This topic is locked
Hello I have something going on with the browser which i think it installed itself with another program i was trying out to get my ps3 controller to work and emulate a 360 controller on windows 10.
I have malwarebytes premium and ESET antivirus. I also have anti exploit.
Malwarebytes has been doing its best to block it consistently from the computer itself, it constantly pops up and tells me that it has blocked usg.spiessummarising.com
I get pop ups opening up in all my browsers now as well. I have used what I already have on my computer plus awdcleaner, zenmana anti malware, and hitman to scan and clean and done many restarts and it is still plaguing me. -sigh-
I am now also getting reimagplus.com coming up as well.
Help would be greatly appreciated. And I thank you in advance.
I have a laptop Windows 10 Asus.
Needed to update the severity of this. I can barely click on anything even off but on the browser itself and pop up tabs keep being created, I could barely get here to even type this in.
The infection may be worse than I thought since I have just found out someone tried to use my credit card for various purchases online. I could really use some help asap before things get even worse please. My job requires the use of my laptop. So I can't really not use it either. I also do a lot of online shopping.
Please help someone!
Ran by Nicole (2015-10-11 21:15:15)
Running from C:\Users\Nicole\DownloadsWindows 10 Home (X64) (2015-08-08 05:46:42)
Boot Mode: Normal==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3710058852-312542076-3770498964-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3710058852-312542076-3770498964-503 - Limited - Disabled)
Guest (S-1-5-21-3710058852-312542076-3770498964-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-3710058852-312542076-3770498964-1003 - Limited - Enabled)
Nicole (S-1-5-21-3710058852-312542076-3770498964-1001 - Administrator - Enabled) => C:\Users\Nicole==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )Active@ DVD Eraser v 1.1 (HKLM-x32\...\Active@ DVD Eraser v 1.1) (Version: - )
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Aimersoft DVD Creator(Build 3.0.0) (HKLM-x32\...\Aimersoft DVD Creator_is1) (Version: - Aimersoft Software)Any Video Converter Ultimate 5.8.0 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)AVS Disc Creator 5.2 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.3.533 - Online Media Technologies Ltd.)
AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.3.572 - Online Media Technologies Ltd.)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.60 - Conexant)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: - )DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 6.0.0.0444 - Disc Soft Ltd)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVDFab 9.1.9.5 (28/03/2015) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)emWave2 (HKLM-x32\...\emWave23.3.0.7385) (Version: 3.3.0.7385 - Heartmath Inc.)
ESET NOD32 Antivirus (HKLM\...\{5F2AE448-CD4B-40BD-B245-5F0CD06A09B0}) (Version: 8.0.319.0 - ESET, spol s r. o.)ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Express Zip File Compression (HKLM-x32\...\ExpressZip) (Version: 2.33 - NCH Software)FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)Foxit PhantomPDF (HKLM-x32\...\{045A0488-55C1-45B1-9992-4B4134904D61}) (Version: 7.0.59.127 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.10.250 - SurfRight B.V.)IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)Machina of the Planet Tree -Planet Ruler- (HKLM-x32\...\Machina of the Planet Tree -Planet Ruler-_is1) (Version: - )
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)Microsoft Visio Professional 2013 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)Moon Planting Matrix (HKLM-x32\...\{B1FCFDBC-C876-4909-A26A-40AF94A24DEC}) (Version: 1.2.9 - Divine Inspirations)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)NVIDIA Graphics Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) HiddenOffice 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)Outils de vérification linguistique 2013 de Microsoft Office
- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hiddenpaint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - )PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickBooks (x32 Version: 19.0.4007.1091 - Intuit Canada Limited) HiddenQuickBooks Premier: Retail Edition 2010 (HKLM-x32\...\{69CAC0F3-5CA1-4AFB-8DF9-BD982998B36F}) (Version: 19.0.4007.1091 - Intuit Canada Limited)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) HiddenSkype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.17.9562 - SoftEther VPN Project)
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft) 
Walkman Video Converter 6.1.50 (HKLM-x32\...\{148E1C03-9ED1-4194-845E-159DE3ABC6A1}_is1) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.0.496 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse (06/17/2015 6.0.0.66) (HKLM\...\1EFB54678773735560B565BE7FA6F2BCC557EE21) (Version: 06/17/2015 6.0.0.66 - ASUS)WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinX DVD Copy Pro 3.6.4 (HKLM\...\WinX DVD Copy Pro_is1) (Version: - Digiarty Software,Inc.)WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.17.116 - Zemana Ltd.)==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3710058852-312542076-3770498964-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
==================== Restore Points =========================
03-10-2015 20:55:11 Installed Compatibility Pack for the 2007 Office system
06-10-2015 21:51:54 Device Driver Package Install: www.MotioninJoy.com Xbox 360 Peripherals
11-10-2015 00:35:46 Checkpoint by HitmanPro==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:25 - 2015-10-08 09:14 - 00002291 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0127.0.0.1 0.0.0.0.0
127.0.0.1 m.fr.a2dfp.net127.0.0.1 mfr.a2dfp.net
127.0.0.1 ad.a8.net127.0.0.1 asy.a8ww.net
127.0.0.1 static.a-ads.com127.0.0.1 atlas.aamedia.ro
127.0.0.1 abcstats.com127.0.0.1 ad4.abradio.cz
127.0.0.1 a.abv.bg127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com127.0.0.1 achmedia.com
127.0.0.1 csh.actiondesk.com127.0.0.1 ads.activepower.net
There are 49 more lines.
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B2C65C5-B238-4539-9B2C-456DABC2F2F2} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {1B83B88D-BA1C-44D2-BFA1-9D502EAAC87B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {346A2358-43A1-4831-B03F-176809137239} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-28] (AsusTek)Task: {34ABDD7D-5EC9-4285-A962-66E3671FBF55} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {37650F05-D8CC-406E-92FC-8DF135C67167} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTIONTask: {3EF5203D-6C47-4DC6-B8C5-7CCE931C9FE9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4237E065-8F05-4F5B-A0FA-09240BF6B870} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)Task: {44BC47FE-C3CC-429E-A5AE-7C35B1CC70EE} - System32\Tasks\{813BEEC4-B47C-4699-83E2-298AEB1C537F} => pcalua.exe -a C:\Users\Nicole\Desktop\VoiceTrap.DX\VoiceTrapX20.exe -d C:\Users\Nicole\Desktop\VoiceTrap.DX
Task: {45B8E168-1746-458C-931A-E0F7ABD39DE0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTIONTask: {4C946DC1-674A-43F0-8AD1-23A863D0B31A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5C6728C7-2F34-42C4-B12A-798BC9E19E13} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)Task: {5FB47C19-5BBC-449B-B930-7010584F9622} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe [2015-09-28] (Adobe Systems Incorporated)
Task: {636A5AE5-03FA-43F0-9354-F59A64C47C8D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {6669161F-378F-44A0-AB38-98A28F48491F} - System32\Tasks\Opera scheduled Autoupdate 1425593172 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {740E3964-5E37-4E44-B33E-E6E7BF0420F1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTIONTask: {7FAA9B83-9BD9-4192-8CC7-38AACB5D4BCD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {80D433EC-5049-4257-B93C-8A5B20834063} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTIONTask: {82CBBDA3-180A-457F-B61B-1F610596AF79} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
Task: {887C4DEE-3A9D-4A42-B5AB-D7ABAC2DE868} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)Task: {9522577D-465C-4B4A-A764-0F9084C5E6B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-09-11] (Microsoft Corporation)
Task: {A25DC04E-9932-43EA-8DB9-EBB63AD442D3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTIONTask: {B281C24A-AD29-4D9B-8BAF-D82E75DF22DC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {B2A625E7-6F2F-4ED1-990B-4663FE77020F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)Task: {BB830F2F-6CB2-4314-8AF2-0A6428BF419E} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {C6D8576B-E43B-4559-BC3A-D81C6EFD41F7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTIONTask: {DDA79EC7-7A0B-4596-BC16-92E98774E71D} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {DF4BE3FB-3027-470E-B39C-EC9A901D6F79} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTIONTask: {E169EA53-F667-4FBD-97C3-09E8743C9596} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-09-11] (Microsoft Corporation)
Task: {E8572983-88DD-43F3-908B-019B4129D9FD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exeTask: {ED30295E-89A2-4452-BBE5-BE728557C909} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-10 05:00 - 2015-07-10 05:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-10 21:51 - 2015-07-14 20:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll2015-08-10 10:52 - 2015-10-02 20:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-05 19:03 - 2012-03-11 15:56 - 00086608 _____ () C:\WINDOWS\System32\cpwmon64.dll2015-08-19 12:38 - 2015-08-11 03:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-05 19:26 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll2015-10-01 08:58 - 2015-09-17 00:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll2015-09-15 17:46 - 2015-08-11 21:15 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-10-11 00:38 - 2015-10-11 00:38 - 00118640 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll2015-10-01 08:58 - 2015-09-16 23:44 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 08:58 - 2015-09-16 23:42 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll2015-10-01 08:58 - 2015-09-16 23:42 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 08:58 - 2015-09-16 23:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll2015-07-10 05:00 - 2015-07-10 07:14 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-10-01 08:58 - 2015-09-16 23:43 - 02028544 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll2015-10-01 08:58 - 2015-09-16 23:42 - 00619008 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-10-01 08:58 - 2015-09-16 23:43 - 00928768 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll2015-10-03 15:14 - 2015-10-03 15:14 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-10-03 15:14 - 2015-10-03 15:14 - 10814464 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll2015-10-01 08:58 - 2015-09-16 23:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll2014-04-02 16:46 - 2014-04-02 16:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll2014-04-02 16:46 - 2014-04-02 16:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2015-06-01 18:29 - 2015-10-04 02:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll2014-11-21 19:19 - 2013-12-09 17:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\Nicole\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: gupdate => 2MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: QBCFMonitorService => 2MSCONFIG\Services: QBFCService => 3
MSCONFIG\Services: SEVPNCLIENT => 2MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: UmRdpService => 3MSCONFIG\Services: ZAtheros Bt and Wlan Coex Agent => 2
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKLM\...\StartupApproved\Run32: => "Intuit SyncManager"HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0350750C-2D22-4E2A-9009-D55B9E8EA64E}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exeFirewallRules: [{D4FAA23E-8862-4BF5-8482-242C318A02BC}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{E1B9CB8C-7A48-4C15-B7BB-ED54053811C3}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exeFirewallRules: [{9803F20A-CF5B-4255-A2C8-9D45067A0E14}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{B29A4620-B191-4A67-85AC-FC93E63223DF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exeFirewallRules: [{072C1A48-7AFD-4D73-9B27-A4C0099A9933}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{70032886-60D1-4E31-B469-23C01A2FE7E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{3AE77ED9-35C5-4698-B39C-0308ADFF989E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{188B6036-F408-4DD3-B437-4BB692788ECA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{B172239A-AE97-47FD-B430-9F7EF809B217}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BF4EF8BF-E427-43F0-8AA3-91A42295E967}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{F495F9C2-82DF-4C33-AC14-8CBE38E42B8A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{114BA2E8-8DB2-45E9-8D7F-E7356C846985}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exeFirewallRules: [{7B532F40-99DC-4D3B-860D-527A86A9FB78}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{5BD1F43F-042F-4837-B62B-6DE2D36964CB}] => (Allow) C:\Program Files\KMSpico\AutoPico.exeFirewallRules: [{9DEA33EE-2D3B-49C3-BC40-33A16433D879}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{3D929146-17FB-43DF-A9E9-C7C999D3A778}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exeFirewallRules: [{32057CCB-719D-4EB2-BC4F-3D5EEF7A16DF}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{7EA03B39-AFC7-46FC-8BFD-90E6B1125073}] => (Allow) C:\Program Files\KMSpico\AutoPico.exeFirewallRules: [{B768C5AD-C9EA-4A80-81D3-0B460440E773}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{F7952CB3-23A1-49EE-A30A-DC4E6E96FB97}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exeFirewallRules: [{DE2E4ACE-4C91-4745-8579-22F087A584BF}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{0BF0C907-BF60-4E95-9D91-DBD10656AB5D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exeFirewallRules: [{AB2BA078-8993-4067-8ED6-3436023C5483}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F1774473-3AB9-4259-8BBB-5695C25DD8AD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exeFirewallRules: [{46E4773C-6901-4D4C-A038-7AFA7F28DE7B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{2AA6D572-B681-400F-994B-C03ABE95D5A3}] => (Allow) C:\Users\Nicole\AppData\Roaming\uTorrent\uTorrent.exeFirewallRules: [{15E489D2-4874-47AC-B6B0-982C9041725B}] => (Allow) C:\Users\Nicole\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DE9ED492-BC15-4B3F-9CA8-FBFC07D363DE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeFirewallRules: [{0DB2724E-BBD6-4F62-8465-763AB12BBBBE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{564A4039-5CE5-402F-8AD0-C0C53DDC38B7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exeFirewallRules: [{3AF403E8-3F9C-43F7-8EBB-2D9C7CCA54EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E36DB6A3-604C-49EF-A623-415F159CCC78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeFirewallRules: [{1C5BE3CB-D822-4425-878D-F92CD7821F27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DD1E1544-E131-4467-B984-17D7B2AF6A0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exeFirewallRules: [{0C1807FC-A7B3-41B1-9A13-6A8C4D867CBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AC745B26-461C-458E-AEE2-30AD8579382B}] => (Allow) C:\Program Files\iTunes\iTunes.exeFirewallRules: [{EC404139-5CE5-4212-B930-0E0528ECDA64}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/11/2015 10:23:42 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853
Faulting module name: EMODEL.dll, version: 11.0.10240.16515, time stamp: 0x55fa5357Exception code: 0xc0000409
Fault offset: 0x00000000001127f3Faulting process id: 0x1e84
Faulting application start time: 0xmicrosoftedgecp.exe0Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4Faulting package-relative application ID: microsoftedgecp.exe5
Error: (10/11/2015 10:02:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MEZURASHI)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.Error: (10/11/2015 01:56:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Solitaire.exe, version: 1.0.0.0, time stamp: 0x5604736f
Faulting module name: vorbis.acm, version: 0.0.3.6, time stamp: 0x50a51541Exception code: 0xc0000005
Fault offset: 0x0000000000001f4fFaulting process id: 0xa58
Faulting application start time: 0xSolitaire.exe0Faulting application path: Solitaire.exe1
Faulting module path: Solitaire.exe2Report Id: Solitaire.exe3
Faulting package full name: Solitaire.exe4Faulting package-relative application ID: Solitaire.exe5
Error: (10/11/2015 12:54:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Solitaire.exe, version: 1.0.0.0, time stamp: 0x5604736fFaulting module name: vorbis.acm, version: 0.0.3.6, time stamp: 0x50a51541
Exception code: 0xc0000005Fault offset: 0x0000000000001f4f
Faulting process id: 0x23d8Faulting application start time: 0xSolitaire.exe0
Faulting application path: Solitaire.exe1Faulting module path: Solitaire.exe2
Report Id: Solitaire.exe3Faulting package full name: Solitaire.exe4
Faulting package-relative application ID: Solitaire.exe5Error: (10/11/2015 12:36:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.System Error:
Access is denied.
.Error: (10/11/2015 12:35:46 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}Writer Name: System Writer
Writer Instance ID: {29819576-466c-46e8-9f9d-51baceab2e5c}Error: (10/11/2015 12:19:45 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Error: (10/10/2015 09:54:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MEZURASHI)
Description: Package Microsoft.MicrosoftSolitaireCollection_3.4.9241.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.Error: (10/10/2015 09:54:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Solitaire.exe, version: 1.0.0.0, time stamp: 0x5604736f
Faulting module name: vorbis.acm, version: 0.0.3.6, time stamp: 0x50a51541Exception code: 0xc0000005
Fault offset: 0x0000000000001f4fFaulting process id: 0x3968
Faulting application start time: 0xSolitaire.exe0Faulting application path: Solitaire.exe1
Faulting module path: Solitaire.exe2Report Id: Solitaire.exe3
Faulting package full name: Solitaire.exe4Faulting package-relative application ID: Solitaire.exe5
Error: (10/10/2015 09:35:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Solitaire.exe, version: 1.0.0.0, time stamp: 0x5604736fFaulting module name: vorbis.acm, version: 0.0.3.6, time stamp: 0x50a51541
Exception code: 0xc0000005Fault offset: 0x0000000000001f4f
Faulting process id: 0x32a0Faulting application start time: 0xSolitaire.exe0
Faulting application path: Solitaire.exe1Faulting module path: Solitaire.exe2
Report Id: Solitaire.exe3Faulting package full name: Solitaire.exe4
Faulting package-relative application ID: Solitaire.exe5
System errors:
=============Error: (10/11/2015 10:07:52 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}Error: (10/11/2015 10:02:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_Session1 service to connect.
Error: (10/11/2015 10:02:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_Session1 service to connect.Error: (10/11/2015 10:02:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (10/11/2015 10:02:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.Error: (10/11/2015 10:02:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (10/11/2015 10:02:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.Error: (10/11/2015 10:02:46 AM) (Source: DCOM) (EventID: 10010) (User: MEZURASHI)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (10/11/2015 08:46:39 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}Error: (10/11/2015 08:42:26 AM) (Source: DCOM) (EventID: 10010) (User: MEZURASHI)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
==================== Memory info ===========================
Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 36%
Total physical RAM: 12171.01 MBAvailable physical RAM: 7737.7 MB
Total Virtual: 12939.01 MBAvailable Virtual: 7342.46 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:10.65 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:398.07 GB) (Free:393.57 GB) NTFS==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: BC9EED00)
Partition: GPT.
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-10-2015 02Ran by Nicole (administrator) on MEZURASHI (11-10-2015 21:14:11)
Running from C:\Users\Nicole\DownloadsLoaded Profiles: Nicole (Available Profiles: Nicole)
Platform: Windows 10 Home (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe(Scarlet.Crush Productions) C:\Users\Nicole\Desktop\ScpServer\bin\ScpService.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(BitTorrent Inc.) C:\Users\Nicole\AppData\Roaming\uTorrent\uTorrent.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\AsusWSPanel.exe(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16515_none_193ad2148aca4135\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-microsoftedge_31bf3856ad364e35_10.0.10240.16463_none_19395c168acbadb5\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [920280 2015-04-17] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5199592 2015-10-06] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12326768 2015-08-30] (Zemana Ltd.)HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\ASUSWSLoader.exe [63272 2015-02-12] ()
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [623880 2008-11-18] (Intuit Inc. All rights reserved.)HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2066432 2014-10-31] (iSkySoft)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exeHKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2001920 2014-04-04] (AimerSoft)HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exeHKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3761424 2014-11-10] (Disc Soft Ltd)
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {1fb0e669-54f8-11e5-8291-40e23057c958} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL Z:\index.htmlHKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {3cf6f01c-5c16-11e5-8291-40e23057c958} - "F:\KODAK_Camera_Setup_App.exe"
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {f19d705a-6dcc-11e5-829a-40e23057c958} - "Y:\Setup.exe"ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-07-26]ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2015-03-05]ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Canada ULC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-06-13]ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-07-26]ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{32cb7938-99ba-456f-a26c-a3f3bd49b2f9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d03d179d-f0ae-4322-ba8a-a0cc48c7fcfb}: [DhcpNameServer] 192.168.0.1Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-3710058852-312542076-3770498964-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJBSearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)BHO-x32: iSkysoft Video Converter Ultimate 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\PROGRA~3\iSkysoft\VIDEOC~1\WSBROW~1.DLL No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cabHandler-x32: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll [2011-01-18] (Intuit, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File
FireFox:
========FF ProfilePath: C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default
FF DefaultSearchEngine: GoogleFF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-21] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-21] ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-05] (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)FF Extension: Adblock Plus Pop-up Addon - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-05-03]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-05-18]FF Extension: MP4 Downloader - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-05-18]
FF Extension: UnPlug - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-05-18]FF Extension: Adblock Plus - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-03]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\iSkysoft\Video Converter Ultimate\[email protected] => not found
Chrome:
=======CHR Profile: C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-07]CHR Extension: (Google Docs) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-07]
CHR Extension: (Google Drive) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-07]CHR Extension: (YouTube) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-07]
CHR Extension: (Google Search) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-07]CHR Extension: (Video Downloader professional) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-03-22]
CHR Extension: (Google Play Music) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-08-27]CHR Extension: (Google Sheets) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-07]
CHR Extension: (Google Docs Offline) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]CHR Extension: (AdBlock) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-07]CHR Extension: (Gmail) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-07]
CHR HKU\S-1-5-21-3710058852-312542076-3770498964-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
Opera:
=======OPR Extension: (SaveFrom.net helper) - C:\Users\Nicole\AppData\Roaming\Opera Software\Opera Stable\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl [2015-04-25]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-19] (ASUS Cloud Corporation) [File not signed]R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe [2216208 2014-11-10] (Disc Soft Ltd)R2 Ds3Service; C:\Users\Nicole\Desktop\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-10-11] (SurfRight B.V.)R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)S4 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [24576 2011-01-17] (Intuit) [File not signed]
S4 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2008-11-18] (Intuit Inc.) [File not signed]R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5199592 2015-10-06] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12326768 2015-08-30] (Zemana Ltd.)S4 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.)R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [97680 2015-07-28] (ASUS Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2015-10-09] (Digiarty Software, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29864 2015-03-06] (Disc Soft Ltd)R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-01-30] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-01-30] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [159480 2015-01-30] (ESET)R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
R3 Neo_VPN; C:\Windows\System32\drivers\Neo_VPN.sys [40704 2015-07-02] (SoftEther Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [48896 2015-06-13] (SoftEther Corporation)S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [109432 2015-10-11] (Zemana Ltd.)R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [109432 2015-10-11] (Zemana Ltd.)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-11 21:14 - 2015-10-11 21:14 - 00028500 _____ C:\Users\Nicole\Downloads\FRST.txt
2015-10-11 21:14 - 2015-10-11 21:14 - 00000000 ____D C:\FRST2015-10-11 21:13 - 2015-10-11 21:13 - 02195968 _____ (Farbar) C:\Users\Nicole\Downloads\FRST64.exe
2015-10-11 19:42 - 2015-10-11 19:42 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Nicole\Downloads\SpyHunter-Installer.exe2015-10-11 18:19 - 2015-10-11 18:19 - 00016148 _____ C:\WINDOWS\system32\MEZURASHI_Nicole_HistoryPrediction.bin
2015-10-11 10:07 - 2015-10-11 10:07 - 00146072 _____ (http://x360ce.googlecode.com) C:\Users\Nicole\Desktop\xinput1_3.dll2015-10-11 10:07 - 2015-10-11 10:07 - 00004278 _____ C:\Users\Nicole\Desktop\x360ce.ini
2015-10-11 09:59 - 2015-10-11 09:59 - 00000000 ____D C:\Users\Nicole\AppData\Local\TempTaskUpdateDetection091E06C7-8EE2-4DE7-9A80-91318CF765562015-10-11 09:47 - 2015-10-11 09:47 - 00000000 ____D C:\Users\Nicole\Desktop\ScpServer
2015-10-11 09:47 - 2013-05-19 01:02 - 00039168 _____ (Scarlet.Crush Productions) C:\WINDOWS\system32\Drivers\ScpVBus.sys2015-10-11 09:47 - 2013-01-07 08:56 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2015-10-11 09:46 - 2015-10-11 09:46 - 07878008 _____ (Microsoft Corporation) C:\Users\Nicole\Downloads\Xbox360_64Eng.exe2015-10-11 09:45 - 2015-10-11 09:47 - 10571443 _____ C:\Users\Nicole\Downloads\SCP-DS-Driver-Package-1.2.0.160.7z
2015-10-11 09:37 - 2015-10-11 09:37 - 00000000 ____D C:\Users\Nicole\Desktop\YanSimOctober11th2015-10-11 09:01 - 2015-10-11 09:36 - 551856746 _____ C:\Users\Nicole\Downloads\YanSimOctober11th.rar
2015-10-11 08:55 - 2015-10-11 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit2015-10-11 08:55 - 2015-10-11 08:56 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-10-11 08:55 - 2015-10-11 08:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit2015-10-11 08:50 - 2015-10-11 08:52 - 02947874 ____R C:\Users\Nicole\Downloads\Malwarebytes Anti-Exploit Premium 1.06.1.1018 + Serial (menin).zip
2015-10-11 08:50 - 2015-10-11 08:50 - 00004394 _____ C:\Users\Nicole\Downloads\[kat.cr]malwarebytes.anti.exploit.premium.1.06.1.1018.serial.menin.torrent2015-10-11 00:38 - 2015-10-11 00:38 - 00109432 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2015-10-11 00:38 - 2015-10-11 00:38 - 00001219 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk2015-10-11 00:38 - 2015-10-11 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2015-10-11 00:38 - 2015-10-11 00:38 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware2015-10-11 00:37 - 2015-10-11 00:37 - 00109432 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2015-10-11 00:37 - 2015-10-11 00:37 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe2015-10-11 00:37 - 2015-10-11 00:37 - 00000000 ____D C:\Users\Nicole\AppData\Local\Zemana
2015-10-11 00:22 - 2015-10-11 00:22 - 00001964 _____ C:\Users\Public\Desktop\HitmanPro.lnk2015-10-11 00:22 - 2015-10-11 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-10-11 00:22 - 2015-10-11 00:22 - 00000000 ____D C:\Program Files\HitmanPro2015-10-11 00:21 - 2015-10-11 08:51 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-11 00:17 - 2015-10-11 00:19 - 05078968 _____ ( ) C:\Users\Nicole\Desktop\Zemana.AntiMalware.Setup.exe2015-10-11 00:15 - 2015-10-11 00:20 - 11336600 _____ (SurfRight B.V.) C:\Users\Nicole\Desktop\HitmanPro_x64.exe
2015-10-11 00:08 - 2015-10-11 00:08 - 00002560 _____ C:\WINDOWS\_MSRSTRT.EXE2015-10-10 23:05 - 2015-10-10 23:05 - 01519567 _____ C:\Users\Nicole\Downloads\x360ce.zip
2015-10-10 21:30 - 2015-10-10 21:30 - 00000000 ____D C:\Program Files (x86)\ESET2015-10-10 21:28 - 2015-10-10 21:30 - 02870984 _____ (ESET) C:\Users\Nicole\Downloads\esetsmartinstaller_enu.exe
2015-10-10 17:25 - 2014-04-17 14:02 - 01426178 _____ C:\Users\Nicole\Desktop\adwcleaner.exe2015-10-09 08:39 - 2015-10-09 08:39 - 00001649 _____ C:\Users\Public\Desktop\Machina of the Planet Tree -Planet Ruler-.lnk
2015-10-09 08:39 - 2015-10-09 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sekai Project2015-10-09 08:38 - 2015-10-09 08:38 - 00000000 ____D C:\Program Files (x86)\Sekai Project
2015-10-08 17:20 - 2015-10-10 21:14 - 01408836 _____ C:\Users\Nicole\Downloads\Unconfirmed 111654.crdownload2015-10-08 16:36 - 2015-10-08 16:36 - 10818216 _____ C:\Users\Nicole\Downloads\dap10_full.exe
2015-10-08 09:27 - 2015-10-08 09:27 - 00000000 ____D C:\ProgramData\X360CE2015-10-08 09:26 - 2015-10-08 09:27 - 01519379 _____ C:\Users\Nicole\Downloads\x360ce_x64.zip
2015-10-08 07:14 - 2015-10-09 18:37 - 00000000 ____D C:\Users\Nicole\Desktop\Games2015-10-07 21:41 - 2015-10-08 08:46 - 00000000 ____D C:\Users\Nicole\Downloads\YanSimJuly22nd
2015-10-07 19:07 - 2015-10-07 19:07 - 00022266 _____ C:\Users\Nicole\Downloads\yandere.simulator.pc.game.v22-skidrowcodex.torrent2015-10-07 19:06 - 2015-10-07 19:06 - 00031218 _____ C:\Users\Nicole\Downloads\machina.of.the.planet.tree.planet.ruler.skidrowcodex.torrent
2015-10-07 19:00 - 2015-10-08 06:29 - 00000000 ____D C:\Users\Nicole\Downloads\FINAL.FANTASY.TYPE.0.HD-CODEX2015-10-07 18:58 - 2015-10-07 18:58 - 00059378 _____ C:\Users\Nicole\Downloads\final.fantasy.type.0.hd.skidrowcodex.torrent
2015-10-07 07:43 - 2015-10-07 07:44 - 00000000 ____D C:\WINDOWS\LastGood.Tmp2015-10-07 07:43 - 2015-10-02 22:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll2015-10-07 07:43 - 2015-10-02 22:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll2015-10-07 07:43 - 2015-10-02 22:58 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll2015-10-07 07:43 - 2015-10-02 22:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll2015-10-07 07:43 - 2015-10-02 22:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll2015-10-07 07:43 - 2015-10-02 22:58 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll2015-10-07 07:43 - 2015-10-02 22:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll2015-10-07 07:43 - 2015-10-02 22:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll2015-10-07 07:43 - 2015-10-02 22:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll2015-10-07 07:43 - 2015-10-02 22:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll2015-10-07 07:43 - 2015-10-02 22:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll2015-10-07 07:43 - 2015-10-02 22:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll2015-10-07 07:43 - 2015-10-02 22:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll2015-10-07 07:43 - 2015-10-02 22:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll2015-10-06 21:39 - 2015-10-06 21:39 - 00000000 ____D C:\Users\Nicole\AppData\Local\BetterDS3
2015-10-06 21:38 - 2015-10-06 21:39 - 00759932 _____ C:\Users\Nicole\Downloads\BetterDS3_1.5.3.zip2015-10-06 21:24 - 2012-05-12 12:31 - 00121416 _____ (MotioninJoy) C:\WINDOWS\system32\Drivers\MijXfilt.sys
2015-10-06 21:24 - 2011-12-07 19:42 - 00074960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb21.sys2015-10-06 16:46 - 2015-10-06 16:46 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\20701
2015-10-06 13:59 - 2015-10-06 13:59 - 00117990 _____ C:\Users\Nicole\Downloads\dragon age inquisition deluxe edition-cpy.torrent2015-10-06 13:58 - 2015-10-06 13:58 - 00116970 _____ C:\Users\Nicole\Downloads\Dragon.Age.Inquisition.Deluxe.Edition-CPY-[rarbg.com] (1).torrent
2015-10-06 12:25 - 2015-10-06 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client2015-10-06 08:39 - 2015-10-06 09:48 - 00000000 ____D C:\Users\Nicole\Downloads\Dragon.Age.Inquisition.Deluxe.Edition-CPY
2015-10-05 20:41 - 2015-10-05 20:41 - 00116970 _____ C:\Users\Nicole\Downloads\Dragon.Age.Inquisition.Deluxe.Edition-CPY-[rarbg.com].torrent2015-10-03 20:54 - 2015-10-03 20:55 - 00000000 ____D C:\Program Files (x86)\MSECache
2015-10-03 20:06 - 2015-10-03 20:55 - 01483584 _____ (Microsoft Corporation) C:\Users\Nicole\Downloads\WorksConv.exe2015-10-03 20:06 - 2015-10-03 20:54 - 38808920 _____ (Microsoft Corporation) C:\Users\Nicole\Downloads\FileFormatConverters.exe
2015-10-03 14:02 - 2015-10-07 12:38 - 00000000 ____D C:\Users\Nicole\AppData\Local\CutePDF Writer2015-10-01 08:58 - 2015-09-24 18:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-01 08:58 - 2015-09-24 18:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll2015-10-01 08:58 - 2015-09-24 18:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-01 08:58 - 2015-09-24 17:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll2015-10-01 08:58 - 2015-09-24 17:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-01 08:58 - 2015-09-24 17:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll2015-10-01 08:58 - 2015-09-24 17:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 08:58 - 2015-09-24 17:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe2015-10-01 08:58 - 2015-09-24 17:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-01 08:58 - 2015-09-24 17:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys2015-10-01 08:58 - 2015-09-24 17:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-01 08:58 - 2015-09-24 17:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll2015-10-01 08:58 - 2015-09-24 17:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-01 08:58 - 2015-09-24 17:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll2015-10-01 08:58 - 2015-09-24 17:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-01 08:58 - 2015-09-24 17:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll2015-10-01 08:58 - 2015-09-24 17:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-01 08:58 - 2015-09-24 17:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll2015-10-01 08:58 - 2015-09-24 17:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-01 08:58 - 2015-09-24 16:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll2015-10-01 08:58 - 2015-09-24 16:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-01 08:58 - 2015-09-24 16:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll2015-10-01 08:58 - 2015-09-24 16:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-01 08:58 - 2015-09-24 16:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll2015-10-01 08:58 - 2015-09-24 16:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-01 08:58 - 2015-09-24 16:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll2015-10-01 08:58 - 2015-09-24 16:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-01 08:58 - 2015-09-24 16:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll2015-10-01 08:58 - 2015-09-24 16:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-01 08:58 - 2015-09-24 16:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll2015-10-01 08:58 - 2015-09-18 23:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 08:58 - 2015-09-17 00:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll2015-10-01 08:58 - 2015-09-17 00:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 08:58 - 2015-09-17 00:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys2015-10-01 08:58 - 2015-09-17 00:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 08:58 - 2015-09-17 00:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe2015-10-01 08:58 - 2015-09-17 00:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 08:58 - 2015-09-17 00:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll2015-10-01 08:58 - 2015-09-17 00:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 08:58 - 2015-09-17 00:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe2015-10-01 08:58 - 2015-09-17 00:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll2015-10-01 08:58 - 2015-09-17 00:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys2015-10-01 08:58 - 2015-09-17 00:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys2015-10-01 08:58 - 2015-09-17 00:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll2015-10-01 08:58 - 2015-09-17 00:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll2015-10-01 08:58 - 2015-09-17 00:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS2015-10-01 08:58 - 2015-09-17 00:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 08:58 - 2015-09-17 00:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll2015-10-01 08:58 - 2015-09-17 00:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 08:58 - 2015-09-17 00:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys2015-10-01 08:58 - 2015-09-17 00:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 08:58 - 2015-09-17 00:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys2015-10-01 08:58 - 2015-09-17 00:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 08:58 - 2015-09-17 00:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll2015-10-01 08:58 - 2015-09-17 00:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 08:58 - 2015-09-17 00:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll2015-10-01 08:58 - 2015-09-17 00:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-01 08:58 - 2015-09-17 00:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll2015-10-01 08:58 - 2015-09-17 00:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 08:58 - 2015-09-17 00:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll2015-10-01 08:58 - 2015-09-17 00:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 08:58 - 2015-09-17 00:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll2015-10-01 08:58 - 2015-09-17 00:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 08:58 - 2015-09-17 00:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll2015-10-01 08:58 - 2015-09-17 00:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 08:58 - 2015-09-17 00:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll2015-10-01 08:58 - 2015-09-17 00:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 08:58 - 2015-09-17 00:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll2015-10-01 08:58 - 2015-09-17 00:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 08:58 - 2015-09-17 00:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll2015-10-01 08:58 - 2015-09-17 00:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 08:58 - 2015-09-17 00:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll2015-10-01 08:58 - 2015-09-17 00:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 08:58 - 2015-09-17 00:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll2015-10-01 08:58 - 2015-09-17 00:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 08:58 - 2015-09-17 00:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll2015-10-01 08:58 - 2015-09-17 00:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-01 08:58 - 2015-09-17 00:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll2015-10-01 08:58 - 2015-09-17 00:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 08:58 - 2015-09-17 00:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll2015-10-01 08:58 - 2015-09-17 00:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 08:58 - 2015-09-17 00:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll2015-10-01 08:58 - 2015-09-17 00:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 08:58 - 2015-09-17 00:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe2015-10-01 08:58 - 2015-09-17 00:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-01 08:58 - 2015-09-17 00:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll2015-10-01 08:58 - 2015-09-17 00:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 08:58 - 2015-09-17 00:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll2015-10-01 08:58 - 2015-09-17 00:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 08:58 - 2015-09-17 00:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll2015-10-01 08:58 - 2015-09-17 00:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 08:58 - 2015-09-17 00:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll2015-10-01 08:58 - 2015-09-17 00:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 08:58 - 2015-09-17 00:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll2015-10-01 08:58 - 2015-09-17 00:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 08:58 - 2015-09-17 00:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe2015-10-01 08:58 - 2015-09-17 00:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 08:58 - 2015-09-17 00:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2015-10-01 08:58 - 2015-09-17 00:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 08:58 - 2015-09-17 00:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll2015-10-01 08:58 - 2015-09-17 00:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 08:58 - 2015-09-17 00:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll2015-10-01 08:58 - 2015-09-16 23:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 08:58 - 2015-09-16 23:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll2015-10-01 08:58 - 2015-09-16 23:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 08:58 - 2015-09-16 23:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll2015-10-01 08:58 - 2015-09-16 23:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 08:58 - 2015-09-16 23:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll2015-10-01 08:58 - 2015-09-16 23:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 08:58 - 2015-09-16 23:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll2015-10-01 08:58 - 2015-09-16 23:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 08:58 - 2015-09-16 23:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll2015-10-01 08:58 - 2015-09-16 23:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 08:58 - 2015-09-16 23:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll2015-10-01 08:58 - 2015-09-16 23:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 08:58 - 2015-09-16 23:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe2015-10-01 08:58 - 2015-09-16 23:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 08:58 - 2015-09-16 23:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll2015-10-01 08:58 - 2015-09-16 23:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 08:58 - 2015-09-16 23:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll2015-10-01 08:58 - 2015-09-16 23:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll2015-10-01 08:58 - 2015-09-16 23:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll2015-10-01 08:58 - 2015-09-16 23:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll2015-10-01 08:58 - 2015-09-16 23:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll2015-10-01 08:58 - 2015-09-16 23:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll2015-10-01 08:58 - 2015-09-16 23:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-01 08:58 - 2015-09-16 23:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll2015-10-01 08:58 - 2015-09-16 23:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 08:58 - 2015-09-16 23:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll2015-10-01 08:58 - 2015-09-16 23:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 08:58 - 2015-09-16 23:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll2015-10-01 08:58 - 2015-09-16 23:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 08:58 - 2015-09-16 23:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys2015-10-01 08:58 - 2015-09-16 23:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 08:58 - 2015-09-16 23:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys2015-10-01 08:58 - 2015-09-16 23:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 08:58 - 2015-09-16 23:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll2015-10-01 08:58 - 2015-09-16 23:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 08:58 - 2015-09-16 23:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2015-10-01 08:58 - 2015-09-16 23:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll2015-10-01 08:58 - 2015-09-16 23:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll2015-10-01 08:58 - 2015-09-16 23:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll2015-10-01 08:58 - 2015-09-16 23:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll2015-10-01 08:58 - 2015-09-16 23:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll2015-10-01 08:58 - 2015-09-16 23:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 08:58 - 2015-09-16 23:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll2015-10-01 08:58 - 2015-09-16 23:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 08:58 - 2015-09-16 23:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll2015-10-01 08:58 - 2015-09-16 23:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 08:58 - 2015-09-16 23:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll2015-10-01 08:58 - 2015-09-16 23:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-01 08:58 - 2015-09-16 23:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll2015-10-01 08:58 - 2015-09-16 23:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 08:58 - 2015-09-16 23:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll2015-10-01 08:58 - 2015-09-16 23:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 08:58 - 2015-09-16 23:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll2015-10-01 08:58 - 2015-09-16 23:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 08:58 - 2015-09-16 23:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll2015-10-01 08:58 - 2015-09-16 23:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 08:58 - 2015-09-16 23:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe2015-10-01 08:58 - 2015-09-16 23:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 08:58 - 2015-09-16 23:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2015-10-01 08:58 - 2015-09-16 23:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-01 08:58 - 2015-09-16 23:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll2015-10-01 08:58 - 2015-09-16 23:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 08:58 - 2015-09-16 23:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll2015-10-01 08:58 - 2015-09-16 23:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 08:58 - 2015-09-16 23:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll2015-10-01 08:58 - 2015-09-16 23:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 08:58 - 2015-09-16 23:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll2015-10-01 08:58 - 2015-09-16 23:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 08:58 - 2015-09-16 23:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll2015-10-01 08:58 - 2015-09-16 23:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 08:58 - 2015-09-16 23:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll2015-10-01 08:58 - 2015-09-16 23:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 08:58 - 2015-09-16 23:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll2015-10-01 08:58 - 2015-09-16 23:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 08:58 - 2015-09-16 23:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll2015-10-01 08:58 - 2015-09-16 23:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 08:58 - 2015-09-16 23:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll2015-10-01 08:58 - 2015-09-16 23:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 08:58 - 2015-09-16 23:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll2015-10-01 08:58 - 2015-09-16 23:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 08:58 - 2015-09-16 23:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll2015-10-01 08:58 - 2015-09-16 23:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 08:58 - 2015-09-16 23:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll2015-10-01 08:58 - 2015-09-16 23:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 08:58 - 2015-09-16 23:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2015-10-01 08:58 - 2015-09-16 23:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 08:58 - 2015-09-16 23:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll2015-10-01 08:58 - 2015-09-16 23:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 08:58 - 2015-09-16 23:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll2015-10-01 08:58 - 2015-09-16 23:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-01 08:58 - 2015-09-16 23:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll2015-10-01 08:58 - 2015-09-16 23:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 08:58 - 2015-09-16 23:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll2015-10-01 08:58 - 2015-09-16 23:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-01 08:58 - 2015-09-16 23:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll2015-10-01 08:58 - 2015-09-16 23:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 08:58 - 2015-09-16 23:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll2015-10-01 08:58 - 2015-09-16 23:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 08:58 - 2015-09-16 23:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll2015-10-01 08:58 - 2015-09-16 23:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 08:58 - 2015-09-16 23:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll2015-10-01 08:58 - 2015-09-16 23:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 08:58 - 2015-09-16 23:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll2015-10-01 08:58 - 2015-09-12 20:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 08:58 - 2015-09-12 19:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll2015-10-01 08:57 - 2015-09-17 00:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 08:57 - 2015-09-17 00:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe2015-10-01 08:57 - 2015-09-17 00:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 08:57 - 2015-09-16 23:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll2015-10-01 08:57 - 2015-09-16 23:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 08:57 - 2015-09-16 23:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll2015-10-01 08:57 - 2015-09-16 23:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 08:57 - 2015-09-16 23:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll2015-10-01 08:57 - 2015-09-16 23:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 08:34 - 2015-10-01 08:34 - 11384236 _____ C:\Users\Nicole\Downloads\USB_Charger_Plus_Win10_64_VER416.zip2015-09-30 18:10 - 2015-09-30 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-09-30 18:10 - 2015-09-30 18:10 - 00000000 ____D C:\ProgramData\ESET2015-09-30 18:10 - 2015-09-30 18:10 - 00000000 ____D C:\Program Files\ESET
2015-09-25 14:45 - 2015-09-25 14:45 - 00327440 _____ C:\WINDOWS\Minidump\092515-32468-01.dmp2015-09-22 18:22 - 2015-09-22 18:23 - 00336680 _____ C:\WINDOWS\Minidump\092215-39968-01.dmp
2015-09-18 19:31 - 2015-09-18 19:31 - 00000000 ____D C:\Users\Nicole\Documents\Fax2015-09-18 11:43 - 2015-09-18 11:43 - 01424896 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpwtiop5.dll
2015-09-18 11:43 - 2015-09-18 11:43 - 00979456 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpwwiax6.dll2015-09-18 11:43 - 2015-09-18 11:43 - 00551424 _____ (Hewlett-Packard) C:\WINDOWS\system32\hppldcoi.dll
2015-09-18 11:43 - 2015-09-18 11:43 - 00503296 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpwvst01.dll2015-09-18 08:59 - 2015-10-10 22:23 - 00000000 ____D C:\Users\Nicole\Desktop\Photo's for PEEP project
2015-09-16 14:27 - 2015-09-16 14:27 - 00000000 ___RD C:\Users\Nicole\3D Objects2015-09-16 11:14 - 2015-09-16 11:14 - 00000000 ____D C:\Users\Nicole\AppData\LocalLow\Temp
2015-09-14 11:45 - 2015-09-14 11:45 - 00255839 _____ C:\Users\Nicole\Downloads\Thiaoouba_Prophecy.epub==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-11 21:14 - 2015-03-07 09:44 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-11 21:14 - 2015-03-05 19:58 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\uTorrent
2015-10-11 20:22 - 2015-04-28 11:42 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2015-10-11 20:14 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-11 17:22 - 2015-07-10 06:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log2015-10-11 17:22 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-11 17:14 - 2015-03-07 09:44 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2015-10-11 12:00 - 2015-08-06 12:29 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2015-10-11 12:00 - 2015-05-13 12:13 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update22015-10-11 10:08 - 2015-08-08 01:02 - 00524174 _____ C:\WINDOWS\system32\perfh011.dat
2015-10-11 10:08 - 2015-08-08 01:02 - 00142324 _____ C:\WINDOWS\system32\perfc011.dat2015-10-11 10:08 - 2015-08-07 23:27 - 01524230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-11 10:05 - 2015-08-10 12:31 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture2015-10-11 10:05 - 2015-06-13 12:34 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2015-10-11 10:05 - 2015-03-05 15:48 - 00000093 _____ C:\Users\Nicole\AppData\Roaming\sp_data.sys2015-10-11 10:05 - 2014-11-21 19:38 - 02580436 _____ C:\Users\Public\CAFADEBUG.log
2015-10-11 10:04 - 2015-08-07 23:12 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat2015-10-11 10:03 - 2015-07-10 06:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-11 10:03 - 2015-07-10 03:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI2015-10-11 08:42 - 2015-08-07 23:14 - 00000000 ____D C:\Users\Nicole
2015-10-11 08:41 - 2015-04-28 11:38 - 00000000 ____D C:\AdwCleaner2015-10-11 00:09 - 2015-08-07 23:05 - 00017920 _____ C:\WINDOWS\PFRO.log
2015-10-11 00:09 - 2015-03-29 09:00 - 00000000 ____D C:\Program Files (x86)\DAP2015-10-10 21:46 - 2014-11-21 19:45 - 00000000 ____D C:\ProgramData\Temp
2015-10-10 18:38 - 2015-03-05 17:09 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job2015-10-09 08:38 - 2015-05-05 11:02 - 00276256 _____ (Digiarty Software, Inc.) C:\WINDOWS\system32\Drivers\DigiartyVirtualCDBus.sys
2015-10-08 09:14 - 2015-03-05 15:49 - 00000000 ___DO C:\Users\Nicole\OneDrive2015-10-07 07:44 - 2015-08-10 10:55 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-07 07:21 - 2015-07-10 06:20 - 00030535 _____ C:\WINDOWS\setupact.log2015-10-06 14:33 - 2015-03-05 15:46 - 00000000 ____D C:\Users\Nicole\AppData\Local\Packages
2015-10-06 12:45 - 2015-08-10 10:51 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys2015-10-06 12:25 - 2015-06-13 12:34 - 00001982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk
2015-10-06 08:39 - 2015-08-07 23:50 - 00002380 _____ C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk2015-10-04 14:29 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-04 12:17 - 2015-07-10 05:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F122015-10-04 12:17 - 2015-07-10 05:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ___SD C:\WINDOWS\system32\F122015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\appraiser2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\L2Schemas2015-10-04 12:09 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-04 07:11 - 2015-08-28 11:06 - 02948760 _____ (TocaEdit) C:\Users\Nicole\Desktop\x360ce_x64.exe2015-10-04 02:23 - 2015-03-05 15:55 - 01317192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-10-04 02:23 - 2014-11-21 19:26 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll2015-10-04 02:22 - 2015-03-05 15:55 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-10-04 02:22 - 2014-11-21 19:26 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll2015-10-03 20:56 - 2014-09-24 06:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-03 17:33 - 2015-03-05 16:32 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\vlc2015-10-02 22:58 - 2015-08-10 10:51 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-02 22:58 - 2015-08-10 10:51 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll2015-10-02 22:58 - 2015-08-10 10:51 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-02 20:38 - 2015-08-10 10:52 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll2015-10-02 20:38 - 2015-08-10 10:52 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-02 20:38 - 2015-08-10 10:52 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll2015-10-02 20:38 - 2015-08-10 10:52 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-02 20:38 - 2015-08-10 10:52 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll2015-10-02 20:38 - 2015-08-10 10:52 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-02 20:38 - 2015-08-10 10:52 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll2015-10-02 20:38 - 2015-08-10 10:52 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-10-01 15:50 - 2015-07-10 04:55 - 00000000 ____D C:\WINDOWS\CbsTemp2015-10-01 09:22 - 2014-09-24 06:20 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-10-01 09:09 - 2014-11-21 19:41 - 00003104 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus2015-10-01 09:09 - 2014-09-24 06:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-10-01 08:44 - 2015-03-05 16:09 - 00003942 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 14255931722015-10-01 08:44 - 2015-03-05 16:06 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-10-01 08:44 - 2015-03-05 16:06 - 00000000 ____D C:\Program Files (x86)\Opera2015-10-01 03:30 - 2015-08-10 10:52 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-28 12:14 - 2015-03-05 17:09 - 00004030 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier2015-09-25 14:45 - 2015-08-10 10:19 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-25 14:45 - 2015-08-10 10:18 - 1152312934 _____ C:\WINDOWS\MEMORY.DMP2015-09-25 12:58 - 2015-03-05 19:26 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-22 18:35 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\NDF2015-09-22 18:26 - 2015-07-10 06:20 - 00311144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-22 18:24 - 2015-07-10 07:14 - 00000000 ____D C:\Program Files\Windows Journal2015-09-19 19:30 - 2015-04-06 10:59 - 00000000 ____D C:\Users\Nicole\Documents\emWave
2015-09-15 17:09 - 2015-03-07 09:44 - 00003984 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2015-09-15 17:09 - 2015-03-07 09:44 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 10:12 - 2015-07-10 05:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe2015-09-15 10:12 - 2015-07-10 05:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 11:54 - 2015-03-07 09:44 - 00000000 ____D C:\Users\Nicole\AppData\Local\Google2015-09-13 15:34 - 2015-03-06 03:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-13 15:34 - 2015-03-05 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 20132015-09-13 15:30 - 2015-03-05 16:41 - 00000000 ____D C:\WINDOWS\system32\MRT
==================== Files in the root of some directories =======
2015-05-03 10:53 - 2015-05-03 11:17 - 0000798 _____ () C:\Users\Nicole\AppData\Roaming\burnaware.ini
2015-03-05 15:48 - 2015-10-11 10:05 - 0000093 _____ () C:\Users\Nicole\AppData\Roaming\sp_data.sys2015-05-05 13:03 - 2015-05-05 13:03 - 0008704 _____ () C:\Users\Nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-24 06:20 - 2012-09-07 05:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd2014-09-24 06:20 - 2009-07-22 04:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-09-24 06:20 - 2012-09-07 05:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBSFiles to move or delete:
====================
C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================C:\Users\Nicole\AppData\Local\Temp\cabex.dll
C:\Users\Nicole\AppData\Local\Temp\DAPREMOVE.EXEC:\Users\Nicole\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\Nicole\AppData\Local\Temp\FoxitUpdater.exeC:\Users\Nicole\AppData\Local\Temp\Quarantine.exe
C:\Users\Nicole\AppData\Local\Temp\RunWizards.exeC:\Users\Nicole\AppData\Local\Temp\SetupUtils6.dll
C:\Users\Nicole\AppData\Local\Temp\xyuh0jnw.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signedC:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signedC:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signedC:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signedC:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signedC:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signedC:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signedC:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-03 00:20
==================== End of FRST.txt ============================
Blessings,
Nicole
Edited by Destiny000, 18 October 2015 - 12:37 AM.
Sign In
Create Account
