:36 - 02475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll2016-10-25 13:17 - 2016-07-14 13:36 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll2016-10-25 13:17 - 2016-07-14 13:36 - 00548408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll2016-10-25 13:17 - 2016-07-14 13:36 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll2016-10-25 13:17 - 2016-07-14 13:36 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll2016-10-25 13:17 - 2016-07-14 13:36 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll2016-10-24 14:54 - 2016-07-15 15:26 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2016-10-24 14:54 - 2016-07-15 15:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2016-10-23 23:31 - 2016-07-14 13:36 - 07507695 _____ C:\Windows\system32\nvcoproc.bin2016-10-22 12:10 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\rescache2016-10-21 20:12 - 2016-03-04 09:34 - 00000000 ____D C:\Users\Owner\AppData\Local\NVIDIA Corporation2016-10-21 20:12 - 2016-03-03 15:36 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation2016-10-21 20:12 - 2016-03-03 15:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation2016-10-20 19:00 - 2016-03-03 15:32 - 00000000 ____D C:\ProgramData\Intel2016-10-20 19:00 - 2016-03-03 15:32 - 00000000 ____D C:\Program Files\Intel2016-10-20 19:00 - 2015-04-10 03:46 - 00000000 ____D C:\ProgramData\Package Cache2016-10-20 18:39 - 2016-03-04 09:32 - 00000000 ____D C:\Users\Owner\AppData\Local\NVIDIA2016-10-20 18:32 - 2016-03-03 15:36 - 00000000 ____D C:\ProgramData\NVIDIA Corporation2016-10-20 18:30 - 2016-03-07 10:24 - 00000000 ____D C:\Program Files (x86)\Java2016-10-20 18:30 - 2016-03-07 10:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2016-10-20 18:30 - 2016-03-07 10:23 - 00000000 ____D C:\Program Files\Java2016-10-20 18:30 - 2016-03-07 09:25 - 00000000 ____D C:\ProgramData\Oracle2016-10-20 18:25 - 2016-03-07 10:24 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2016-10-20 18:25 - 2016-03-06 16:04 - 00000000 ____D C:\ProgramData\Unchecky2016-10-18 12:39 - 2016-08-10 11:27 - 00000000 ____D C:\ProgramData\NCH Software2016-10-18 12:39 - 2016-08-10 11:27 - 00000000 ____D C:\Program Files (x86)\NCH Software2016-10-18 12:39 - 2016-04-28 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP2016-10-18 12:39 - 2016-04-28 16:32 - 00000000 ____D C:\Program Files (x86)\HP2016-10-18 12:36 - 2016-03-04 09:32 - 00000000 ____D C:\ProgramData\ASUS2016-10-18 11:46 - 2013-08-22 08:36 - 00000000 ___RD C:\Windows\ToastData2016-10-18 11:18 - 2013-08-22 07:44 - 01037248 _____ C:\Windows\system32\FNTCACHE.DAT2016-10-18 11:17 - 2016-03-06 23:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight2016-10-18 11:17 - 2016-03-06 23:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight2016-10-18 08:56 - 2016-03-04 10:47 - 00000000 ____D C:\Windows\system32\MRT2016-10-18 08:53 - 2016-03-06 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight2016-10-18 08:53 - 2016-03-04 10:47 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe2016-10-16 10:34 - 2016-07-19 12:27 - 00000000 ____D C:\Users\Owner\Desktop\Gnosis Images==================== Files in the root of some directories =======2016-03-04 09:36 - 2016-11-12 10:39 - 0000093 _____ () C:\Users\Owner\AppData\Roaming\sp_data.sys2016-04-28 16:30 - 2016-10-18 12:39 - 0002324 _____ () C:\ProgramData\hpzinstall.log2015-04-10 03:45 - 2012-09-07 04:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd2015-04-10 03:45 - 2009-07-22 03:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe2015-04-10 03:45 - 2012-09-07 04:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBSSome files in TEMP:====================C:\Users\Owner\AppData\Local\Temp\msvcr120.dllC:\Users\Owner\AppData\Local\Temp\sqlite3.dll==================== Bamital & volsnap ======================(There is no automatic fix for files that do not pass verification.)C:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\SysWOW64\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2016-11-07 17:30==================== End of FRST.txt ============================
Here is the addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-11-2016
Ran by Owner (12-11-2016 12:10:08)Running from C:\Users\Owner\DesktopWindows 8.1 (Update) (X64) (2016-03-04 16:32:23)Boot Mode: Normal============================================================================== Accounts: =============================Administrator (S-1-5-21-1526803253-2289046572-84949769-500 - Administrator - Disabled)Guest (S-1-5-21-1526803253-2289046572-84949769-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-1526803253-2289046572-84949769-1003 - Limited - Enabled)Owner (S-1-5-21-1526803253-2289046572-84949769-1001 - Administrator - Enabled) => C:\Users\Owner==================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}==================== Installed Programs ======================(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.). . . (Version: 2.1.28.3 - Intel) Hidden. . . (x32 Version: 2.6.1.4 - Intel) Hidden64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)Amazon Kindle (HKU\S-1-5-21-1526803253-2289046572-84949769-1001\...\Amazon Kindle) (Version: 1.16.0.44025 - Amazon)Ansel (Version: 375.70 - NVIDIA Corporation) HiddenAny Audio Converter 5.9.3 (HKLM-x32\...\Any Audio Converter_is1) (Version: - Any-Audio-Converter.com)Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS)ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0035 - ASUS)Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)Audio Product Tool (HKLM-x32\...\{032D9888-CC94-4AD6-9451-481CB7D67061}) (Version: 1.03 - Actions)Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) HiddenConexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.41.50 - Conexant)CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)D110 (x32 Version: 140.0.353.000 - Hewlett-Packard) HiddenDestinations (x32 Version: 140.0.253.000 - Hewlett-Packard) HiddenDevice Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.20 - ASUSTek Computer Inc.)DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) HiddenDolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)DVDFab 9.1.9.5 (28/03/2015) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)emWave2 (HKLM-x32\...\emWave23.3.0.7385) (Version: 3.3.0.7385 - Heartmath Inc.)ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )Evernote v. 5.8.3 (HKLM-x32\...\{404B3FB8-A820-11E4-83FC-00163E98E7D6}) (Version: 5.8.3.6507 - Evernote Corp.)Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 5.85 - NCH Software)FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)Foxit PhantomPDF (HKLM-x32\...\{045A0488-55C1-45B1-9992-4B4134904D61}) (Version: 7.0.59.127 - Foxit Software Inc.)Free Download Manager 3.9.7 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)Freemake Audio Converter version 1.1.8 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.8 - Ellora Assets Corporation)Google Drive (HKLM-x32\...\{3D7AB4D4-2E45-4986-BAC5-5B3CEED21FAA}) (Version: 1.32.3592.6117 - Google, Inc.)Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) HiddenGPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) HiddenHelium Audio Splitter (build 343) (HKLM-x32\...\{4ED951FE-165D-4F01-9E21-E9D75C3F3AE4}_is1) (Version: 1.9.0.343 - Imploded Software)HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{A5E2418D-B360-419D-AAAD-0D8F2E98FBF6}) (Version: 14.0 - HP)HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.5.32.37 - HP)HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) HiddenHPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) HiddenHPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) HiddenImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.1.116 - IObit)iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)Lucent Heart (HKLM\...\Steam App 283060) (Version: - Playcoo)Malwarebytes Anti-Exploit version 1.9.1.1235 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.9.1.1235 - Malwarebytes)Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) HiddenMediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)Mozilla Firefox 49.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 en-US)) (Version: 49.0.2 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)Network64 (Version: 140.0.306.000 - Hewlett-Packard) HiddenNVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)NVIDIA Graphics Driver 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) HiddenNvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) HiddenOpera Stable 41.0.2353.56 (HKLM-x32\...\Opera 41.0.2353.56) (Version: 41.0.2353.56 - Opera Software)Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hiddenpaint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )PDFescape Desktop (HKLM-x32\...\PDFescape Desktop) (Version: 1.0.6.28181 - RedSoftware)PDFescape Desktop Asian Fonts Pack (Version: 1.0.16.29260 - Red Software) HiddenPDFescape Desktop Convert Module (Version: 1.0.16.29260 - Red Software) HiddenPDFescape Desktop Create Module (Version: 1.0.16.29260 - Red Software) HiddenPDFescape Desktop Edit Module (Version: 1.0.16.29260 - Red Software) HiddenPDFescape Desktop Forms Module (Version: 1.0.16.29260 - Red Software) HiddenPDFescape Desktop Insert Module (Version: 1.0.16.29260 - Red Software) HiddenPDFescape Desktop Review Module (Version: 1.0.16.29260 - Red Software) HiddenPDFescape Desktop Secure Module (Version: 1.0.16.29260 - Red Software) HiddenPDFescape Desktop View Module (Version: 1.0.16.29260 - Red Software) HiddenPrivate Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)PS_AIO_07_D110_SW_Min (x32 Version: 140.0.365.000 - Hewlett-Packard) HiddenQualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)QuickBooks (x32 Version: 19.0.4007.1091 - Intuit Canada Limited) HiddenQuickBooks Premier: Retail Edition 2010 (HKLM-x32\...\{69CAC0F3-5CA1-4AFB-8DF9-BD982998B36F}) (Version: 19.0.4007.1091 - Intuit Canada Limited)QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) HiddenRealtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) HiddenScoreCloud Studio (HKLM-x32\...\ScoreCloud) (Version: 3.4 - DoReMIR Music Research)Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) HiddenSHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) HiddenSHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) HiddenSkype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) HiddenStatus (x32 Version: 140.0.342.000 - Hewlett-Packard) HiddenSteam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)StudioTax 2015 (HKLM-x32\...\{F03D988F-D2E1-45F1-BC74-283618FD8EE3}) (Version: 11.0.5.1 - BHOK IT Consulting)SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) HiddenToolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) HiddenTrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) HiddenUnchecky v1.0.1 (HKLM-x32\...\Unchecky) (Version: 1.0.1 - RaMMicHaeL)Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{E75B82FD-B6FD-4653-8685-F3A97BDFEA6E}) (Version: 15.0.2013 - Microsoft Corporation)Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{01E87699-A49D-413A-B75B-7C434FEF979C}) (Version: 15.0.2013 - Microsoft Corporation)Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)Update for Skype for Business 2015 (KB3127934) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{670823C5-9E0F-444C-A115-E8C4F37C5707}) (Version: - Microsoft)Update for Skype for Business 2015 (KB3127934) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{670823C5-9E0F-444C-A115-E8C4F37C5707}) (Version: - Microsoft)Update for Skype for Business 2015 (KB3127934) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{670823C5-9E0F-444C-A115-E8C4F37C5707}) (Version: - Microsoft)VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) HiddenWebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.15.458 - ASUS Cloud Corporation)WIDI Recognition System Pro 3.3 (remove only) (HKLM-x32\...\WIDI Recognition System Pro 3.3) (Version: - )Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 6.0.0.39) (HKLM\...\51B9B97722559D76D6429B83B71A86106A35BFCE) (Version: 07/02/2014 6.0.0.39 - ASUS)WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)Zan Image Printer (HKLM\...\zvprt50) (Version: - )==================== Custom CLSID (Whitelisted): ==========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)CustomCLSID: HKU\S-1-5-21-1526803253-2289046572-84949769-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)==================== Scheduled Tasks (Whitelisted) =============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)Task: {013EDA2D-1FF6-4C26-9F6F-6F4D2673B497} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)Task: {075CB3EE-7030-4478-B884-1B8F18AA310D} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-11] ()Task: {0929A590-67C8-4039-ADAF-AD4BC268FF04} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)Task: {14F984F4-3016-49F7-9C81-C49DCA8088BB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-10-18] (Microsoft Corporation)Task: {1CD3F226-8E53-47AF-B986-97FC7BD8BC7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-19] (Google Inc.)Task: {1F11BC9E-F0AC-4874-9549-71F42E92EC73} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)Task: {237B907D-CAE3-47B3-A0A8-C8EB695FAECB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-29] (NVIDIA Corporation)Task: {308C6FC3-A052-4012-A284-546282DFDC90} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()Task: {36B9B2C7-D9ED-472D-B024-207C9565BAB2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exeTask: {480F1C96-4A35-4DA7-807E-366AD05726FB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-29] (NVIDIA Corporation)Task: {48FED751-1F8D-4907-AD3F-596A7C34B726} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)Task: {52F3B7DB-65F5-4719-86B4-34CD5EDC3C5C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-29] (NVIDIA Corporation)Task: {54FEF5B0-C5E3-450B-AFDF-0EF2D6E08D8C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-29] (NVIDIA Corporation)Task: {66945C11-427E-4844-A0DD-BC911345F1E2} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)Task: {74847D8E-717F-4A7B-AEB6-A0D627AEE9F5} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()Task: {7E03ECD4-6042-45B8-892B-F7570DE72D6B} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"Task: {80E7D770-A8B4-403F-A2FB-EFA2BD2846E5} - System32\Tasks\{875D3F96-FFF7-41AD-A1D5-78FE49626AE8} => pcalua.exe -a C:\Downloads\wit-v2.31a-r6005-cygwin\wit-v2.31a-r6005-cygwin\windows-install.exe -d C:\Downloads\wit-v2.31a-r6005-cygwin\wit-v2.31a-r6005-cygwinTask: {83FAD7FA-9BF8-4C24-909D-9CEE043B79CE} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2016-03-06] ()Task: {92A39342-31E0-442E-A65D-3360D2D675D6} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-11] (ASUS)Task: {ABF57875-D6EA-4D78-A2F9-AC8FDEF14CF6} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-29] (NVIDIA Corporation)Task: {C0252D08-29C7-46DE-AF1A-B8DB508DF001} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek)Task: {C67396F6-70DA-4478-9A1F-8604E779B1F6} - System32\Tasks\Uninstaller_SkipUac_Owner => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-12-24] (IObit)Task: {CC878C13-0516-4987-A2B2-4500971ABBFD} - System32\Tasks\Opera scheduled Autoupdate 1457306947 => C:\Program Files (x86)\Opera\launcher.exe [2016-11-07] (Opera Software)Task: {D1DCE02B-252F-4241-B51F-9CD1F5CADC00} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)Task: {D741398F-06F4-49E3-A387-7C94723E7763} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)Task: {D81888F8-AA89-4664-B45F-2E330C6AD32F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)Task: {E94B468A-4740-4AFB-9995-4FE436096E7F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-19] (Google Inc.)Task: {F21F1823-400C-4525-B121-978C65A520F8} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-03-03] (ASUSTek Computer Inc.)Task: {F38E020B-1E79-4DE9-A8C0-C70254E199EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)Task: {F8AECAFD-5514-4005-9EB6-02DF4F8D34CE} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()Task: {FAB8C9D8-9E5C-4BDA-8204-B113BBB12AF5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-29] (NVIDIA Corporation)(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\Uninstaller_SkipUac_Owner.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe==================== Shortcuts =============================(The entries could be listed to be restored or removed.)==================== Loaded Modules (Whitelisted) ==============2016-07-05 14:23 - 2016-07-05 14:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll2016-07-05 14:23 - 2016-07-05 14:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll2016-10-20 18:31 - 2016-09-29 21:22 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll2016-10-20 18:31 - 2016-09-29 21:22 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll2016-10-20 18:31 - 2016-09-29 21:22 - 00419896 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll2016-07-14 13:36 - 2016-10-25 13:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2016-06-08 17:04 - 2016-06-08 17:04 - 00117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe2014-02-11 18:08 - 2014-02-11 18:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll2014-02-11 18:08 - 2014-02-11 18:08 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll2014-10-20 01:05 - 2014-03-17 20:10 - 00080312 _____ () C:\Windows\system32\igfxexps.dll2016-06-14 12:37 - 2016-06-14 12:37 - 08909504 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll2014-05-01 07:13 - 2016-09-09 17:42 - 00592384 _____ () C:\Users\Owner\AppData\Local\MEGAsync\ShellExtX64.dll2016-03-04 10:31 - 2016-03-04 10:32 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll2014-02-25 23:14 - 2014-02-25 23:14 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll2014-02-25 23:11 - 2014-02-25 23:11 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll2014-02-25 23:17 - 2014-02-25 23:17 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe2016-03-06 16:09 - 2015-12-23 16:27 - 00629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll2016-03-07 12:50 - 2016-09-29 21:22 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll2014-04-02 15:46 - 2014-04-02 15:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll2014-04-02 15:46 - 2014-04-02 15:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll2014-04-02 15:46 - 2014-04-02 15:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll2014-04-02 15:46 - 2014-04-02 15:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll2016-10-20 18:31 - 2016-09-29 21:22 - 60819000 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll2016-10-20 18:31 - 2016-09-29 10:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node2016-10-20 18:31 - 2016-09-29 10:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node2016-10-20 18:31 - 2016-09-29 10:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node2016-10-20 18:31 - 2016-09-29 10:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node2016-10-20 18:31 - 2016-09-29 10:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node2016-10-20 18:31 - 2016-09-29 10:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node2016-10-20 18:31 - 2016-09-29 10:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node2016-03-03 15:32 - 2013-12-09 16:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll2016-03-06 16:09 - 2015-12-23 16:27 - 00355616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl2016-03-06 16:09 - 2015-12-23 16:27 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl2016-03-06 16:09 - 2015-12-23 16:27 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl2013-04-27 09:24 - 2013-04-27 09:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll2016-11-10 18:20 - 2016-11-10 18:20 - 66023632 _____ () C:\Program Files (x86)\Opera\41.0.2353.56\opera.dll2016-06-14 12:38 - 2016-06-14 12:38 - 08909504 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll2014-05-01 07:15 - 2016-09-09 17:41 - 00564224 _____ () C:\Users\Owner\AppData\Local\MEGAsync\ShellExtX32.dll2016-11-10 18:20 - 2016-11-10 18:20 - 01888464 _____ () C:\Program Files (x86)\Opera\41.0.2353.56\libglesv2.dll2016-11-10 18:20 - 2016-11-10 18:20 - 00094416 _____ () C:\Program Files (x86)\Opera\41.0.2353.56\libegl.dll==================== Alternate Data Streams (Whitelisted) =========(If an entry is included in the fixlist, only the ADS will be removed.)==================== Safe Mode (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""==================== Association (Whitelisted) ===============(If an entry is included in the fixlist, the registry item will be restored to default or removed.)HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %*==================== Internet Explorer trusted/restricted ===============(If an entry is included in the fixlist, it will be removed from the registry.)==================== Hosts content: ==========================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2013-08-22 06:25 - 2016-11-12 10:37 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly0.0.0.0 tracking.opencandy.com.s3.amazonaws.com0.0.0.0 media.opencandy.com0.0.0.0 cdn.opencandy.com0.0.0.0 tracking.opencandy.com0.0.0.0 api.opencandy.com0.0.0.0 api.recommendedsw.com0.0.0.0 installer.betterinstaller.com0.0.0.0 installer.filebulldog.com0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net0.0.0.0 inno.bisrv.com0.0.0.0 nsis.bisrv.com0.0.0.0 cdn.file2desktop.com0.0.0.0 cdn.goateastcach.us0.0.0.0 cdn.guttastatdk.us0.0.0.0 cdn.inskinmedia.com0.0.0.0 cdn.insta.oibundles2.com0.0.0.0 cdn.insta.playbryte.com0.0.0.0 cdn.llogetfastcach.us0.0.0.0 cdn.montiera.com0.0.0.0 cdn.msdwnld.com0.0.0.0 cdn.mypcbackup.com0.0.0.0 cdn.ppdownload.com0.0.0.0 cdn.riceateastcach.us0.0.0.0 cdn.shyapotato.us0.0.0.0 cdn.solimba.com0.0.0.0 cdn.tuto4pc.com0.0.0.0 cdn.appround.biz0.0.0.0 cdn.bigspeedpro.com0.0.0.0 cdn.bispd.comThere are 4 more lines.==================== Other Areas ============================(Currently there is no automatic fix for this section.)HKU\S-1-5-21-1526803253-2289046572-84949769-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaperDNS Servers: 192.168.1.1HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled.==================== MSCONFIG/TASK MANAGER disabled items ==HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"HKLM\...\StartupApproved\Run: => "iTunesHelper"HKLM\...\StartupApproved\Run: => "XboxStat"HKLM\...\StartupApproved\Run32: => "Intuit SyncManager"HKU\S-1-5-21-1526803253-2289046572-84949769-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"HKU\S-1-5-21-1526803253-2289046572-84949769-1001\...\StartupApproved\Run: => "Steam"==================== FirewallRules (Whitelisted) ===============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139FirewallRules: [{40EC0B1D-44A8-425D-998A-4C8AC9C31BE5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exeFirewallRules: [{CC492744-6670-4620-A2D7-F6A50DCE28DA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{27679445-CC43-4DAC-BFC3-93FCEC4815D2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{358905B4-7220-4C3D-A532-2731E19DEB49}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{9CB1CB9C-7FDF-4FED-969D-664CF637263D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{C80460E0-9D6D-4EC9-AFF5-C39E6CECB375}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exeFirewallRules: [{6BDE2CE0-D48D-4653-AA1F-5E7D5C9457F9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exeFirewallRules: [{E7705C98-8651-4A2A-A4E7-1DEFE50FA3DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exeFirewallRules: [{4B12FEDC-D36F-44F7-89F5-26E1E85B163E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exeFirewallRules: [TCP Query User{A6456AA8-31AD-4CE1-B6C2-313F5268C678}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exeFirewallRules: [UDP Query User{C9F1C67C-7A70-4CD8-B458-1E913AA392EB}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exeFirewallRules: [{5D3A4F1E-0082-4B63-9C14-488A17A24DE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exeFirewallRules: [{7F3480E0-69FF-4024-8694-C6456895782D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exeFirewallRules: [{A49F5C7C-4A72-4BA0-99C3-DBF57940B69F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exeFirewallRules: [{196B201D-D88F-4F6F-9374-18A15D57481C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exeFirewallRules: [{DC93E79C-B02A-45C4-B9CA-7F8828FF621C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exeFirewallRules: [{7B90B0CD-3E06-4292-AA47-5F6615284E88}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{A790A1C6-F9D4-4888-91D7-0384122804BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{DCE83B38-EE22-40E7-ABA0-F0CA86C4CB41}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{E9DAB338-89C5-487A-B84C-F392643AD9C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{3FD1946F-9C5A-4690-8B55-1BE96602E2B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lucent Heart\LucentPatch.exeFirewallRules: [{FCEF6BAD-5562-4A5E-A4D8-F7C3A4B7CEC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lucent Heart\LucentPatch.exeFirewallRules: [{7135F96C-9B8C-48BA-986B-9F87277AB9FE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{1A8BDC33-4FE9-451E-B6D1-931BC5676E38}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [TCP Query User{5BE1F031-1828-49FD-9B24-4F6410A05E8D}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exeFirewallRules: [UDP Query User{ABDCA425-F758-47EC-983C-852ED9B3402C}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exeFirewallRules: [{EF0A6209-EFA4-4D19-9C65-4403C145A256}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeFirewallRules: [{797A7534-2A39-4C85-A883-137F9DD469B4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exeFirewallRules: [{49703BE2-925C-46A6-9C0C-54AB4C8858F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exeFirewallRules: [{464DCDFA-36AC-4F19-BAD1-1D3BC0FBA6FE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exeFirewallRules: [{D104523F-80BD-4BBA-A903-A50D0C464184}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exeFirewallRules: [{EA1F3511-6F76-4117-BD17-A16371E0002F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exeFirewallRules: [{A18962E3-F18C-43E7-BDF2-E6F8CFF10DE8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exeFirewallRules: [{2A2EF035-68E9-4F68-80BF-D196E7DAA244}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exeFirewallRules: [{5ABB2D10-CDEA-42D0-B6BD-349AC3325B85}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exeFirewallRules: [{A780FA01-FED6-4157-B0FE-9ED8350BDE93}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exeFirewallRules: [{DDC1E423-2329-49D9-9F05-4F5BDB24B068}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exeFirewallRules: [{64FFA3FC-7227-4F1F-92F2-AB6A7B4A5398}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exeFirewallRules: [{61924848-B5C2-4608-9182-05D7F2D6ED54}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS2B20\HPDiagnosticCoreUI.exeFirewallRules: [{46D95229-860D-4E02-8DDA-E3DF8AA9BB56}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS2B20\HPDiagnosticCoreUI.exeFirewallRules: [{5C8FDAC9-5536-479C-A5C4-E610B00609BD}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS595B\HPDiagnosticCoreUI.exeFirewallRules: [{767B0C4A-D72C-43C5-894A-5ABF3169C6A5}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS595B\HPDiagnosticCoreUI.exeFirewallRules: [{BA555286-D69D-4A77-A849-7E8FB6F69073}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS611C\HPDiagnosticCoreUI.exeFirewallRules: [{96CAE66A-B686-4BB9-A50F-6039F9799195}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS611C\HPDiagnosticCoreUI.exeFirewallRules: [{1DDD9F2F-1DE2-442C-8CC2-498F41A34FC4}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exeFirewallRules: [{D7B6D7EE-CB82-42AF-8359-9F96067BCFF7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exeFirewallRules: [{6565DA83-AC93-4745-BEB4-9BB60D7BD9E7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exeFirewallRules: [{EE0F6E38-91A7-4926-8CB4-E60034A05B16}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exeFirewallRules: [{7B184D0C-7574-411B-8C94-B2CE7C013598}] => (Allow) C:\Program Files\iTunes\iTunes.exeFirewallRules: [TCP Query User{E1BD963C-577A-456B-BEFC-077CB4A06C16}C:\program files (x86)\microsoft directx sdk (june 2010)\utilities\bin\x86\audconsole3.exe] => (Allow) C:\program files (x86)\microsoft directx sdk (june 2010)\utilities\bin\x86\audconsole3.exeFirewallRules: [UDP Query User{D9457B4F-B8A8-4817-9B9E-E0E1E1D458BA}C:\program files (x86)\microsoft directx sdk (june 2010)\utilities\bin\x86\audconsole3.exe] => (Allow) C:\program files (x86)\microsoft directx sdk (june 2010)\utilities\bin\x86\audconsole3.exe==================== Restore Points =========================24-10-2016 10:08:17 Installed PDFescape Desktop Convert Module29-10-2016 17:23:06 Windows Update03-11-2016 10:07:45 Windows Update==================== Faulty Device Manager Devices ================================= Event log errors: =========================Application errors:==================Error: (11/12/2016 10:35:00 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: rundll32.exe_winethc.dll, version: 6.3.9600.17415, time stamp: 0x54504eb8Faulting module name: USER32.dll, version: 6.3.9600.18438, time stamp: 0x57ae642eException code: 0xc0000142Fault offset: 0x00000000000ecdd0Faulting process id: 0xf98Faulting application start time: 0x01d23d0b18094bb6Faulting application path: C:\Windows\System32\rundll32.exeFaulting module path: USER32.dllReport Id: 55be2582-a8fe-11e6-8298-40e23057c958Faulting package full name:Faulting package-relative application ID:Error: (11/12/2016 10:03:54 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )Description: Event-ID 0Error: (11/12/2016 10:02:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 9621906Error: (11/12/2016 10:02:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 9621906Error: (11/12/2016 10:02:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a secondError: (11/12/2016 07:22:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 1093Error: (11/12/2016 07:22:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 1093Error: (11/12/2016 07:22:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a secondError: (11/12/2016 12:51:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 1141Error: (11/12/2016 12:51:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 1141System errors:=============Error: (11/12/2016 10:42:14 AM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.Error: (11/12/2016 10:41:44 AM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.Error: (11/12/2016 10:40:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The eapihdrv service failed to start due to the following error:This driver has been blocked from loadingError: (11/12/2016 10:40:50 AM) (Source: Application Popup) (EventID: 1060) (User: )Description: \??\C:\Users\Owner\AppData\Local\Temp\ehdrv.sysError: (11/12/2016 10:40:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The eapihdrv service failed to start due to the following error:This driver has been blocked from loadingError: (11/12/2016 10:40:50 AM) (Source: Application Popup) (EventID: 1060) (User: )Description: \??\C:\Users\Owner\AppData\Local\Temp\ehdrv.sysError: (11/12/2016 10:40:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The eapihdrv service failed to start due to the following error:This driver has been blocked from loadingError: (11/12/2016 10:40:50 AM) (Source: Application Popup) (EventID: 1060) (User: )Description: \??\C:\Users\Owner\AppData\Local\Temp\ehdrv.sysError: (11/12/2016 10:26:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The eapihdrv service failed to start due to the following error:This driver has been blocked from loadingError: (11/12/2016 10:26:08 AM) (Source: Application Popup) (EventID: 1060) (User: )Description: \??\C:\Users\Owner\AppData\Local\Temp\ehdrv.sysCodeIntegrity:===================================Date: 2016-11-12 12:01:00.030Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.Date: 2016-11-12 12:00:59.820Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.Date: 2016-11-12 12:00:59.619Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.Date: 2016-11-12 12:00:58.860Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.Date: 2016-11-12 12:00:58.641Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.Date: 2016-11-12 12:00:58.413Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.Date: 2016-11-12 12:00:57.836Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.Date: 2016-11-12 12:00:57.620Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.Date: 2016-11-12 12:00:57.418Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.Date: 2016-11-12 12:00:54.707Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.==================== Memory info ===========================Processor: Intel® Core i7-4710HQ CPU @ 2.50GHzPercentage of memory in use: 25%Total physical RAM: 12171.01 MBAvailable physical RAM: 9103.12 MBTotal Virtual: 14027.01 MBAvailable Virtual: 10558.12 MB==================== Drives ================================Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:86.23 GB) NTFS ==>[system with boot components (obtained from drive)]Drive d: (Data) (Fixed) (Total:403.07 GB) (Free:292.42 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (Size: 698.6 GB) (Disk ID: F03AAA7D)Partition: GPT.==================== End of Addition.txt ============================
Edited by Destiny000, 14 November 2016 - 10:41 PM.