Jump to content

ultraflight

Members
  • Posts

    3
  • Joined

  • Last visited

Everything posted by ultraflight

  1. Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 02Ran by Nikki at 2014-08-02 02:03:24Running from C:\Users\nikki_000\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) HiddenAdobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) HiddenAdobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)Android Magazine App Maker (HKLM-x32\...\Android Magazine App Maker_is1) (Version: - A-PDF Solution)Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.1.31228 - BitTorrent Inc.)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)Box Sync (HKLM\...\{0E474504-AAFF-49D7-9801-EB2D65EFEAD9}) (Version: 4.0.5116.0 - Box, Inc.)Box Sync (x32 Version: 4.0.4052.0 - Box Inc.) HiddenCyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) HiddenDefinition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1C35197-B856-45E2-BA67-5ABB6B0CA9C2}) (Version: - Microsoft)Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)ETDWare X64 11.7.18.2_WHQL (HKLM\...\Elantech) (Version: 11.7.18.2 - ELAN Microelectronic Corp.)Evernote v. 5.4.1 (HKLM-x32\...\{A5F7DF42-F67D-11E3-B7EB-00163E98E7D6}) (Version: 5.4.1.3962 - Evernote Corp.)ExpressCache (HKLM\...\{3EA6AB5D-D434-4ACA-9609-48F1319518EF}) (Version: 1.0.94 - Condusiv Technologies)Fast Flash Sleep Resume (x32 Version: 1.1.1 - Samsung) HiddenFuze Meeting (HKLM-x32\...\{88F800EE-C2E3-49F1-9A61-DB1EE6DD4245}) (Version: 14.1.3326 - Fuze Box, Inc.)GO Contact Sync Mod (HKLM-x32\...\{CD178FDD-086A-4C2E-935E-8CDB747B0F29}) (Version: 3.6.1 - WebGear, Create Software, Stru.be, saller.NET)Google Apps Migration For Microsoft Outlook® 2.3.14.36 (HKLM-x32\...\{C46F4ED2-0337-4267-97A1-89735C781E0D}) (Version: 2.3.14.36 - Google, Inc.)Google Apps Sync™ for Microsoft Outlook® 3.5.370.990 (HKLM\...\{D3A7FAFA-7851-49AF-AA04-FB597C1139BE}) (Version: 3.5.370.990 - Google, Inc.)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2096.0 - Google Inc.)Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) HiddenGPL Ghostscript 8.71 (HKLM-x32\...\GPL Ghostscript 8.71) (Version: - )Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)HomeSync Lite (HKLM-x32\...\{82EC241F-DFCA-4166-A8C3-EA5D2B9A41C4}) (Version: 1.1.0.32 - Samsung Electronics CO., LTD.)iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)Intel® PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) HiddenIntel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 16.1.1.0084 - Intel Corporation) HiddenIntel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)Intel® Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) HiddenIntel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) HiddenIntel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) HiddeniTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.650 - Oracle)Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) HiddenLast.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Metadata Backup 1.2 (HKLM-x32\...\{CD15CC1B-8563-4209-A52B-DEB7DE2162B8}_is1) (Version: 1.2 - Dale Preston & Tim De Baets)Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenMindomo Desktop (HKLM-x32\...\MindomoDesktop) (Version: 6.88 - Expert Software Applications Srl)Mindomo Desktop (x32 Version: 6.88 - Expert Software Applications Srl) HiddenMirrorOp AudioLite (HKLM-x32\...\MirrorOp AudioLite_is1) (Version: 1.0.0.6 - AWIND Inc.)MirrorOp Lite (HKLM-x32\...\MirrorOp Lite_is1) (Version: 1.0.2.9 - AWIND Inc.)Music Manager (HKCU\...\MusicManager) (Version: - Google, Inc.)Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.3 - Notepad++ Team)Opera Next 24.0.1558.25 (HKLM-x32\...\Opera 24.0.1558.25) (Version: 24.0.1558.25 - Opera Software ASA)Opera Stable 23.0.1522.60 (HKLM-x32\...\Opera 23.0.1522.60) (Version: 23.0.1522.60 - Opera Software ASA)Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenPencil (HKLM-x32\...\Pencil) (Version: - Evolus Co., Ltd.)Popcorn Time (HKLM-x32\...\{38B39D8E-1AEF-4F01-82BE-36F3307244F5}) (Version: 2.0.0 - Time4Popcorn)Prototyper Free 5.6.1 (HKLM-x32\...\Prototyper Free 5.6.1) (Version: 5.6.1 - Justinmind)Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.2 - Samsung Electronics CO., LTD.)Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7055 - Realtek Semiconductor Corp.)Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.10.0 - Samsung Electronics CO., LTD.)S Agent (Version: 1.1.47 - Samsung Electronics CO., LTD.) HiddenS Service (HKLM-x32\...\{A48B04B8-12AF-4A71-8B3E-737FDEB0824F}) (Version: 1.0 - Samsung Electronics CO., LTD.)Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) HiddenSettings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)SixaxisPairTool 0.2.5 (HKLM-x32\...\SixaxisPairTool_is1) (Version: 0.2.5 - Dancing Pixel Studios)SlideDog (HKCU\...\SlideDog) (Version: 1.4.8 - Preseria AS)Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)Support Center (HKLM\...\{843A1BDC-0879-4E5B-83E1-B81CC0CF3580}) (Version: 2.1.1201 - Samsung Electronics CO., LTD.)Support Center FAQ (x32 Version: 1.0.5 - Samsung Electronics CO., LTD.) HiddenSW Update (HKLM-x32\...\{D2B5F1E3-EA56-4D84-A453-A213B32974CB}) (Version: 2.1.25 - Samsung Electronics CO., LTD.)System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version: - Microsoft)Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version: - Microsoft)Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9F71CF8-8310-4EFC-869F-47BC0FEE269D}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881074) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9A479F9C-C1EC-4833-A115-A8B7A60480BD}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3A12DFA2-3FF5-450E-BDB1-A742551A5D1A}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{EA8072E8-E3CF-46DF-A5DE-9F5975344327}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{1BABB09A-AB4C-427F-B23C-76A278737988}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version: - Microsoft)Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version: - Microsoft)Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version: - Microsoft)Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version: - Microsoft)Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version: - Microsoft)Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version: - Microsoft)User Guide (HKLM-x32\...\{3453B656-241C-443B-BDEA-8682459B3FE8}) (Version: 1.2.00 - Samsung Electronics CO., LTD.)VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)WD My Cloud (HKLM\...\{94F0573B-6856-4361-9E8D-2405349C44E1}) (Version: 1.0.3.12 - Western Digital Technologies, Inc.)Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1536645271-1056295999-3914100127-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1536645271-1056295999-3914100127-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\nikki_000\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No FileCustomCLSID: HKU\S-1-5-21-1536645271-1056295999-3914100127-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\nikki_000\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-1536645271-1056295999-3914100127-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\nikki_000\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-1536645271-1056295999-3914100127-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1536645271-1056295999-3914100127-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1536645271-1056295999-3914100127-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1536645271-1056295999-3914100127-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1536645271-1056295999-3914100127-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1536645271-1056295999-3914100127-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1536645271-1056295999-3914100127-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1536645271-1056295999-3914100127-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1536645271-1056295999-3914100127-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\nikki_000\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 13-07-2014 08:09:17 Windows Update19-07-2014 08:39:57 Installed Java 7 Update 6525-07-2014 02:29:32 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.6061030-07-2014 06:34:38 avast! antivirus system restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTaskTask: {0AD8D5ED-DD8D-4A1A-ADD7-BA89E645E278} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-18] (Google Inc.)Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsListTask: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTaskTask: {24BD27B8-9177-4AA5-86D4-FFF8AE8793A9} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauservTask: {283CD105-C11D-4472-9605-EBB0F1D25FC9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1536645271-1056295999-3914100127-1001Core => C:\Users\nikki_000\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-19] (Google Inc.)Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulateTask: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)Task: {3BEF1284-3FF9-4BF7-A872-D45009E3EB53} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exeTask: {46B37E0B-63F3-4883-97AE-A8B97E9F86BC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalanceTask: {4B69BAD5-127F-4C86-AF35-18D062CE8758} - System32\Tasks\Opera scheduled Autoupdate 1405839636 => C:\Program Files (x86)\Opera\launcher.exe [2014-07-18] (Opera Software)Task: {4F788B41-2A1D-4206-948B-6D419E014A08} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)Task: {51885A50-38C4-46E4-BD33-C7B8F3099C91} - System32\Tasks\SamsungHomeSyncPC => C:\Program Files (x86)\Samsung\HomeSync Lite\RefreshToken.exe [2013-11-06] ()Task: {53D4813C-6A51-4EFB-BD82-1D7DD253F96C} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-ValidationTask: {5A8FD867-D12C-47CC-AF76-E55ADB617C97} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)Task: {686C8AC2-3027-4955-B2CF-55D00B6E8EB3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1536645271-1056295999-3914100127-1001UA => C:\Users\nikki_000\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-19] (Google Inc.)Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play CleanupTask: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance TaskTask: {70C40C55-933B-4B09-B19C-CA1783B990F6} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTaskTask: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryStateTask: {7EDA44D1-AD0D-4ABC-8077-54924BD5C7BF} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.)Task: {7FCB8B79-9550-4FB2-BBDC-A725DDA9F4E5} - System32\Tasks\FFSRConfigurer => C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe [2012-08-22] (Samsung)Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance TaskTask: {8A9B25BE-8BBA-4F7B-870B-EE9287344E29} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-03-19] (Samsung Electronics CO., LTD.)Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTaskTask: {8DC2D175-D8F0-4814-ACDE-C02D29588B04} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-08-23] (SEC)Task: {92B63490-2145-4448-BDBF-515F15C532FC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)Task: {958A5454-8B54-48E4-BAEF-DD8536774693} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-ManagementTask: {99C316D1-B0F8-4265-860E-EE6460BE8455} - System32\Tasks\Opera scheduled Autoupdate 1406705965 => C:\Program Files (x86)\Opera Next\launcher.exe [2014-07-30] (Opera Software)Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance WorkTask: {A46410C2-A934-4743-9706-27B407627538} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-30] (AVAST Software)Task: {A50EB223-CB24-4A9B-8E30-39E61792C56D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-21] (Adobe Systems Incorporated)Task: {B724A932-29BF-460D-A4F3-996438F86F48} - System32\Tasks\Microsoft\Windows\DiskFootprint\DiagnosticsTask: {B8B7CB16-D1D3-4DA4-B558-E5AD2ABE45F0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)Task: {BC4F2FEC-59D9-402B-B000-32FFCDF848CA} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)Task: {C4364379-09FC-46E2-B5B0-A420BDC894E0} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-30] (Realtek Semiconductor)Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTaskTask: {D14F8976-F248-4CEF-A13E-CF1FACDE24CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-18] (Google Inc.)Task: {D2435F6E-55A3-4C33-A6F0-6D2824E43C4C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-26] (Microsoft Corporation)Task: {D5E55331-903C-451D-8DC6-440B4CFAC7A3} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUploadTask: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensingTask: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon SynchronizationTask: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRETask: {FC79B776-FFA6-4CFD-B371-686E22961723} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-12-18] (Intel)Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1536645271-1056295999-3914100127-1001Core.job => C:\Users\nikki_000\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1536645271-1056295999-3914100127-1001UA.job => C:\Users\nikki_000\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-09-05 16:50 - 2012-09-05 16:50 - 00085112 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe2013-12-21 00:02 - 2013-12-21 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll2014-03-19 11:41 - 2014-03-19 11:41 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll2014-06-10 13:21 - 2014-06-10 13:21 - 08892072 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll2014-08-01 23:18 - 2014-08-01 23:18 - 02604032 _____ () C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll2014-08-01 23:18 - 2014-08-01 23:18 - 02180096 _____ () C:\ProgramData\Microsoft\Crypto\RSA64\rsa64.dll2014-07-30 15:25 - 2014-07-18 16:31 - 01401464 _____ () C:\Program Files (x86)\Opera\23.0.1522.60_0\opera_crashreporter.exe2014-07-30 14:38 - 2014-07-30 14:38 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll2014-08-01 22:08 - 2014-08-01 22:08 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080100\algo.dll2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2012-09-05 16:50 - 2012-09-05 16:50 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll2012-09-05 16:50 - 2012-09-05 16:50 - 01012856 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll2012-09-05 16:50 - 2012-09-05 16:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll2012-09-05 16:50 - 2012-09-05 16:50 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll2012-09-05 16:50 - 2012-09-05 16:50 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll2014-06-10 13:21 - 2014-06-10 13:21 - 08892072 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll2012-09-05 16:50 - 2012-09-05 16:50 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll2012-09-05 16:50 - 2012-09-05 16:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll2012-09-05 16:50 - 2012-09-05 16:50 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll2012-09-05 16:50 - 2012-09-05 16:50 - 00103544 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll2014-08-01 23:19 - 2014-08-01 23:19 - 00054272 _____ () C:\Users\nikki_000\AppData\Local\Ujfmedia\IgPlay8.dll2014-01-23 17:45 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll2014-07-30 15:25 - 2014-07-18 16:31 - 00957048 _____ () C:\Program Files (x86)\Opera\23.0.1522.60_0\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\nikki_000\SkyDrive:ms-propertiesAlternateDataStreams: C:\Users\nikki_000\AppData\Roaming\Comma Separated Values.EML:OECustomProperty ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"HKCU\...\StartupApproved\Run: => "ApplePhotoStreams" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (08/02/2014 02:01:06 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: DllHost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbcFaulting module name: user32.dll, version: 6.3.9600.17031, time stamp: 0x53086d13Exception code: 0xc000041dFault offset: 0x00017d56Faulting process id: 0x444Faulting application start time: 0xDllHost.exe0Faulting application path: DllHost.exe1Faulting module path: DllHost.exe2Report Id: DllHost.exe3Faulting package full name: DllHost.exe4Faulting package-relative application ID: DllHost.exe5 Error: (08/02/2014 02:01:03 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: DllHost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbcFaulting module name: user32.dll, version: 6.3.9600.17031, time stamp: 0x53086d13Exception code: 0xc0000005Fault offset: 0x00017d56Faulting process id: 0x444Faulting application start time: 0xDllHost.exe0Faulting application path: DllHost.exe1Faulting module path: DllHost.exe2Report Id: DllHost.exe3Faulting package full name: DllHost.exe4Faulting package-relative application ID: DllHost.exe5 Error: (08/02/2014 02:00:59 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: DllHost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbcFaulting module name: user32.dll, version: 6.3.9600.17031, time stamp: 0x53086d13Exception code: 0xc000041dFault offset: 0x00017d56Faulting process id: 0x18bcFaulting application start time: 0xDllHost.exe0Faulting application path: DllHost.exe1Faulting module path: DllHost.exe2Report Id: DllHost.exe3Faulting package full name: DllHost.exe4Faulting package-relative application ID: DllHost.exe5 Error: (08/02/2014 02:00:57 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: DllHost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbcFaulting module name: user32.dll, version: 6.3.9600.17031, time stamp: 0x53086d13Exception code: 0xc0000005Fault offset: 0x00017d56Faulting process id: 0x18bcFaulting application start time: 0xDllHost.exe0Faulting application path: DllHost.exe1Faulting module path: DllHost.exe2Report Id: DllHost.exe3Faulting package full name: DllHost.exe4Faulting package-relative application ID: DllHost.exe5 Error: (08/02/2014 02:00:56 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: DllHost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbcFaulting module name: user32.dll, version: 6.3.9600.17031, time stamp: 0x53086d13Exception code: 0xc000041dFault offset: 0x00017d56Faulting process id: 0xd8cFaulting application start time: 0xDllHost.exe0Faulting application path: DllHost.exe1Faulting module path: DllHost.exe2Report Id: DllHost.exe3Faulting package full name: DllHost.exe4Faulting package-relative application ID: DllHost.exe5 Error: (08/02/2014 02:00:54 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: DllHost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbcFaulting module name: user32.dll, version: 6.3.9600.17031, time stamp: 0x53086d13Exception code: 0xc0000005Fault offset: 0x00017d56Faulting process id: 0xd8cFaulting application start time: 0xDllHost.exe0Faulting application path: DllHost.exe1Faulting module path: DllHost.exe2Report Id: DllHost.exe3Faulting package full name: DllHost.exe4Faulting package-relative application ID: DllHost.exe5 Error: (08/02/2014 02:00:52 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: DllHost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbcFaulting module name: user32.dll, version: 6.3.9600.17031, time stamp: 0x53086d13Exception code: 0xc000041dFault offset: 0x00017d56Faulting process id: 0x1b4Faulting application start time: 0xDllHost.exe0Faulting application path: DllHost.exe1Faulting module path: DllHost.exe2Report Id: DllHost.exe3Faulting package full name: DllHost.exe4Faulting package-relative application ID: DllHost.exe5 Error: (08/02/2014 02:00:49 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: DllHost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbcFaulting module name: user32.dll, version: 6.3.9600.17031, time stamp: 0x53086d13Exception code: 0xc0000005Fault offset: 0x00017d56Faulting process id: 0x1b4Faulting application start time: 0xDllHost.exe0Faulting application path: DllHost.exe1Faulting module path: DllHost.exe2Report Id: DllHost.exe3Faulting package full name: DllHost.exe4Faulting package-relative application ID: DllHost.exe5 Error: (08/02/2014 02:00:47 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: DllHost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbcFaulting module name: user32.dll, version: 6.3.9600.17031, time stamp: 0x53086d13Exception code: 0xc000041dFault offset: 0x00017d56Faulting process id: 0x113cFaulting application start time: 0xDllHost.exe0Faulting application path: DllHost.exe1Faulting module path: DllHost.exe2Report Id: DllHost.exe3Faulting package full name: DllHost.exe4Faulting package-relative application ID: DllHost.exe5 Error: (08/02/2014 02:00:45 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: DllHost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbcFaulting module name: user32.dll, version: 6.3.9600.17031, time stamp: 0x53086d13Exception code: 0xc0000005Fault offset: 0x00017d56Faulting process id: 0x113cFaulting application start time: 0xDllHost.exe0Faulting application path: DllHost.exe1Faulting module path: DllHost.exe2Report Id: DllHost.exe3Faulting package full name: DllHost.exe4Faulting package-relative application ID: DllHost.exe5 System errors:=============Error: (08/02/2014 02:01:08 AM) (Source: DCOM) (EventID: 10010) (User: NIKKI-SAMSUNG)Description: {06622D85-6856-4460-8DE1-A81921B41C4B} Error: (08/02/2014 02:01:00 AM) (Source: DCOM) (EventID: 10010) (User: NIKKI-SAMSUNG)Description: {06622D85-6856-4460-8DE1-A81921B41C4B} Error: (08/02/2014 02:00:57 AM) (Source: DCOM) (EventID: 10010) (User: NIKKI-SAMSUNG)Description: {06622D85-6856-4460-8DE1-A81921B41C4B} Error: (08/02/2014 02:00:53 AM) (Source: DCOM) (EventID: 10010) (User: NIKKI-SAMSUNG)Description: {06622D85-6856-4460-8DE1-A81921B41C4B} Error: (08/02/2014 02:00:49 AM) (Source: DCOM) (EventID: 10010) (User: NIKKI-SAMSUNG)Description: {06622D85-6856-4460-8DE1-A81921B41C4B} Error: (08/02/2014 02:00:44 AM) (Source: DCOM) (EventID: 10010) (User: NIKKI-SAMSUNG)Description: {06622D85-6856-4460-8DE1-A81921B41C4B} Error: (08/02/2014 01:27:52 AM) (Source: Ntfs) (EventID: 137) (User: )Description: The default transaction resource manager on volume \\?\Volume{89e7f57f-8c74-4d7e-9e1a-38feea5fafbd} encountered a non-retryable error and could not start. The data contains the error code. Error: (08/02/2014 01:27:28 AM) (Source: DCOM) (EventID: 10010) (User: NIKKI-SAMSUNG)Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (08/02/2014 00:30:12 AM) (Source: Ntfs) (EventID: 137) (User: )Description: The default transaction resource manager on volume \\?\Volume{89e7f57f-8c74-4d7e-9e1a-38feea5fafbd} encountered a non-retryable error and could not start. The data contains the error code. Error: (08/02/2014 00:28:39 AM) (Source: DCOM) (EventID: 10005) (User: NIKKI-SAMSUNG)Description: 1068netprofmUnavailable{A47979D2-C419-11D9-A5B4-001185AD2B89} Microsoft Office Sessions:=========================Error: (08/02/2014 02:01:06 AM) (Source: Application Error) (EventID: 1000) (User: )Description: DllHost.exe6.3.9600.1638452157bbcuser32.dll6.3.9600.1703153086d13c000041d00017d5644401cfadb28eb7249cC:\WINDOWS\SysWOW64\DllHost.exeC:\WINDOWS\SYSTEM32\user32.dllce9d9932-19a5-11e4-bec1-c8f7339b228c Error: (08/02/2014 02:01:03 AM) (Source: Application Error) (EventID: 1000) (User: )Description: DllHost.exe6.3.9600.1638452157bbcuser32.dll6.3.9600.1703153086d13c000000500017d5644401cfadb28eb7249cC:\WINDOWS\SysWOW64\DllHost.exeC:\WINDOWS\SYSTEM32\user32.dllccb14804-19a5-11e4-bec1-c8f7339b228c Error: (08/02/2014 02:00:59 AM) (Source: Application Error) (EventID: 1000) (User: )Description: DllHost.exe6.3.9600.1638452157bbcuser32.dll6.3.9600.1703153086d13c000041d00017d5618bc01cfadb28b5a3ca8C:\WINDOWS\SysWOW64\DllHost.exeC:\WINDOWS\SYSTEM32\user32.dllca3e5d4b-19a5-11e4-bec1-c8f7339b228c Error: (08/02/2014 02:00:57 AM) (Source: Application Error) (EventID: 1000) (User: )Description: DllHost.exe6.3.9600.1638452157bbcuser32.dll6.3.9600.1703153086d13c000000500017d5618bc01cfadb28b5a3ca8C:\WINDOWS\SysWOW64\DllHost.exeC:\WINDOWS\SYSTEM32\user32.dllc958b57f-19a5-11e4-bec1-c8f7339b228c Error: (08/02/2014 02:00:56 AM) (Source: Application Error) (EventID: 1000) (User: )Description: DllHost.exe6.3.9600.1638452157bbcuser32.dll6.3.9600.1703153086d13c000041d00017d56d8c01cfadb2895dceb6C:\WINDOWS\SysWOW64\DllHost.exeC:\WINDOWS\SYSTEM32\user32.dllc884da92-19a5-11e4-bec1-c8f7339b228c Error: (08/02/2014 02:00:54 AM) (Source: Application Error) (EventID: 1000) (User: )Description: DllHost.exe6.3.9600.1638452157bbcuser32.dll6.3.9600.1703153086d13c000000500017d56d8c01cfadb2895dceb6C:\WINDOWS\SysWOW64\DllHost.exeC:\WINDOWS\SYSTEM32\user32.dllc75be0af-19a5-11e4-bec1-c8f7339b228c Error: (08/02/2014 02:00:52 AM) (Source: Application Error) (EventID: 1000) (User: )Description: DllHost.exe6.3.9600.1638452157bbcuser32.dll6.3.9600.1703153086d13c000041d00017d561b401cfadb28699a08aC:\WINDOWS\SysWOW64\DllHost.exeC:\WINDOWS\SYSTEM32\user32.dllc624a522-19a5-11e4-bec1-c8f7339b228c Error: (08/02/2014 02:00:49 AM) (Source: Application Error) (EventID: 1000) (User: )Description: DllHost.exe6.3.9600.1638452157bbcuser32.dll6.3.9600.1703153086d13c000000500017d561b401cfadb28699a08aC:\WINDOWS\SysWOW64\DllHost.exeC:\WINDOWS\SYSTEM32\user32.dllc4996335-19a5-11e4-bec1-c8f7339b228c Error: (08/02/2014 02:00:47 AM) (Source: Application Error) (EventID: 1000) (User: )Description: DllHost.exe6.3.9600.1638452157bbcuser32.dll6.3.9600.1703153086d13c000041d00017d56113c01cfadb283f58cbeC:\WINDOWS\SysWOW64\DllHost.exeC:\WINDOWS\SYSTEM32\user32.dllc36747cf-19a5-11e4-bec1-c8f7339b228c Error: (08/02/2014 02:00:45 AM) (Source: Application Error) (EventID: 1000) (User: )Description: DllHost.exe6.3.9600.1638452157bbcuser32.dll6.3.9600.1703153086d13c000000500017d56113c01cfadb283f58cbeC:\WINDOWS\SysWOW64\DllHost.exeC:\WINDOWS\SYSTEM32\user32.dllc1fcda72-19a5-11e4-bec1-c8f7339b228c CodeIntegrity Errors:=================================== Date: 2013-12-19 11:05:54.978 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements. Date: 2013-12-19 10:35:59.788 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements. Date: 2013-12-18 22:35:27.163 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements. Date: 2013-12-18 11:33:34.526 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements. ==================== Memory info =========================== Percentage of memory in use: 66%Total physical RAM: 3797.53 MBAvailable physical RAM: 1256.36 MBTotal Pagefile: 7765.54 MBAvailable Pagefile: 4883.58 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:441.32 GB) (Free:103.48 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 466 GB) (Disk ID: 0A7CB1B9) Partition: GPT Partition Type. ========================================================Disk: 1 (Size: 22 GB) (Disk ID: 034407AB) Partition: GPT Partition Type. ==================== End Of Log ============================
  2. FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02Ran by Nikki (administrator) on NIKKI-SAMSUNG on 02-08-2014 02:02:14Running from C:\Users\nikki_000\DownloadsPlatform: Windows 8.1 Single Language (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe(Intel Corporation) C:\Windows\System32\igfxext.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Intel Corporation) C:\Windows\System32\igfxsrvc.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe(Microsoft Corporation) C:\Windows\System32\regsvr32.exe(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60_0\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60_0\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60_0\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60_0\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60_0\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60_0\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60_0\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60_0\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60_0\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60_0\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60_0\opera.exe(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60_0\opera.exe() C:\Program Files (x86)\Opera\23.0.1522.60_0\opera_crashreporter.exe(MalwareBytes) C:\Users\nikki_000\Downloads\mbam-chameleon-3.1.4.0\Chameleon\Windows\firefox.com ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-09-13] (ELAN Microelectronics Corp.)HKLM\...\Run: [boxSync] => c:\Program Files\Box\Box Sync\BoxSync.exe [13606960 2014-07-17] (Box, Inc.)HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayAppHKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-30] (AVAST Software)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)HKLM-x32\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-1536645271-1056295999-3914100127-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)HKU\S-1-5-21-1536645271-1056295999-3914100127-1001\...\Run: [Google Update] => C:\Users\nikki_000\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-19] (Google Inc.)HKU\S-1-5-21-1536645271-1056295999-3914100127-1001\...\Run: [MusicManager] => C:\Users\nikki_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-04-24] (Google Inc.)HKU\S-1-5-21-1536645271-1056295999-3914100127-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)HKU\S-1-5-21-1536645271-1056295999-3914100127-1001\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)HKU\S-1-5-21-1536645271-1056295999-3914100127-1001\...\Run: [spotify Web Helper] => C:\Users\nikki_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-22] (Spotify Ltd)HKU\S-1-5-21-1536645271-1056295999-3914100127-1001\...\Run: [ujfmedia] => regsvr32.exe C:\Users\nikki_000\AppData\Local\Ujfmedia\IgPlay8.dll <===== ATTENTIONStartup: C:\Users\nikki_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)Startup: C:\Users\nikki_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnkShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: 0000BoxSyncFileLocked -> {1b9c95e1-ce36-3737-81c8-1ec9807f03c1} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: 0000BoxSyncNotSynced -> {e22ccf16-2db6-3de8-9a2c-acb66b571b69} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: 0000BoxSyncProblem -> {84878798-e5c4-3e6b-b7c4-b51c4ac4e7dc} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: 0000BoxSyncSynced -> {01fcd170-7f0a-3b6a-b992-66a7a20289b5} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)ShellIconOverlayIdentifiers: 1CryptoProviderIcons -> {24808826-C2BF-4269-B3BA-89D1D5F431A4} => C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll ()ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nikki_000\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01SearchScopes: HKLM - DefaultScope {4E47D52F-2427-44F1-92FF-B504AE2A27D1} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJSSearchScopes: HKLM - {4E47D52F-2427-44F1-92FF-B504AE2A27D1} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJSSearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01SearchScopes: HKLM-x32 - {4E47D52F-2427-44F1-92FF-B504AE2A27D1} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJSSearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01SearchScopes: HKCU - {4E47D52F-2427-44F1-92FF-B504AE2A27D1} URL = SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No FileHandler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.0.1Tcpip\..\Interfaces\{B9B0CFCB-DAE4-4B76-9A96-5CB83D667515}: [NameServer]8.8.8.8 FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @fuzebox.com/Fuze Meeting NPAPI Plugin,version=1.0.0.1 - C:\Users\nikki_000\AppData\Local\Fuze Box\Fuze Meeting\npfuzeshare.dll ( )FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\nikki_000\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\nikki_000\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\nikki_000\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\nikki_000\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)FF Plugin ProgramFiles/Appdata: C:\Users\nikki_000\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)FF Plugin ProgramFiles/Appdata: C:\Users\nikki_000\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-19] Chrome: =======CHR HomePage: CHR StartupUrls: "hxxp://search.us.com/v/2/?guid={015E4B1E-4911-47FB-A8CB-814A48037138}&serpv=17"CHR DefaultSearchURL: D136D6A4E9D310EEE6F3A05E55AE686E9FBAB5524665396A14BB83BACB3B5883CHR Plugin: (Widevine Content Decryption Module) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.637\_platform_specific\win_x64\widevinecdmadapter.dll ()CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2096.0\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2096.0\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2096.0\pdf.dll ()CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()CHR Extension: (Google Slides) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-05-23]CHR Extension: (Google Docs) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-18]CHR Extension: (Google Drive) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-18]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]CHR Extension: (Cloud Kite) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\biagdapeolcddppdgcocjkdjfhlodegf [2014-05-23]CHR Extension: (YouTube) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-18]CHR Extension: (Google Cast) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-01-08]CHR Extension: (Presentme) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckpbiomcikhplplfddlbcikdhlnoibgf [2014-05-23]CHR Extension: (Google Search) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-18]CHR Extension: (Lucidchart Diagrams - Desktop) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\djejicklhojeokkfmdelnempiecmdomj [2013-12-19]CHR Extension: (Drive Template Gallery) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\edccfahmoapjmcaahncgcekjodejmhkg [2014-07-31]CHR Extension: (Proto.io) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\egkfpedhmbnghpjkccfalikkmgooboln [2014-06-17]CHR Extension: (Google Apps Script) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoieeedlomnegifmaghhjnghhmcldobl [2014-05-23]CHR Extension: (Smartsheet Office Collaboration) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonohbhjgpdkfannkfhajigjafbejlfe [2014-05-23]CHR Extension: (Movenote for Education) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdhhpolibfeihcdjjgkkoihbdbioejmh [2014-05-23]CHR Extension: (Lucidpress Layout and Design) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdiljnnpfniifgbaippdemegmlhoohka [2014-05-23]CHR Extension: (Google Sheets) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-05-23]CHR Extension: (Xamun: Professional Services Automation) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffmadkldoimlginjpkplhcddidokdkam [2014-05-23]CHR Extension: (Lucidchart for Education) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbabpaggdgcakhjllleobffeghmhjme [2014-05-23]CHR Extension: (Conceptly - Mockup and UI Prototyping tool) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\habakdlaikbgemfpkmbdemabcnimenlp [2014-06-17]CHR Extension: (CloudConvert) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpmbfgodkfcebpgheiedaddoikmljkk [2014-05-23]CHR Extension: (AirDroid) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2013-12-18]CHR Extension: (Google Keep - notes and lists) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-12-19]CHR Extension: (Synergyse Training for Google Apps™) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\idkloemkmldbemijiamdiolojbffnjlh [2014-06-03]CHR Extension: (Realtimeboard for Education) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgbminfdblackehpaaiemmkceciacpke [2014-05-23]CHR Extension: (Google Forms) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2014-05-23]CHR Extension: (Concept inbox) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjcpmfflpbfpalonjdlbaenhoneknkim [2014-05-23]CHR Extension: (Soundcloud Scrobbler) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpeffoigdfgjdbbijlaaodoicejjbpcg [2014-04-22]CHR Extension: (Ultradox) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\laopdikjalenfglkalhhmkchjcamdfgj [2014-05-23]CHR Extension: (FVD Downloader) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-01-04]CHR Extension: (Until AM for Chrome) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl [2013-12-20]CHR Extension: (Pocket) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2013-12-18]CHR Extension: (Google Drawings) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2014-05-23]CHR Extension: (Hangouts) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-06-27]CHR Extension: (WeatherBug) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2013-12-19]CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2014-06-17]CHR Extension: (Google Wallet) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-18]CHR Extension: (Fluid UI) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\obgmmkbgpilmggfkhganmcmpemnhimgg [2014-06-17]CHR Extension: (Trello) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\oflhioojkbelepjlnafgmgkkjhojphcg [2014-05-23]CHR Extension: (RationalPlan Project Management Software) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\oihgidddpfnncpodkgaoklgagggcgpfg [2014-05-23]CHR Extension: (Wunderlist for Chrome) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojcflmmmcfpacggndoaaflkmcoblhnbh [2013-12-18]CHR Extension: (Fusion Tables (experimental)) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfoeakahkgllhkommkfeehmkfcloagkl [2014-05-23]CHR Extension: (Gmail) - C:\Users\nikki_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-18]CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-30]CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-30] (AVAST Software)S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [21504 2013-12-26] (Box Inc.) [File not signed]R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-06] (ELAN Microelectronics Corp.)R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2013-12-18] (Intel Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [File not signed]R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [File not signed]R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3020632 2014-04-04] (Samsung Electronics CO., LTD.)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-30] ()R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-30] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-30] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-30] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-30] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-30] (AVAST Software)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-30] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-30] ()R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2013-12-18] (Intel Corporation)S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52832 2014-07-25] (http://libusb-win32.sourceforge.net) R3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [92888 2014-08-02] (Malwarebytes Corporation)R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-02] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2013-12-18] (Windows ® Win 7 DDK provider)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-02 02:02 - 2014-08-02 02:02 - 00034188 _____ () C:\Users\nikki_000\Downloads\FRST.txt2014-08-02 01:14 - 2014-08-02 01:14 - 00000000 ____D () C:\Users\nikki_000\Downloads\mbam-chameleon-3.1.4.02014-08-02 01:12 - 2014-08-02 01:12 - 04872677 _____ () C:\Users\nikki_000\Downloads\mbam-chameleon-3.1.4.0.zip2014-08-02 00:59 - 2014-08-02 01:29 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2014-08-02 00:58 - 2014-08-02 01:19 - 00092888 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-08-02 00:58 - 2014-08-02 00:58 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-08-02 00:58 - 2014-08-02 00:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-08-02 00:58 - 2014-08-02 00:58 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-08-02 00:58 - 2014-08-02 00:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-08-02 00:58 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2014-08-02 00:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2014-08-02 00:49 - 2014-08-02 00:53 - 29611712 _____ (Microsoft Corporation) C:\Users\nikki_000\Downloads\Windows-KB890830-x64-V5.14.exe2014-08-02 00:48 - 2014-08-02 00:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\nikki_000\Downloads\mbam-setup-2.0.2.1012.exe2014-08-02 00:36 - 2014-08-02 02:02 - 00000000 ____D () C:\FRST2014-08-02 00:34 - 2014-08-02 00:34 - 02094080 _____ (Farbar) C:\Users\nikki_000\Downloads\FRST64.exe2014-08-02 00:33 - 2014-08-02 00:34 - 01084928 _____ (Farbar) C:\Users\nikki_000\Downloads\FRST.exe2014-08-01 23:19 - 2014-08-01 23:19 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\Ujfmedia2014-08-01 23:16 - 2014-08-01 23:16 - 00000000 ____D () C:\Users\nikki_000\Downloads\Zero Dark Thirty (2012)2014-08-01 21:25 - 2014-08-01 21:25 - 00046017 _____ () C:\Users\nikki_000\Downloads\her-english-yify-12427.zip2014-08-01 21:24 - 2014-08-01 21:24 - 00030985 _____ () C:\Users\nikki_000\Downloads\fading-gigolo-english-yify-18905.zip2014-08-01 21:20 - 2014-08-01 21:20 - 00033874 _____ () C:\Users\nikki_000\Downloads\the-kings-of-summer-english-yify-3036.zip2014-08-01 21:02 - 2014-08-01 21:02 - 00011296 _____ () C:\Users\nikki_000\Downloads\[kickass.to]zero.dark.thirty.2012.720p.brrip.x264.yify.torrent2014-08-01 21:02 - 2014-08-01 21:02 - 00000000 ____D () C:\Users\nikki_000\Downloads\Kingsman_ The Secret Service (2014) .DVDRip XviD-MAXSPEED2014-08-01 21:00 - 2014-08-01 21:00 - 00057292 _____ () C:\Users\nikki_000\Downloads\1E53C0C85114120B45CB3E98C972639FFD8F23EA.torrent2014-08-01 20:59 - 2014-08-01 20:59 - 00000000 ____D () C:\Users\nikki_000\Downloads\The.Prestige.2006.720p.Bluray.x264.anoXmous2014-08-01 20:57 - 2014-08-01 20:57 - 00009960 _____ () C:\Users\nikki_000\Downloads\[kickass.to]mud.2012.720p.brrip.x264.yify.torrent2014-08-01 20:55 - 2014-08-01 20:55 - 00015119 _____ () C:\Users\nikki_000\Downloads\[kickass.to]inside.llewyn.davis.2013.brrip.xvid.sam.etrg.torrent2014-08-01 20:52 - 2014-08-01 20:52 - 00018124 _____ () C:\Users\nikki_000\Downloads\[kickass.to]the.prestige.2006.720p.bluray.x264.anoxmous.torrent2014-08-01 20:30 - 2014-08-01 20:30 - 00033041 _____ () C:\Users\nikki_000\Downloads\The One I Love 2014.torrent2014-08-01 19:50 - 2014-08-01 19:59 - 00000000 ____D () C:\Users\nikki_000\Downloads\Divergent (2014)2014-08-01 19:47 - 2014-08-01 19:47 - 00010021 _____ () C:\Users\nikki_000\Downloads\[kickass.to]divergent.2014.720p.brrip.x264.yify.torrent2014-08-01 19:45 - 2014-08-01 19:45 - 00028272 _____ () C:\Users\nikki_000\Downloads\[kickass.to]house.of.cards.2013.s01.season.1.720p.bluray.x264.anoxmous.torrent2014-08-01 19:40 - 2014-08-01 19:40 - 00007821 _____ () C:\Users\nikki_000\Downloads\[kickass.to]escape.from.tomorrow.2013.720p.brrip.x264.yify.torrent2014-08-01 19:25 - 2014-08-01 19:25 - 00058396 _____ () C:\Users\nikki_000\Downloads\[kickass.to]celeste.and.jesse.forever.2012.bdrip.xvid.sparks.torrent2014-08-01 19:23 - 2014-08-01 19:23 - 00015263 _____ () C:\Users\nikki_000\Downloads\[kickass.to]hello.i.must.be.going.2012.hdrip.xvid.s4a.torrent2014-08-01 19:22 - 2014-08-01 21:29 - 00000000 ____D () C:\Users\nikki_000\Downloads\Fading Gigolo (2013)2014-08-01 19:20 - 2014-08-01 19:20 - 00007749 _____ () C:\Users\nikki_000\Downloads\[kickass.to]fading.gigolo.2013.720p.brrip.x264.yify.torrent2014-07-30 15:39 - 2014-07-31 09:18 - 00003850 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 14067059652014-07-30 15:39 - 2014-07-31 09:18 - 00000000 ____D () C:\Program Files (x86)\Opera Next2014-07-30 15:39 - 2014-07-30 15:39 - 00001190 _____ () C:\Users\Public\Desktop\Opera Next.lnk2014-07-30 15:39 - 2014-07-30 15:39 - 00001190 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Next.lnk2014-07-30 15:09 - 2014-07-30 15:09 - 00873672 _____ (Opera Software) C:\Users\nikki_000\Downloads\Opera_NI_stable.exe2014-07-30 15:08 - 2014-07-30 15:09 - 00873672 _____ (Opera Software) C:\Users\nikki_000\Downloads\Opera_NI_next.exe2014-07-30 14:51 - 2014-07-30 14:51 - 00000000 ____D () C:\Users\nikki_000\Downloads\Odin_v3.092014-07-30 14:38 - 2014-07-30 14:38 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr2014-07-30 14:31 - 2014-07-30 14:31 - 00212346 _____ () C:\Users\nikki_000\Downloads\Odin_Multi_Downloader_v4.44.zip2014-07-30 14:09 - 2014-07-30 14:32 - 00000000 ____D () C:\Users\nikki_000\Downloads\Root Tab2014-07-25 10:32 - 2014-07-25 10:32 - 00076384 _____ (http://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusb0.dll 2014-07-25 10:32 - 2014-07-25 10:32 - 00052832 _____ (http://libusb-win32.sourceforge.net) C:\WINDOWS\system32\Drivers\libusb0.sys 2014-07-25 10:32 - 2014-07-25 10:32 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-07-25 10:29 - 2014-07-25 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SixaxisPairTool2014-07-25 10:29 - 2014-07-25 10:29 - 00000000 ____D () C:\Program Files (x86)\SixaxisPairTool2014-07-25 10:29 - 2012-01-17 09:40 - 00067680 _____ (http://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusb0.dll 2014-07-25 10:22 - 2014-07-25 10:23 - 13591657 _____ (Dancing Pixel Studios ) C:\Users\nikki_000\Downloads\SixaxisPairToolSetup-0.2.5.exe2014-07-24 15:13 - 2014-07-24 15:14 - 00007168 _____ () C:\Users\nikki_000\Downloads\demo_building_inspection_2014.xls2014-07-22 19:15 - 2014-07-22 19:15 - 00066612 _____ () C:\Users\nikki_000\Downloads\summer-of-sam-english-yify-15824.zip2014-07-22 16:08 - 2014-07-22 16:09 - 04585729 _____ () C:\Users\nikki_000\Downloads\product_managers_and_ux.epub2014-07-22 14:18 - 2014-07-22 14:18 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\Adobe2014-07-22 10:18 - 2014-07-22 10:18 - 00025798 _____ () C:\Users\nikki_000\Downloads\Samsung Tender Registration Form.xlsx2014-07-22 09:38 - 2014-07-22 09:38 - 00021770 _____ () C:\Users\nikki_000\Downloads\config.bin2014-07-21 12:07 - 2014-08-02 01:34 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job2014-07-21 12:07 - 2014-07-21 12:07 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater2014-07-20 15:07 - 2014-07-30 15:39 - 00000000 ____D () C:\Users\nikki_000\AppData\Roaming\Opera Software2014-07-20 15:07 - 2014-07-30 15:39 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\Opera Software2014-07-20 15:07 - 2014-07-30 15:25 - 00003828 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 14058396362014-07-20 15:01 - 2014-07-20 15:00 - 00001145 _____ () C:\Users\Public\Desktop\Opera.lnk2014-07-20 15:01 - 2014-07-20 15:00 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk2014-07-20 15:00 - 2014-07-30 15:25 - 00000000 ____D () C:\Program Files (x86)\Opera2014-07-20 14:47 - 2014-07-20 14:47 - 00000000 __SHD () C:\Users\nikki_000\AppData\Local\EmieUserList2014-07-20 14:47 - 2014-07-20 14:47 - 00000000 __SHD () C:\Users\nikki_000\AppData\Local\EmieSiteList2014-07-19 16:42 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe2014-07-19 16:41 - 2014-07-19 16:41 - 00004114 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_65-b20.log2014-07-19 16:41 - 2014-07-19 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-07-19 16:41 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll2014-07-19 16:41 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe2014-07-19 16:41 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe2014-07-19 16:36 - 2014-07-19 16:37 - 00392096 _____ () C:\Users\nikki_000\Downloads\orange-is-the-new-black-second-season_english-930422.zip2014-07-18 23:37 - 2014-07-18 23:37 - 00290776 _____ () C:\WINDOWS\Minidump\071814-44156-01.dmp2014-07-17 17:41 - 2014-07-17 17:41 - 00895120 _____ (Google Inc.) C:\Users\nikki_000\Downloads\ChromeSetup.exe2014-07-13 23:16 - 2014-07-13 23:16 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel2014-07-13 21:37 - 2014-07-13 21:37 - 00000000 ____D () C:\Users\nikki_000\AppData\Roaming\Pencil2014-07-13 21:37 - 2014-07-13 21:37 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\Pencil2014-07-13 21:36 - 2014-07-13 21:36 - 00000000 ____D () C:\Program Files (x86)\Evolus2014-07-13 21:07 - 2014-07-13 21:29 - 24218412 _____ (Evolus Co., Ltd.) C:\Users\nikki_000\Downloads\Pencil-2.0.5.win32.installer.exe2014-07-10 19:59 - 2014-04-14 11:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll2014-07-10 19:49 - 2014-07-01 06:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll2014-07-10 19:49 - 2014-06-28 15:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll2014-07-10 19:49 - 2014-06-28 15:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll2014-07-10 10:59 - 2014-05-30 11:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys2014-07-10 10:54 - 2014-06-17 06:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe2014-07-10 10:54 - 2014-06-17 06:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe2014-07-10 10:54 - 2014-06-06 22:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2014-07-10 10:43 - 2014-05-29 20:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys2014-07-10 10:43 - 2014-05-29 15:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll2014-07-10 10:43 - 2014-05-29 14:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll2014-07-10 10:43 - 2014-05-29 14:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll2014-07-10 10:43 - 2014-05-29 13:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll2014-07-10 10:43 - 2014-05-29 13:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll2014-07-10 10:32 - 2014-06-19 09:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2014-07-10 10:32 - 2014-06-19 08:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2014-07-10 10:32 - 2014-06-19 08:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2014-07-10 10:32 - 2014-06-19 08:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll2014-07-10 10:32 - 2014-06-19 07:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2014-07-10 10:32 - 2014-06-19 07:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll2014-07-10 10:32 - 2014-06-19 07:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll2014-07-10 10:32 - 2014-06-19 07:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll2014-07-10 10:32 - 2014-06-19 07:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe2014-07-10 10:32 - 2014-06-19 07:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll2014-07-10 10:32 - 2014-06-19 07:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2014-07-10 10:32 - 2014-06-19 07:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl2014-07-10 10:32 - 2014-06-19 07:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll2014-07-10 10:32 - 2014-06-19 06:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll2014-07-10 10:32 - 2014-06-19 06:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2014-07-10 10:32 - 2014-06-19 06:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll2014-07-10 10:32 - 2014-06-19 06:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll2014-07-10 10:32 - 2014-06-19 06:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2014-07-10 10:32 - 2014-06-19 06:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2014-07-10 10:32 - 2014-06-19 06:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll2014-07-10 10:32 - 2014-06-19 06:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl2014-07-10 10:32 - 2014-06-19 06:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2014-07-10 10:32 - 2014-06-19 06:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll2014-07-10 10:32 - 2014-06-19 06:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll2014-07-10 10:32 - 2014-06-19 06:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2014-07-10 10:32 - 2014-06-19 06:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll2014-07-10 10:31 - 2014-06-19 06:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll2014-07-10 10:24 - 2014-06-06 21:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll2014-07-10 10:24 - 2014-06-06 20:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll2014-07-10 10:14 - 2014-05-31 18:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe2014-07-10 10:14 - 2014-05-31 18:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll2014-07-10 10:14 - 2014-05-31 11:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll2014-07-10 10:14 - 2014-05-31 11:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll2014-07-10 10:14 - 2014-05-31 11:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll2014-07-10 10:14 - 2014-05-31 11:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll2014-07-10 10:14 - 2014-05-31 11:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll2014-07-10 10:14 - 2014-05-31 11:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll2014-07-10 10:14 - 2014-05-31 10:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll2014-07-10 10:14 - 2014-05-31 10:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll2014-07-10 10:14 - 2014-05-31 10:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll2014-07-10 10:14 - 2014-05-31 10:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll2014-07-10 10:14 - 2014-05-31 10:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll2014-07-10 10:14 - 2014-05-31 10:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll2014-07-10 10:14 - 2014-05-31 10:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll2014-07-09 23:49 - 2014-07-09 23:49 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe2014-07-09 11:10 - 2014-07-09 12:43 - 02794968 _____ () C:\Users\nikki_000\Downloads\Mold Presentation July 2014.pptx2014-07-08 11:26 - 2014-07-08 11:26 - 00290832 _____ () C:\WINDOWS\Minidump\070814-40578-01.dmp2014-07-07 16:21 - 2014-07-07 16:21 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\wivia2014-07-07 16:21 - 2014-07-07 16:21 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\MirrorOp_Lite2014-07-07 16:21 - 2014-07-07 16:21 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\BenchMarkTool2014-07-07 16:19 - 2014-07-07 16:19 - 00002061 _____ () C:\Users\Public\Desktop\MirrorOp AudioLite.lnk2014-07-07 16:19 - 2014-07-07 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MirrorOp AudioLite2014-07-07 16:19 - 2014-07-07 16:19 - 00000000 ____D () C:\Program Files (x86)\MirrorOp AudioLite2014-07-07 16:18 - 2014-07-07 16:18 - 03294695 _____ (AWIND Inc. ) C:\Users\nikki_000\Downloads\MirrorOpAudioLite_Setup_1006.exe2014-07-07 16:16 - 2014-07-07 16:19 - 00000756 _____ () C:\WINDOWS\SysWOW64\VACUninstall.lnk2014-07-07 16:16 - 2014-07-07 16:16 - 00001981 _____ () C:\Users\Public\Desktop\MirrorOp Lite.lnk2014-07-07 16:16 - 2014-07-07 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MirrorOp Lite2014-07-07 16:16 - 2014-07-07 16:16 - 00000000 ____D () C:\Program Files (x86)\MirrorOp Lite2014-07-07 11:10 - 2014-07-07 11:10 - 00031668 _____ () C:\Users\nikki_000\Downloads\MSI-DP ASUS - May 2014.xlsx2014-07-07 10:19 - 2014-07-07 10:19 - 00013548 _____ () C:\Users\nikki_000\Downloads\Book1.xlsx ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-02 02:03 - 2014-01-16 16:01 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A154E7D6-CB82-4D8C-ADB3-5ACC82A596FC}2014-08-02 02:02 - 2014-08-02 02:02 - 00034188 _____ () C:\Users\nikki_000\Downloads\FRST.txt2014-08-02 02:02 - 2014-08-02 00:36 - 00000000 ____D () C:\FRST2014-08-02 02:00 - 2013-12-19 00:28 - 00000944 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1536645271-1056295999-3914100127-1001UA.job2014-08-02 02:00 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\sru2014-08-02 01:57 - 2013-12-18 17:12 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2014-08-02 01:56 - 2013-12-18 13:54 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1536645271-1056295999-3914100127-10012014-08-02 01:34 - 2014-07-21 12:07 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job2014-08-02 01:32 - 2013-12-18 17:03 - 00000000 ____D () C:\ProgramData\WinClon2014-08-02 01:31 - 2013-12-18 17:20 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-08-02 01:30 - 2014-01-08 15:30 - 00000000 __RDO () C:\Users\nikki_000\SkyDrive2014-08-02 01:30 - 2014-01-06 15:00 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\Box Sync2014-08-02 01:29 - 2014-08-02 00:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2014-08-02 01:29 - 2013-12-18 17:12 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2014-08-02 01:28 - 2013-08-22 22:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2014-08-02 01:27 - 2013-11-14 15:17 - 00013862 _____ () C:\WINDOWS\PFRO.log2014-08-02 01:27 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\Camera2014-08-02 01:27 - 2013-08-22 21:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI2014-08-02 01:19 - 2014-08-02 00:58 - 00092888 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-08-02 01:14 - 2014-08-02 01:14 - 00000000 ____D () C:\Users\nikki_000\Downloads\mbam-chameleon-3.1.4.02014-08-02 01:12 - 2014-08-02 01:12 - 04872677 _____ () C:\Users\nikki_000\Downloads\mbam-chameleon-3.1.4.0.zip2014-08-02 00:58 - 2014-08-02 00:58 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-08-02 00:58 - 2014-08-02 00:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-08-02 00:58 - 2014-08-02 00:58 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-08-02 00:58 - 2014-08-02 00:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-08-02 00:53 - 2014-08-02 00:49 - 29611712 _____ (Microsoft Corporation) C:\Users\nikki_000\Downloads\Windows-KB890830-x64-V5.14.exe2014-08-02 00:51 - 2014-08-02 00:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\nikki_000\Downloads\mbam-setup-2.0.2.1012.exe2014-08-02 00:51 - 2014-01-08 14:46 - 01639433 _____ () C:\WINDOWS\WindowsUpdate.log2014-08-02 00:34 - 2014-08-02 00:34 - 02094080 _____ (Farbar) C:\Users\nikki_000\Downloads\FRST64.exe2014-08-02 00:34 - 2014-08-02 00:33 - 01084928 _____ (Farbar) C:\Users\nikki_000\Downloads\FRST.exe2014-08-02 00:23 - 2014-01-11 09:22 - 00000000 ____D () C:\Users\nikki_000\AppData\Roaming\vlc2014-08-02 00:20 - 2013-12-18 22:39 - 00003244 _____ () C:\WINDOWS\System32\Tasks\FFSRConfigurer2014-08-01 23:22 - 2013-12-18 17:50 - 00000000 ___RD () C:\Users\nikki_000\Documents\Dropbox2014-08-01 23:19 - 2014-08-01 23:19 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\Ujfmedia2014-08-01 23:19 - 2013-12-25 23:12 - 00000000 ____D () C:\Users\nikki_000\AppData\Roaming\BitTorrent2014-08-01 23:16 - 2014-08-01 23:16 - 00000000 ____D () C:\Users\nikki_000\Downloads\Zero Dark Thirty (2012)2014-08-01 21:51 - 2013-11-14 15:24 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2014-08-01 21:29 - 2014-08-01 19:22 - 00000000 ____D () C:\Users\nikki_000\Downloads\Fading Gigolo (2013)2014-08-01 21:26 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\AppReadiness2014-08-01 21:25 - 2014-08-01 21:25 - 00046017 _____ () C:\Users\nikki_000\Downloads\her-english-yify-12427.zip2014-08-01 21:24 - 2014-08-01 21:24 - 00030985 _____ () C:\Users\nikki_000\Downloads\fading-gigolo-english-yify-18905.zip2014-08-01 21:20 - 2014-08-01 21:20 - 00033874 _____ () C:\Users\nikki_000\Downloads\the-kings-of-summer-english-yify-3036.zip2014-08-01 21:02 - 2014-08-01 21:02 - 00011296 _____ () C:\Users\nikki_000\Downloads\[kickass.to]zero.dark.thirty.2012.720p.brrip.x264.yify.torrent2014-08-01 21:02 - 2014-08-01 21:02 - 00000000 ____D () C:\Users\nikki_000\Downloads\Kingsman_ The Secret Service (2014) .DVDRip XviD-MAXSPEED2014-08-01 21:00 - 2014-08-01 21:00 - 00057292 _____ () C:\Users\nikki_000\Downloads\1E53C0C85114120B45CB3E98C972639FFD8F23EA.torrent2014-08-01 20:59 - 2014-08-01 20:59 - 00000000 ____D () C:\Users\nikki_000\Downloads\The.Prestige.2006.720p.Bluray.x264.anoXmous2014-08-01 20:57 - 2014-08-01 20:57 - 00009960 _____ () C:\Users\nikki_000\Downloads\[kickass.to]mud.2012.720p.brrip.x264.yify.torrent2014-08-01 20:55 - 2014-08-01 20:55 - 00015119 _____ () C:\Users\nikki_000\Downloads\[kickass.to]inside.llewyn.davis.2013.brrip.xvid.sam.etrg.torrent2014-08-01 20:52 - 2014-08-01 20:52 - 00018124 _____ () C:\Users\nikki_000\Downloads\[kickass.to]the.prestige.2006.720p.bluray.x264.anoxmous.torrent2014-08-01 20:30 - 2014-08-01 20:30 - 00033041 _____ () C:\Users\nikki_000\Downloads\The One I Love 2014.torrent2014-08-01 19:59 - 2014-08-01 19:50 - 00000000 ____D () C:\Users\nikki_000\Downloads\Divergent (2014)2014-08-01 19:47 - 2014-08-01 19:47 - 00010021 _____ () C:\Users\nikki_000\Downloads\[kickass.to]divergent.2014.720p.brrip.x264.yify.torrent2014-08-01 19:45 - 2014-08-01 19:45 - 00028272 _____ () C:\Users\nikki_000\Downloads\[kickass.to]house.of.cards.2013.s01.season.1.720p.bluray.x264.anoxmous.torrent2014-08-01 19:40 - 2014-08-01 19:40 - 00007821 _____ () C:\Users\nikki_000\Downloads\[kickass.to]escape.from.tomorrow.2013.720p.brrip.x264.yify.torrent2014-08-01 19:25 - 2014-08-01 19:25 - 00058396 _____ () C:\Users\nikki_000\Downloads\[kickass.to]celeste.and.jesse.forever.2012.bdrip.xvid.sparks.torrent2014-08-01 19:23 - 2014-08-01 19:23 - 00015263 _____ () C:\Users\nikki_000\Downloads\[kickass.to]hello.i.must.be.going.2012.hdrip.xvid.s4a.torrent2014-08-01 19:20 - 2014-08-01 19:20 - 00007749 _____ () C:\Users\nikki_000\Downloads\[kickass.to]fading.gigolo.2013.720p.brrip.x264.yify.torrent2014-07-31 14:18 - 2014-04-14 10:00 - 00000000 ____D () C:\Users\nikki_000\AppData\Roaming\Spotify2014-07-31 10:38 - 2014-04-14 10:08 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\Spotify2014-07-31 10:00 - 2013-12-19 00:28 - 00000892 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1536645271-1056295999-3914100127-1001Core.job2014-07-31 09:38 - 2013-12-19 00:07 - 00000000 ___RD () C:\Users\nikki_000\Google Drive2014-07-31 09:38 - 2013-12-18 17:46 - 00000000 ____D () C:\Users\nikki_000\AppData\Roaming\Dropbox2014-07-31 09:21 - 2013-08-22 21:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM2014-07-31 09:18 - 2014-07-30 15:39 - 00003850 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 14067059652014-07-31 09:18 - 2014-07-30 15:39 - 00000000 ____D () C:\Program Files (x86)\Opera Next2014-07-30 16:28 - 2013-12-19 10:53 - 00001962 _____ () C:\Users\Public\Desktop\SW Update.lnk2014-07-30 16:28 - 2012-10-16 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung2014-07-30 16:16 - 2013-12-18 13:46 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\Packages2014-07-30 15:56 - 2013-08-22 22:46 - 00344464 _____ () C:\WINDOWS\setupact.log2014-07-30 15:39 - 2014-07-30 15:39 - 00001190 _____ () C:\Users\Public\Desktop\Opera Next.lnk2014-07-30 15:39 - 2014-07-30 15:39 - 00001190 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Next.lnk2014-07-30 15:39 - 2014-07-20 15:07 - 00000000 ____D () C:\Users\nikki_000\AppData\Roaming\Opera Software2014-07-30 15:39 - 2014-07-20 15:07 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\Opera Software2014-07-30 15:25 - 2014-07-20 15:07 - 00003828 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 14058396362014-07-30 15:25 - 2014-07-20 15:00 - 00000000 ____D () C:\Program Files (x86)\Opera2014-07-30 15:09 - 2014-07-30 15:09 - 00873672 _____ (Opera Software) C:\Users\nikki_000\Downloads\Opera_NI_stable.exe2014-07-30 15:09 - 2014-07-30 15:08 - 00873672 _____ (Opera Software) C:\Users\nikki_000\Downloads\Opera_NI_next.exe2014-07-30 14:51 - 2014-07-30 14:51 - 00000000 ____D () C:\Users\nikki_000\Downloads\Odin_v3.092014-07-30 14:39 - 2013-12-19 23:39 - 00001988 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk2014-07-30 14:39 - 2013-12-19 23:38 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys2014-07-30 14:38 - 2014-07-30 14:38 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr2014-07-30 14:38 - 2014-05-16 09:35 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys2014-07-30 14:38 - 2013-12-24 14:40 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys2014-07-30 14:38 - 2013-12-19 23:38 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys2014-07-30 14:38 - 2013-12-19 23:38 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe2014-07-30 14:38 - 2013-12-19 23:38 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys2014-07-30 14:38 - 2013-12-19 23:38 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys2014-07-30 14:38 - 2013-12-19 23:38 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys2014-07-30 14:38 - 2013-12-19 23:38 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys2014-07-30 14:38 - 2013-12-19 23:38 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update2014-07-30 14:32 - 2014-07-30 14:09 - 00000000 ____D () C:\Users\nikki_000\Downloads\Root Tab2014-07-30 14:31 - 2014-07-30 14:31 - 00212346 _____ () C:\Users\nikki_000\Downloads\Odin_Multi_Downloader_v4.44.zip2014-07-25 16:57 - 2013-12-19 09:46 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\Last.fm2014-07-25 10:32 - 2014-07-25 10:32 - 00076384 _____ (http://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusb0.dll 2014-07-25 10:32 - 2014-07-25 10:32 - 00052832 _____ (http://libusb-win32.sourceforge.net) C:\WINDOWS\system32\Drivers\libusb0.sys 2014-07-25 10:32 - 2014-07-25 10:32 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-07-25 10:32 - 2013-08-22 23:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy2014-07-25 10:30 - 2013-12-18 22:17 - 00000000 ____D () C:\ProgramData\Package Cache2014-07-25 10:29 - 2014-07-25 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SixaxisPairTool2014-07-25 10:29 - 2014-07-25 10:29 - 00000000 ____D () C:\Program Files (x86)\SixaxisPairTool2014-07-25 10:23 - 2014-07-25 10:22 - 13591657 _____ (Dancing Pixel Studios ) C:\Users\nikki_000\Downloads\SixaxisPairToolSetup-0.2.5.exe2014-07-24 15:14 - 2014-07-24 15:13 - 00007168 _____ () C:\Users\nikki_000\Downloads\demo_building_inspection_2014.xls2014-07-24 11:39 - 2014-01-03 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices2014-07-24 11:03 - 2013-12-18 17:50 - 00001084 _____ () C:\Users\nikki_000\Desktop\Dropbox.lnk2014-07-24 11:03 - 2013-12-18 17:48 - 00000000 ____D () C:\Users\nikki_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2014-07-24 10:47 - 2014-01-06 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync2014-07-24 10:40 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\NDF2014-07-22 19:15 - 2014-07-22 19:15 - 00066612 _____ () C:\Users\nikki_000\Downloads\summer-of-sam-english-yify-15824.zip2014-07-22 16:09 - 2014-07-22 16:08 - 04585729 _____ () C:\Users\nikki_000\Downloads\product_managers_and_ux.epub2014-07-22 14:18 - 2014-07-22 14:18 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\Adobe2014-07-22 10:18 - 2014-07-22 10:18 - 00025798 _____ () C:\Users\nikki_000\Downloads\Samsung Tender Registration Form.xlsx2014-07-22 09:38 - 2014-07-22 09:38 - 00021770 _____ () C:\Users\nikki_000\Downloads\config.bin2014-07-21 12:07 - 2014-07-21 12:07 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater2014-07-21 11:19 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\rescache2014-07-20 15:00 - 2014-07-20 15:01 - 00001145 _____ () C:\Users\Public\Desktop\Opera.lnk2014-07-20 15:00 - 2014-07-20 15:01 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk2014-07-20 14:47 - 2014-07-20 14:47 - 00000000 __SHD () C:\Users\nikki_000\AppData\Local\EmieUserList2014-07-20 14:47 - 2014-07-20 14:47 - 00000000 __SHD () C:\Users\nikki_000\AppData\Local\EmieSiteList2014-07-19 16:42 - 2014-01-02 13:46 - 00000000 ____D () C:\ProgramData\Oracle2014-07-19 16:41 - 2014-07-19 16:41 - 00004114 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_65-b20.log2014-07-19 16:41 - 2014-07-19 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-07-19 16:41 - 2014-04-25 12:36 - 00000000 ____D () C:\Program Files (x86)\Java2014-07-19 16:37 - 2014-07-19 16:36 - 00392096 _____ () C:\Users\nikki_000\Downloads\orange-is-the-new-black-second-season_english-930422.zip2014-07-19 03:02 - 2014-01-08 14:47 - 00000000 ____D () C:\Users\nikki_0002014-07-18 23:37 - 2014-07-18 23:37 - 00290776 _____ () C:\WINDOWS\Minidump\071814-44156-01.dmp2014-07-18 23:37 - 2014-03-20 13:48 - 00000000 ____D () C:\WINDOWS\Minidump2014-07-18 23:36 - 2014-03-20 13:48 - 1304311022 _____ () C:\WINDOWS\MEMORY.DMP2014-07-17 17:47 - 2013-12-18 17:11 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\Google2014-07-17 17:41 - 2014-07-17 17:41 - 00895120 _____ (Google Inc.) C:\Users\nikki_000\Downloads\ChromeSetup.exe2014-07-13 23:18 - 2013-08-22 22:44 - 00462272 _____ () C:\WINDOWS\system32\FNTCACHE.DAT2014-07-13 23:16 - 2014-07-13 23:16 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel2014-07-13 23:16 - 2013-11-14 15:14 - 00000000 ____D () C:\Program Files\Windows Journal2014-07-13 23:16 - 2013-08-22 23:36 - 00000000 ___RD () C:\WINDOWS\ToastData2014-07-13 23:16 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2014-07-13 23:16 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2014-07-13 23:16 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\WinStore2014-07-13 21:37 - 2014-07-13 21:37 - 00000000 ____D () C:\Users\nikki_000\AppData\Roaming\Pencil2014-07-13 21:37 - 2014-07-13 21:37 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\Pencil2014-07-13 21:37 - 2014-06-10 13:56 - 00000000 ____D () C:\Users\nikki_000\AppData\Roaming\Mozilla2014-07-13 21:36 - 2014-07-13 21:36 - 00000000 ____D () C:\Program Files (x86)\Evolus2014-07-13 21:29 - 2014-07-13 21:07 - 24218412 _____ (Evolus Co., Ltd.) C:\Users\nikki_000\Downloads\Pencil-2.0.5.win32.installer.exe2014-07-13 18:22 - 2014-01-02 08:51 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-07-13 18:21 - 2014-02-17 11:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 20132014-07-11 03:02 - 2014-07-19 16:41 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll2014-07-11 02:56 - 2014-07-19 16:42 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe2014-07-11 02:56 - 2014-07-19 16:41 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe2014-07-11 02:55 - 2014-07-19 16:41 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe2014-07-10 20:07 - 2013-12-27 15:47 - 00000000 ____D () C:\WINDOWS\system32\MRT2014-07-10 20:00 - 2012-07-26 15:59 - 00000000 ____D () C:\WINDOWS\CbsTemp2014-07-09 23:49 - 2014-07-09 23:49 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe2014-07-09 12:43 - 2014-07-09 11:10 - 02794968 _____ () C:\Users\nikki_000\Downloads\Mold Presentation July 2014.pptx2014-07-09 10:04 - 2014-01-06 12:28 - 00002058 _____ () C:\Users\Public\Desktop\Google Slides.lnk2014-07-09 10:04 - 2014-01-06 12:28 - 00002056 _____ () C:\Users\Public\Desktop\Google Sheets.lnk2014-07-09 10:04 - 2014-01-06 12:28 - 00002046 _____ () C:\Users\Public\Desktop\Google Docs.lnk2014-07-09 10:04 - 2014-01-06 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive2014-07-08 11:26 - 2014-07-08 11:26 - 00290832 _____ () C:\WINDOWS\Minidump\070814-40578-01.dmp2014-07-07 16:21 - 2014-07-07 16:21 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\wivia2014-07-07 16:21 - 2014-07-07 16:21 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\MirrorOp_Lite2014-07-07 16:21 - 2014-07-07 16:21 - 00000000 ____D () C:\Users\nikki_000\AppData\Local\BenchMarkTool2014-07-07 16:19 - 2014-07-07 16:19 - 00002061 _____ () C:\Users\Public\Desktop\MirrorOp AudioLite.lnk2014-07-07 16:19 - 2014-07-07 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MirrorOp AudioLite2014-07-07 16:19 - 2014-07-07 16:19 - 00000000 ____D () C:\Program Files (x86)\MirrorOp AudioLite2014-07-07 16:19 - 2014-07-07 16:16 - 00000756 _____ () C:\WINDOWS\SysWOW64\VACUninstall.lnk2014-07-07 16:18 - 2014-07-07 16:18 - 03294695 _____ (AWIND Inc. ) C:\Users\nikki_000\Downloads\MirrorOpAudioLite_Setup_1006.exe2014-07-07 16:16 - 2014-07-07 16:16 - 00001981 _____ () C:\Users\Public\Desktop\MirrorOp Lite.lnk2014-07-07 16:16 - 2014-07-07 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MirrorOp Lite2014-07-07 16:16 - 2014-07-07 16:16 - 00000000 ____D () C:\Program Files (x86)\MirrorOp Lite2014-07-07 15:36 - 2014-01-02 23:56 - 00000000 ____D () C:\Users\nikki_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wugs Nexus Root Tookit2014-07-07 15:36 - 2014-01-02 23:55 - 00000000 ____D () C:\Program Files (x86)\WugFresh Development2014-07-07 11:10 - 2014-07-07 11:10 - 00031668 _____ () C:\Users\nikki_000\Downloads\MSI-DP ASUS - May 2014.xlsx2014-07-07 10:19 - 2014-07-07 10:19 - 00013548 _____ () C:\Users\nikki_000\Downloads\Book1.xlsx Files to move or delete:====================C:\ProgramData\MakeMarkerFile.exe Some content of TEMP:====================C:\Users\nikki_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2anqu4.dllC:\Users\nikki_000\AppData\Local\Temp\htmlayout.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-31 10:19 ==================== End Of Log ============================
  3. Hi, My laptop got infected with wmp x264. Everything else just won't run. Please help. Thanks!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.