Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-08-2015
Ran by Nathan (2015-08-11 13:00:20)
Running from C:\Users\Nathan\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrateur (S-1-5-21-98695561-2770668175-831058641-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-98695561-2770668175-831058641-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-98695561-2770668175-831058641-1003 - Limited - Enabled)
Invité (S-1-5-21-98695561-2770668175-831058641-501 - Limited - Disabled)
Nathan (S-1-5-21-98695561-2770668175-831058641-1001 - Administrator - Enabled) => C:\Users\Nathan

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Pare-feu (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.22.0.1521 - Bitdefender)
ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4252 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
PhraseProfessor 1.10.0.21 (HKLM-x32\...\PhraseProfessor_1.10.0.21) (Version: 1.10.0.21 - PhraseProfessor)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-98695561-2770668175-831058641-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-98695561-2770668175-831058641-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Nathan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-98695561-2770668175-831058641-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Nathan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-98695561-2770668175-831058641-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Nathan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-98695561-2770668175-831058641-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll No File
CustomCLSID: HKU\S-1-5-21-98695561-2770668175-831058641-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-98695561-2770668175-831058641-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Nathan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-98695561-2770668175-831058641-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Nathan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-98695561-2770668175-831058641-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Nathan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-98695561-2770668175-831058641-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Nathan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-98695561-2770668175-831058641-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Nathan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-98695561-2770668175-831058641-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Nathan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-98695561-2770668175-831058641-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Nathan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

09-08-2015 11:23:09 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
10-08-2015 21:43:17 Restore Point Created by FRST
10-08-2015 22:14:55 Restore Point Created by FRST

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {095578B5-A89C-4D9A-BB49-9019A981BC8C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation)
Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {3221FC90-911C-46EE-9A84-E8D88D4B1662} - System32\Tasks\PhraseProfessor Auto Updater 1.10.0.21 Core => C:\Program Files (x86)\PhraseProfessor_1.10.0.21\Update\PhraseProfessorAutoUpdateClient.exe [2015-07-28] (PhraseProfessor)
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {5E58CF16-F71F-4F93-8855-97C3E3FF04AC} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {62719191-0A47-4B48-9959-E022398F589D} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24] (Realtek Semiconductor)
Task: {686E5766-4918-4DC5-9D2A-B27744B57BF2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2015-08-08] (Microsoft Corporation)
Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-08-08] (Microsoft Corporation)
Task: {88E1DE14-AE9C-4E9F-B082-9B4581E34420} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2014-08-20] (Microsoft Corporation)
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-08] (Microsoft Corporation)
Task: {91131016-9DCE-408A-B85B-D0AACBCF2EFF} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A8F6595E-7477-48A5-A92B-713B1F206370} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24] (Realtek Semiconductor)
Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation)
Task: {C1662075-65EE-4896-BB1D-E3D6A7F34746} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-07] (Google Inc.)
Task: {C1C81545-F7E7-4F57-97F0-FFC49025700A} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {C2EFB1AB-7F38-43D5-BDB4-774F40A8203E} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe [2015-08-09] (Bitdefender)
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation)
Task: {DF3E594A-355C-473E-A923-EE17BD5A2032} - System32\Tasks\PhraseProfessor Auto Updater 1.10.0.21 Pending Update => C:\Program Files (x86)\PhraseProfessor_1.10.0.21\Update\PhraseProfessorAutoUpdateClient.exe [2015-07-28] (PhraseProfessor)
Task: {E39EC3AC-F18B-4C79-BE99-9AF7294027ED} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-08-08] (Microsoft Corporation)
Task: {EA8EE7B3-D28E-42AC-874E-CD47FB6394CF} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {ED260EDD-D3DF-4744-96AB-BEAE06698504} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-07] (Google Inc.)
Task: {F0340EC2-484E-4D48-9924-CA43731A1409} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-09-11] (ASUS)
Task: {F6FFB19F-D7CF-4992-A5FD-A23F198290F9} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-08-08 22:36 - 2015-08-08 22:36 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-09 15:51 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-08-09 15:51 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-08-09 15:51 - 2015-04-10 16:51 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-08-09 15:51 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-08-09 16:06 - 2015-08-09 16:06 - 00876888 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00450_002\ashttpbr.mdl
2015-08-09 16:06 - 2015-08-09 16:06 - 00743000 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00450_002\ashttpdsp.mdl
2015-08-09 16:06 - 2015-08-09 16:06 - 02795272 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00450_002\ashttpph.mdl
2015-08-09 16:06 - 2015-08-09 16:06 - 01414048 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00450_002\ashttprbl.mdl
2015-08-08 22:36 - 2015-08-08 22:36 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-08 22:36 - 2015-08-08 22:36 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-08 22:36 - 2015-08-08 22:36 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-08 22:36 - 2015-08-08 22:36 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:28 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-08 22:36 - 2015-08-08 22:36 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-08 22:36 - 2015-08-08 22:36 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-08-20 07:14 - 2014-08-20 07:14 - 00063296 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe
2015-08-09 11:03 - 2015-08-09 11:06 - 00049152 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2015-08-09 11:40 - 2015-08-09 11:43 - 00253504 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OfficeHub.Background.dll
2014-09-11 20:31 - 2014-09-11 20:31 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-09-11 20:31 - 2014-09-11 20:31 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-09-11 20:31 - 2014-09-11 20:31 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-09-11 20:31 - 2014-09-11 20:31 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Nathan\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-98695561-2770668175-831058641-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nathan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\link-the_00311087.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{05172C8C-E591-44DF-A841-CE1D68E4E8E1}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{C1E28F20-4399-4A82-AEE0-F2146E78BF53}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E185F02B-48DF-4344-AC4B-392A7493AA31}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe
FirewallRules: [{D48F6F7F-BD46-41F0-BD6B-37F58504FF32}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Faulty Device Manager Devices =============

Name: Qualcomm Atheros Bluetooth 4.0
Description: Qualcomm Atheros Bluetooth 4.0
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/10/2015 10:37:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NATHAN)
Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (08/10/2015 10:24:10 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (148) Impossible de créer le fichier journal, car la base de données ne peut pas écrire sur le lecteur. Ce lecteur est probablement en lecture seule, mal configuré ou endommagé ou son espace disque est insuffisant. Erreur -1032.

Error: (08/10/2015 10:24:10 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (148) Une tentative de création du fichier « C:\WINDOWS\system32\edbtmp.log » a échoué en indiquant l’erreur système 5 (0x00000005) : « Accès refusé.  ». L’opération de création de fichier échouera en indiquant l’erreur -1032 (0xfffffbf8).

Error: (08/10/2015 10:24:00 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (148) Impossible de créer le fichier journal, car la base de données ne peut pas écrire sur le lecteur. Ce lecteur est probablement en lecture seule, mal configuré ou endommagé ou son espace disque est insuffisant. Erreur -1032.

Error: (08/10/2015 10:24:00 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (148) Une tentative de création du fichier « C:\WINDOWS\system32\edbtmp.log » a échoué en indiquant l’erreur système 5 (0x00000005) : « Accès refusé.  ». L’opération de création de fichier échouera en indiquant l’erreur -1032 (0xfffffbf8).

Error: (08/10/2015 10:23:49 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (148) Impossible de créer le fichier journal, car la base de données ne peut pas écrire sur le lecteur. Ce lecteur est probablement en lecture seule, mal configuré ou endommagé ou son espace disque est insuffisant. Erreur -1032.

Error: (08/10/2015 10:23:49 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (148) Une tentative de création du fichier « C:\WINDOWS\system32\edbtmp.log » a échoué en indiquant l’erreur système 5 (0x00000005) : « Accès refusé.  ». L’opération de création de fichier échouera en indiquant l’erreur -1032 (0xfffffbf8).

Error: (08/10/2015 10:23:39 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (148) Impossible de créer le fichier journal, car la base de données ne peut pas écrire sur le lecteur. Ce lecteur est probablement en lecture seule, mal configuré ou endommagé ou son espace disque est insuffisant. Erreur -1032.

Error: (08/10/2015 10:23:39 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (148) Une tentative de création du fichier « C:\WINDOWS\system32\edbtmp.log » a échoué en indiquant l’erreur système 5 (0x00000005) : « Accès refusé.  ». L’opération de création de fichier échouera en indiquant l’erreur -1032 (0xfffffbf8).

Error: (08/10/2015 10:23:29 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (148) Impossible de créer le fichier journal, car la base de données ne peut pas écrire sur le lecteur. Ce lecteur est probablement en lecture seule, mal configuré ou endommagé ou son espace disque est insuffisant. Erreur -1032.


System errors:
=============
Error: (08/11/2015 12:54:49 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible

Error: (08/11/2015 12:54:48 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible

Error: (08/11/2015 12:54:47 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible

Error: (08/11/2015 12:54:46 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible

Error: (08/11/2015 12:54:45 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible

Error: (08/11/2015 12:54:44 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible

Error: (08/11/2015 12:54:44 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible

Error: (08/11/2015 12:54:43 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible

Error: (08/11/2015 12:54:42 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible

Error: (08/11/2015 12:54:41 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}


Microsoft Office:
=========================
Error: (08/10/2015 10:37:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NATHAN)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (08/10/2015 10:24:10 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost148-1032

Error: (08/10/2015 10:24:10 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost148C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Accès refusé.

Error: (08/10/2015 10:24:00 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost148-1032

Error: (08/10/2015 10:24:00 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost148C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Accès refusé.

Error: (08/10/2015 10:23:49 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost148-1032

Error: (08/10/2015 10:23:49 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost148C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Accès refusé.

Error: (08/10/2015 10:23:39 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost148-1032

Error: (08/10/2015 10:23:39 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost148C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Accès refusé.

Error: (08/10/2015 10:23:29 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost148-1032


CodeIntegrity:
===================================
Date: 2015-08-10 22:17:22.127
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\{e498cfa0-a2e0-463c-9e67-cf0791e016e0}Gw64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-10 10:22:12.452
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\{e498cfa0-a2e0-463c-9e67-cf0791e016e0}Gw64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-10 09:56:40.024
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\{e498cfa0-a2e0-463c-9e67-cf0791e016e0}Gw64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-10 09:35:47.730
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\{e498cfa0-a2e0-463c-9e67-cf0791e016e0}Gw64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-09 15:55:54.695
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\{e498cfa0-a2e0-463c-9e67-cf0791e016e0}Gw64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-09 15:52:12.952
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\{e498cfa0-a2e0-463c-9e67-cf0791e016e0}Gw64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-09 15:51:12.798
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\{e498cfa0-a2e0-463c-9e67-cf0791e016e0}Gw64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-09 15:50:57.255
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\{e498cfa0-a2e0-463c-9e67-cf0791e016e0}Gw64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-09 15:49:12.736
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\{e498cfa0-a2e0-463c-9e67-cf0791e016e0}Gw64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-09 15:48:12.638
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\{e498cfa0-a2e0-463c-9e67-cf0791e016e0}Gw64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 38%
Total physical RAM: 3982.69 MB
Available physical RAM: 2450.43 MB
Total Virtual: 5390.69 MB
Available Virtual: 3818.13 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:134.2 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:263.34 GB) (Free:263.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 521553C1)

Partition: GPT.

==================== End of log ============================