Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

usg.spiessummarising.com and more; browser Infection: progessive


  • This topic is locked This topic is locked

#1
Destiny000

Destiny000

    Member

  • Member
  • PipPipPip
  • 130 posts

Hello I have something going on with the browser which i think it installed itself with another program i was trying out to get my ps3 controller to work and emulate a 360 controller on windows 10.

 

I have malwarebytes premium and ESET antivirus. I also have anti exploit.

 

Malwarebytes has been doing its best to block it consistently from the computer itself, it constantly pops up and tells me that it has blocked usg.spiessummarising.com

 

I get pop ups opening up in all my browsers now as well. I have used what I already have on my computer plus awdcleaner, zenmana anti malware, and hitman to scan and clean and done many restarts and it is still plaguing me. -sigh-

 

I am now also getting reimagplus.com coming up as well.

 

Help would be greatly appreciated. And I thank you in advance.

 

I have a laptop Windows 10 Asus.

 

Needed to update the severity of this. I can barely click on anything even off but on the browser itself and pop up tabs keep being created, I could barely get here to even type this in.

 

The infection may be worse than I thought since I have just found out someone tried to use my credit card for various purchases online. I could really use some help asap before things get even worse please. My job requires the use of my laptop. So I can't really not use it either. I also do a lot of online shopping.

 

Please help someone!

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-10-2015 02

Ran by Nicole (2015-10-11 21:15:15)

Running from C:\Users\Nicole\Downloads

Windows 10 Home (X64) (2015-08-08 05:46:42)

Boot Mode: Normal

==========================================================

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-3710058852-312542076-3770498964-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-3710058852-312542076-3770498964-503 - Limited - Disabled)

Guest (S-1-5-21-3710058852-312542076-3770498964-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3710058852-312542076-3770498964-1003 - Limited - Enabled)

Nicole (S-1-5-21-3710058852-312542076-3770498964-1001 - Administrator - Enabled) => C:\Users\Nicole

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )

[email protected] DVD Eraser v 1.1 (HKLM-x32\...\[email protected] DVD Eraser v 1.1) (Version:  - )

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)

Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)

Aimersoft DVD Creator(Build 3.0.0) (HKLM-x32\...\Aimersoft DVD Creator_is1) (Version:  - Aimersoft Software)

Any Video Converter Ultimate 5.8.0 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version:  - Any-Video-Converter.com)

Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)

ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)

ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)

ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)

ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)

ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)

Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)

AVS Disc Creator 5.2 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.3.533 - Online Media Technologies Ltd.)

AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.3.572 - Online Media Technologies Ltd.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.60 - Conexant)

CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  - )

DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 6.0.0.0444 - Disc Soft Ltd)

Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)

DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)

DVDFab 9.1.9.5 (28/03/2015) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)

emWave2 (HKLM-x32\...\emWave23.3.0.7385) (Version: 3.3.0.7385 - Heartmath Inc.)

ESET NOD32 Antivirus (HKLM\...\{5F2AE448-CD4B-40BD-B245-5F0CD06A09B0}) (Version: 8.0.319.0 - ESET, spol s r. o.)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

Express Zip File Compression (HKLM-x32\...\ExpressZip) (Version: 2.33 - NCH Software)

FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)

FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)

Foxit PhantomPDF (HKLM-x32\...\{045A0488-55C1-45B1-9992-4B4134904D61}) (Version: 7.0.59.127 - Foxit Software Inc.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)

Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden

HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.10.250 - SurfRight B.V.)

IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)

iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)

Machina of the Planet Tree -Planet Ruler- (HKLM-x32\...\Machina of the Planet Tree -Planet Ruler-_is1) (Version:  - )

Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)

Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)

Microsoft Visio Professional 2013 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)

Moon Planting Matrix (HKLM-x32\...\{B1FCFDBC-C876-4909-A26A-40AF94A24DEC}) (Version: 1.2.9 - Divine Inspirations)

Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)

MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)

NVIDIA Graphics Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden

Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)

Outils de vérification linguistique 2013 de Microsoft Office

- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)

PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )

PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)

Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)

QuickBooks (x32 Version: 19.0.4007.1091 - Intuit Canada Limited) Hidden

QuickBooks Premier: Retail Edition 2010 (HKLM-x32\...\{69CAC0F3-5CA1-4AFB-8DF9-BD982998B36F}) (Version: 19.0.4007.1091 - Intuit Canada Limited)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)

SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)

Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)

SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.17.9562 - SoftEther VPN Project)

SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)

:spam: Walkman Video Converter 6.1.50 (HKLM-x32\...\{148E1C03-9ED1-4194-845E-159DE3ABC6A1}_is1) (Version:  - )

Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{BF1B3F01-93F3-4B83-93DB-132EB1AED259}) (Version:  - Microsoft)

VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)

WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.0.496 - ASUS Cloud Corporation)

Windows Driver Package - ASUS (ATP) Mouse  (06/17/2015 6.0.0.66) (HKLM\...\1EFB54678773735560B565BE7FA6F2BCC557EE21) (Version: 06/17/2015 6.0.0.66 - ASUS)

WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

WinX DVD Copy Pro 3.6.4 (HKLM\...\WinX DVD Copy Pro_is1) (Version:  - Digiarty Software,Inc.)

WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )

Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.17.116 - Zemana Ltd.)

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-3710058852-312542076-3770498964-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()

 

==================== Restore Points =========================

 

03-10-2015 20:55:11 Installed Compatibility Pack for the 2007 Office system

06-10-2015 21:51:54 Device Driver Package Install: www.MotioninJoy.com Xbox 360 Peripherals

11-10-2015 00:35:46 Checkpoint by HitmanPro

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2013-08-22 07:25 - 2015-10-08 09:14 - 00002291 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 0.0.0.0.0

127.0.0.1 0.0.0.0.0

127.0.0.1 0.0.0.0.0

127.0.0.1 0.0.0.0.0

127.0.0.1 0.0.0.0.0

127.0.0.1 0.0.0.0.0

127.0.0.1 0.0.0.0.0

127.0.0.1 0.0.0.0.0

127.0.0.1 0.0.0.0.0

127.0.0.1 m.fr.a2dfp.net

127.0.0.1 mfr.a2dfp.net

127.0.0.1 ad.a8.net

127.0.0.1 asy.a8ww.net

127.0.0.1 static.a-ads.com

127.0.0.1 atlas.aamedia.ro

127.0.0.1 abcstats.com

127.0.0.1 ad4.abradio.cz

127.0.0.1 a.abv.bg

127.0.0.1 adserver.abv.bg

127.0.0.1 adv.abv.bg

127.0.0.1 bimg.abv.bg

127.0.0.1 ca.abv.bg

127.0.0.1 www2.a-counter.kiev.ua

127.0.0.1 track.acclaimnetwork.com

127.0.0.1 accuserveadsystem.com

127.0.0.1 www.accuserveadsystem.com

127.0.0.1 achmedia.com

127.0.0.1 csh.actiondesk.com

127.0.0.1 ads.activepower.net

There are 49 more lines.

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0B2C65C5-B238-4539-9B2C-456DABC2F2F2} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)

Task: {1B83B88D-BA1C-44D2-BFA1-9D502EAAC87B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

Task: {346A2358-43A1-4831-B03F-176809137239} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-28] (AsusTek)

Task: {34ABDD7D-5EC9-4285-A962-66E3671FBF55} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)

Task: {37650F05-D8CC-406E-92FC-8DF135C67167} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: {3EF5203D-6C47-4DC6-B8C5-7CCE931C9FE9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

Task: {4237E065-8F05-4F5B-A0FA-09240BF6B870} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)

Task: {44BC47FE-C3CC-429E-A5AE-7C35B1CC70EE} - System32\Tasks\{813BEEC4-B47C-4699-83E2-298AEB1C537F} => pcalua.exe -a C:\Users\Nicole\Desktop\VoiceTrap.DX\VoiceTrapX20.exe -d C:\Users\Nicole\Desktop\VoiceTrap.DX

Task: {45B8E168-1746-458C-931A-E0F7ABD39DE0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {4C946DC1-674A-43F0-8AD1-23A863D0B31A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

Task: {5C6728C7-2F34-42C4-B12A-798BC9E19E13} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)

Task: {5FB47C19-5BBC-449B-B930-7010584F9622} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe [2015-09-28] (Adobe Systems Incorporated)

Task: {636A5AE5-03FA-43F0-9354-F59A64C47C8D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {6669161F-378F-44A0-AB38-98A28F48491F} - System32\Tasks\Opera scheduled Autoupdate 1425593172 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software)

Task: {740E3964-5E37-4E44-B33E-E6E7BF0420F1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {7FAA9B83-9BD9-4192-8CC7-38AACB5D4BCD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)

Task: {80D433EC-5049-4257-B93C-8A5B20834063} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

Task: {82CBBDA3-180A-457F-B61B-1F610596AF79} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)

Task: {887C4DEE-3A9D-4A42-B5AB-D7ABAC2DE868} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)

Task: {9522577D-465C-4B4A-A764-0F9084C5E6B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-09-11] (Microsoft Corporation)

Task: {A25DC04E-9932-43EA-8DB9-EBB63AD442D3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

Task: {B281C24A-AD29-4D9B-8BAF-D82E75DF22DC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)

Task: {B2A625E7-6F2F-4ED1-990B-4663FE77020F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)

Task: {BB830F2F-6CB2-4314-8AF2-0A6428BF419E} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)

Task: {C6D8576B-E43B-4559-BC3A-D81C6EFD41F7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

Task: {DDA79EC7-7A0B-4596-BC16-92E98774E71D} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()

Task: {DF4BE3FB-3027-470E-B39C-EC9A901D6F79} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

Task: {E169EA53-F667-4FBD-97C3-09E8743C9596} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-09-11] (Microsoft Corporation)

Task: {E8572983-88DD-43F3-908B-019B4129D9FD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe

Task: {ED30295E-89A2-4452-BBE5-BE728557C909} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 05:00 - 2015-07-10 05:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll

2015-08-10 21:51 - 2015-07-14 20:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll

2015-08-10 10:52 - 2015-10-02 20:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2015-03-05 19:03 - 2012-03-11 15:56 - 00086608 _____ () C:\WINDOWS\System32\cpwmon64.dll

2015-08-19 12:38 - 2015-08-11 03:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll

2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2015-03-05 19:26 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll

2015-10-01 08:58 - 2015-09-17 00:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2015-10-01 08:58 - 2015-09-17 00:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

2015-09-15 17:46 - 2015-08-11 21:15 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2015-10-11 00:38 - 2015-10-11 00:38 - 00118640 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll

2015-10-01 08:58 - 2015-09-16 23:44 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2015-10-01 08:58 - 2015-09-16 23:42 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2015-10-01 08:58 - 2015-09-16 23:42 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2015-10-01 08:58 - 2015-09-16 23:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2015-07-10 05:00 - 2015-07-10 07:14 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll

2015-10-01 08:58 - 2015-09-16 23:43 - 02028544 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll

2015-10-01 08:58 - 2015-09-16 23:42 - 00619008 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll

2015-10-01 08:58 - 2015-09-16 23:43 - 00928768 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll

2015-10-03 15:14 - 2015-10-03 15:14 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

2015-10-03 15:14 - 2015-10-03 15:14 - 10814464 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll

2015-10-01 08:58 - 2015-09-16 23:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

2014-04-02 16:46 - 2014-04-02 16:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll

2014-04-02 16:46 - 2014-04-02 16:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll

2014-04-02 16:46 - 2014-04-02 16:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll

2014-04-02 16:46 - 2014-04-02 16:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll

2015-06-01 18:29 - 2015-10-04 02:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

2014-11-21 19:19 - 2013-12-09 17:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:\ProgramData\Temp:56E2E879

AlternateDataStreams: C:\Users\Nicole\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-3710058852-312542076-3770498964-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Apple Mobile Device Service => 2

MSCONFIG\Services: gupdate => 2

MSCONFIG\Services: gupdatem => 3

MSCONFIG\Services: QBCFMonitorService => 2

MSCONFIG\Services: QBFCService => 3

MSCONFIG\Services: SEVPNCLIENT => 2

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\Services: UmRdpService => 3

MSCONFIG\Services: ZAtheros Bt and Wlan Coex Agent => 2

HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"

HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"

HKLM\...\StartupApproved\Run32: => "Intuit SyncManager"

HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"

HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"

HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"

HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"

HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{0350750C-2D22-4E2A-9009-D55B9E8EA64E}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe

FirewallRules: [{D4FAA23E-8862-4BF5-8482-242C318A02BC}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe

FirewallRules: [{E1B9CB8C-7A48-4C15-B7BB-ED54053811C3}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe

FirewallRules: [{9803F20A-CF5B-4255-A2C8-9D45067A0E14}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe

FirewallRules: [{B29A4620-B191-4A67-85AC-FC93E63223DF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe

FirewallRules: [{072C1A48-7AFD-4D73-9B27-A4C0099A9933}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe

FirewallRules: [{70032886-60D1-4E31-B469-23C01A2FE7E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{3AE77ED9-35C5-4698-B39C-0308ADFF989E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{188B6036-F408-4DD3-B437-4BB692788ECA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{B172239A-AE97-47FD-B430-9F7EF809B217}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{BF4EF8BF-E427-43F0-8AA3-91A42295E967}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{F495F9C2-82DF-4C33-AC14-8CBE38E42B8A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{114BA2E8-8DB2-45E9-8D7F-E7356C846985}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe

FirewallRules: [{7B532F40-99DC-4D3B-860D-527A86A9FB78}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe

FirewallRules: [{5BD1F43F-042F-4837-B62B-6DE2D36964CB}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe

FirewallRules: [{9DEA33EE-2D3B-49C3-BC40-33A16433D879}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe

FirewallRules: [{3D929146-17FB-43DF-A9E9-C7C999D3A778}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe

FirewallRules: [{32057CCB-719D-4EB2-BC4F-3D5EEF7A16DF}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe

FirewallRules: [{7EA03B39-AFC7-46FC-8BFD-90E6B1125073}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe

FirewallRules: [{B768C5AD-C9EA-4A80-81D3-0B460440E773}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe

FirewallRules: [{F7952CB3-23A1-49EE-A30A-DC4E6E96FB97}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe

FirewallRules: [{DE2E4ACE-4C91-4745-8579-22F087A584BF}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe

FirewallRules: [{0BF0C907-BF60-4E95-9D91-DBD10656AB5D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{AB2BA078-8993-4067-8ED6-3436023C5483}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{F1774473-3AB9-4259-8BBB-5695C25DD8AD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe

FirewallRules: [{46E4773C-6901-4D4C-A038-7AFA7F28DE7B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe

FirewallRules: [{2AA6D572-B681-400F-994B-C03ABE95D5A3}] => (Allow) C:\Users\Nicole\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{15E489D2-4874-47AC-B6B0-982C9041725B}] => (Allow) C:\Users\Nicole\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{DE9ED492-BC15-4B3F-9CA8-FBFC07D363DE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{0DB2724E-BBD6-4F62-8465-763AB12BBBBE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{564A4039-5CE5-402F-8AD0-C0C53DDC38B7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{3AF403E8-3F9C-43F7-8EBB-2D9C7CCA54EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{E36DB6A3-604C-49EF-A623-415F159CCC78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{1C5BE3CB-D822-4425-878D-F92CD7821F27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

FirewallRules: [{DD1E1544-E131-4467-B984-17D7B2AF6A0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{0C1807FC-A7B3-41B1-9A13-6A8C4D867CBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{AC745B26-461C-458E-AEE2-30AD8579382B}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{EC404139-5CE5-4212-B930-0E0528ECDA64}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (10/11/2015 10:23:42 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853

Faulting module name: EMODEL.dll, version: 11.0.10240.16515, time stamp: 0x55fa5357

Exception code: 0xc0000409

Fault offset: 0x00000000001127f3

Faulting process id: 0x1e84

Faulting application start time: 0xmicrosoftedgecp.exe0

Faulting application path: microsoftedgecp.exe1

Faulting module path: microsoftedgecp.exe2

Report Id: microsoftedgecp.exe3

Faulting package full name: microsoftedgecp.exe4

Faulting package-relative application ID: microsoftedgecp.exe5

Error: (10/11/2015 10:02:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MEZURASHI)

Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

 

Error: (10/11/2015 01:56:27 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Solitaire.exe, version: 1.0.0.0, time stamp: 0x5604736f

Faulting module name: vorbis.acm, version: 0.0.3.6, time stamp: 0x50a51541

Exception code: 0xc0000005

Fault offset: 0x0000000000001f4f

Faulting process id: 0xa58

Faulting application start time: 0xSolitaire.exe0

Faulting application path: Solitaire.exe1

Faulting module path: Solitaire.exe2

Report Id: Solitaire.exe3

Faulting package full name: Solitaire.exe4

Faulting package-relative application ID: Solitaire.exe5

Error: (10/11/2015 12:54:55 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Solitaire.exe, version: 1.0.0.0, time stamp: 0x5604736f

Faulting module name: vorbis.acm, version: 0.0.3.6, time stamp: 0x50a51541

Exception code: 0xc0000005

Fault offset: 0x0000000000001f4f

Faulting process id: 0x23d8

Faulting application start time: 0xSolitaire.exe0

Faulting application path: Solitaire.exe1

Faulting module path: Solitaire.exe2

Report Id: Solitaire.exe3

Faulting package full name: Solitaire.exe4

Faulting package-relative application ID: Solitaire.exe5

 

Error: (10/11/2015 12:36:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Access is denied.

.

 

Error: (10/11/2015 12:35:46 AM) (Source: VSS) (EventID: 8194) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.

.

This is often caused by incorrect security settings in either the writer or requestor process.

 

Operation:

   Gathering Writer Data

Context:

   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

   Writer Name: System Writer

   Writer Instance ID: {29819576-466c-46e8-9f9d-51baceab2e5c}

 

Error: (10/11/2015 12:19:45 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (10/10/2015 09:54:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MEZURASHI)

Description: Package Microsoft.MicrosoftSolitaireCollection_3.4.9241.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

 

Error: (10/10/2015 09:54:18 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Solitaire.exe, version: 1.0.0.0, time stamp: 0x5604736f

Faulting module name: vorbis.acm, version: 0.0.3.6, time stamp: 0x50a51541

Exception code: 0xc0000005

Fault offset: 0x0000000000001f4f

Faulting process id: 0x3968

Faulting application start time: 0xSolitaire.exe0

Faulting application path: Solitaire.exe1

Faulting module path: Solitaire.exe2

Report Id: Solitaire.exe3

Faulting package full name: Solitaire.exe4

Faulting package-relative application ID: Solitaire.exe5

Error: (10/10/2015 09:35:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Solitaire.exe, version: 1.0.0.0, time stamp: 0x5604736f

Faulting module name: vorbis.acm, version: 0.0.3.6, time stamp: 0x50a51541

Exception code: 0xc0000005

Fault offset: 0x0000000000001f4f

Faulting process id: 0x32a0

Faulting application start time: 0xSolitaire.exe0

Faulting application path: Solitaire.exe1

Faulting module path: Solitaire.exe2

Report Id: Solitaire.exe3

Faulting package full name: Solitaire.exe4

Faulting package-relative application ID: Solitaire.exe5

 

System errors:

=============

Error: (10/11/2015 10:07:52 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)

Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

 

Error: (10/11/2015 10:02:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_Session1 service to connect.

Error: (10/11/2015 10:02:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_Session1 service to connect.

 

Error: (10/11/2015 10:02:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (10/11/2015 10:02:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The User Data Storage_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (10/11/2015 10:02:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Contact Data_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (10/11/2015 10:02:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Sync Host_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (10/11/2015 10:02:46 AM) (Source: DCOM) (EventID: 10010) (User: MEZURASHI)

Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (10/11/2015 08:46:39 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)

Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

 

Error: (10/11/2015 08:42:26 AM) (Source: DCOM) (EventID: 10010) (User: MEZURASHI)

Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

 

==================== Memory info ===========================

 

Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz

Percentage of memory in use: 36%

Total physical RAM: 12171.01 MB

Available physical RAM: 7737.7 MB

Total Virtual: 12939.01 MB

Available Virtual: 7342.46 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:10.65 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive d: (Data) (Fixed) (Total:398.07 GB) (Free:393.57 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 698.6 GB) (Disk ID: BC9EED00)

Partition: GPT.

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-10-2015 02

Ran by Nicole (administrator) on MEZURASHI (11-10-2015 21:14:11)

Running from C:\Users\Nicole\Downloads

Loaded Profiles: Nicole (Available Profiles: Nicole)

Platform: Windows 10 Home (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Edge)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe

(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

(Scarlet.Crush Productions) C:\Users\Nicole\Desktop\ScpServer\bin\ScpService.exe

(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe

(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe

(BitTorrent Inc.) C:\Users\Nicole\AppData\Roaming\uTorrent\uTorrent.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\AsusWSPanel.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16515_none_193ad2148aca4135\MicrosoftEdge.exe

(Microsoft Corporation) C:\Windows\System32\browser_broker.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe

(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

 

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [920280 2015-04-17] (Conexant Systems, Inc.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5199592 2015-10-06] (SoftEther VPN Project at University of Tsukuba, Japan.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)

HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12326768 2015-08-30] (Zemana Ltd.)

HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\ASUSWSLoader.exe [63272 2015-02-12] ()

HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [623880 2008-11-18] (Intuit Inc. All rights reserved.)

HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2066432 2014-10-31] (iSkySoft)

HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)

HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2001920 2014-04-04] (AimerSoft)

HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)

HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

HKLM\...\Policies\Explorer: [NoFolderOptions] 0

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3761424 2014-11-10] (Disc Soft Ltd)

HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {1fb0e669-54f8-11e5-8291-40e23057c958} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL Z:\index.html

HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {3cf6f01c-5c16-11e5-8291-40e23057c958} - "F:\KODAK_Camera_Setup_App.exe"

HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {f19d705a-6dcc-11e5-829a-40e23057c958} - "Y:\Setup.exe"

ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-07-26]

ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2015-03-05]

ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Canada ULC.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-06-13]

ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-07-26]

ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{32cb7938-99ba-456f-a26c-a3f3bd49b2f9}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{d03d179d-f0ae-4322-ba8a-a0cc48c7fcfb}: [DhcpNameServer] 192.168.0.1

 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-3710058852-312542076-3770498964-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-3710058852-312542076-3770498964-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB

SearchScopes: HKLM-x32 -> DefaultScope value is missing

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)

BHO-x32: iSkysoft Video Converter Ultimate 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\PROGRA~3\iSkysoft\VIDEOC~1\WSBROW~1.DLL No File

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

Handler-x32: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll [2011-01-18] (Intuit, Inc.)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 -  No File

FireFox:

========

FF ProfilePath: C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default

FF DefaultSearchEngine: Google

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-21] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-21] ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-05] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)

FF Extension: Adblock Plus Pop-up Addon - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-05-03]

FF Extension: YouTube Video and Audio Downloader - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-05-18]

FF Extension: MP4 Downloader - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-05-18]

FF Extension: UnPlug - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\unplu[email protected] [2015-05-18]

FF Extension: Adblock Plus - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-03]

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\iSkysoft\Video Converter Ultimate\[email protected] => not found

Chrome:

=======

CHR Profile: C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-07]

CHR Extension: (Google Docs) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-07]

CHR Extension: (Google Drive) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-07]

CHR Extension: (YouTube) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-07]

CHR Extension: (Google Search) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-07]

CHR Extension: (Video Downloader professional) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-03-22]

CHR Extension: (Google Play Music) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-08-27]

CHR Extension: (Google Sheets) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-07]

CHR Extension: (Google Docs Offline) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]

CHR Extension: (AdBlock) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-14]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-07]

CHR Extension: (Gmail) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-07]

CHR HKU\S-1-5-21-3710058852-312542076-3770498964-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

Opera:

=======

OPR Extension: (SaveFrom.net helper) - C:\Users\Nicole\AppData\Roaming\Opera Software\Opera Stable\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl [2015-04-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-19] (ASUS Cloud Corporation) [File not signed]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)

R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe [2216208 2014-11-10] (Disc Soft Ltd)

R2 Ds3Service; C:\Users\Nicole\Desktop\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [File not signed]

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)

R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-10-11] (SurfRight B.V.)

R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)

R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)

R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)

S4 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [24576 2011-01-17] (Intuit) [File not signed]

S4 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2008-11-18] (Intuit Inc.) [File not signed]

R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5199592 2015-10-06] (SoftEther VPN Project at University of Tsukuba, Japan.)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12326768 2015-08-30] (Zemana Ltd.)

S4 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [97680 2015-07-28] (ASUS Corporation)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)

S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2015-10-09] (Digiarty Software, Inc.)

S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)

S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)

S3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29864 2015-03-06] (Disc Soft Ltd)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-01-30] (ESET)

R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)

R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-01-30] (ESET)

R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [159480 2015-01-30] (ESET)

R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()

R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )

R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-11] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)

R3 Neo_VPN; C:\Windows\System32\drivers\Neo_VPN.sys [40704 2015-07-02] (SoftEther Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)

R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek                                            )

R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)

R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)

R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [48896 2015-06-13] (SoftEther Corporation)

S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)

R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [109432 2015-10-11] (Zemana Ltd.)

R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [109432 2015-10-11] (Zemana Ltd.)

S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-11 21:14 - 2015-10-11 21:14 - 00028500 _____ C:\Users\Nicole\Downloads\FRST.txt

2015-10-11 21:14 - 2015-10-11 21:14 - 00000000 ____D C:\FRST

2015-10-11 21:13 - 2015-10-11 21:13 - 02195968 _____ (Farbar) C:\Users\Nicole\Downloads\FRST64.exe

2015-10-11 19:42 - 2015-10-11 19:42 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Nicole\Downloads\SpyHunter-Installer.exe

2015-10-11 18:19 - 2015-10-11 18:19 - 00016148 _____ C:\WINDOWS\system32\MEZURASHI_Nicole_HistoryPrediction.bin

2015-10-11 10:07 - 2015-10-11 10:07 - 00146072 _____ (http://x360ce.googlecode.com) C:\Users\Nicole\Desktop\xinput1_3.dll

2015-10-11 10:07 - 2015-10-11 10:07 - 00004278 _____ C:\Users\Nicole\Desktop\x360ce.ini

2015-10-11 09:59 - 2015-10-11 09:59 - 00000000 ____D C:\Users\Nicole\AppData\Local\TempTaskUpdateDetection091E06C7-8EE2-4DE7-9A80-91318CF76556

2015-10-11 09:47 - 2015-10-11 09:47 - 00000000 ____D C:\Users\Nicole\Desktop\ScpServer

2015-10-11 09:47 - 2013-05-19 01:02 - 00039168 _____ (Scarlet.Crush Productions) C:\WINDOWS\system32\Drivers\ScpVBus.sys

2015-10-11 09:47 - 2013-01-07 08:56 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll

2015-10-11 09:46 - 2015-10-11 09:46 - 07878008 _____ (Microsoft Corporation) C:\Users\Nicole\Downloads\Xbox360_64Eng.exe

2015-10-11 09:45 - 2015-10-11 09:47 - 10571443 _____ C:\Users\Nicole\Downloads\SCP-DS-Driver-Package-1.2.0.160.7z

2015-10-11 09:37 - 2015-10-11 09:37 - 00000000 ____D C:\Users\Nicole\Desktop\YanSimOctober11th

2015-10-11 09:01 - 2015-10-11 09:36 - 551856746 _____ C:\Users\Nicole\Downloads\YanSimOctober11th.rar

2015-10-11 08:55 - 2015-10-11 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit

2015-10-11 08:55 - 2015-10-11 08:56 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit

2015-10-11 08:55 - 2015-10-11 08:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit

2015-10-11 08:50 - 2015-10-11 08:52 - 02947874 ____R C:\Users\Nicole\Downloads\Malwarebytes Anti-Exploit Premium 1.06.1.1018 + Serial (menin).zip

2015-10-11 08:50 - 2015-10-11 08:50 - 00004394 _____ C:\Users\Nicole\Downloads\[kat.cr]malwarebytes.anti.exploit.premium.1.06.1.1018.serial.menin.torrent

2015-10-11 00:38 - 2015-10-11 00:38 - 00109432 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys

2015-10-11 00:38 - 2015-10-11 00:38 - 00001219 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk

2015-10-11 00:38 - 2015-10-11 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware

2015-10-11 00:38 - 2015-10-11 00:38 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware

2015-10-11 00:37 - 2015-10-11 00:37 - 00109432 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys

2015-10-11 00:37 - 2015-10-11 00:37 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe

2015-10-11 00:37 - 2015-10-11 00:37 - 00000000 ____D C:\Users\Nicole\AppData\Local\Zemana

2015-10-11 00:22 - 2015-10-11 00:22 - 00001964 _____ C:\Users\Public\Desktop\HitmanPro.lnk

2015-10-11 00:22 - 2015-10-11 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

2015-10-11 00:22 - 2015-10-11 00:22 - 00000000 ____D C:\Program Files\HitmanPro

2015-10-11 00:21 - 2015-10-11 08:51 - 00000000 ____D C:\ProgramData\HitmanPro

2015-10-11 00:17 - 2015-10-11 00:19 - 05078968 _____ ( ) C:\Users\Nicole\Desktop\Zemana.AntiMalware.Setup.exe

2015-10-11 00:15 - 2015-10-11 00:20 - 11336600 _____ (SurfRight B.V.) C:\Users\Nicole\Desktop\HitmanPro_x64.exe

2015-10-11 00:08 - 2015-10-11 00:08 - 00002560 _____ C:\WINDOWS\_MSRSTRT.EXE

2015-10-10 23:05 - 2015-10-10 23:05 - 01519567 _____ C:\Users\Nicole\Downloads\x360ce.zip

2015-10-10 21:30 - 2015-10-10 21:30 - 00000000 ____D C:\Program Files (x86)\ESET

2015-10-10 21:28 - 2015-10-10 21:30 - 02870984 _____ (ESET) C:\Users\Nicole\Downloads\esetsmartinstaller_enu.exe

2015-10-10 17:25 - 2014-04-17 14:02 - 01426178 _____ C:\Users\Nicole\Desktop\adwcleaner.exe

2015-10-09 08:39 - 2015-10-09 08:39 - 00001649 _____ C:\Users\Public\Desktop\Machina of the Planet Tree -Planet Ruler-.lnk

2015-10-09 08:39 - 2015-10-09 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sekai Project

2015-10-09 08:38 - 2015-10-09 08:38 - 00000000 ____D C:\Program Files (x86)\Sekai Project

2015-10-08 17:20 - 2015-10-10 21:14 - 01408836 _____ C:\Users\Nicole\Downloads\Unconfirmed 111654.crdownload

2015-10-08 16:36 - 2015-10-08 16:36 - 10818216 _____ C:\Users\Nicole\Downloads\dap10_full.exe

2015-10-08 09:27 - 2015-10-08 09:27 - 00000000 ____D C:\ProgramData\X360CE

2015-10-08 09:26 - 2015-10-08 09:27 - 01519379 _____ C:\Users\Nicole\Downloads\x360ce_x64.zip

2015-10-08 07:14 - 2015-10-09 18:37 - 00000000 ____D C:\Users\Nicole\Desktop\Games

2015-10-07 21:41 - 2015-10-08 08:46 - 00000000 ____D C:\Users\Nicole\Downloads\YanSimJuly22nd

2015-10-07 19:07 - 2015-10-07 19:07 - 00022266 _____ C:\Users\Nicole\Downloads\yandere.simulator.pc.game.v22-skidrowcodex.torrent

2015-10-07 19:06 - 2015-10-07 19:06 - 00031218 _____ C:\Users\Nicole\Downloads\machina.of.the.planet.tree.planet.ruler.skidrowcodex.torrent

2015-10-07 19:00 - 2015-10-08 06:29 - 00000000 ____D C:\Users\Nicole\Downloads\FINAL.FANTASY.TYPE.0.HD-CODEX

2015-10-07 18:58 - 2015-10-07 18:58 - 00059378 _____ C:\Users\Nicole\Downloads\final.fantasy.type.0.hd.skidrowcodex.torrent

2015-10-07 07:43 - 2015-10-07 07:44 - 00000000 ____D C:\WINDOWS\LastGood.Tmp

2015-10-07 07:43 - 2015-10-02 22:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll

2015-10-07 07:43 - 2015-10-02 22:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll

2015-10-06 21:39 - 2015-10-06 21:39 - 00000000 ____D C:\Users\Nicole\AppData\Local\BetterDS3

2015-10-06 21:38 - 2015-10-06 21:39 - 00759932 _____ C:\Users\Nicole\Downloads\BetterDS3_1.5.3.zip

2015-10-06 21:24 - 2012-05-12 12:31 - 00121416 _____ (MotioninJoy) C:\WINDOWS\system32\Drivers\MijXfilt.sys

2015-10-06 21:24 - 2011-12-07 19:42 - 00074960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb21.sys

2015-10-06 16:46 - 2015-10-06 16:46 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\20701

2015-10-06 13:59 - 2015-10-06 13:59 - 00117990 _____ C:\Users\Nicole\Downloads\dragon age inquisition deluxe edition-cpy.torrent

2015-10-06 13:58 - 2015-10-06 13:58 - 00116970 _____ C:\Users\Nicole\Downloads\Dragon.Age.Inquisition.Deluxe.Edition-CPY-[rarbg.com] (1).torrent

2015-10-06 12:25 - 2015-10-06 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client

2015-10-06 08:39 - 2015-10-06 09:48 - 00000000 ____D C:\Users\Nicole\Downloads\Dragon.Age.Inquisition.Deluxe.Edition-CPY

2015-10-05 20:41 - 2015-10-05 20:41 - 00116970 _____ C:\Users\Nicole\Downloads\Dragon.Age.Inquisition.Deluxe.Edition-CPY-[rarbg.com].torrent

2015-10-03 20:54 - 2015-10-03 20:55 - 00000000 ____D C:\Program Files (x86)\MSECache

2015-10-03 20:06 - 2015-10-03 20:55 - 01483584 _____ (Microsoft Corporation) C:\Users\Nicole\Downloads\WorksConv.exe

2015-10-03 20:06 - 2015-10-03 20:54 - 38808920 _____ (Microsoft Corporation) C:\Users\Nicole\Downloads\FileFormatConverters.exe

2015-10-03 14:02 - 2015-10-07 12:38 - 00000000 ____D C:\Users\Nicole\AppData\Local\CutePDF Writer

2015-10-01 08:58 - 2015-09-24 18:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll

2015-10-01 08:58 - 2015-09-24 18:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll

2015-10-01 08:58 - 2015-09-24 18:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll

2015-10-01 08:58 - 2015-09-24 17:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll

2015-10-01 08:58 - 2015-09-24 17:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll

2015-10-01 08:58 - 2015-09-24 17:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2015-10-01 08:58 - 2015-09-24 17:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

2015-10-01 08:58 - 2015-09-24 17:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2015-10-01 08:58 - 2015-09-24 17:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2015-10-01 08:58 - 2015-09-24 17:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2015-10-01 08:58 - 2015-09-24 17:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2015-10-01 08:58 - 2015-09-24 17:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll

2015-10-01 08:58 - 2015-09-24 17:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll

2015-10-01 08:58 - 2015-09-24 17:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll

2015-10-01 08:58 - 2015-09-24 17:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll

2015-10-01 08:58 - 2015-09-24 17:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2015-10-01 08:58 - 2015-09-24 17:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll

2015-10-01 08:58 - 2015-09-24 17:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll

2015-10-01 08:58 - 2015-09-24 17:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll

2015-10-01 08:58 - 2015-09-24 16:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll

2015-10-01 08:58 - 2015-09-24 16:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2015-10-01 08:58 - 2015-09-24 16:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2015-10-01 08:58 - 2015-09-24 16:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2015-10-01 08:58 - 2015-09-24 16:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

2015-10-01 08:58 - 2015-09-24 16:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll

2015-10-01 08:58 - 2015-09-24 16:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll

2015-10-01 08:58 - 2015-09-24 16:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll

2015-10-01 08:58 - 2015-09-24 16:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll

2015-10-01 08:58 - 2015-09-24 16:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll

2015-10-01 08:58 - 2015-09-24 16:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll

2015-10-01 08:58 - 2015-09-18 23:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll

2015-10-01 08:58 - 2015-09-17 00:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2015-10-01 08:58 - 2015-09-17 00:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

2015-10-01 08:58 - 2015-09-17 00:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2015-10-01 08:58 - 2015-09-17 00:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll

2015-10-01 08:58 - 2015-09-17 00:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-10-01 08:58 - 2015-09-17 00:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2015-10-01 08:58 - 2015-09-17 00:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll

2015-10-01 08:58 - 2015-09-17 00:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys

2015-10-01 08:58 - 2015-09-17 00:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2015-10-01 08:58 - 2015-09-17 00:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2015-10-01 08:58 - 2015-09-17 00:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll

2015-10-01 08:58 - 2015-09-17 00:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2015-10-01 08:58 - 2015-09-17 00:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2015-10-01 08:58 - 2015-09-17 00:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll

2015-10-01 08:58 - 2015-09-17 00:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2015-10-01 08:58 - 2015-09-17 00:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2015-10-01 08:58 - 2015-09-17 00:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2015-10-01 08:58 - 2015-09-17 00:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2015-10-01 08:58 - 2015-09-17 00:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll

2015-10-01 08:58 - 2015-09-17 00:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll

2015-10-01 08:58 - 2015-09-17 00:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2015-10-01 08:58 - 2015-09-17 00:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2015-10-01 08:58 - 2015-09-17 00:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll

2015-10-01 08:58 - 2015-09-17 00:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2015-10-01 08:58 - 2015-09-17 00:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2015-10-01 08:58 - 2015-09-17 00:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys

2015-10-01 08:58 - 2015-09-17 00:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2015-10-01 08:58 - 2015-09-17 00:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2015-10-01 08:58 - 2015-09-17 00:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2015-10-01 08:58 - 2015-09-17 00:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll

2015-10-01 08:58 - 2015-09-17 00:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2015-10-01 08:58 - 2015-09-17 00:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2015-10-01 08:58 - 2015-09-17 00:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll

2015-10-01 08:58 - 2015-09-17 00:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2015-10-01 08:58 - 2015-09-17 00:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2015-10-01 08:58 - 2015-09-17 00:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2015-10-01 08:58 - 2015-09-17 00:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll

2015-10-01 08:58 - 2015-09-17 00:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2015-10-01 08:58 - 2015-09-17 00:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2015-10-01 08:58 - 2015-09-17 00:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll

2015-10-01 08:58 - 2015-09-17 00:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2015-10-01 08:58 - 2015-09-17 00:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll

2015-10-01 08:58 - 2015-09-17 00:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll

2015-10-01 08:58 - 2015-09-17 00:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll

2015-10-01 08:58 - 2015-09-17 00:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2015-10-01 08:58 - 2015-09-17 00:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll

2015-10-01 08:58 - 2015-09-17 00:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll

2015-10-01 08:58 - 2015-09-17 00:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll

2015-10-01 08:58 - 2015-09-17 00:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2015-10-01 08:58 - 2015-09-17 00:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll

2015-10-01 08:58 - 2015-09-17 00:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2015-10-01 08:58 - 2015-09-17 00:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2015-10-01 08:58 - 2015-09-17 00:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll

2015-10-01 08:58 - 2015-09-17 00:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll

2015-10-01 08:58 - 2015-09-17 00:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll

2015-10-01 08:58 - 2015-09-17 00:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll

2015-10-01 08:58 - 2015-09-17 00:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2015-10-01 08:58 - 2015-09-17 00:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll

2015-10-01 08:58 - 2015-09-17 00:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe

2015-10-01 08:58 - 2015-09-17 00:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2015-10-01 08:58 - 2015-09-17 00:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll

2015-10-01 08:58 - 2015-09-17 00:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll

2015-10-01 08:58 - 2015-09-17 00:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll

2015-10-01 08:58 - 2015-09-17 00:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2015-10-01 08:58 - 2015-09-17 00:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll

2015-10-01 08:58 - 2015-09-17 00:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll

2015-10-01 08:58 - 2015-09-17 00:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2015-10-01 08:58 - 2015-09-17 00:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll

2015-10-01 08:58 - 2015-09-17 00:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll

2015-10-01 08:58 - 2015-09-17 00:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll

2015-10-01 08:58 - 2015-09-17 00:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe

2015-10-01 08:58 - 2015-09-17 00:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll

2015-10-01 08:58 - 2015-09-17 00:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-10-01 08:58 - 2015-09-17 00:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2015-10-01 08:58 - 2015-09-17 00:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2015-10-01 08:58 - 2015-09-17 00:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll

2015-10-01 08:58 - 2015-09-17 00:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll

2015-10-01 08:58 - 2015-09-16 23:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll

2015-10-01 08:58 - 2015-09-16 23:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2015-10-01 08:58 - 2015-09-16 23:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll

2015-10-01 08:58 - 2015-09-16 23:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll

2015-10-01 08:58 - 2015-09-16 23:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll

2015-10-01 08:58 - 2015-09-16 23:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2015-10-01 08:58 - 2015-09-16 23:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

2015-10-01 08:58 - 2015-09-16 23:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2015-10-01 08:58 - 2015-09-16 23:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll

2015-10-01 08:58 - 2015-09-16 23:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll

2015-10-01 08:58 - 2015-09-16 23:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2015-10-01 08:58 - 2015-09-16 23:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll

2015-10-01 08:58 - 2015-09-16 23:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll

2015-10-01 08:58 - 2015-09-16 23:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe

2015-10-01 08:58 - 2015-09-16 23:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll

2015-10-01 08:58 - 2015-09-16 23:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2015-10-01 08:58 - 2015-09-16 23:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2015-10-01 08:58 - 2015-09-16 23:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll

2015-10-01 08:58 - 2015-09-16 23:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll

2015-10-01 08:58 - 2015-09-16 23:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll

2015-10-01 08:58 - 2015-09-16 23:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2015-10-01 08:58 - 2015-09-16 23:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2015-10-01 08:58 - 2015-09-16 23:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2015-10-01 08:58 - 2015-09-16 23:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll

2015-10-01 08:58 - 2015-09-16 23:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll

2015-10-01 08:58 - 2015-09-16 23:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll

2015-10-01 08:58 - 2015-09-16 23:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll

2015-10-01 08:58 - 2015-09-16 23:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll

2015-10-01 08:58 - 2015-09-16 23:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2015-10-01 08:58 - 2015-09-16 23:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2015-10-01 08:58 - 2015-09-16 23:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll

2015-10-01 08:58 - 2015-09-16 23:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll

2015-10-01 08:58 - 2015-09-16 23:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2015-10-01 08:58 - 2015-09-16 23:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll

2015-10-01 08:58 - 2015-09-16 23:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll

2015-10-01 08:58 - 2015-09-16 23:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2015-10-01 08:58 - 2015-09-16 23:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

2015-10-01 08:58 - 2015-09-16 23:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys

2015-10-01 08:58 - 2015-09-16 23:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll

2015-10-01 08:58 - 2015-09-16 23:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll

2015-10-01 08:58 - 2015-09-16 23:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys

2015-10-01 08:58 - 2015-09-16 23:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-10-01 08:58 - 2015-09-16 23:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll

2015-10-01 08:58 - 2015-09-16 23:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2015-10-01 08:58 - 2015-09-16 23:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2015-10-01 08:58 - 2015-09-16 23:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll

2015-10-01 08:58 - 2015-09-16 23:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll

2015-10-01 08:58 - 2015-09-16 23:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll

2015-10-01 08:58 - 2015-09-16 23:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll

2015-10-01 08:58 - 2015-09-16 23:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll

2015-10-01 08:58 - 2015-09-16 23:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll

2015-10-01 08:58 - 2015-09-16 23:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll

2015-10-01 08:58 - 2015-09-16 23:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll

2015-10-01 08:58 - 2015-09-16 23:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

2015-10-01 08:58 - 2015-09-16 23:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll

2015-10-01 08:58 - 2015-09-16 23:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll

2015-10-01 08:58 - 2015-09-16 23:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll

2015-10-01 08:58 - 2015-09-16 23:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll

2015-10-01 08:58 - 2015-09-16 23:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2015-10-01 08:58 - 2015-09-16 23:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll

2015-10-01 08:58 - 2015-09-16 23:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll

2015-10-01 08:58 - 2015-09-16 23:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll

2015-10-01 08:58 - 2015-09-16 23:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll

2015-10-01 08:58 - 2015-09-16 23:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2015-10-01 08:58 - 2015-09-16 23:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2015-10-01 08:58 - 2015-09-16 23:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll

2015-10-01 08:58 - 2015-09-16 23:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll

2015-10-01 08:58 - 2015-09-16 23:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe

2015-10-01 08:58 - 2015-09-16 23:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll

2015-10-01 08:58 - 2015-09-16 23:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-10-01 08:58 - 2015-09-16 23:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-10-01 08:58 - 2015-09-16 23:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

2015-10-01 08:58 - 2015-09-16 23:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll

2015-10-01 08:58 - 2015-09-16 23:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll

2015-10-01 08:58 - 2015-09-16 23:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2015-10-01 08:58 - 2015-09-16 23:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll

2015-10-01 08:58 - 2015-09-16 23:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll

2015-10-01 08:58 - 2015-09-16 23:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2015-10-01 08:58 - 2015-09-16 23:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2015-10-01 08:58 - 2015-09-16 23:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll

2015-10-01 08:58 - 2015-09-16 23:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll

2015-10-01 08:58 - 2015-09-16 23:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

2015-10-01 08:58 - 2015-09-16 23:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll

2015-10-01 08:58 - 2015-09-16 23:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2015-10-01 08:58 - 2015-09-16 23:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2015-10-01 08:58 - 2015-09-16 23:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll

2015-10-01 08:58 - 2015-09-16 23:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll

2015-10-01 08:58 - 2015-09-16 23:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2015-10-01 08:58 - 2015-09-16 23:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll

2015-10-01 08:58 - 2015-09-16 23:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2015-10-01 08:58 - 2015-09-16 23:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll

2015-10-01 08:58 - 2015-09-16 23:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2015-10-01 08:58 - 2015-09-16 23:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll

2015-10-01 08:58 - 2015-09-16 23:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll

2015-10-01 08:58 - 2015-09-16 23:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll

2015-10-01 08:58 - 2015-09-16 23:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-10-01 08:58 - 2015-09-16 23:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll

2015-10-01 08:58 - 2015-09-16 23:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll

2015-10-01 08:58 - 2015-09-16 23:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll

2015-10-01 08:58 - 2015-09-16 23:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

2015-10-01 08:58 - 2015-09-16 23:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-10-01 08:58 - 2015-09-16 23:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll

2015-10-01 08:58 - 2015-09-16 23:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll

2015-10-01 08:58 - 2015-09-16 23:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll

2015-10-01 08:58 - 2015-09-16 23:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2015-10-01 08:58 - 2015-09-16 23:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll

2015-10-01 08:58 - 2015-09-16 23:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2015-10-01 08:58 - 2015-09-16 23:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

2015-10-01 08:58 - 2015-09-16 23:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll

2015-10-01 08:58 - 2015-09-16 23:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll

2015-10-01 08:58 - 2015-09-16 23:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2015-10-01 08:58 - 2015-09-16 23:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2015-10-01 08:58 - 2015-09-16 23:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll

2015-10-01 08:58 - 2015-09-16 23:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2015-10-01 08:58 - 2015-09-12 20:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll

2015-10-01 08:58 - 2015-09-12 19:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll

2015-10-01 08:57 - 2015-09-17 00:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll

2015-10-01 08:57 - 2015-09-17 00:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe

2015-10-01 08:57 - 2015-09-17 00:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll

2015-10-01 08:57 - 2015-09-16 23:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll

2015-10-01 08:57 - 2015-09-16 23:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll

2015-10-01 08:57 - 2015-09-16 23:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2015-10-01 08:57 - 2015-09-16 23:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll

2015-10-01 08:57 - 2015-09-16 23:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll

2015-10-01 08:57 - 2015-09-16 23:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2015-10-01 08:34 - 2015-10-01 08:34 - 11384236 _____ C:\Users\Nicole\Downloads\USB_Charger_Plus_Win10_64_VER416.zip

2015-09-30 18:10 - 2015-09-30 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

2015-09-30 18:10 - 2015-09-30 18:10 - 00000000 ____D C:\ProgramData\ESET

2015-09-30 18:10 - 2015-09-30 18:10 - 00000000 ____D C:\Program Files\ESET

2015-09-25 14:45 - 2015-09-25 14:45 - 00327440 _____ C:\WINDOWS\Minidump\092515-32468-01.dmp

2015-09-22 18:22 - 2015-09-22 18:23 - 00336680 _____ C:\WINDOWS\Minidump\092215-39968-01.dmp

2015-09-18 19:31 - 2015-09-18 19:31 - 00000000 ____D C:\Users\Nicole\Documents\Fax

2015-09-18 11:43 - 2015-09-18 11:43 - 01424896 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpwtiop5.dll

2015-09-18 11:43 - 2015-09-18 11:43 - 00979456 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpwwiax6.dll

2015-09-18 11:43 - 2015-09-18 11:43 - 00551424 _____ (Hewlett-Packard) C:\WINDOWS\system32\hppldcoi.dll

2015-09-18 11:43 - 2015-09-18 11:43 - 00503296 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpwvst01.dll

2015-09-18 08:59 - 2015-10-10 22:23 - 00000000 ____D C:\Users\Nicole\Desktop\Photo's for PEEP project

2015-09-16 14:27 - 2015-09-16 14:27 - 00000000 ___RD C:\Users\Nicole\3D Objects

2015-09-16 11:14 - 2015-09-16 11:14 - 00000000 ____D C:\Users\Nicole\AppData\LocalLow\Temp

2015-09-14 11:45 - 2015-09-14 11:45 - 00255839 _____ C:\Users\Nicole\Downloads\Thiaoouba_Prophecy.epub

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-10-11 21:14 - 2015-03-07 09:44 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-10-11 21:14 - 2015-03-05 19:58 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\uTorrent

2015-10-11 20:22 - 2015-04-28 11:42 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-10-11 20:14 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\sru

2015-10-11 17:22 - 2015-07-10 06:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log

2015-10-11 17:22 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\AppReadiness

2015-10-11 17:14 - 2015-03-07 09:44 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-10-11 12:00 - 2015-08-06 12:29 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1

2015-10-11 12:00 - 2015-05-13 12:13 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2

2015-10-11 10:08 - 2015-08-08 01:02 - 00524174 _____ C:\WINDOWS\system32\perfh011.dat

2015-10-11 10:08 - 2015-08-08 01:02 - 00142324 _____ C:\WINDOWS\system32\perfc011.dat

2015-10-11 10:08 - 2015-08-07 23:27 - 01524230 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2015-10-11 10:05 - 2015-08-10 12:31 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture

2015-10-11 10:05 - 2015-06-13 12:34 - 00000000 ____D C:\Program Files\SoftEther VPN Client

2015-10-11 10:05 - 2015-03-05 15:48 - 00000093 _____ C:\Users\Nicole\AppData\Roaming\sp_data.sys

2015-10-11 10:05 - 2014-11-21 19:38 - 02580436 _____ C:\Users\Public\CAFADEBUG.log

2015-10-11 10:04 - 2015-08-07 23:12 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2015-10-11 10:03 - 2015-07-10 06:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2015-10-11 10:03 - 2015-07-10 03:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2015-10-11 08:42 - 2015-08-07 23:14 - 00000000 ____D C:\Users\Nicole

2015-10-11 08:41 - 2015-04-28 11:38 - 00000000 ____D C:\AdwCleaner

2015-10-11 00:09 - 2015-08-07 23:05 - 00017920 _____ C:\WINDOWS\PFRO.log

2015-10-11 00:09 - 2015-03-29 09:00 - 00000000 ____D C:\Program Files (x86)\DAP

2015-10-10 21:46 - 2014-11-21 19:45 - 00000000 ____D C:\ProgramData\Temp

2015-10-10 18:38 - 2015-03-05 17:09 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job

2015-10-09 08:38 - 2015-05-05 11:02 - 00276256 _____ (Digiarty Software, Inc.) C:\WINDOWS\system32\Drivers\DigiartyVirtualCDBus.sys

2015-10-08 09:14 - 2015-03-05 15:49 - 00000000 ___DO C:\Users\Nicole\OneDrive

2015-10-07 07:44 - 2015-08-10 10:55 - 00000000 ____D C:\ProgramData\NVIDIA

2015-10-07 07:21 - 2015-07-10 06:20 - 00030535 _____ C:\WINDOWS\setupact.log

2015-10-06 14:33 - 2015-03-05 15:46 - 00000000 ____D C:\Users\Nicole\AppData\Local\Packages

2015-10-06 12:45 - 2015-08-10 10:51 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

2015-10-06 12:25 - 2015-06-13 12:34 - 00001982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk

2015-10-06 08:39 - 2015-08-07 23:50 - 00002380 _____ C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2015-10-04 14:29 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\rescache

2015-10-04 12:17 - 2015-07-10 05:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12

2015-10-04 12:17 - 2015-07-10 05:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility

2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ___SD C:\WINDOWS\system32\F12

2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog

2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\appraiser

2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\Provisioning

2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\L2Schemas

2015-10-04 12:09 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2015-10-04 07:11 - 2015-08-28 11:06 - 02948760 _____ (TocaEdit) C:\Users\Nicole\Desktop\x360ce_x64.exe

2015-10-04 02:23 - 2015-03-05 15:55 - 01317192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll

2015-10-04 02:23 - 2014-11-21 19:26 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

2015-10-04 02:22 - 2015-03-05 15:55 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll

2015-10-04 02:22 - 2014-11-21 19:26 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

2015-10-03 20:56 - 2014-09-24 06:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

2015-10-03 17:33 - 2015-03-05 16:32 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\vlc

2015-10-02 22:58 - 2015-08-10 10:51 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2015-10-02 22:58 - 2015-08-10 10:51 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2015-10-02 22:58 - 2015-08-10 10:51 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb

2015-10-02 20:38 - 2015-08-10 10:52 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2015-10-02 20:38 - 2015-08-10 10:52 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2015-10-02 20:38 - 2015-08-10 10:52 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2015-10-02 20:38 - 2015-08-10 10:52 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

2015-10-02 20:38 - 2015-08-10 10:52 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2015-10-02 20:38 - 2015-08-10 10:52 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2015-10-02 20:38 - 2015-08-10 10:52 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2015-10-02 20:38 - 2015-08-10 10:52 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2015-10-01 15:50 - 2015-07-10 04:55 - 00000000 ____D C:\WINDOWS\CbsTemp

2015-10-01 09:22 - 2014-09-24 06:20 - 00000000 ____D C:\Program Files (x86)\ASUS

2015-10-01 09:09 - 2014-11-21 19:41 - 00003104 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus

2015-10-01 09:09 - 2014-09-24 06:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS

2015-10-01 08:44 - 2015-03-05 16:09 - 00003942 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1425593172

2015-10-01 08:44 - 2015-03-05 16:06 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

2015-10-01 08:44 - 2015-03-05 16:06 - 00000000 ____D C:\Program Files (x86)\Opera

2015-10-01 03:30 - 2015-08-10 10:52 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin

2015-09-28 12:14 - 2015-03-05 17:09 - 00004030 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier

2015-09-25 14:45 - 2015-08-10 10:19 - 00000000 ____D C:\WINDOWS\Minidump

2015-09-25 14:45 - 2015-08-10 10:18 - 1152312934 _____ C:\WINDOWS\MEMORY.DMP

2015-09-25 12:58 - 2015-03-05 19:26 - 00000000 ____D C:\Program Files\Microsoft Office 15

2015-09-22 18:35 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\NDF

2015-09-22 18:26 - 2015-07-10 06:20 - 00311144 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2015-09-22 18:24 - 2015-07-10 07:14 - 00000000 ____D C:\Program Files\Windows Journal

2015-09-19 19:30 - 2015-04-06 10:59 - 00000000 ____D C:\Users\Nicole\Documents\emWave

2015-09-15 17:09 - 2015-03-07 09:44 - 00003984 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2015-09-15 17:09 - 2015-03-07 09:44 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2015-09-15 10:12 - 2015-07-10 05:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-09-15 10:12 - 2015-07-10 05:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-09-14 11:54 - 2015-03-07 09:44 - 00000000 ____D C:\Users\Nicole\AppData\Local\Google

2015-09-13 15:34 - 2015-03-06 03:43 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-09-13 15:34 - 2015-03-05 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

2015-09-13 15:30 - 2015-03-05 16:41 - 00000000 ____D C:\WINDOWS\system32\MRT

==================== Files in the root of some directories =======

2015-05-03 10:53 - 2015-05-03 11:17 - 0000798 _____ () C:\Users\Nicole\AppData\Roaming\burnaware.ini

2015-03-05 15:48 - 2015-10-11 10:05 - 0000093 _____ () C:\Users\Nicole\AppData\Roaming\sp_data.sys

2015-05-05 13:03 - 2015-05-05 13:03 - 0008704 _____ () C:\Users\Nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-09-24 06:20 - 2012-09-07 05:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd

2014-09-24 06:20 - 2009-07-22 04:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

2014-09-24 06:20 - 2012-09-07 05:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

 

Files to move or delete:

====================

C:\ProgramData\SetStretch.VBS

 

Some files in TEMP:

====================

C:\Users\Nicole\AppData\Local\Temp\cabex.dll

C:\Users\Nicole\AppData\Local\Temp\DAPREMOVE.EXE

C:\Users\Nicole\AppData\Local\Temp\Foxit PhantomPDF Updater.exe

C:\Users\Nicole\AppData\Local\Temp\FoxitUpdater.exe

C:\Users\Nicole\AppData\Local\Temp\Quarantine.exe

C:\Users\Nicole\AppData\Local\Temp\RunWizards.exe

C:\Users\Nicole\AppData\Local\Temp\SetupUtils6.dll

C:\Users\Nicole\AppData\Local\Temp\xyuh0jnw.dll

 

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

 

LastRegBack: 2015-10-03 00:20

 

==================== End of FRST.txt ============================

 

 

Blessings,

 

Nicole


Edited by Destiny000, 18 October 2015 - 12:37 AM.

  • 0

Advertisements


#2
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

Needed to update the severity of this. I can barely click on anything even off but on the browser itself and pop up tabs keep being created, I could barely get here to even type this in.

 

The infection may be worse than I thought since I have just found out someone tried to use my credit card for various purchases online. I could really use some help asap before things get even worse please. My job requires the use of my laptop. So I can't really not use it either. I also do a lot of online shopping.

 

Please help someone!


Edited by Destiny000, 13 October 2015 - 03:47 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP