Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Spyware or Malware, getting bad, personal information could be comprom


  • This topic is locked This topic is locked

#1
Destiny000

Destiny000

    Member

  • Member
  • PipPipPip
  • 130 posts

I have an Asus Laptop and my computer gets crazy pop ups and interferes with all my browsers in general which I use depending on circumstances. I have Windows 10 installed and use their browser plus Oprah, google chrome and firefox. I own malwarebytes premium and ran a bunch of other programs to try and clean things up however nothing has worked. :( Someone please help and guide me. This is my work computer and I live an hour outside of a small town, I don't have access to good tech support. I would appreciate the help please, my business information is on this computer. 

 

Blessings.


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi I will need to take a look

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.
THEN

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#3
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

Thank You very much! Appreciate your help!

 

I have attached the reports from Farbar and aswmbr.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-10-2015 01
Ran by Nicole (administrator) on MEZURASHI (22-10-2015 12:24:03)
Running from C:\Users\Nicole\Downloads
Loaded Profiles: Nicole (Available Profiles: Nicole)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Scarlet.Crush Productions) C:\Users\Nicole\Desktop\ScpServer\bin\ScpService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\AsusWSPanel.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.People_10.0.2840.0_x64__8wekyb3d8bbwe\PeopleApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\POWERPNT.EXE
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Nicole\Downloads\FRST64 (1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [920280 2015-04-17] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5199592 2015-10-06] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12326768 2015-08-30] (Zemana Ltd.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\ASUSWSLoader.exe [63272 2015-02-12] ()
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [623880 2008-11-18] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2066432 2014-10-31] (iSkySoft)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2001920 2014-04-04] (AimerSoft)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3761424 2014-11-10] (Disc Soft Ltd)
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\Run: [RESTART_STICKY_NOTES] => C:\WINDOWS\system32\StikyNot.exe [465920 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {1fb0e669-54f8-11e5-8291-40e23057c958} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL Z:\index.html
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {3cf6f01c-5c16-11e5-8291-40e23057c958} - "F:\KODAK_Camera_Setup_App.exe" 
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {a09c485c-7031-11e5-829e-40e23057c958} - "X:\OriginSetup.exe" 
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {a09c4b59-7031-11e5-829e-40e23057c958} - "W:\OriginSetup.exe" 
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {f19d705a-6dcc-11e5-829a-40e23057c958} - "Y:\Setup.exe" 
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-07-26]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2015-03-05]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Canada ULC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-10-06]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-07-26]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.9
Tcpip\..\Interfaces\{32cb7938-99ba-456f-a26c-a3f3bd49b2f9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d03d179d-f0ae-4322-ba8a-a0cc48c7fcfb}: [DhcpNameServer] 192.168.1.254 75.153.176.9
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO-x32: iSkysoft Video Converter Ultimate 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\PROGRA~3\iSkysoft\VIDEOC~1\WSBROW~1.DLL => No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll [2011-01-18] (Intuit, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 -  No File
 
Edge: 
======
Edge Session Restore: HKU\S-1-5-21-3710058852-312542076-3770498964-1001 -> is enabled.
 
FireFox:
========
FF ProfilePath: C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_207.dll [2015-10-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-05-30]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-07-16]
FF Extension: MP4 Downloader - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-05-30]
FF Extension: UnPlug - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-05-30]
FF Extension: Adblock Plus - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-13]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\iSkysoft\Video Converter Ultimate\[email protected] => not found
 
Chrome: 
=======
CHR Profile: C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-07]
CHR Extension: (Google Docs) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-07]
CHR Extension: (Google Drive) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-28]
CHR Extension: (Video Downloader professional) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-03-22]
CHR Extension: (Google Play Music) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-10-21]
CHR Extension: (Google Sheets) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-07]
CHR Extension: (Google Docs Offline) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (AdBlock) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-27]
CHR Extension: (Gmail) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKU\S-1-5-21-3710058852-312542076-3770498964-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
 
Opera: 
=======
OPR Extension: (SaveFrom.net helper) - C:\Users\Nicole\AppData\Roaming\Opera Software\Opera Stable\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl [2015-09-07]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-19] (ASUS Cloud Corporation) [File not signed]
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe [2216208 2014-11-10] (Disc Soft Ltd)
R2 Ds3Service; C:\Users\Nicole\Desktop\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-10-11] (SurfRight B.V.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2078216 2015-10-12] (Electronic Arts)
S4 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [24576 2011-01-17] (Intuit) [File not signed]
S4 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2008-11-18] (Intuit Inc.) [File not signed]
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5199592 2015-10-06] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12326768 2015-08-30] (Zemana Ltd.)
S4 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [97680 2015-07-28] (ASUS Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2015-10-12] (Digiarty Software, Inc.)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29864 2015-03-06] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-01-30] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-01-30] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [159480 2015-01-30] (ESET)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-22] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
R3 Neo_VPN; C:\Windows\System32\drivers\Neo_VPN.sys [40704 2015-07-02] (SoftEther Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek                                            )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [48896 2015-06-13] (SoftEther Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [109432 2015-10-11] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [109432 2015-10-11] (Zemana Ltd.)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-22 12:22 - 2015-10-22 12:22 - 05200384 _____ (AVAST Software) C:\Users\Nicole\Downloads\aswmbr.exe
2015-10-22 12:22 - 2015-10-22 12:22 - 02196480 _____ (Farbar) C:\Users\Nicole\Downloads\FRST64 (1).exe
2015-10-22 12:14 - 2015-10-22 12:25 - 21547947 _____ C:\Users\Nicole\Downloads\Awakening_Logos.mp3.crdownload
2015-10-22 12:14 - 2015-10-22 12:14 - 22019480 _____ C:\Users\Nicole\Downloads\Eternal_Love.mp3.crdownload
2015-10-22 12:14 - 2015-10-22 12:14 - 21711739 _____ C:\Users\Nicole\Downloads\Flowing_Energy_Fields.mp3.crdownload
2015-10-22 12:13 - 2015-10-22 12:13 - 26639765 _____ C:\Users\Nicole\Downloads\Resonare_Fibris.mp3.crdownload
2015-10-22 12:13 - 2015-10-22 12:13 - 24423163 _____ C:\Users\Nicole\Downloads\Alpha_Healing.mp3.crdownload
2015-10-22 12:13 - 2015-10-22 12:13 - 23669596 _____ C:\Users\Nicole\Downloads\Queant_Laxis.mp3.crdownload
2015-10-22 12:13 - 2015-10-22 12:13 - 23177940 _____ C:\Users\Nicole\Downloads\Liquid_Water_Harmony.mp3.crdownload
2015-10-22 12:13 - 2015-10-22 12:13 - 22833932 _____ C:\Users\Nicole\Downloads\Delta_Famuli.mp3.crdownload
2015-10-22 12:13 - 2015-10-22 12:13 - 22576531 _____ C:\Users\Nicole\Downloads\Divine_Connection.mp3.crdownload
2015-10-22 12:13 - 2015-10-22 12:13 - 22243925 _____ C:\Users\Nicole\Downloads\Spiritual_Awakening.mp3.crdownload
2015-10-22 11:26 - 2015-10-22 11:26 - 00016148 _____ C:\WINDOWS\system32\MEZURASHI_Nicole_HistoryPrediction.bin
2015-10-22 09:01 - 2015-10-22 09:01 - 00114168 _____ C:\Users\Nicole\Downloads\nutrient-interaction4429-131121091005-phpapp02.pptx
2015-10-22 08:30 - 2015-10-22 10:11 - 1870565704 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - Episode 9.mp4
2015-10-21 20:44 - 2015-10-21 21:45 - 262057448 _____ C:\Users\Nicole\Desktop\hidan noa ria 3.mp4
2015-10-21 17:41 - 2015-10-21 18:14 - 239771272 _____ C:\Users\Nicole\Desktop\Sakurako-san-no-Ashimoto-ni-wa-Shitai-ga-Umatteiru Episode-003.mp4
2015-10-21 16:37 - 2015-10-21 16:37 - 00000000 ____D C:\Users\Nicole\Desktop\YandereSimOct18th
2015-10-21 14:57 - 2015-10-21 15:15 - 553535939 _____ C:\Users\Nicole\Downloads\YandereSimOct18th.rar
2015-10-20 22:37 - 2015-10-21 00:43 - 1306846592 _____ C:\Users\Nicole\Downloads\The Truth About Cancer_ A Global Quest - Episode 8.mp4
2015-10-20 22:34 - 2015-10-21 00:11 - 502224657 _____ C:\Users\Nicole\Downloads\The Moment of Truth - Episode 7.mp4
2015-10-19 08:54 - 2015-10-19 09:34 - 1171692666 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - Episode 6.mp4
2015-10-18 12:24 - 2015-10-18 13:45 - 1301592153 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - Episode 5.mp4
2015-10-18 12:24 - 2015-10-18 12:24 - 00000000 _____ C:\Users\Nicole\Downloads\videoplayback.htm
2015-10-16 21:26 - 2015-10-17 02:36 - 1440091983 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - Episode 4.mp4
2015-10-16 09:01 - 2015-10-16 09:16 - 1360827400 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - Episode 3.mp4
2015-10-15 09:53 - 2015-10-15 09:53 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\21540
2015-10-15 08:59 - 2015-10-15 09:00 - 06125938 _____ C:\Users\Nicole\Downloads\Natural Treatment for Depression Explained - Naicin B3 - Food Matters.mp4
2015-10-15 08:57 - 2015-10-15 08:58 - 00000000 ____D C:\Users\Nicole\AppData\Local\Adobe
2015-10-15 08:33 - 2015-10-15 08:33 - 00000000 ____D C:\Users\Nicole\AppData\Local\Apple
2015-10-15 08:32 - 2015-10-15 09:50 - 1378363723 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - Episode 2.mp4
2015-10-14 17:45 - 2013-05-10 11:57 - 01661440 _____ (Slackerhome Productions) C:\Users\Nicole\Desktop\Better DS3.exe
2015-10-14 17:24 - 2015-10-14 17:25 - 00759932 _____ C:\Users\Nicole\Desktop\BetterDS3_1.5.3(1).zip
2015-10-14 16:55 - 2015-10-14 16:55 - 00004246 _____ C:\Users\Nicole\Desktop\x360ce.tmp
2015-10-13 19:44 - 2015-10-13 19:48 - 10571443 _____ C:\Users\Nicole\Downloads\SCP-DS-Driver-Package-1.2.0.160(1).7z
2015-10-13 19:34 - 2015-10-13 19:37 - 10005401 _____ C:\Users\Nicole\Downloads\SCP-DS3-Driver-Package-1.0.0.103.7z
2015-10-13 19:12 - 2015-10-14 00:36 - 1829900834 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - The True History of Chemo & The Pharmaceutical Monopoly.mp4
2015-10-13 19:06 - 2015-10-04 07:11 - 02950296 _____ (TocaEdit) C:\Users\Nicole\Desktop\x360ce.exe
2015-10-13 18:59 - 2015-10-13 18:59 - 01519379 _____ C:\Users\Nicole\Desktop\x360ce_x64 (1).zip
2015-10-13 18:58 - 2015-10-13 18:58 - 01519567 _____ C:\Users\Nicole\Desktop\x360ce (1).zip
2015-10-13 15:43 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\is-NJ5T9.tmp
2015-10-13 13:35 - 2015-10-10 01:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-13 13:35 - 2015-10-10 00:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-13 13:35 - 2015-10-10 00:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-13 13:35 - 2015-10-05 21:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-13 13:35 - 2015-10-05 20:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-13 13:35 - 2015-09-30 22:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-13 13:35 - 2015-09-30 22:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-13 13:35 - 2015-09-30 22:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-13 13:35 - 2015-09-30 22:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-13 13:35 - 2015-09-30 22:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-13 13:35 - 2015-09-30 21:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-13 13:35 - 2015-09-24 22:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-13 13:35 - 2015-09-24 22:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-13 13:35 - 2015-09-24 21:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-13 13:35 - 2015-09-24 21:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-13 13:35 - 2015-09-24 21:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-13 13:35 - 2015-09-24 21:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-13 13:35 - 2015-09-24 21:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-13 13:35 - 2015-09-24 21:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-13 13:35 - 2015-09-24 21:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-13 13:35 - 2015-09-24 21:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-13 13:35 - 2015-09-24 21:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-13 13:35 - 2015-09-24 21:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-13 13:35 - 2015-09-24 21:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-13 13:35 - 2015-09-24 21:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-13 13:35 - 2015-09-24 21:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-13 13:35 - 2015-09-24 21:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-13 13:35 - 2015-09-24 21:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-13 13:35 - 2015-09-24 21:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-13 13:35 - 2015-09-24 21:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-13 13:35 - 2015-09-24 21:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-13 13:35 - 2015-09-24 21:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-13 13:35 - 2015-09-24 21:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-13 13:35 - 2015-09-24 21:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-13 13:35 - 2015-09-24 21:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-13 13:35 - 2015-09-24 21:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-13 13:35 - 2015-09-24 21:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-13 13:35 - 2015-09-24 20:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-13 13:35 - 2015-09-24 20:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-13 13:35 - 2015-09-24 20:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-13 13:35 - 2015-09-24 20:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-13 13:35 - 2015-09-24 20:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-13 13:35 - 2015-09-24 20:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-13 13:35 - 2015-09-24 20:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-13 13:35 - 2015-09-24 20:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-13 13:35 - 2015-09-24 20:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-13 13:35 - 2015-09-24 20:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-13 13:35 - 2015-09-24 20:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-13 13:35 - 2015-09-24 20:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-13 13:35 - 2015-09-24 20:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-13 13:35 - 2015-09-24 20:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-13 13:35 - 2015-09-24 20:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-13 13:35 - 2015-09-24 20:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-13 13:35 - 2015-09-24 20:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-13 13:35 - 2015-09-24 20:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-13 13:35 - 2015-09-24 20:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-13 13:35 - 2015-09-24 20:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-13 13:35 - 2015-09-24 20:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-13 13:35 - 2015-09-24 20:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-13 13:35 - 2015-09-24 20:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-13 13:35 - 2015-09-24 20:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-13 13:35 - 2015-09-24 20:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-13 13:35 - 2015-09-24 20:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-13 13:35 - 2015-09-24 20:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-13 13:35 - 2015-09-24 20:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-12 20:44 - 2015-10-12 20:44 - 00000000 ____D C:\Users\Nicole\Documents\BioWare
2015-10-12 19:30 - 2015-10-12 19:37 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\Origin
2015-10-12 19:30 - 2015-10-12 19:34 - 00000000 ____D C:\Users\Nicole\AppData\Local\Origin
2015-10-12 18:26 - 2015-10-12 20:44 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-10-12 18:26 - 2015-10-12 18:26 - 00000565 _____ C:\Users\Public\Desktop\Origin.lnk
2015-10-12 18:18 - 2015-10-12 18:25 - 17113896 _____ (Electronic Arts, Inc.) C:\Users\Nicole\Downloads\OriginThinSetup.exe
2015-10-12 18:17 - 2013-11-21 21:22 - 00050688 _____ (Atribune.org) C:\Users\Nicole\Desktop\ATF-Cleaner.exe
2015-10-12 12:36 - 2015-10-12 13:10 - 00000717 _____ C:\Users\Public\Desktop\Dragon Age Inquisition.lnk
2015-10-12 12:13 - 2015-10-14 18:00 - 00000000 ____D C:\ProgramData\Origin
2015-10-11 21:15 - 2015-10-11 21:15 - 00039374 _____ C:\Users\Nicole\Downloads\Addition.txt
2015-10-11 21:14 - 2015-10-22 12:24 - 00030566 _____ C:\Users\Nicole\Downloads\FRST.txt
2015-10-11 21:14 - 2015-10-22 12:24 - 00000000 ____D C:\FRST
2015-10-11 21:13 - 2015-10-11 21:13 - 02195968 _____ (Farbar) C:\Users\Nicole\Downloads\FRST64.exe
2015-10-11 19:42 - 2015-10-11 19:42 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Nicole\Downloads\SpyHunter-Installer.exe
2015-10-11 10:07 - 2015-10-14 16:56 - 00004246 _____ C:\Users\Nicole\Desktop\x360ce.ini
2015-10-11 10:07 - 2015-10-13 19:07 - 00146072 _____ (http://x360ce.googlecode.com) C:\Users\Nicole\Desktop\xinput1_3.dll
2015-10-11 09:59 - 2015-10-11 09:59 - 00000000 ____D C:\Users\Nicole\AppData\Local\TempTaskUpdateDetection091E06C7-8EE2-4DE7-9A80-91318CF76556
2015-10-11 09:47 - 2015-10-11 09:47 - 00000000 ____D C:\Users\Nicole\Desktop\ScpServer
2015-10-11 09:47 - 2013-05-19 01:02 - 00039168 _____ (Scarlet.Crush Productions) C:\WINDOWS\system32\Drivers\ScpVBus.sys
2015-10-11 09:47 - 2013-01-07 08:56 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2015-10-11 09:46 - 2015-10-11 09:46 - 07878008 _____ (Microsoft Corporation) C:\Users\Nicole\Downloads\Xbox360_64Eng.exe
2015-10-11 09:45 - 2015-10-11 09:47 - 10571443 _____ C:\Users\Nicole\Downloads\SCP-DS-Driver-Package-1.2.0.160.7z
2015-10-11 09:37 - 2015-10-11 09:37 - 00000000 ____D C:\Users\Nicole\Desktop\YanSimOctober11th
2015-10-11 09:01 - 2015-10-11 09:36 - 551856746 _____ C:\Users\Nicole\Downloads\YanSimOctober11th.rar
2015-10-11 08:55 - 2015-10-12 18:20 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-10-11 08:55 - 2015-10-11 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-10-11 08:55 - 2015-10-11 08:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-10-11 08:50 - 2015-10-11 08:52 - 02947874 ____R C:\Users\Nicole\Downloads\Malwarebytes Anti-Exploit Premium 1.06.1.1018 + Serial (menin).zip
2015-10-11 08:50 - 2015-10-11 08:50 - 00004394 _____ C:\Users\Nicole\Downloads\[kat.cr]malwarebytes.anti.exploit.premium.1.06.1.1018.serial.menin.torrent
2015-10-11 00:38 - 2015-10-11 00:38 - 00109432 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2015-10-11 00:38 - 2015-10-11 00:38 - 00001219 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2015-10-11 00:38 - 2015-10-11 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2015-10-11 00:38 - 2015-10-11 00:38 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2015-10-11 00:37 - 2015-10-11 00:37 - 00109432 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2015-10-11 00:37 - 2015-10-11 00:37 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2015-10-11 00:37 - 2015-10-11 00:37 - 00000000 ____D C:\Users\Nicole\AppData\Local\Zemana
2015-10-11 00:22 - 2015-10-11 00:22 - 00001964 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-10-11 00:22 - 2015-10-11 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-10-11 00:22 - 2015-10-11 00:22 - 00000000 ____D C:\Program Files\HitmanPro
2015-10-11 00:21 - 2015-10-11 08:51 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-11 00:17 - 2015-10-11 00:19 - 05078968 _____ ( ) C:\Users\Nicole\Desktop\Zemana.AntiMalware.Setup.exe
2015-10-11 00:15 - 2015-10-11 00:20 - 11336600 _____ (SurfRight B.V.) C:\Users\Nicole\Desktop\HitmanPro_x64.exe
2015-10-11 00:08 - 2015-10-11 00:08 - 00002560 _____ C:\WINDOWS\_MSRSTRT.EXE
2015-10-10 23:05 - 2015-10-10 23:05 - 01519567 _____ C:\Users\Nicole\Downloads\x360ce.zip
2015-10-10 21:30 - 2015-10-10 21:30 - 00000000 ____D C:\Program Files (x86)\ESET
2015-10-10 21:28 - 2015-10-10 21:30 - 02870984 _____ (ESET) C:\Users\Nicole\Downloads\esetsmartinstaller_enu.exe
2015-10-10 17:25 - 2014-04-17 14:02 - 01426178 _____ C:\Users\Nicole\Desktop\adwcleaner.exe
2015-10-09 08:39 - 2015-10-09 08:39 - 00001649 _____ C:\Users\Public\Desktop\Machina of the Planet Tree -Planet Ruler-.lnk
2015-10-09 08:39 - 2015-10-09 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sekai Project
2015-10-09 08:38 - 2015-10-09 08:38 - 00000000 ____D C:\Program Files (x86)\Sekai Project
2015-10-08 17:20 - 2015-10-10 21:14 - 01408836 _____ C:\Users\Nicole\Downloads\Unconfirmed 111654.crdownload
2015-10-08 16:36 - 2015-10-08 16:36 - 10818216 _____ C:\Users\Nicole\Downloads\dap10_full.exe
2015-10-08 09:27 - 2015-10-08 09:27 - 00000000 ____D C:\ProgramData\X360CE
2015-10-08 09:26 - 2015-10-08 09:27 - 01519379 _____ C:\Users\Nicole\Downloads\x360ce_x64.zip
2015-10-08 07:14 - 2015-10-09 18:37 - 00000000 ____D C:\Users\Nicole\Desktop\Games
2015-10-07 21:41 - 2015-10-08 08:46 - 00000000 ____D C:\Users\Nicole\Downloads\YanSimJuly22nd
2015-10-07 19:07 - 2015-10-07 19:07 - 00022266 _____ C:\Users\Nicole\Downloads\yandere.simulator.pc.game.v22-skidrowcodex.torrent
2015-10-07 19:06 - 2015-10-07 19:06 - 00031218 _____ C:\Users\Nicole\Downloads\machina.of.the.planet.tree.planet.ruler.skidrowcodex.torrent
2015-10-07 19:00 - 2015-10-13 08:26 - 00000000 ____D C:\Users\Nicole\Downloads\FINAL.FANTASY.TYPE.0.HD-CODEX
2015-10-07 18:58 - 2015-10-07 18:58 - 00059378 _____ C:\Users\Nicole\Downloads\final.fantasy.type.0.hd.skidrowcodex.torrent
2015-10-07 07:43 - 2015-10-02 22:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-07 07:43 - 2015-10-02 22:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-06 21:39 - 2015-10-14 17:56 - 00000000 ____D C:\Users\Nicole\AppData\Local\BetterDS3
2015-10-06 21:38 - 2015-10-06 21:39 - 00759932 _____ C:\Users\Nicole\Downloads\BetterDS3_1.5.3.zip
2015-10-06 21:24 - 2012-05-12 12:31 - 00121416 _____ (MotioninJoy) C:\WINDOWS\system32\Drivers\MijXfilt.sys
2015-10-06 21:24 - 2011-12-07 19:42 - 00074960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb21.sys
2015-10-06 13:59 - 2015-10-06 13:59 - 00117990 _____ C:\Users\Nicole\Downloads\dragon age inquisition deluxe edition-cpy.torrent
2015-10-06 13:58 - 2015-10-06 13:58 - 00116970 _____ C:\Users\Nicole\Downloads\Dragon.Age.Inquisition.Deluxe.Edition-CPY-[rarbg.com] (1).torrent
2015-10-06 12:25 - 2015-10-06 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
2015-10-05 20:41 - 2015-10-05 20:41 - 00116970 _____ C:\Users\Nicole\Downloads\Dragon.Age.Inquisition.Deluxe.Edition-CPY-[rarbg.com].torrent
2015-10-03 20:54 - 2015-10-03 20:55 - 00000000 ____D C:\Program Files (x86)\MSECache
2015-10-03 20:06 - 2015-10-03 20:55 - 01483584 _____ (Microsoft Corporation) C:\Users\Nicole\Downloads\WorksConv.exe
2015-10-03 20:06 - 2015-10-03 20:54 - 38808920 _____ (Microsoft Corporation) C:\Users\Nicole\Downloads\FileFormatConverters.exe
2015-10-03 14:02 - 2015-10-07 12:38 - 00000000 ____D C:\Users\Nicole\AppData\Local\CutePDF Writer
2015-10-01 08:58 - 2015-09-18 23:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 08:58 - 2015-09-17 00:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 08:58 - 2015-09-17 00:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 08:58 - 2015-09-17 00:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 08:58 - 2015-09-17 00:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 08:58 - 2015-09-17 00:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 08:58 - 2015-09-17 00:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 08:58 - 2015-09-17 00:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 08:58 - 2015-09-17 00:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 08:58 - 2015-09-17 00:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 08:58 - 2015-09-17 00:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 08:58 - 2015-09-17 00:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 08:58 - 2015-09-17 00:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 08:58 - 2015-09-17 00:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 08:58 - 2015-09-17 00:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 08:58 - 2015-09-17 00:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 08:58 - 2015-09-17 00:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 08:58 - 2015-09-17 00:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 08:58 - 2015-09-17 00:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 08:58 - 2015-09-17 00:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 08:58 - 2015-09-17 00:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 08:58 - 2015-09-17 00:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 08:58 - 2015-09-17 00:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 08:58 - 2015-09-17 00:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 08:58 - 2015-09-17 00:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 08:58 - 2015-09-17 00:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 08:58 - 2015-09-17 00:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 08:58 - 2015-09-17 00:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 08:58 - 2015-09-17 00:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 08:58 - 2015-09-17 00:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 08:58 - 2015-09-17 00:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 08:58 - 2015-09-17 00:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 08:58 - 2015-09-17 00:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 08:58 - 2015-09-17 00:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 08:58 - 2015-09-17 00:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 08:58 - 2015-09-17 00:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 08:58 - 2015-09-17 00:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 08:58 - 2015-09-17 00:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 08:58 - 2015-09-17 00:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 08:58 - 2015-09-17 00:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 08:58 - 2015-09-17 00:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 08:58 - 2015-09-17 00:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 08:58 - 2015-09-17 00:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 08:58 - 2015-09-17 00:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 08:58 - 2015-09-17 00:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 08:58 - 2015-09-17 00:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 08:58 - 2015-09-17 00:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 08:58 - 2015-09-17 00:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 08:58 - 2015-09-17 00:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 08:58 - 2015-09-17 00:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 08:58 - 2015-09-17 00:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 08:58 - 2015-09-17 00:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 08:58 - 2015-09-17 00:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 08:58 - 2015-09-17 00:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 08:58 - 2015-09-17 00:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 08:58 - 2015-09-17 00:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 08:58 - 2015-09-17 00:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 08:58 - 2015-09-17 00:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 08:58 - 2015-09-17 00:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 08:58 - 2015-09-17 00:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 08:58 - 2015-09-17 00:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 08:58 - 2015-09-17 00:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 08:58 - 2015-09-17 00:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 08:58 - 2015-09-16 23:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 08:58 - 2015-09-16 23:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 08:58 - 2015-09-16 23:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 08:58 - 2015-09-16 23:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 08:58 - 2015-09-16 23:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 08:58 - 2015-09-16 23:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 08:58 - 2015-09-16 23:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 08:58 - 2015-09-16 23:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 08:58 - 2015-09-16 23:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 08:58 - 2015-09-16 23:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 08:58 - 2015-09-16 23:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 08:58 - 2015-09-16 23:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 08:58 - 2015-09-16 23:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 08:58 - 2015-09-16 23:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 08:58 - 2015-09-16 23:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 08:58 - 2015-09-16 23:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 08:58 - 2015-09-16 23:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 08:58 - 2015-09-16 23:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 08:58 - 2015-09-16 23:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 08:58 - 2015-09-16 23:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 08:58 - 2015-09-16 23:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 08:58 - 2015-09-16 23:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 08:58 - 2015-09-16 23:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 08:58 - 2015-09-16 23:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 08:58 - 2015-09-16 23:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 08:58 - 2015-09-16 23:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-10-01 08:58 - 2015-09-16 23:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 08:58 - 2015-09-16 23:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 08:58 - 2015-09-16 23:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 08:58 - 2015-09-16 23:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 08:58 - 2015-09-16 23:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 08:58 - 2015-09-16 23:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 08:58 - 2015-09-16 23:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 08:58 - 2015-09-16 23:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 08:58 - 2015-09-16 23:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 08:58 - 2015-09-16 23:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 08:58 - 2015-09-16 23:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 08:58 - 2015-09-16 23:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 08:58 - 2015-09-16 23:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 08:58 - 2015-09-16 23:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 08:58 - 2015-09-16 23:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 08:58 - 2015-09-16 23:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 08:58 - 2015-09-16 23:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 08:58 - 2015-09-16 23:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 08:58 - 2015-09-16 23:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 08:58 - 2015-09-16 23:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 08:58 - 2015-09-16 23:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 08:58 - 2015-09-16 23:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 08:58 - 2015-09-16 23:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 08:58 - 2015-09-16 23:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 08:58 - 2015-09-16 23:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 08:58 - 2015-09-16 23:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 08:58 - 2015-09-16 23:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 08:58 - 2015-09-16 23:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 08:58 - 2015-09-16 23:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 08:58 - 2015-09-16 23:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 08:58 - 2015-09-16 23:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 08:58 - 2015-09-16 23:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 08:58 - 2015-09-16 23:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 08:58 - 2015-09-16 23:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 08:58 - 2015-09-16 23:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 08:58 - 2015-09-16 23:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 08:58 - 2015-09-16 23:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 08:58 - 2015-09-16 23:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 08:58 - 2015-09-16 23:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 08:58 - 2015-09-16 23:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 08:58 - 2015-09-16 23:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 08:58 - 2015-09-16 23:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 08:58 - 2015-09-16 23:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 08:58 - 2015-09-16 23:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 08:58 - 2015-09-16 23:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 08:58 - 2015-09-16 23:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 08:58 - 2015-09-16 23:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 08:58 - 2015-09-16 23:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 08:58 - 2015-09-16 23:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 08:58 - 2015-09-16 23:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 08:58 - 2015-09-16 23:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 08:58 - 2015-09-16 23:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 08:58 - 2015-09-16 23:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 08:58 - 2015-09-16 23:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 08:58 - 2015-09-16 23:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 08:58 - 2015-09-16 23:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 08:58 - 2015-09-16 23:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 08:58 - 2015-09-16 23:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 08:58 - 2015-09-16 23:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 08:58 - 2015-09-16 23:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-01 08:58 - 2015-09-16 23:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 08:58 - 2015-09-16 23:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 08:58 - 2015-09-12 20:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 08:58 - 2015-09-12 19:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-01 08:57 - 2015-09-17 00:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 08:57 - 2015-09-17 00:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 08:57 - 2015-09-17 00:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 08:57 - 2015-09-16 23:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 08:57 - 2015-09-16 23:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 08:57 - 2015-09-16 23:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 08:57 - 2015-09-16 23:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 08:57 - 2015-09-16 23:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 08:57 - 2015-09-16 23:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 08:34 - 2015-10-01 08:34 - 11384236 _____ C:\Users\Nicole\Downloads\USB_Charger_Plus_Win10_64_VER416.zip
2015-09-30 18:10 - 2015-09-30 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-09-30 18:10 - 2015-09-30 18:10 - 00000000 ____D C:\ProgramData\ESET
2015-09-30 18:10 - 2015-09-30 18:10 - 00000000 ____D C:\Program Files\ESET
2015-09-25 14:45 - 2015-09-25 14:45 - 00327440 _____ C:\WINDOWS\Minidump\092515-32468-01.dmp
2015-09-22 18:22 - 2015-09-22 18:23 - 00336680 _____ C:\WINDOWS\Minidump\092215-39968-01.dmp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-22 12:20 - 2015-07-10 06:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-22 12:19 - 2015-04-28 11:42 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-22 12:14 - 2015-03-07 09:44 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-22 12:12 - 2015-03-05 15:46 - 00000000 ____D C:\Users\Nicole\AppData\Local\Packages
2015-10-22 12:00 - 2015-08-06 12:29 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2015-10-22 12:00 - 2015-05-13 12:13 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2015-10-22 11:51 - 2015-03-05 15:49 - 00000000 ___DO C:\Users\Nicole\OneDrive
2015-10-22 11:34 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-22 11:15 - 2015-03-05 16:32 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\vlc
2015-10-22 09:05 - 2015-09-18 08:59 - 00000000 ____D C:\Users\Nicole\Desktop\Photo's for PEEP project
2015-10-21 22:19 - 2015-08-08 01:02 - 00524174 _____ C:\WINDOWS\system32\perfh011.dat
2015-10-21 22:19 - 2015-08-08 01:02 - 00142324 _____ C:\WINDOWS\system32\perfc011.dat
2015-10-21 22:19 - 2015-08-07 23:27 - 01524230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-21 22:11 - 2015-07-10 06:20 - 00032917 _____ C:\WINDOWS\setupact.log
2015-10-21 21:27 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-21 17:14 - 2015-03-07 09:44 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-21 07:37 - 2015-08-10 12:31 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-10-21 07:37 - 2015-03-05 15:48 - 00000093 _____ C:\Users\Nicole\AppData\Roaming\sp_data.sys
2015-10-21 07:37 - 2014-11-21 19:38 - 02623430 _____ C:\Users\Public\CAFADEBUG.log
2015-10-21 07:36 - 2015-08-07 23:12 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-10-21 07:26 - 2015-04-28 21:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-19 20:46 - 2015-07-10 04:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-17 18:59 - 2015-03-05 16:06 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-17 02:38 - 2015-03-05 17:09 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-10-15 21:10 - 2015-07-10 05:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-15 21:10 - 2015-07-10 05:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 13:55 - 2015-05-03 10:52 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\dvdcss
2015-10-14 17:39 - 2015-06-13 12:34 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2015-10-14 17:38 - 2015-07-10 06:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-14 17:37 - 2015-07-10 03:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-14 17:37 - 2015-04-28 11:38 - 00000000 ____D C:\AdwCleaner
2015-10-14 17:31 - 2015-03-05 16:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-14 17:29 - 2015-08-07 23:05 - 00021236 _____ C:\WINDOWS\PFRO.log
2015-10-13 18:41 - 2015-08-07 23:14 - 00000000 ____D C:\Users\Nicole
2015-10-13 18:38 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-13 16:57 - 2015-03-06 03:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-13 16:57 - 2015-03-05 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-13 16:52 - 2015-03-05 16:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-13 16:45 - 2015-03-05 16:41 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-13 15:43 - 2015-04-28 11:41 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-13 15:43 - 2015-04-28 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-13 15:43 - 2015-04-28 11:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-13 15:39 - 2015-03-05 19:58 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\uTorrent
2015-10-12 19:30 - 2014-09-24 06:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-12 14:14 - 2015-04-28 11:46 - 00000000 ____D C:\Users\Nicole\AppData\Local\ESET
2015-10-12 10:50 - 2015-05-05 11:02 - 00276256 _____ (Digiarty Software, Inc.) C:\WINDOWS\system32\Drivers\DigiartyVirtualCDBus.sys
2015-10-11 00:09 - 2015-03-29 09:00 - 00000000 ____D C:\Program Files (x86)\DAP
2015-10-10 21:46 - 2014-11-21 19:45 - 00000000 ____D C:\ProgramData\Temp
2015-10-07 07:44 - 2015-08-10 10:55 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-06 12:45 - 2015-08-10 10:51 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-06 12:25 - 2015-06-13 12:34 - 00001982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk
2015-10-06 08:39 - 2015-08-07 23:50 - 00002380 _____ C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-05 09:50 - 2015-04-28 11:41 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-05 09:50 - 2015-04-28 11:41 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-04 14:29 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-04 12:17 - 2015-07-10 05:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-04 12:17 - 2015-07-10 05:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-04 12:16 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-04 12:09 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-04 07:11 - 2015-08-28 11:06 - 02948760 _____ (TocaEdit) C:\Users\Nicole\Desktop\x360ce_x64.exe
2015-10-04 02:23 - 2015-03-05 15:55 - 01317192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-10-04 02:23 - 2014-11-21 19:26 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-10-04 02:22 - 2015-03-05 15:55 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-10-04 02:22 - 2014-11-21 19:26 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-10-03 20:56 - 2014-09-24 06:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-02 22:58 - 2015-08-10 10:51 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-02 22:58 - 2015-08-10 10:51 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-02 22:58 - 2015-08-10 10:51 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-02 20:38 - 2015-08-10 10:52 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-02 20:38 - 2015-08-10 10:52 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-02 20:38 - 2015-08-10 10:52 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-02 20:38 - 2015-08-10 10:52 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-02 20:38 - 2015-08-10 10:52 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-10-02 20:38 - 2015-08-10 10:52 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-02 20:38 - 2015-08-10 10:52 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-10-02 20:38 - 2015-08-10 10:52 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-10-01 09:22 - 2014-09-24 06:20 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-10-01 09:09 - 2014-11-21 19:41 - 00003104 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2015-10-01 09:09 - 2014-09-24 06:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-10-01 08:44 - 2015-03-05 16:09 - 00003942 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1425593172
2015-10-01 08:44 - 2015-03-05 16:06 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-10-01 03:30 - 2015-08-10 10:52 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-28 12:14 - 2015-03-05 17:09 - 00004030 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-09-25 14:45 - 2015-08-10 10:19 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-25 14:45 - 2015-08-10 10:18 - 1152312934 _____ C:\WINDOWS\MEMORY.DMP
2015-09-25 12:58 - 2015-03-05 19:26 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-22 18:35 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-22 18:26 - 2015-07-10 06:20 - 00311144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-22 18:24 - 2015-07-10 07:14 - 00000000 ____D C:\Program Files\Windows Journal
 
==================== Files in the root of some directories =======
 
2015-05-03 10:53 - 2015-05-03 11:17 - 0000798 _____ () C:\Users\Nicole\AppData\Roaming\burnaware.ini
2015-03-05 15:48 - 2015-10-21 07:37 - 0000093 _____ () C:\Users\Nicole\AppData\Roaming\sp_data.sys
2015-05-05 13:03 - 2015-05-05 13:03 - 0008704 _____ () C:\Users\Nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-24 06:20 - 2012-09-07 05:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-09-24 06:20 - 2009-07-22 04:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-09-24 06:20 - 2012-09-07 05:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.VBS
 
 
Some files in TEMP:
====================
C:\Users\Nicole\AppData\Local\Temp\m2acdzwj.dll
C:\Users\Nicole\AppData\Local\Temp\mfnygwmr.dll
C:\Users\Nicole\AppData\Local\Temp\Quarantine.exe
C:\Users\Nicole\AppData\Local\Temp\qz2ay3sa.dll
C:\Users\Nicole\AppData\Local\Temp\xyuh0jnw.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-22 11:26
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-10-2015 01
Ran by Nicole (2015-10-22 12:25:10)
Running from C:\Users\Nicole\Downloads
Windows 10 Home (X64) (2015-08-08 05:46:42)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3710058852-312542076-3770498964-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3710058852-312542076-3770498964-503 - Limited - Disabled)
Guest (S-1-5-21-3710058852-312542076-3770498964-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3710058852-312542076-3770498964-1003 - Limited - Enabled)
Nicole (S-1-5-21-3710058852-312542076-3770498964-1001 - Administrator - Enabled) => C:\Users\Nicole
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
[email protected] DVD Eraser v 1.1 (HKLM-x32\...\[email protected] DVD Eraser v 1.1) (Version:  - )
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Aimersoft DVD Creator(Build 3.0.0) (HKLM-x32\...\Aimersoft DVD Creator_is1) (Version:  - Aimersoft Software)
Any Video Converter Ultimate 5.8.0 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AVS Disc Creator 5.2 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.3.533 - Online Media Technologies Ltd.)
AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.3.572 - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.60 - Conexant)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  - )
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 6.0.0.0444 - Disc Soft Ltd)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.11 - Electronic Arts)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVDFab 9.1.9.5 (28/03/2015) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
emWave2 (HKLM-x32\...\emWave23.3.0.7385) (Version: 3.3.0.7385 - Heartmath Inc.)
ESET NOD32 Antivirus (HKLM\...\{5F2AE448-CD4B-40BD-B245-5F0CD06A09B0}) (Version: 8.0.319.0 - ESET, spol s r. o.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Express Zip File Compression (HKLM-x32\...\ExpressZip) (Version: 2.33 - NCH Software)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Foxit PhantomPDF (HKLM-x32\...\{045A0488-55C1-45B1-9992-4B4134904D61}) (Version: 7.0.59.127 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.10.250 - SurfRight B.V.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Machina of the Planet Tree -Planet Ruler- (HKLM-x32\...\Machina of the Planet Tree -Planet Ruler-_is1) (Version:  - )
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Moon Planting Matrix (HKLM-x32\...\{B1FCFDBC-C876-4909-A26A-40AF94A24DEC}) (Version: 1.2.9 - Divine Inspirations)
Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Graphics Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickBooks (x32 Version: 19.0.4007.1091 - Intuit Canada Limited) Hidden
QuickBooks Premier: Retail Edition 2010 (HKLM-x32\...\{69CAC0F3-5CA1-4AFB-8DF9-BD982998B36F}) (Version: 19.0.4007.1091 - Intuit Canada Limited)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.17.9562 - SoftEther VPN Project)
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
:spam: Walkman Video Converter 6.1.50 (HKLM-x32\...\{148E1C03-9ED1-4194-845E-159DE3ABC6A1}_is1) (Version:  - )
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{BF1B3F01-93F3-4B83-93DB-132EB1AED259}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E93D8472-11CA-4A0C-B31F-C82C9E9AA1CC}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{E93D8472-11CA-4A0C-B31F-C82C9E9AA1CC}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E93D8472-11CA-4A0C-B31F-C82C9E9AA1CC}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.0.496 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse  (06/17/2015 6.0.0.66) (HKLM\...\1EFB54678773735560B565BE7FA6F2BCC557EE21) (Version: 06/17/2015 6.0.0.66 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinX DVD Copy Pro 3.6.4 (HKLM\...\WinX DVD Copy Pro_is1) (Version:  - Digiarty Software,Inc.)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.17.116 - Zemana Ltd.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3710058852-312542076-3770498964-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
 
==================== Restore Points =========================
 
16-10-2015 09:11:06 Scheduled Checkpoint
19-10-2015 20:45:16 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2015-10-08 09:14 - 00002291 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 mfr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 static.a-ads.com
127.0.0.1 atlas.aamedia.ro
127.0.0.1 abcstats.com
127.0.0.1 ad4.abradio.cz
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 csh.actiondesk.com
127.0.0.1 ads.activepower.net
 
There are 49 more lines.
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1B83B88D-BA1C-44D2-BFA1-9D502EAAC87B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {20805194-DA45-4F39-891E-AB825119C82E} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {346A2358-43A1-4831-B03F-176809137239} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-28] (AsusTek)
Task: {34ABDD7D-5EC9-4285-A962-66E3671FBF55} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {37650F05-D8CC-406E-92FC-8DF135C67167} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3EF5203D-6C47-4DC6-B8C5-7CCE931C9FE9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4237E065-8F05-4F5B-A0FA-09240BF6B870} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {44BC47FE-C3CC-429E-A5AE-7C35B1CC70EE} - System32\Tasks\{813BEEC4-B47C-4699-83E2-298AEB1C537F} => pcalua.exe -a C:\Users\Nicole\Desktop\VoiceTrap.DX\VoiceTrapX20.exe -d C:\Users\Nicole\Desktop\VoiceTrap.DX
Task: {45B8E168-1746-458C-931A-E0F7ABD39DE0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4C946DC1-674A-43F0-8AD1-23A863D0B31A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5C6728C7-2F34-42C4-B12A-798BC9E19E13} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {5CF47062-17AE-4E44-81C9-34620C99C309} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-13] (Microsoft Corporation)
Task: {5FB47C19-5BBC-449B-B930-7010584F9622} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe [2015-09-28] (Adobe Systems Incorporated)
Task: {636A5AE5-03FA-43F0-9354-F59A64C47C8D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6669161F-378F-44A0-AB38-98A28F48491F} - System32\Tasks\Opera scheduled Autoupdate 1425593172 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {740E3964-5E37-4E44-B33E-E6E7BF0420F1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7F6A5176-F6B9-40B7-AA39-D36D77363ED1} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {7FAA9B83-9BD9-4192-8CC7-38AACB5D4BCD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {80D433EC-5049-4257-B93C-8A5B20834063} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {82CBBDA3-180A-457F-B61B-1F610596AF79} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
Task: {887C4DEE-3A9D-4A42-B5AB-D7ABAC2DE868} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {9522577D-465C-4B4A-A764-0F9084C5E6B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-09-11] (Microsoft Corporation)
Task: {A25DC04E-9932-43EA-8DB9-EBB63AD442D3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B2A625E7-6F2F-4ED1-990B-4663FE77020F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {C6D8576B-E43B-4559-BC3A-D81C6EFD41F7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DDA79EC7-7A0B-4596-BC16-92E98774E71D} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {DF4BE3FB-3027-470E-B39C-EC9A901D6F79} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E169EA53-F667-4FBD-97C3-09E8743C9596} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-09-11] (Microsoft Corporation)
Task: {E8572983-88DD-43F3-908B-019B4129D9FD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {ED30295E-89A2-4452-BBE5-BE728557C909} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-07-10 05:00 - 2015-07-10 05:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-10 21:51 - 2015-07-14 20:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-03-05 19:03 - 2012-03-11 15:56 - 00086608 _____ () C:\WINDOWS\System32\cpwmon64.dll
2015-08-19 12:38 - 2015-08-11 03:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-05 19:26 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-08-10 10:52 - 2015-10-02 20:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 08:58 - 2015-09-17 00:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-15 14:58 - 2015-09-15 14:58 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-10-11 00:38 - 2015-10-11 00:38 - 00118640 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2015-10-01 08:58 - 2015-09-16 23:44 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 08:58 - 2015-09-16 23:42 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 08:58 - 2015-09-16 23:42 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 08:58 - 2015-09-16 23:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 05:00 - 2015-07-10 07:14 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-10-21 18:47 - 2015-10-21 19:00 - 00011776 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.2840.0_x64__8wekyb3d8bbwe\PeopleApp.exe
2015-10-21 18:47 - 2015-10-21 19:00 - 08355840 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.2840.0_x64__8wekyb3d8bbwe\PeopleApp.dll
2015-10-21 18:47 - 2015-10-21 19:00 - 00125440 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.2840.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll
2015-10-21 18:47 - 2015-10-21 19:00 - 03344896 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.2840.0_x64__8wekyb3d8bbwe\PeopleShared.Windows.dll
2015-10-21 18:47 - 2015-10-21 19:00 - 01157632 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.2840.0_x64__8wekyb3d8bbwe\BackgroundTasks.Windows.dll
2015-10-21 18:47 - 2015-10-21 19:00 - 00335360 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.2840.0_x64__8wekyb3d8bbwe\PersonPicture.UAP.dll
2015-10-01 08:58 - 2015-09-16 23:43 - 02028544 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-10-01 08:58 - 2015-09-16 23:42 - 00619008 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-10-01 08:58 - 2015-09-16 23:43 - 00928768 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-10-01 08:58 - 2015-09-16 23:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 08:58 - 2015-09-17 00:04 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-10-03 15:14 - 2015-10-03 15:14 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-10-03 15:14 - 2015-10-03 15:14 - 10814464 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-07-10 07:16 - 2015-07-10 07:16 - 00117920 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.13281.0_x64__8wekyb3d8bbwe\GNSDK_FP.DLL
2014-11-21 19:19 - 2013-12-09 17:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2015-06-01 18:29 - 2015-10-04 02:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-14 15:15 - 2015-10-08 18:53 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\libglesv2.dll
2015-10-14 15:15 - 2015-10-08 18:53 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\libegl.dll
2015-10-21 00:16 - 2015-10-15 13:20 - 16493256 _____ () C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll
2015-04-14 17:11 - 2015-04-14 17:11 - 01286312 _____ () C:\Program Files (x86)\Microsoft Office\Office15\PPRESOURCES.DLL
2015-04-29 19:50 - 2015-04-29 19:50 - 00520192 _____ () C:\Program Files\WinZip\adxloader.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\Nicole\OneDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254 - 75.153.176.9
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: QBCFMonitorService => 2
MSCONFIG\Services: QBFCService => 3
MSCONFIG\Services: SEVPNCLIENT => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: ZAtheros Bt and Wlan Coex Agent => 2
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKLM\...\StartupApproved\Run32: => "Intuit SyncManager"
HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0350750C-2D22-4E2A-9009-D55B9E8EA64E}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{D4FAA23E-8862-4BF5-8482-242C318A02BC}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{E1B9CB8C-7A48-4C15-B7BB-ED54053811C3}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{9803F20A-CF5B-4255-A2C8-9D45067A0E14}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{B29A4620-B191-4A67-85AC-FC93E63223DF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{072C1A48-7AFD-4D73-9B27-A4C0099A9933}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{70032886-60D1-4E31-B469-23C01A2FE7E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3AE77ED9-35C5-4698-B39C-0308ADFF989E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{188B6036-F408-4DD3-B437-4BB692788ECA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B172239A-AE97-47FD-B430-9F7EF809B217}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BF4EF8BF-E427-43F0-8AA3-91A42295E967}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F495F9C2-82DF-4C33-AC14-8CBE38E42B8A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{114BA2E8-8DB2-45E9-8D7F-E7356C846985}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{7B532F40-99DC-4D3B-860D-527A86A9FB78}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{5BD1F43F-042F-4837-B62B-6DE2D36964CB}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{9DEA33EE-2D3B-49C3-BC40-33A16433D879}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{3D929146-17FB-43DF-A9E9-C7C999D3A778}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{32057CCB-719D-4EB2-BC4F-3D5EEF7A16DF}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{7EA03B39-AFC7-46FC-8BFD-90E6B1125073}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{B768C5AD-C9EA-4A80-81D3-0B460440E773}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{F7952CB3-23A1-49EE-A30A-DC4E6E96FB97}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{DE2E4ACE-4C91-4745-8579-22F087A584BF}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{0BF0C907-BF60-4E95-9D91-DBD10656AB5D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AB2BA078-8993-4067-8ED6-3436023C5483}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F1774473-3AB9-4259-8BBB-5695C25DD8AD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{46E4773C-6901-4D4C-A038-7AFA7F28DE7B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{2AA6D572-B681-400F-994B-C03ABE95D5A3}] => (Allow) C:\Users\Nicole\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{15E489D2-4874-47AC-B6B0-982C9041725B}] => (Allow) C:\Users\Nicole\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DE9ED492-BC15-4B3F-9CA8-FBFC07D363DE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0DB2724E-BBD6-4F62-8465-763AB12BBBBE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{564A4039-5CE5-402F-8AD0-C0C53DDC38B7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3AF403E8-3F9C-43F7-8EBB-2D9C7CCA54EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E36DB6A3-604C-49EF-A623-415F159CCC78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1C5BE3CB-D822-4425-878D-F92CD7821F27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DD1E1544-E131-4467-B984-17D7B2AF6A0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0C1807FC-A7B3-41B1-9A13-6A8C4D867CBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AC745B26-461C-458E-AEE2-30AD8579382B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BF3F2755-26CA-4781-B042-56AD2E78756F}] => (Allow) D:\DragonAgeInquisition.exe
FirewallRules: [{B87279D1-D2A4-4098-8E56-6C295669C2BC}] => (Allow) D:\DragonAgeInquisition.exe
FirewallRules: [{412DAF10-5FFC-430C-A8B4-15D58A0A56E8}] => (Allow) D:\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{5C84DE49-FF72-4B7C-B440-2F1312ADBD23}] => (Allow) D:\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{B876E587-DFE4-4670-AC2C-C06CA378A34D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{BB06B061-0080-4B44-87F4-FD6F1F1EE0AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{62C9C8CC-43E4-4C25-B488-0C7ED2E04F09}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E77F114C-2D74-44FC-875B-1DC472CF1133}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2A7326B9-89B0-4561-A7D6-58488358189E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/22/2015 08:29:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4074031
 
Error: (10/22/2015 08:29:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4074031
 
Error: (10/22/2015 08:29:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/22/2015 08:28:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4072890
 
Error: (10/22/2015 08:28:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4072890
 
Error: (10/22/2015 08:28:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/22/2015 08:28:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4071750
 
Error: (10/22/2015 08:28:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4071750
 
Error: (10/22/2015 08:28:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/22/2015 08:28:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4070515
 
 
System errors:
=============
Error: (10/21/2015 02:39:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Superfetch service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (10/21/2015 07:39:54 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
 
Error: (10/21/2015 07:36:35 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
 
Error: (10/21/2015 07:36:33 AM) (Source: DCOM) (EventID: 10010) (User: MEZURASHI)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
 
Error: (10/21/2015 07:36:33 AM) (Source: DCOM) (EventID: 10010) (User: MEZURASHI)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
 
Error: (10/21/2015 07:36:33 AM) (Source: DCOM) (EventID: 10010) (User: MEZURASHI)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
 
Error: (10/21/2015 07:36:25 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_Session1 service to connect.
 
Error: (10/21/2015 07:36:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_Session1 service to connect.
 
Error: (10/21/2015 07:36:24 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Data Storage_Session1 service, but this action failed with the following error: 
%%1056
 
Error: (10/21/2015 07:36:17 AM) (Source: DCOM) (EventID: 10010) (User: MEZURASHI)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 54%
Total physical RAM: 12171.01 MB
Available physical RAM: 5480.07 MB
Total Virtual: 14277.21 MB
Available Virtual: 4024.95 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:48.32 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:398.07 GB) (Free:302.24 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: BC9EED00)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

Attached Files


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
If the popups appear after this could you take a screen shot of them for me please

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {1fb0e669-54f8-11e5-8291-40e23057c958} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL Z:\index.html
BHO-x32: iSkysoft Video Converter Ultimate 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\PROGRA~3\iSkysoft\VIDEOC~1\WSBROW~1.DLL => No File
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File
Edge Session Restore: HKU\S-1-5-21-3710058852-312542076-3770498964-1001 -> is enabled.
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\iSkysoft\Video Converter Ultimate\[email protected] => not found
OPR Extension: (SaveFrom.net helper) - C:\Users\Nicole\AppData\Roaming\Opera Software\Opera Stable\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl [2015-09-07]
2015-10-11 09:59 - 2015-10-11 09:59 - 00000000 ____D C:\Users\Nicole\AppData\Local\TempTaskUpdateDetection091E06C7-8EE2-4DE7-9A80-91318CF76556
2014-09-24 06:20 - 2012-09-07 05:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-09-24 06:20 - 2009-07-22 04:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-09-24 06:20 - 2012-09-07 05:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
CustomCLSID: HKU\S-1-5-21-3710058852-312542076-3770498964-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
Task: {1B83B88D-BA1C-44D2-BFA1-9D502EAAC87B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {37650F05-D8CC-406E-92FC-8DF135C67167} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3EF5203D-6C47-4DC6-B8C5-7CCE931C9FE9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {45B8E168-1746-458C-931A-E0F7ABD39DE0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4C946DC1-674A-43F0-8AD1-23A863D0B31A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {740E3964-5E37-4E44-B33E-E6E7BF0420F1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {80D433EC-5049-4257-B93C-8A5B20834063} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A25DC04E-9932-43EA-8DB9-EBB63AD442D3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C6D8576B-E43B-4559-BC3A-D81C6EFD41F7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DF4BE3FB-3027-470E-B39C-EC9A901D6F79} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {ED30295E-89A2-4452-BBE5-BE728557C909} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#5
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

Still getting pop ups, some don't make it through malware bytes as seen in pics and others make it through to the browser, quite consistently popping up showing malwarebytes blocking. Computer also slow on loading and startup than normal of those, that has been slowly progressing in general. 

 

Also for main pop ups through the browser they are always different, very different, even the type if you know what I mean. 0.o

 

Have attached everything. Thanks!

 

Oh it can can also get so bad that when I go to click on something even repeatedly nothing happens simply because it is trying to redirect me so often that nothing happens since its also attempting to be blocked by my protection systems.

Attached Thumbnails

  • pop ups.jpg
  • pop ups3.jpg
  • pop ups4.jpg

Attached Files


Edited by Destiny000, 22 October 2015 - 02:11 PM.

  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I would like you to fully uninstall Chrome and then run a fresh FRST scan please

Re-install Chrome

1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chrome.
Note: When asked about user data or settings you must remove this also so please check the box.
5. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
6. Import your bookmarks back into Chrome
7. Sign back in to your Chrome browser so that your bookmarks sync with your online account.
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
User returned ..  Could you download a fresh copy of FRST please and run a fresh scan

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#9
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

Thanks I have added them. Like i had mentioned, uninstalling then reinstalling chrome did nothing. If I use any other browser the same things happen as well and malware bytes pops up with it then coming from that browser.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by Nicole (administrator) on MEZURASHI (06-11-2015 13:22:13)
Running from C:\Users\Nicole\Desktop\frst scan
Loaded Profiles: Nicole (Available Profiles: Nicole)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Scarlet.Crush Productions) C:\Users\Nicole\Desktop\ScpServer\bin\ScpService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\AsusWSPanel.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\WINWORD.EXE
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.21.12.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Nicole\Desktop\frst scan\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [920280 2015-04-17] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5199592 2015-10-06] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12588672 2015-10-23] (Zemana Ltd.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\ASUSWSLoader.exe [63272 2015-02-12] ()
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [623880 2008-11-18] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2066432 2014-10-31] (iSkySoft)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2001920 2014-04-04] (AimerSoft)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3761424 2014-11-10] (Disc Soft Ltd)
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {3cf6f01c-5c16-11e5-8291-40e23057c958} - "F:\KODAK_Camera_Setup_App.exe" 
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {a09c485c-7031-11e5-829e-40e23057c958} - "X:\OriginSetup.exe" 
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {a09c4b59-7031-11e5-829e-40e23057c958} - "W:\OriginSetup.exe" 
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\MountPoints2: {f19d705a-6dcc-11e5-829a-40e23057c958} - "Y:\Setup.exe" 
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-07-26]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2015-03-05]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Canada ULC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-10-06]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-07-26]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.9
Tcpip\..\Interfaces\{32cb7938-99ba-456f-a26c-a3f3bd49b2f9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d03d179d-f0ae-4322-ba8a-a0cc48c7fcfb}: [DhcpNameServer] 192.168.1.254 75.153.176.9
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll [2011-01-17] (Intuit, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_207.dll [2015-10-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-05-30]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-07-16]
FF Extension: MP4 Downloader - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-05-30]
FF Extension: UnPlug - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\[email protected] [2015-05-30]
FF Extension: Adblock Plus - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\4j9itmdj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-13]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]
 
Chrome: 
=======
CHR Profile: C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-06]
CHR Extension: (Google Docs) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-06]
CHR Extension: (Google Drive) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-06]
CHR Extension: (YouTube) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-06]
CHR Extension: (Google Search) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (Tampermonkey) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-11-06]
CHR Extension: (Video Downloader professional) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-11-06]
CHR Extension: (Google Play Music) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-11-06]
CHR Extension: (Google Sheets) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-06]
CHR Extension: (AdBlock) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-06]
CHR Extension: (Skype Click to Call) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-06]
CHR Extension: (Gmail) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-06]
CHR HKU\S-1-5-21-3710058852-312542076-3770498964-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-19] (ASUS Cloud Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe [2216208 2014-11-10] (Disc Soft Ltd)
R2 Ds3Service; C:\Users\Nicole\Desktop\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-11-06] (SurfRight B.V.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2078216 2015-10-12] (Electronic Arts)
S4 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [24576 2011-01-17] (Intuit) [File not signed]
S4 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2008-11-18] (Intuit Inc.) [File not signed]
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5199592 2015-10-06] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12588672 2015-10-23] (Zemana Ltd.)
S4 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [97680 2015-07-28] (ASUS Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2015-10-12] (Digiarty Software, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29864 2015-03-06] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-01-30] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-01-30] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [159480 2015-01-30] (ESET)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-06] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
R3 Neo_VPN; C:\Windows\System32\drivers\Neo_VPN.sys [40704 2015-07-02] (SoftEther Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek                                            )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [48896 2015-06-13] (SoftEther Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [111992 2015-10-26] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [111992 2015-10-26] (Zemana Ltd.)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-06 13:21 - 2015-11-06 13:22 - 00000000 ____D C:\Users\Nicole\Desktop\frst scan
2015-11-06 13:19 - 2015-11-06 13:19 - 00016148 _____ C:\WINDOWS\system32\MEZURASHI_Nicole_HistoryPrediction.bin
2015-11-06 08:56 - 2015-11-06 08:56 - 00002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-06 08:56 - 2015-11-06 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-04 16:50 - 2015-11-04 18:00 - 1308417138 _____ C:\Users\Nicole\Desktop\The-Truth-About_Cancer-A-Global-Quest-Episode7-HQ.mp4
2015-11-04 12:46 - 2015-11-04 12:47 - 00929872 _____ (Google Inc.) C:\Users\Nicole\Downloads\ChromeSetup (1).exe
2015-11-01 20:24 - 2015-11-01 20:24 - 00002030 _____ C:\Users\Nicole\Desktop\meridian-toothchart.html
2015-10-30 10:54 - 2015-10-27 16:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 10:54 - 2015-10-27 16:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 10:54 - 2015-10-21 05:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 10:54 - 2015-10-21 05:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 10:54 - 2015-10-21 05:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 10:54 - 2015-10-21 05:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 10:54 - 2015-10-21 05:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 10:54 - 2015-10-21 05:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 10:54 - 2015-10-21 04:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 10:54 - 2015-10-21 04:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 10:54 - 2015-10-21 04:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 10:54 - 2015-10-21 04:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 10:54 - 2015-10-21 04:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 10:54 - 2015-10-21 04:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 10:54 - 2015-10-21 04:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 10:54 - 2015-10-21 04:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 10:54 - 2015-10-21 04:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 10:54 - 2015-10-21 04:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 10:54 - 2015-10-21 04:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 10:54 - 2015-10-21 04:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 10:54 - 2015-10-21 04:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 10:54 - 2015-10-21 04:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 10:54 - 2015-10-21 04:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 10:54 - 2015-10-20 22:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 10:54 - 2015-10-20 22:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 10:54 - 2015-10-20 22:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 10:54 - 2015-10-20 22:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 10:54 - 2015-10-20 22:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 10:54 - 2015-10-20 22:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 10:54 - 2015-10-20 22:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 10:54 - 2015-10-20 22:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 10:54 - 2015-10-20 21:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 10:54 - 2015-10-20 21:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 10:54 - 2015-10-20 21:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-29 20:04 - 2015-10-29 20:05 - 00000000 ____D C:\Users\Nicole\Desktop\New folder
2015-10-29 19:21 - 2015-10-29 19:30 - 41362021 _____ C:\Users\Nicole\Downloads\FoxitPDFToolkit_1.0.zip
2015-10-29 17:12 - 2015-10-29 17:15 - 44683250 _____ C:\Users\Nicole\Downloads\(Jubo)White Light [Tales of Zestiria OP][251].zip
2015-10-29 15:15 - 2015-10-29 16:25 - 00000000 ____D C:\Users\Nicole\Desktop\playlist
2015-10-29 15:13 - 2015-10-29 15:13 - 00020806 _____ C:\Users\Nicole\Desktop\pumpkin-carving-tree.htm
2015-10-26 07:33 - 2015-10-26 07:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2015-10-25 20:08 - 2015-10-25 21:04 - 292686626 _____ C:\Users\Nicole\Desktop\videoplayback.mp4
2015-10-22 17:42 - 2015-10-22 18:31 - 255829329 _____ C:\Users\Nicole\Desktop\THE PERFECT ISIDER 3.mp4
2015-10-22 12:58 - 2015-10-22 12:58 - 00001618 _____ C:\Users\Nicole\Desktop\AdwCleaner[C11].txt
2015-10-22 12:39 - 2015-10-22 12:39 - 01691648 _____ C:\Users\Nicole\Desktop\AdwCleaner.exe
2015-10-22 12:01 - 2015-10-22 12:01 - 00001830 _____ C:\Users\Nicole\Desktop\aswMBR.txt
2015-10-22 12:01 - 2015-10-22 12:01 - 00000512 _____ C:\Users\Nicole\Desktop\MBR.dat
2015-10-22 11:26 - 2015-10-22 11:26 - 00087517 _____ C:\Users\Nicole\Desktop\FRST.txt
2015-10-22 11:26 - 2015-10-22 11:26 - 00039132 _____ C:\Users\Nicole\Desktop\Addition.txt
2015-10-22 11:22 - 2015-10-22 11:22 - 05200384 _____ (AVAST Software) C:\Users\Nicole\Downloads\aswmbr.exe
2015-10-22 11:22 - 2015-10-22 11:22 - 02196480 _____ (Farbar) C:\Users\Nicole\Desktop\FRST64 (1).exe
2015-10-22 11:14 - 2015-10-22 12:42 - 30710886 _____ C:\Users\Nicole\Downloads\Flowing_Energy_Fields.mp3.crdownload
2015-10-22 11:14 - 2015-10-22 12:42 - 30526191 _____ C:\Users\Nicole\Downloads\Eternal_Love.mp3.crdownload
2015-10-22 11:13 - 2015-10-22 12:42 - 31001658 _____ C:\Users\Nicole\Downloads\Divine_Connection.mp3.crdownload
2015-10-22 08:01 - 2015-10-22 08:01 - 00114168 _____ C:\Users\Nicole\Downloads\nutrient-interaction4429-131121091005-phpapp02.pptx
2015-10-22 07:30 - 2015-10-22 09:11 - 1870565704 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - Episode 9.mp4
2015-10-21 19:44 - 2015-10-21 20:45 - 262057448 _____ C:\Users\Nicole\Desktop\hidan noa ria 3.mp4
2015-10-21 16:41 - 2015-10-21 17:14 - 239771272 _____ C:\Users\Nicole\Desktop\Sakurako-san-no-Ashimoto-ni-wa-Shitai-ga-Umatteiru Episode-003.mp4
2015-10-21 15:37 - 2015-10-21 15:37 - 00000000 ____D C:\Users\Nicole\Desktop\YandereSimOct18th
2015-10-21 13:57 - 2015-10-21 14:15 - 553535939 _____ C:\Users\Nicole\Downloads\YandereSimOct18th.rar
2015-10-20 21:37 - 2015-10-20 23:43 - 1306846592 _____ C:\Users\Nicole\Downloads\The Truth About Cancer_ A Global Quest - Episode 8.mp4
2015-10-20 21:34 - 2015-10-20 23:11 - 502224657 _____ C:\Users\Nicole\Downloads\The Moment of Truth - Episode 7.mp4
2015-10-19 07:54 - 2015-10-19 08:34 - 1171692666 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - Episode 6.mp4
2015-10-18 11:24 - 2015-10-18 12:45 - 1301592153 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - Episode 5.mp4
2015-10-18 11:24 - 2015-10-18 11:24 - 00000000 _____ C:\Users\Nicole\Downloads\videoplayback.htm
2015-10-16 20:26 - 2015-10-17 01:36 - 1440091983 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - Episode 4.mp4
2015-10-16 08:01 - 2015-10-16 08:16 - 1360827400 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - Episode 3.mp4
2015-10-15 08:53 - 2015-10-15 08:53 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\21540
2015-10-15 07:59 - 2015-10-15 08:00 - 06125938 _____ C:\Users\Nicole\Downloads\Natural Treatment for Depression Explained - Naicin B3 - Food Matters.mp4
2015-10-15 07:57 - 2015-10-15 07:58 - 00000000 ____D C:\Users\Nicole\AppData\Local\Adobe
2015-10-15 07:33 - 2015-10-15 07:33 - 00000000 ____D C:\Users\Nicole\AppData\Local\Apple
2015-10-15 07:32 - 2015-10-15 08:50 - 1378363723 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - Episode 2.mp4
2015-10-14 16:45 - 2013-05-10 10:57 - 01661440 _____ (Slackerhome Productions) C:\Users\Nicole\Desktop\Better DS3.exe
2015-10-14 16:24 - 2015-10-14 16:25 - 00759932 _____ C:\Users\Nicole\Desktop\BetterDS3_1.5.3(1).zip
2015-10-14 15:55 - 2015-10-14 15:55 - 00004246 _____ C:\Users\Nicole\Desktop\x360ce.tmp
2015-10-13 18:44 - 2015-10-13 18:48 - 10571443 _____ C:\Users\Nicole\Downloads\SCP-DS-Driver-Package-1.2.0.160(1).7z
2015-10-13 18:34 - 2015-10-13 18:37 - 10005401 _____ C:\Users\Nicole\Downloads\SCP-DS3-Driver-Package-1.0.0.103.7z
2015-10-13 18:12 - 2015-10-13 23:36 - 1829900834 _____ C:\Users\Nicole\Downloads\The Truth About Cancer- A Global Quest - The True History of Chemo & The Pharmaceutical Monopoly.mp4
2015-10-13 18:06 - 2015-10-04 06:11 - 02950296 _____ (TocaEdit) C:\Users\Nicole\Desktop\x360ce.exe
2015-10-13 17:59 - 2015-10-13 17:59 - 01519379 _____ C:\Users\Nicole\Desktop\x360ce_x64 (1).zip
2015-10-13 17:58 - 2015-10-13 17:58 - 01519567 _____ C:\Users\Nicole\Desktop\x360ce (1).zip
2015-10-13 14:43 - 2015-10-05 08:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\is-NJ5T9.tmp
2015-10-13 12:35 - 2015-10-10 00:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-13 12:35 - 2015-10-05 20:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-13 12:35 - 2015-10-05 19:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-13 12:35 - 2015-09-30 21:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-13 12:35 - 2015-09-30 21:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-13 12:35 - 2015-09-30 21:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-13 12:35 - 2015-09-30 21:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-13 12:35 - 2015-09-30 21:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-13 12:35 - 2015-09-30 20:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-13 12:35 - 2015-09-24 21:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-13 12:35 - 2015-09-24 21:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-13 12:35 - 2015-09-24 20:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-13 12:35 - 2015-09-24 20:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-13 12:35 - 2015-09-24 20:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-13 12:35 - 2015-09-24 20:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-13 12:35 - 2015-09-24 20:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-13 12:35 - 2015-09-24 20:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-13 12:35 - 2015-09-24 20:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-13 12:35 - 2015-09-24 20:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-13 12:35 - 2015-09-24 20:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-13 12:35 - 2015-09-24 20:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-13 12:35 - 2015-09-24 20:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-13 12:35 - 2015-09-24 20:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-13 12:35 - 2015-09-24 20:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-13 12:35 - 2015-09-24 20:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-13 12:35 - 2015-09-24 20:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-13 12:35 - 2015-09-24 20:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-13 12:35 - 2015-09-24 20:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-13 12:35 - 2015-09-24 20:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-13 12:35 - 2015-09-24 20:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-13 12:35 - 2015-09-24 20:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-13 12:35 - 2015-09-24 20:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-13 12:35 - 2015-09-24 19:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-13 12:35 - 2015-09-24 19:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-13 12:35 - 2015-09-24 19:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-13 12:35 - 2015-09-24 19:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-13 12:35 - 2015-09-24 19:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-13 12:35 - 2015-09-24 19:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-13 12:35 - 2015-09-24 19:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-13 12:35 - 2015-09-24 19:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-13 12:35 - 2015-09-24 19:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-13 12:35 - 2015-09-24 19:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-13 12:35 - 2015-09-24 19:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-13 12:35 - 2015-09-24 19:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-13 12:35 - 2015-09-24 19:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-13 12:35 - 2015-09-24 19:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-13 12:35 - 2015-09-24 19:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-13 12:35 - 2015-09-24 19:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-13 12:35 - 2015-09-24 19:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-13 12:35 - 2015-09-24 19:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-13 12:35 - 2015-09-24 19:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-13 12:35 - 2015-09-24 19:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-13 12:35 - 2015-09-24 19:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-13 12:35 - 2015-09-24 19:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-13 12:35 - 2015-09-24 19:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-13 12:35 - 2015-09-24 19:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-13 12:35 - 2015-09-24 19:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-13 12:35 - 2015-09-24 19:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-12 19:44 - 2015-10-12 19:44 - 00000000 ____D C:\Users\Nicole\Documents\BioWare
2015-10-12 18:30 - 2015-10-12 18:37 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\Origin
2015-10-12 18:30 - 2015-10-12 18:34 - 00000000 ____D C:\Users\Nicole\AppData\Local\Origin
2015-10-12 17:26 - 2015-10-12 19:44 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-10-12 17:26 - 2015-10-12 17:26 - 00000565 _____ C:\Users\Public\Desktop\Origin.lnk
2015-10-12 17:18 - 2015-10-12 17:25 - 17113896 _____ (Electronic Arts, Inc.) C:\Users\Nicole\Downloads\OriginThinSetup.exe
2015-10-12 17:17 - 2013-11-21 20:22 - 00050688 _____ (Atribune.org) C:\Users\Nicole\Desktop\ATF-Cleaner.exe
2015-10-12 11:36 - 2015-10-12 12:10 - 00000717 _____ C:\Users\Public\Desktop\Dragon Age Inquisition.lnk
2015-10-12 11:13 - 2015-10-14 17:00 - 00000000 ____D C:\ProgramData\Origin
2015-10-11 20:15 - 2015-10-22 11:26 - 00039132 _____ C:\Users\Nicole\Downloads\Addition.txt
2015-10-11 20:14 - 2015-11-06 13:22 - 00000000 ____D C:\FRST
2015-10-11 20:14 - 2015-10-22 11:26 - 00087517 _____ C:\Users\Nicole\Downloads\FRST.txt
2015-10-11 20:13 - 2015-10-11 20:13 - 02195968 _____ (Farbar) C:\Users\Nicole\Downloads\FRST64.exe
2015-10-11 18:42 - 2015-10-11 18:42 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Nicole\Downloads\SpyHunter-Installer.exe
2015-10-11 09:07 - 2015-10-14 15:56 - 00004246 _____ C:\Users\Nicole\Desktop\x360ce.ini
2015-10-11 09:07 - 2015-10-13 18:07 - 00146072 _____ (hxxp://x360ce.googlecode.com) C:\Users\Nicole\Desktop\xinput1_3.dll
2015-10-11 08:47 - 2015-10-11 08:47 - 00000000 ____D C:\Users\Nicole\Desktop\ScpServer
2015-10-11 08:47 - 2013-05-19 00:02 - 00039168 _____ (Scarlet.Crush Productions) C:\WINDOWS\system32\Drivers\ScpVBus.sys
2015-10-11 08:47 - 2013-01-07 07:56 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2015-10-11 08:46 - 2015-10-11 08:46 - 07878008 _____ (Microsoft Corporation) C:\Users\Nicole\Downloads\Xbox360_64Eng.exe
2015-10-11 08:45 - 2015-10-11 08:47 - 10571443 _____ C:\Users\Nicole\Downloads\SCP-DS-Driver-Package-1.2.0.160.7z
2015-10-11 08:01 - 2015-10-11 08:36 - 551856746 _____ C:\Users\Nicole\Downloads\YanSimOctober11th.rar
2015-10-11 07:55 - 2015-11-06 08:57 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-10-11 07:55 - 2015-10-11 07:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-10-11 07:55 - 2015-10-11 07:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-10-11 07:50 - 2015-10-11 07:52 - 02947874 ____R C:\Users\Nicole\Downloads\Malwarebytes Anti-Exploit Premium 1.06.1.1018 + Serial (menin).zip
2015-10-11 07:50 - 2015-10-11 07:50 - 00004394 _____ C:\Users\Nicole\Downloads\[kat.cr]malwarebytes.anti.exploit.premium.1.06.1.1018.serial.menin.torrent
2015-10-10 23:38 - 2015-11-03 03:44 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2015-10-10 23:38 - 2015-10-26 07:33 - 00111992 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2015-10-10 23:38 - 2015-10-26 07:33 - 00001147 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2015-10-10 23:37 - 2015-10-26 07:32 - 00111992 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2015-10-10 23:37 - 2015-10-10 23:37 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2015-10-10 23:37 - 2015-10-10 23:37 - 00000000 ____D C:\Users\Nicole\AppData\Local\Zemana
2015-10-10 23:22 - 2015-10-10 23:22 - 00001964 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-10-10 23:22 - 2015-10-10 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-10-10 23:22 - 2015-10-10 23:22 - 00000000 ____D C:\Program Files\HitmanPro
2015-10-10 23:21 - 2015-10-11 07:51 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-10 23:17 - 2015-10-10 23:19 - 05078968 _____ ( ) C:\Users\Nicole\Desktop\Zemana.AntiMalware.Setup.exe
2015-10-10 23:15 - 2015-10-10 23:20 - 11336600 _____ (SurfRight B.V.) C:\Users\Nicole\Desktop\HitmanPro_x64.exe
2015-10-10 23:08 - 2015-10-10 23:08 - 00002560 _____ C:\WINDOWS\_MSRSTRT.EXE
2015-10-10 22:05 - 2015-10-10 22:05 - 01519567 _____ C:\Users\Nicole\Downloads\x360ce.zip
2015-10-10 20:30 - 2015-10-10 20:30 - 00000000 ____D C:\Program Files (x86)\ESET
2015-10-10 20:28 - 2015-10-10 20:30 - 02870984 _____ (ESET) C:\Users\Nicole\Downloads\esetsmartinstaller_enu.exe
2015-10-09 07:39 - 2015-10-09 07:39 - 00001649 _____ C:\Users\Public\Desktop\Machina of the Planet Tree -Planet Ruler-.lnk
2015-10-09 07:39 - 2015-10-09 07:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sekai Project
2015-10-09 07:38 - 2015-10-09 07:38 - 00000000 ____D C:\Program Files (x86)\Sekai Project
2015-10-08 16:20 - 2015-10-10 20:14 - 01408836 _____ C:\Users\Nicole\Downloads\Unconfirmed 111654.crdownload
2015-10-08 15:36 - 2015-10-08 15:36 - 10818216 _____ C:\Users\Nicole\Downloads\dap10_full.exe
2015-10-08 08:27 - 2015-10-08 08:27 - 00000000 ____D C:\ProgramData\X360CE
2015-10-08 08:26 - 2015-10-08 08:27 - 01519379 _____ C:\Users\Nicole\Downloads\x360ce_x64.zip
2015-10-08 06:14 - 2015-10-09 17:37 - 00000000 ____D C:\Users\Nicole\Desktop\Games
2015-10-07 20:41 - 2015-10-08 07:46 - 00000000 ____D C:\Users\Nicole\Downloads\YanSimJuly22nd
2015-10-07 18:07 - 2015-10-07 18:07 - 00022266 _____ C:\Users\Nicole\Downloads\yandere.simulator.pc.game.v22-skidrowcodex.torrent
2015-10-07 18:06 - 2015-10-07 18:06 - 00031218 _____ C:\Users\Nicole\Downloads\machina.of.the.planet.tree.planet.ruler.skidrowcodex.torrent
2015-10-07 18:00 - 2015-10-13 07:26 - 00000000 ____D C:\Users\Nicole\Downloads\FINAL.FANTASY.TYPE.0.HD-CODEX
2015-10-07 17:58 - 2015-10-07 17:58 - 00059378 _____ C:\Users\Nicole\Downloads\final.fantasy.type.0.hd.skidrowcodex.torrent
2015-10-07 06:43 - 2015-10-02 21:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-07 06:43 - 2015-10-02 21:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-06 13:17 - 2015-04-28 10:42 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-06 13:14 - 2015-03-07 08:44 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-06 13:06 - 2015-07-10 05:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-06 12:55 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-06 12:00 - 2015-08-06 11:29 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2015-11-06 12:00 - 2015-05-13 11:13 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2015-11-06 08:58 - 2015-08-08 00:02 - 00524174 _____ C:\WINDOWS\system32\perfh011.dat
2015-11-06 08:58 - 2015-08-08 00:02 - 00142324 _____ C:\WINDOWS\system32\perfc011.dat
2015-11-06 08:58 - 2015-08-07 22:27 - 01524230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-06 08:53 - 2015-08-10 11:31 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-11-06 08:53 - 2015-03-07 08:44 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-06 08:53 - 2015-03-05 14:48 - 00000093 _____ C:\Users\Nicole\AppData\Roaming\sp_data.sys
2015-11-06 08:53 - 2014-11-21 18:38 - 02654140 _____ C:\Users\Public\CAFADEBUG.log
2015-11-06 08:52 - 2015-08-07 22:12 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-06 08:52 - 2015-06-13 11:34 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2015-11-06 08:51 - 2015-08-07 22:05 - 00023458 _____ C:\WINDOWS\PFRO.log
2015-11-06 08:51 - 2015-07-10 05:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-06 08:51 - 2015-07-10 02:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-05 20:01 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-05 18:34 - 2015-03-05 15:09 - 00003942 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1425593172
2015-11-05 18:34 - 2015-03-05 15:06 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-05 18:34 - 2015-03-05 15:06 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-04 13:10 - 2015-09-18 07:59 - 00000000 ____D C:\Users\Nicole\Desktop\Photo's for PEEP project
2015-11-03 09:14 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-03 03:42 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-03 03:40 - 2015-08-07 22:14 - 00000000 ____D C:\Users\Nicole
2015-11-02 23:18 - 2015-07-10 05:20 - 00033798 _____ C:\WINDOWS\setupact.log
2015-10-31 17:38 - 2015-03-05 16:09 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-10-30 15:05 - 2015-03-05 15:32 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\vlc
2015-10-30 10:58 - 2015-07-10 03:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-29 19:15 - 2015-03-14 21:18 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\Foxit Software
2015-10-27 12:37 - 2015-03-05 18:26 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-26 12:42 - 2015-03-06 02:43 - 00000000 ____D C:\Users\Nicole\AppData\Local\Microsoft Help
2015-10-26 07:30 - 2015-08-10 09:19 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-26 07:30 - 2014-11-21 18:02 - 00278622 ____N C:\WINDOWS\Minidump\102615-18656-01.dmp
2015-10-22 12:55 - 2015-04-28 10:38 - 00000000 ____D C:\AdwCleaner
2015-10-22 12:43 - 2015-09-16 10:14 - 00000000 ____D C:\Users\Nicole\AppData\LocalLow\Temp
2015-10-22 11:12 - 2015-03-05 14:46 - 00000000 ____D C:\Users\Nicole\AppData\Local\Packages
2015-10-22 10:51 - 2015-03-05 14:49 - 00000000 ___DO C:\Users\Nicole\OneDrive
2015-10-21 06:26 - 2015-04-28 20:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-15 20:10 - 2015-07-10 04:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-15 20:10 - 2015-07-10 04:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 12:55 - 2015-05-03 09:52 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\dvdcss
2015-10-14 16:56 - 2015-10-06 20:39 - 00000000 ____D C:\Users\Nicole\AppData\Local\BetterDS3
2015-10-14 16:31 - 2015-03-05 15:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-13 15:57 - 2015-03-06 02:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-13 15:57 - 2015-03-05 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-13 15:52 - 2015-03-05 15:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-13 15:45 - 2015-03-05 15:41 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-13 14:43 - 2015-04-28 10:41 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-13 14:43 - 2015-04-28 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-13 14:43 - 2015-04-28 10:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-13 14:39 - 2015-03-05 18:58 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\uTorrent
2015-10-12 18:30 - 2014-09-24 05:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-12 13:14 - 2015-04-28 10:46 - 00000000 ____D C:\Users\Nicole\AppData\Local\ESET
2015-10-12 09:50 - 2015-05-05 10:02 - 00276256 _____ (Digiarty Software, Inc.) C:\WINDOWS\system32\Drivers\DigiartyVirtualCDBus.sys
2015-10-10 20:46 - 2014-11-21 18:45 - 00000000 ____D C:\ProgramData\Temp
2015-10-07 11:38 - 2015-10-03 13:02 - 00000000 ____D C:\Users\Nicole\AppData\Local\CutePDF Writer
2015-10-07 06:44 - 2015-08-10 09:55 - 00000000 ____D C:\ProgramData\NVIDIA
 
==================== Files in the root of some directories =======
 
2015-05-03 09:53 - 2015-05-03 10:17 - 0000798 _____ () C:\Users\Nicole\AppData\Roaming\burnaware.ini
2015-03-05 14:48 - 2015-11-06 08:53 - 0000093 _____ () C:\Users\Nicole\AppData\Roaming\sp_data.sys
2015-05-05 12:03 - 2015-05-05 12:03 - 0008704 _____ () C:\Users\Nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
Some files in TEMP:
====================
C:\Users\Nicole\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-01 10:39
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-11-2015
Ran by Nicole (2015-11-06 13:23:14)
Running from C:\Users\Nicole\Desktop\frst scan
Windows 10 Home (X64) (2015-08-08 05:46:42)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3710058852-312542076-3770498964-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3710058852-312542076-3770498964-503 - Limited - Disabled)
Guest (S-1-5-21-3710058852-312542076-3770498964-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3710058852-312542076-3770498964-1003 - Limited - Enabled)
Nicole (S-1-5-21-3710058852-312542076-3770498964-1001 - Administrator - Enabled) => C:\Users\Nicole
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 8.0 (Enabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
[email protected] DVD Eraser v 1.1 (HKLM-x32\...\[email protected] DVD Eraser v 1.1) (Version:  - )
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Aimersoft DVD Creator(Build 3.0.0) (HKLM-x32\...\Aimersoft DVD Creator_is1) (Version:  - Aimersoft Software)
Any Video Converter Ultimate 5.8.0 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AVS Disc Creator 5.2 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.3.533 - Online Media Technologies Ltd.)
AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.3.572 - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.60 - Conexant)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  - )
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 6.0.0.0444 - Disc Soft Ltd)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.11 - Electronic Arts)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVDFab 9.1.9.5 (28/03/2015) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
emWave2 (HKLM-x32\...\emWave23.3.0.7385) (Version: 3.3.0.7385 - Heartmath Inc.)
ESET NOD32 Antivirus (HKLM\...\{5F2AE448-CD4B-40BD-B245-5F0CD06A09B0}) (Version: 8.0.319.0 - ESET, spol s r. o.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Express Zip File Compression (HKLM-x32\...\ExpressZip) (Version: 2.33 - NCH Software)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Foxit PhantomPDF (HKLM-x32\...\{045A0488-55C1-45B1-9992-4B4134904D61}) (Version: 7.0.59.127 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.10.251 - SurfRight B.V.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Machina of the Planet Tree -Planet Ruler- (HKLM-x32\...\Machina of the Planet Tree -Planet Ruler-_is1) (Version:  - )
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Moon Planting Matrix (HKLM-x32\...\{B1FCFDBC-C876-4909-A26A-40AF94A24DEC}) (Version: 1.2.9 - Divine Inspirations)
Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Graphics Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Opera Stable 33.0.1990.58 (HKLM-x32\...\Opera 33.0.1990.58) (Version: 33.0.1990.58 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickBooks (x32 Version: 19.0.4007.1091 - Intuit Canada Limited) Hidden
QuickBooks Premier: Retail Edition 2010 (HKLM-x32\...\{69CAC0F3-5CA1-4AFB-8DF9-BD982998B36F}) (Version: 19.0.4007.1091 - Intuit Canada Limited)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.17.9562 - SoftEther VPN Project)
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
:spam: Walkman Video Converter 6.1.50 (HKLM-x32\...\{148E1C03-9ED1-4194-845E-159DE3ABC6A1}_is1) (Version:  - )
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{BF1B3F01-93F3-4B83-93DB-132EB1AED259}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E93D8472-11CA-4A0C-B31F-C82C9E9AA1CC}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{E93D8472-11CA-4A0C-B31F-C82C9E9AA1CC}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E93D8472-11CA-4A0C-B31F-C82C9E9AA1CC}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.0.496 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse  (06/17/2015 6.0.0.66) (HKLM\...\1EFB54678773735560B565BE7FA6F2BCC557EE21) (Version: 06/17/2015 6.0.0.66 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinX DVD Copy Pro 3.6.4 (HKLM\...\WinX DVD Copy Pro_is1) (Version:  - Digiarty Software,Inc.)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.18.19 - Zemana Ltd.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
30-10-2015 10:56:39 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2015-10-08 08:14 - 00002291 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 0.0.0.0.0
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 mfr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 static.a-ads.com
127.0.0.1 atlas.aamedia.ro
127.0.0.1 abcstats.com
127.0.0.1 ad4.abradio.cz
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 csh.actiondesk.com
127.0.0.1 ads.activepower.net
127.0.0.1 app.activetrail.com
 
There are 48 more lines.
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {121BB993-7064-4827-9F2A-92CE2FA2FAC5} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {2A29EE68-EB71-47BF-AB19-3F08575DDF5A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {346A2358-43A1-4831-B03F-176809137239} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-28] (AsusTek)
Task: {34ABDD7D-5EC9-4285-A962-66E3671FBF55} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {4237E065-8F05-4F5B-A0FA-09240BF6B870} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {44BC47FE-C3CC-429E-A5AE-7C35B1CC70EE} - System32\Tasks\{813BEEC4-B47C-4699-83E2-298AEB1C537F} => pcalua.exe -a C:\Users\Nicole\Desktop\VoiceTrap.DX\VoiceTrapX20.exe -d C:\Users\Nicole\Desktop\VoiceTrap.DX
Task: {4E3BD7AC-9ECD-4D4C-BD2D-BB228111D919} - System32\Tasks\Opera scheduled Autoupdate 1425593172 => C:\Program Files (x86)\Opera\launcher.exe [2015-10-30] (Opera Software)
Task: {5FB47C19-5BBC-449B-B930-7010584F9622} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe [2015-09-28] (Adobe Systems Incorporated)
Task: {636A5AE5-03FA-43F0-9354-F59A64C47C8D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {82CBBDA3-180A-457F-B61B-1F610596AF79} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
Task: {887C4DEE-3A9D-4A42-B5AB-D7ABAC2DE868} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {95AE2F84-3DB9-45C8-AD73-1691EBF96358} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {AC4A2FE6-E547-49FB-A2F0-BBFDF399F55C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)
Task: {B2A625E7-6F2F-4ED1-990B-4663FE77020F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {D034CAF5-B560-4B05-A9BE-4E36588D50C2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-13] (Microsoft Corporation)
Task: {DD612E11-7FFF-4E91-9E28-57CC27C6DCFF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)
Task: {DDA79EC7-7A0B-4596-BC16-92E98774E71D} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {E8572983-88DD-43F3-908B-019B4129D9FD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {ED20EEB8-BAB7-4FC5-BB88-C72CCEC7F0DA} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-07-10 04:00 - 2015-07-10 04:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-10 20:51 - 2015-07-14 19:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-10 09:52 - 2015-10-02 19:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-05 18:03 - 2012-03-11 14:56 - 00086608 _____ () C:\WINDOWS\System32\cpwmon64.dll
2015-08-19 11:38 - 2015-08-11 02:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-05 18:26 - 2015-10-07 18:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-10-01 07:58 - 2015-09-16 23:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 07:58 - 2015-09-16 23:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-27 12:33 - 2015-09-01 09:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-10-10 23:38 - 2015-10-26 07:33 - 00118640 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2015-10-01 07:58 - 2015-09-16 22:43 - 02028544 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-10-01 07:58 - 2015-09-16 22:42 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 07:58 - 2015-09-16 22:42 - 00619008 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-10-01 07:58 - 2015-09-16 22:43 - 00928768 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-10-01 07:58 - 2015-09-16 22:44 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 07:58 - 2015-09-16 22:42 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 07:58 - 2015-09-16 22:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-27 12:40 - 2015-10-27 12:40 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-10-27 12:40 - 2015-10-27 12:40 - 10958848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-10-27 12:40 - 2015-10-27 12:40 - 00245760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-10-22 17:08 - 2015-10-22 17:10 - 03498496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-11-04 11:19 - 2015-11-04 11:20 - 08717824 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.21.12.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-11-04 11:19 - 2015-11-04 11:20 - 02371072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.21.12.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-10-01 07:58 - 2015-09-16 22:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2015-06-01 17:29 - 2015-10-04 01:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-11-21 18:19 - 2013-12-09 16:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-10-26 08:14 - 2015-10-20 07:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-26 08:14 - 2015-10-20 07:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
2015-10-26 08:14 - 2015-10-20 07:08 - 16493384 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll
2015-04-29 18:50 - 2015-04-29 18:50 - 00520192 _____ () C:\Program Files\WinZip\adxloader.dll
2013-04-27 09:24 - 2013-04-27 09:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254 - 75.153.176.9
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: QBCFMonitorService => 2
MSCONFIG\Services: QBFCService => 3
MSCONFIG\Services: SEVPNCLIENT => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: ZAtheros Bt and Wlan Coex Agent => 2
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKLM\...\StartupApproved\Run32: => "Intuit SyncManager"
HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-3710058852-312542076-3770498964-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{28E94386-9331-4A18-B4F6-2BD2257644F4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/06/2015 08:49:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MEZURASHI)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/04/2015 11:14:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40236906
 
Error: (11/04/2015 11:14:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40236906
 
Error: (11/04/2015 11:14:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/03/2015 01:56:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172
 
Error: (11/03/2015 01:56:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172
 
Error: (11/03/2015 01:56:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/03/2015 03:40:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: egui.exe, version: 8.0.319.0, time stamp: 0x559d2313
Faulting module name: ToastNotify.dll, version: 8.0.319.0, time stamp: 0x559d2398
Exception code: 0xc0000005
Fault offset: 0x0000000000002f3e
Faulting process id: 0x1308
Faulting application start time: 0xegui.exe0
Faulting application path: egui.exe1
Faulting module path: egui.exe2
Report Id: egui.exe3
Faulting package full name: egui.exe4
Faulting package-relative application ID: egui.exe5
 
Error: (11/03/2015 03:40:49 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MEZURASHI)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/03/2015 03:40:49 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MEZURASHI)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (11/06/2015 08:55:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 08:55:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 08:55:39 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 08:55:39 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
 
Error: (11/06/2015 08:55:38 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 08:55:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 08:55:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 08:55:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 08:55:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 08:55:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 31%
Total physical RAM: 12171.01 MB
Available physical RAM: 8286.38 MB
Total Virtual: 12939.01 MB
Available Virtual: 8662.06 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:49.24 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:398.07 GB) (Free:302.24 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: BC9EED00)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

Attached Files


  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Intriguing as I am not seeing a lot here at all

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Download AVZ tool from here to your desktop
Unzip all files to a folder on your desktop
Open the folder and double click the AVZ icon avz.JPG
When the tool opens select "File" > "Standards scripts"
avz1.jpg

Place a tick in :


5. Update signature database

Then press "Execute selected scripts"
avz2.JPG

Once that has execute then
select "File" > "Standards scripts"
Place a tick in :

3. Advanced System Analysis with malware removal mode enabled


When finished look in the folder AVZ4 on your desktop
Open the LOG folder
Attach virusinfo_syscure to your next post
vz3.JPG
  • 0

Advertisements


#11
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

Attached log from first.

 

The Advanced System Analysis with malware removal mode enabled scan does not seem to be doing anything. I cannot see anything happening however I can see i can click stop or cancel so it doesn't appear frozen. Does it normally take very long, or is something else going on?

 

 

 

Thanks!

Attached Thumbnails

  • screen.jpg

Attached Files


Edited by Destiny000, 07 November 2015 - 11:03 AM.

  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It should take no more than 30 minutes, if it still running then leave it, however, if it appears to have stopped then stop and run the following programme

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#13
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

Yeah it ended up being frozen, the previous program, lol. Had to task manager end it. Here is report from adwcleaner.

 

Attached Files


  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets search for the trigger now

Open FRST
In the search box copy/paste the following :
 
nan.mashfsttest.com

Then press search registry
Once the report has been generated post that here
  • 0

#15
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

Didn't seem to find anything sadly. Don't forget i get random ones as well. added new pics to show.

Attached Thumbnails

  • Untitled.jpg
  • Untitled1.jpg

Attached Files


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP