Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cant remove gambali.dll


  • This topic is locked This topic is locked
5 replies to this topic

#1 Amaixkoneko

Amaixkoneko

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:11 AM

Posted 15 June 2015 - 09:43 AM

Im not even sure when i got this .dll, my younger sister is complaining bout not being able to play her game on my computer because of it and i googled what type of file it is. I attempted to remove it in anyway I found trusting but havnt found any results
I tried using the command box for sc delete gambali but I got accessed denied
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Home (administrator) on HOME-PC on 15-06-2015 10:35:04
Running from C:\Users\Home\Downloads
Loaded Profiles: Home (Available Profiles: Home)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 2015-04-09] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-22] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5768992 2015-02-02] (IObit)
HKLM-x32\...\Run: [gmsd_us_374] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [gmsd_us_558] => [X]
HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\Run: [SmartRAM] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe [535840 2014-09-02] (IObit)
HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\Run: [join.me.launcher] => C:\Users\Home\AppData\Local\join.me.launcher\join.me.launcher.exe [179712 2015-06-02] (LogMeIn, Inc)
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
IFEO\ChangeIcon.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\DriverBooster.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\GameOverlayUI.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-Adb.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-Agent.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-ApkHandler.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-BlockDevice.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-CreateSymlink.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-Frontend.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-GLCheck.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-GuestCommandRunner.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-LogCollector.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-LogRotator.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-LogRotatorService.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-Network.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-OptiPng.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-png2ico.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-Quit.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-Restart.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-RunApp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-Service.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-SharedFolder.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-StartLauncher.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-TileCreator.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-unzip.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-UpdaterService.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\HD-zip.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\InstStat.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\MakeSFX.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Promote.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Scheduler.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\SetupHlp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Steam.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\steamerrorreporter.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\steamerrorreporter64.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\streaming_client.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\TeamViewer.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\TeamViewer_Desktop.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\TeamViewer_Service.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\tv_w32.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\tv_x64.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\WriteMiniDump.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2014-12-30]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-01-29]
ShortcutTarget: Curse.lnk -> C:\Users\Home\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2420320935-1616199221-810385421-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/p/?LinkId=255141
HKU\S-1-5-21-2420320935-1616199221-810385421-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www-searching.com/search.aspx?s=F4Fzbuzdk00CN1,c4214d44-c1b1-4e9b-9eed-6baa398a70de,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2420320935-1616199221-810385421-1000 -> {E2697C15-FFB5-4006-AECA-3CC70261B967} URL = http://search.strtpoint.com/results.html?v=insMac&t=1411&ap=578080078&q={searchTerms}&r=299
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
Hosts: 54.204.28.26 pidnkkbbdmichdcoaodhhjkaiejjcpjk
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\jk8m4eao.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-05-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-05] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-27] (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Home\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF user.js: detected! => C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\jk8m4eao.default\user.js [2015-05-12]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\jk8m4eao.default\Extensions\iobitascsurfingprotection@iobit.com [2015-05-29]
FF Extension: Mozilla Firefox Hotfixer - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\jk8m4eao.default\Extensions\veggy@veggyAddon.com [2015-05-05]
FF Extension: Zoom It - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\jk8m4eao.default\Extensions\{8727e5d6-045e-f1a0-0edb-678959dba440} [2015-05-12]
FF Extension: AdBlock Lite - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\jk8m4eao.default\Extensions\jid1-dwtFBkQjb3SIQp@jetpack.xpi [2015-05-01]
FF Extension: Smart Ads Blocker - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\jk8m4eao.default\Extensions\jid1-LYopfl0r00ZV5k@jetpack.xpi [2015-05-01]
FF Extension: Youtube MP3 Downloader using youtube-mp3.org - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\jk8m4eao.default\Extensions\jid1-xKH0EoS44u1a2w@jetpack.xpi [2015-05-05]
FF HKLM\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
 
Chrome: 
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-12]
CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-12]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-12]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-12]
CHR Extension: (Adblock Plus) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-13]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-12]
CHR Extension: (Google Sheets) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-12]
CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-14]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-12]
CHR HKU\S-1-5-21-2420320935-1616199221-810385421-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 18ca57a6; c:\Program Files (x86)\CutterEngine\CutterEngine.dll [2285056 2015-05-28] () [File not signed]
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
S4 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
S3 Ds3Service; C:\Program Files (x86)\Scarlet.Crush Productions\bin\ScpService.exe [388352 2013-05-05] (Scarlet.Crush Productions)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-22] (NVIDIA Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344864 2015-01-27] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2585376 2015-03-26] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-22] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-22] (NVIDIA Corporation)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-03-28] (Ralink Technology, Corp.) [File not signed]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-03-28] (Ralink Technology, Corp.) [File not signed]
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [625728 2012-03-28] ()
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S4 uwwSDxtW; C:\ProgramData\qcuPEyhAyTO\uwwSDxtW.exe [2731504 2015-04-15] (Small Island Development)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671512 2014-12-22] (Wacom Technology, Corp.)
S4 bexoruqe; C:\Users\Home\AppData\Roaming\A0DC9CC8-1427062838-1120-1103-010005000000\nsbA9E.tmp [X]
S4 CoupoonService64; No ImagePath
S2 UpdateCheck; No ImagePath
S3 xuhejygu; C:\Users\Home\AppData\Roaming\A0DC9CC8-1427062838-1120-1103-010005000000\jnsu22C5.tmp [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2014-11-10] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-09] (REALiX™)
S3 hxsyol; C:\Windows\system32\hxsy64.sys [86352 2015-01-18] ()
R4 KProcessHacker2; C:\Users\Home\AppData\Local\Temp\Rar$EXa0.518\x64\kprocesshacker.sys [39576 2013-11-13] (wj32)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2014-11-10] (IObit.com)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2014-11-10] (IObit.com)
R1 {5fffa6f0-ef2f-4f97-947f-be576fd614cc}Gw64; C:\Windows\System32\drivers\{5fffa6f0-ef2f-4f97-947f-be576fd614cc}Gw64.sys [48776 2015-04-21] (StdLib)
R1 {8d6a8849-ca55-4559-a189-5094292d69a7}w64; C:\Windows\System32\drivers\{8d6a8849-ca55-4559-a189-5094292d69a7}w64.sys [48784 2015-05-12] (StdLib)
R1 {d93ce251-e6ac-4f4b-ba05-ce0ece92d7f0}Gw64; C:\Windows\System32\drivers\{d93ce251-e6ac-4f4b-ba05-ce0ece92d7f0}Gw64.sys [48776 2015-04-20] (StdLib)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
S1 qrnfd_1_10_0_9; system32\drivers\qrnfd_1_10_0_9.sys [X]
R3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-15 10:35 - 2015-06-15 10:35 - 00024500 _____ C:\Users\Home\Downloads\FRST.txt
2015-06-15 10:34 - 2015-06-15 10:35 - 00000000 ____D C:\FRST
2015-06-15 10:34 - 2015-06-15 10:34 - 02109952 _____ (Farbar) C:\Users\Home\Downloads\FRST64.exe
2015-06-15 10:34 - 2015-06-15 10:34 - 01148416 _____ (Farbar) C:\Users\Home\Downloads\FRST.exe
2015-06-15 10:28 - 2015-06-15 10:28 - 00593693 _____ C:\Users\Home\Downloads\Autoruns.zip
2015-06-15 10:22 - 2015-06-15 10:22 - 02861361 _____ C:\Users\Home\Downloads\processhacker-2.35-bin.zip
2015-06-15 10:22 - 2015-06-15 10:22 - 01986032 _____ (wj32 ) C:\Users\Home\Downloads\processhacker-2.35-setup.exe
2015-06-15 10:22 - 2015-06-15 10:22 - 00000000 ____D C:\Users\Home\AppData\Roaming\Process Hacker 2
2015-06-15 10:16 - 2015-06-15 10:16 - 00000000 ____D C:\Program Files (x86)\Resource Kit
2015-06-15 10:15 - 2015-06-15 10:15 - 00625792 _____ (Microsoft Corporation) C:\Users\Home\Downloads\delsrv.exe
2015-06-15 09:12 - 2015-06-15 09:12 - 00014608 _____ C:\Users\Home\Documents\anabelle.veg
2015-06-13 19:03 - 2015-06-13 19:03 - 00000000 ____D C:\Users\Home\AppData\Local\join.me.launcher
2015-06-13 16:45 - 2015-06-13 16:45 - 00326216 _____ C:\Users\Home\Downloads\dcenhanc.zip
2015-06-10 03:40 - 2015-06-01 15:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 03:40 - 2015-06-01 14:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 03:40 - 2015-05-27 10:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 03:40 - 2015-05-25 13:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 03:40 - 2015-05-22 23:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 03:40 - 2015-05-22 23:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 03:40 - 2015-05-22 23:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 03:40 - 2015-05-22 23:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 03:40 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 03:40 - 2015-05-22 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 03:40 - 2015-05-22 23:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 03:40 - 2015-05-22 23:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 03:40 - 2015-05-22 23:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 03:40 - 2015-05-22 23:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 03:40 - 2015-05-22 23:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 03:40 - 2015-05-22 23:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 03:40 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 03:40 - 2015-05-22 22:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 03:40 - 2015-05-22 22:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 03:40 - 2015-05-22 22:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 03:40 - 2015-05-22 22:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 03:40 - 2015-05-22 22:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 03:40 - 2015-05-22 22:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 03:40 - 2015-05-22 22:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 03:40 - 2015-05-22 22:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 03:40 - 2015-05-22 22:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 03:40 - 2015-05-22 22:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 03:40 - 2015-05-22 22:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 03:40 - 2015-05-22 22:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 03:40 - 2015-05-22 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 03:40 - 2015-05-22 15:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 03:40 - 2015-05-22 15:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 03:40 - 2015-05-22 15:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 03:40 - 2015-05-22 15:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 03:40 - 2015-05-22 15:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 03:40 - 2015-05-22 15:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 03:40 - 2015-05-22 14:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 03:40 - 2015-05-22 14:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 03:40 - 2015-05-22 14:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 03:40 - 2015-05-22 14:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 03:40 - 2015-05-22 14:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 03:40 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 03:40 - 2015-05-22 14:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 03:40 - 2015-05-22 14:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 03:40 - 2015-05-22 14:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 03:40 - 2015-05-22 14:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 03:40 - 2015-05-22 14:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 03:40 - 2015-05-22 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 03:40 - 2015-05-22 14:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 03:40 - 2015-05-22 14:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 03:40 - 2015-05-22 14:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 03:40 - 2015-05-22 14:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 03:40 - 2015-05-22 14:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 03:40 - 2015-05-22 14:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 03:40 - 2015-05-22 14:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 03:40 - 2015-05-22 14:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 03:40 - 2015-05-22 14:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 03:40 - 2015-05-22 14:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 03:40 - 2015-05-22 14:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 03:40 - 2015-05-22 14:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 03:40 - 2015-05-22 13:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 03:40 - 2015-05-22 13:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 03:40 - 2015-05-22 13:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 03:40 - 2015-05-22 13:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 03:40 - 2015-05-21 09:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 03:40 - 2015-04-29 14:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 03:40 - 2015-04-29 14:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 03:40 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 03:40 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 03:40 - 2015-04-29 14:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 03:40 - 2015-04-29 14:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 03:40 - 2015-04-29 14:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 03:40 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 03:40 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 03:40 - 2015-04-29 14:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 03:40 - 2015-04-24 14:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 03:40 - 2015-04-24 13:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 03:39 - 2015-05-27 10:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 03:39 - 2015-05-22 15:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 03:39 - 2015-05-22 14:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 03:39 - 2015-05-22 14:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-07 15:50 - 2015-06-07 15:50 - 02799527 _____ C:\Users\Home\Downloads\Crack.rar
2015-06-07 01:24 - 2015-06-07 11:51 - 00000000 ____D C:\Program Files (x86)\RaidCall
2015-06-07 01:24 - 2015-06-07 01:24 - 05801376 _____ C:\Users\Home\Downloads\raidcall_v7.3.6.exe
2015-06-07 01:24 - 2015-06-07 01:24 - 00001031 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk
2015-06-07 01:24 - 2015-06-07 01:24 - 00000000 ____D C:\Users\Home\AppData\Roaming\raidcall
2015-06-07 01:24 - 2015-06-07 01:24 - 00000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RaidCall
2015-06-07 01:24 - 2015-06-07 01:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall
2015-06-06 22:36 - 2015-06-06 22:36 - 00007094 _____ C:\Windows\PFRO.log
2015-06-06 22:35 - 2015-06-06 22:35 - 00000000 ____H C:\asc_rdflag
2015-06-03 16:07 - 2015-06-03 17:32 - 00000000 ____D C:\Users\Home\AppData\Roaming\Tera_Awesomium
2015-06-03 15:24 - 2015-06-03 15:24 - 00000000 ____D C:\Users\Home\AppData\Local\TERA
2015-06-03 14:56 - 2015-06-10 20:09 - 00001904 _____ C:\Windows\setupact.log
2015-06-03 14:56 - 2015-06-03 14:56 - 00000000 _____ C:\Windows\setuperr.log
2015-06-03 02:15 - 2015-06-03 02:15 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-03 02:15 - 2015-06-03 02:15 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-03 02:15 - 2015-06-03 02:15 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-03 02:15 - 2015-06-03 02:15 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-03 02:15 - 2015-06-03 02:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-03 02:14 - 2015-06-03 02:14 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-03 02:14 - 2015-06-03 02:14 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-03 02:14 - 2015-06-03 02:14 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-03 02:14 - 2015-06-03 02:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-03 02:14 - 2015-06-03 02:14 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-03 02:14 - 2015-06-03 02:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-03 02:14 - 2015-06-03 02:14 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-03 02:14 - 2015-06-03 02:14 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-03 02:14 - 2015-06-03 02:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-03 02:14 - 2015-06-03 02:14 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-03 02:14 - 2015-06-03 02:14 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-03 02:14 - 2015-06-03 02:14 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-03 02:14 - 2015-06-03 02:14 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-03 02:14 - 2015-06-03 02:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-03 02:14 - 2015-06-03 02:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-03 02:14 - 2015-06-03 02:14 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-02 02:03 - 2015-06-02 02:15 - 00000000 ____D C:\Users\Home\AppData\Local\Project1
2015-06-02 02:02 - 2015-06-02 02:03 - 40017920 _____ (@Pezomi ) C:\Users\Home\Downloads\Shoppy Mart 1.0.0.1.exe
2015-06-02 01:32 - 2015-06-02 01:32 - 00001019 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk
2015-06-02 00:00 - 2015-05-27 23:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-01 23:57 - 2015-06-07 15:50 - 00000000 ____D C:\Program Files (x86)\AKIBAS TRIP Undead Undressed
2015-06-01 23:57 - 2015-05-28 03:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-01 23:57 - 2015-05-28 03:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-06-01 23:57 - 2015-05-28 03:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-01 23:57 - 2015-05-28 03:04 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-06-01 23:56 - 2015-05-28 03:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-01 23:56 - 2015-05-28 03:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-01 23:52 - 2015-04-03 09:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-01 23:52 - 2015-04-03 09:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-01 21:30 - 2015-06-01 21:30 - 00000000 ____D C:\ProgramData\Steam
2015-06-01 05:15 - 2015-06-01 05:16 - 2262971427 _____ C:\Users\Home\Downloads\Trips to bakka.7z
2015-06-01 04:51 - 2015-06-01 04:51 - 00000000 ____D C:\Users\Home\AppData\Local\GWX
2015-05-31 00:38 - 2015-06-02 14:49 - 00000000 ____D C:\ProgramData\LogMeIn
2015-05-31 00:38 - 2015-05-31 00:38 - 00000000 ____D C:\Users\Home\AppData\Local\LogMeIn
2015-05-30 23:41 - 2015-06-14 00:03 - 00000000 ____D C:\Users\Home\AppData\Local\join.me
2015-05-29 16:59 - 2015-05-29 16:59 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-05-29 16:53 - 2015-05-29 16:53 - 00003180 _____ C:\Windows\System32\Tasks\ASC8_PerformanceMonitor
2015-05-28 21:04 - 2015-05-28 21:04 - 00000000 ____D C:\Program Files (x86)\CutterEngine
2015-05-24 01:34 - 2015-05-24 01:34 - 964429685 _____ C:\Windows\MEMORY.DMP
2015-05-23 07:29 - 2015-05-23 07:30 - 400316216 _____ C:\Users\Home\Downloads\2015-05-23-0534-17.wmv.sfap0
2015-05-23 06:49 - 2015-05-23 06:59 - 2095930055 _____ C:\Users\Home\Downloads\2015-05-23-0534-17.wmv
2015-05-20 20:04 - 2015-05-20 20:04 - 00000000 ____D C:\Users\Home\AppData\Roaming\m2tools CheeseWare
2015-05-20 14:07 - 2015-05-20 14:07 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2015-05-17 17:54 - 2015-05-17 17:55 - 28581135 _____ C:\Users\Home\Downloads\Get Dumped-1.0-win.zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-15 10:30 - 2015-01-05 18:09 - 00000000 ____D C:\Users\Home\AppData\Roaming\Skype
2015-06-15 10:26 - 2015-05-05 05:24 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-15 10:25 - 2015-01-06 17:26 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-15 10:01 - 2015-05-12 15:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-15 09:28 - 2015-01-07 16:57 - 00000000 ____D C:\Users\Home\AppData\Roaming\.minecraft
2015-06-15 06:50 - 2015-01-06 17:10 - 00000000 ____D C:\Users\Home\AppData\Roaming\OBS
2015-06-15 05:29 - 2014-12-30 04:40 - 01098708 _____ C:\Windows\WindowsUpdate.log
2015-06-15 05:01 - 2015-05-12 15:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-14 22:41 - 2009-07-14 00:45 - 00022736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-14 22:41 - 2009-07-14 00:45 - 00022736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-14 01:29 - 2015-01-05 18:14 - 00000000 ____D C:\Users\Home\Desktop\Nini
2015-06-11 01:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-06-10 13:44 - 2015-01-29 16:06 - 00000000 ____D C:\Users\Home\AppData\Roaming\Curse Client
2015-06-10 13:41 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-10 13:39 - 2014-12-30 03:30 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-10 13:39 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-10 13:39 - 2009-07-14 00:45 - 00270560 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 13:38 - 2014-12-30 11:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 13:38 - 2014-12-30 11:02 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 13:38 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 09:51 - 2014-12-30 04:25 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 09:48 - 2014-12-30 04:25 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-06 22:45 - 2009-07-14 01:13 - 00006166 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-06 22:40 - 2015-02-09 20:42 - 00000000 ____D C:\ProgramData\ProductData
2015-06-06 22:35 - 2015-05-03 03:18 - 44220416 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2015-06-06 22:35 - 2015-04-04 03:14 - 63504384 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-06-06 22:35 - 2015-04-04 03:14 - 00274432 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-06-06 22:35 - 2015-04-04 03:14 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-06-06 22:35 - 2015-04-04 03:14 - 00024576 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2015-06-03 15:24 - 2015-04-01 13:31 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-02 00:06 - 2014-12-30 03:23 - 00000000 ____D C:\Users\Home\AppData\Local\NVIDIA Corporation
2015-06-02 00:01 - 2014-12-30 03:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-02 00:01 - 2014-12-30 03:18 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-02 00:00 - 2014-12-30 03:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-01 23:59 - 2014-12-30 03:17 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-01 21:50 - 2015-02-09 13:32 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-01 21:47 - 2015-02-17 13:06 - 00002900 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Home
2015-05-31 22:38 - 2015-01-07 11:19 - 00000000 ____D C:\Users\Home\AppData\Local\osu!
2015-05-31 00:36 - 2015-05-14 17:56 - 00000000 ____D C:\Users\Home\AppData\Local\Jigoku_Kisetsukan
2015-05-29 16:58 - 2015-05-12 15:18 - 00000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
2015-05-29 16:53 - 2015-02-09 20:42 - 00002868 _____ C:\Windows\System32\Tasks\ASC8_SkipUac_Home
2015-05-29 16:53 - 2015-02-09 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-05-28 21:04 - 2015-05-10 00:23 - 00000000 ____D C:\ProgramData\2ce62cfc000002e9
2015-05-28 03:04 - 2015-03-30 21:03 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-28 03:04 - 2015-03-25 22:29 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-28 03:04 - 2015-01-28 12:25 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-28 03:04 - 2014-12-30 03:29 - 00112968 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-28 03:04 - 2014-12-30 03:29 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-28 03:04 - 2014-12-30 03:28 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 03:04 - 2014-12-30 03:28 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-28 03:04 - 2014-12-30 03:28 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 03:04 - 2014-12-30 03:28 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-28 00:15 - 2014-12-30 03:29 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 00:15 - 2014-12-30 03:29 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 00:15 - 2014-12-30 03:29 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 00:15 - 2014-12-30 03:29 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 00:15 - 2014-12-30 03:29 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 00:15 - 2014-12-30 03:29 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 06:48 - 2014-12-30 03:29 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-24 01:35 - 2015-01-07 10:20 - 00000000 ____D C:\Windows\Minidump
2015-05-22 21:47 - 2014-12-30 03:23 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-22 21:47 - 2014-12-30 03:23 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-22 21:47 - 2014-12-30 03:23 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-22 21:47 - 2014-12-30 03:23 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-20 20:08 - 2015-01-06 17:00 - 00000000 ___HD C:\Windows\msdownld.tmp
2015-05-20 20:08 - 2015-01-06 17:00 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-05-20 14:39 - 2015-04-01 20:10 - 00000000 ____D C:\Users\Home\AppData\Roaming\Audacity
2015-05-20 03:00 - 2015-03-29 22:03 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 03:00 - 2015-03-29 22:02 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-17 17:55 - 2015-01-24 01:35 - 00000000 ____D C:\Users\Home\AppData\Roaming\RenPy
2015-05-17 04:56 - 2015-05-12 15:50 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 04:56 - 2015-05-12 15:50 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
==================== Files in the root of some directories =======
 
2015-05-09 11:52 - 2015-05-09 11:52 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-03-17 11:57 - 2015-04-14 19:07 - 0000132 _____ () C:\Users\Home\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-04-19 04:54 - 2015-04-29 21:29 - 0000020 _____ () C:\Users\Home\AppData\Roaming\appdataFr3.bin
2015-03-02 07:14 - 2015-03-02 07:38 - 0000124 _____ () C:\Users\Home\AppData\Roaming\Camdata.ini
2015-03-02 07:14 - 2015-03-02 07:38 - 0000408 _____ () C:\Users\Home\AppData\Roaming\CamLayout.ini
2015-03-02 07:14 - 2015-03-02 07:38 - 0000408 _____ () C:\Users\Home\AppData\Roaming\CamShapes.ini
2015-03-02 07:13 - 2015-03-02 07:38 - 0004533 _____ () C:\Users\Home\AppData\Roaming\CamStudio.cfg
2015-03-02 07:37 - 2015-03-02 07:37 - 0000098 _____ () C:\Users\Home\AppData\Roaming\CamStudio.Producer.command
2015-03-02 07:38 - 2015-03-02 07:38 - 0000000 _____ () C:\Users\Home\AppData\Roaming\CamStudio.Producer.Data.ini
2015-03-02 07:38 - 2015-03-02 07:38 - 0001209 _____ () C:\Users\Home\AppData\Roaming\CamStudio.Producer.ini
2015-03-02 07:13 - 2015-03-02 07:20 - 0000096 _____ () C:\Users\Home\AppData\Roaming\version2.xml
2015-02-09 21:32 - 2015-02-09 21:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-05 03:52 - 2015-05-09 23:18 - 0000112 _____ () C:\ProgramData\HfC5D4Ol.dat
 
Files to move or delete:
====================
C:\ProgramData\HfC5D4Ol.dat
 
 
Some files in TEMP:
====================
C:\Users\Home\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Home\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-14 02:46
 
==================== End of log ============================


BC AdBot (Login to Remove)

 


#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:11 PM

Posted 16 June 2015 - 12:00 AM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

You forgot to post the Addition.txt log. Please post that log in your next reply! :)

Thanks!

 

 

Regards,

Georgi


cXfZ4wS.png


#3 Amaixkoneko

Amaixkoneko
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:11 AM

Posted 16 June 2015 - 12:38 AM

thank you so much ^_^ also yeah sorry bout that here you go

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Home at 2015-06-15 10:35:42
Running from C:\Users\Home\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2420320935-1616199221-810385421-500 - Administrator - Disabled)
Guest (S-1-5-21-2420320935-1616199221-810385421-501 - Limited - Disabled)
Home (S-1-5-21-2420320935-1616199221-810385421-1000 - Administrator - Enabled) => C:\Users\Home

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.2.0 - IObit)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Productions Ltd.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AKIBA'S TRIP: Undead  Undressed (HKLM-x32\...\QUtJQkFTVFJJUFVuZGVhZFVuZHJlc3NlZA==_is1) (Version: 1 - )
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audition Online (HKLM-x32\...\Steam App 349720) (Version:  - T3 Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Cat Goes Fishing (HKLM-x32\...\Steam App 343780) (Version:  - Cat5Games)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Croixleur Sigma (HKLM-x32\...\Steam App 250640) (Version:  - souvenir circ.)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CutterEngine (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{18ca57a6}) (Version:  - Software Publisher) <==== ATTENTION
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Driver Booster 2.2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.2 - IObit)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.103 - Etron Technology) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HuniePop (HKLM-x32\...\Steam App 339800) (Version:  - HuniePot)
Hyperdimension Neptunia Re;Birth1 (HKLM-x32\...\Steam App 282900) (Version:  - Idea Factory, Inc.)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.0 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jigoku Kisetsukan: Sense of the Seasons (HKLM-x32\...\Steam App 368950) (Version:  - )
join.me (HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\JoinMe) (Version: 1.20.0.503 - LogMeIn, Inc.)
join.me.launcher (x32 Version: 1.0.390.0 - LogMeIn, Inc.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Tool Web Package : DELSRV.EXE (HKLM-x32\...\{8CD7E3FE-74F8-49E4-8B4F-EE038D507132}) (Version: 1.0.0.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
Moobot Assistant (HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\40790fab0e175d6b) (Version: 1.0.0.1 - Knudsen Apps)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
osu! (HKLM-x32\...\{13fbb593-ad90-4909-81a4-1e3a332ea8d7}) (Version: latest - ppy Pty Ltd)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.13004.105 - raidcall.com)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.17.0 - Ralink)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{E883ECE4-1189-413A-894D-B7C4B17F0607}) (Version: 1.0.7.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.0 - IObit)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
System Requirements Lab Detection (HKLM-x32\...\{894153CD-85FC-4163-8F06-49E5BEEA588E}) (Version: 6.1.1.0 - Husdawg, LLC)
Tales Runner (HKLM-x32\...\Steam App 328060) (Version:  - Rhaon Entertainment)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
TERA (HKLM-x32\...\Steam App 323370) (Version:  - En Masse Entertainment)
TwitchAlerts (HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\fb3f6ca9b67f53a3) (Version: 1.0.0.8 - TwitchAlerts)
Unholy Heights (HKLM-x32\...\Steam App 249330) (Version:  - Petit Depotto)
Unico Browser (HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\UnicoBrowser) (Version: 39.0.2132.14 - Unico Browser)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11w3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

10-06-2015 09:47:04 Windows Update
15-06-2015 10:15:41 Installed Microsoft Tool Web Package : DELSRV.EXE

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2015-05-01 07:25 - 00000871 ____A C:\Windows\system32\Drivers\etc\hosts
54.204.28.26    pidnkkbbdmichdcoaodhhjkaiejjcpjk

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CC0BC1D-2646-4166-9E36-879F40FBBA69} - System32\Tasks\ASC8_SkipUac_Home => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-05-08] (IObit)
Task: {111890B4-0DDD-4D42-B48D-FC0A6E9EB64A} - System32\Tasks\NetEngine => C:\ProgramData\NetEngine\bin\D10\netengine.exe [2015-05-04] () <==== ATTENTION
Task: {124985DC-5093-48E2-BB66-DB27E1EA2B3F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
Task: {1268CFD8-64BA-4382-8783-C3E01F3E86A8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {151FA0F7-2A91-4305-AC9A-9EE0E2A0884F} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [2015-04-29] (IObit)
Task: {2F653E47-A816-46D0-BAFC-C700F4180DB9} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-01-07] (Microsoft Corporation)
Task: {32679715-7618-4440-ADA6-DD950DC343C7} - System32\Tasks\StartPoint Updater => C:\Users\Home\AppData\Local\StartPoint\startpoint\1.3.18.7\startup.exe
Task: {39977C07-E654-4418-9B7C-83BC3790CFC1} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
Task: {3A464FBA-8B3B-4364-8AB5-B46D18C54B48} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {513F7C59-4BCC-40BF-BA29-658D9660D657} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-12] (Google Inc.)
Task: {56D70F21-BC05-4FC3-B6B9-B8E04F5D9C76} - System32\Tasks\StartPoint => C:\Users\Home\AppData\Local\StartPoint\startpoint\1.3.18.7\startpoint.exe
Task: {5D7722FE-54BB-42D3-AF42-B90EDD393FEE} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-03-03] (IObit)
Task: {6E2D370A-4A35-4550-B3A6-5E07827C4E4F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-05] (Adobe Systems Incorporated)
Task: {71AF3D7A-83D8-4A9F-910F-DBB14D388EB2} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {71DDCE19-3103-4EC2-A3A7-7BFCD4A25A9C} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {76A17B83-6780-4B30-9E9B-A32C49D9E177} - System32\Tasks\MaxComputerCleaner_Start => C:\Program Files (x86)\Max Computer Cleaner\MaxComputerCleaner.exe <==== ATTENTION
Task: {790F1431-5F97-43CE-ACC2-4C7F2131D2D6} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {7E858CC6-8E3F-49CE-AB9D-656A04B7B5C8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {84029BDB-6391-41EF-BCFD-CCE2B77901B4} - System32\Tasks\Installer_shopperpro => C:\Users\Home\AppData\Local\Installer\Installshopperpro_1236\DCytdkietut_tutdk_setup.exe <==== ATTENTION
Task: {8A8EC2AC-B61C-4346-AE62-54F25D930605} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ATTENTION
Task: {8F579341-15D1-4192-A549-6EC9E84542DA} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-02-05] (IObit)
Task: {905A97FE-0376-441E-A32D-F2E6622CD6E3} - System32\Tasks\Uninstaller_SkipUac_Home => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {926C46E3-C1C7-436A-AC04-F508D38087EF} - System32\Tasks\Run_Browser => C:\Users\Home\AppData\Local\UnicoBrowser\Application\unicobrowser.exe <==== ATTENTION
Task: {9E20852B-7A48-47FA-8142-CD946407858C} - System32\Tasks\Driver Booster SkipUAC (Home) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-02-05] (IObit)
Task: {AF31F59A-30A3-44B9-86C1-18DCAED1B0B2} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {C0B37081-384F-4840-8F68-FF352A77B148} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {D3157084-17B1-4E3F-B2A8-EA7D5F234C8C} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-04-09] (IObit)
Task: {E535DB17-0ABA-45AA-84EB-D7677B96C335} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-12] (Google Inc.)
Task: {E73E8475-FF10-4BF9-AF04-F327AFECDEFD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {EC8A0A64-30F0-40C1-B2DE-03E93A2852B6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {F6EEF7BC-15FF-433D-B538-5536C62E5D75} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-02-04] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-12-30 03:29 - 2015-05-28 00:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-09 20:42 - 2014-07-11 16:04 - 01106720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
2015-02-17 13:09 - 2014-12-22 16:42 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2015-02-09 20:42 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-01-06 17:30 - 2015-01-09 19:46 - 00517408 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
2015-05-28 21:04 - 2015-05-28 21:04 - 02285056 _____ () c:\Program Files (x86)\CutterEngine\CutterEngine.dll
2015-03-30 19:15 - 2015-05-22 21:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-02-09 20:42 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-02-09 20:42 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-02-09 20:42 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2014-12-30 04:06 - 2012-03-28 15:42 - 01087336 ____N () C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll
2015-02-09 20:42 - 2013-01-15 19:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-02-09 20:42 - 2013-01-15 19:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-02-09 20:42 - 2013-01-15 19:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-01-06 17:30 - 2015-01-09 19:46 - 00182048 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2015-01-06 17:30 - 2015-01-09 19:46 - 00145184 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2015-02-09 20:42 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2015-01-06 17:27 - 2015-04-16 13:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-22 14:25 - 2015-04-22 22:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-22 14:25 - 2015-04-22 22:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-22 14:25 - 2015-04-22 22:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-01-06 17:27 - 2015-06-04 14:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-06 17:27 - 2014-12-01 17:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-01-06 17:27 - 2014-12-01 17:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-01-06 17:27 - 2014-12-01 17:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-01-06 17:27 - 2014-12-01 17:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-01-06 17:27 - 2014-12-01 17:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-06 17:27 - 2015-06-04 14:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-01-06 17:27 - 2015-05-11 15:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-13 19:18 - 2015-05-11 15:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll
2015-06-09 21:03 - 2015-06-05 14:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-09 21:03 - 2015-06-05 14:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\43343823.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\43343823.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Gambali => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\aeriagames.com -> hxxp://aeriagames.com

IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2420320935-1616199221-810385421-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2420320935-1616199221-810385421-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{417D3A45-BD8D-476E-A0EB-111C08C1FE73}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{36802744-F57E-4F30-848A-B042A180E1A2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3491F808-585D-440D-AD3A-9D9C430DDA41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6655BD2B-7EE2-4AC7-85D7-1F119249047B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{23F0BAF3-78BF-40A7-B580-B0285F97D69E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FA08B1EE-2F4D-452B-B8CB-B81653ADCB85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F311FF88-CB05-4EC9-ABD3-6A8190897A60}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{A0A9D10F-A131-4418-8D87-345403182818}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{0C0021BA-C442-4850-91BC-04A5DE95DAE2}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{2D78557A-05CA-41CB-AE1A-8CE567984124}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{84A15477-B562-4C8C-9186-C90758AC7BAF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A944DAE9-C301-4605-914D-D9AA903BE28E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{23DC9996-900D-40A3-8D17-9D2852038D54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AB501407-BC84-4B5F-B8E4-E7CE5A716CB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C1C7A054-F4EF-4B7C-9A9F-A928D81D155D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{62732BA9-EFA9-40C6-ABAA-A4048D43EB59}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{A6F7E016-333B-4CE1-AA9A-8B413ABEA5E0}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{5EA2A063-FD0B-41D7-94E5-44CAE8C38A9E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{774A4A4C-23A6-49E5-AC55-4FA5A8E12BD0}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A28818B2-D0FC-47C1-BD63-7081AB895EF1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9B5324A8-8475-48D3-8196-7D53579E93AC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DB80603A-0A73-4E1F-B0D7-4F738F9BF9F7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C6028BD-3AD7-4EE5-81BC-82C775F49E6C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{DDBC3AE5-2ECC-4EE7-8080-3BEC172D75AB}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe
FirewallRules: [UDP Query User{9BA49A16-D92F-4DBC-8E04-0475A6E74FA3}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe
FirewallRules: [{5963D634-CD73-4193-A8B8-C4F426E166F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin
FirewallRules: [{C1A2D48F-66F7-4D5F-A234-1DB406CFCC8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin
FirewallRules: [TCP Query User{B55DDBB3-2FD6-48BE-879D-A5F48B402223}C:\users\home\desktop\programs\utb\ultimate twitch bot.exe] => (Allow) C:\users\home\desktop\programs\utb\ultimate twitch bot.exe
FirewallRules: [UDP Query User{B7F21B48-731C-484C-8186-24BC356E8546}C:\users\home\desktop\programs\utb\ultimate twitch bot.exe] => (Allow) C:\users\home\desktop\programs\utb\ultimate twitch bot.exe
FirewallRules: [TCP Query User{E5ACC742-E361-4605-94F3-236201449AC2}C:\users\home\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\home\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{452F41B1-8D2A-4DB7-AAF1-EE97A21DBED0}C:\users\home\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\home\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2AF032DA-7B33-45C2-B985-20B3BA8F8CE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Neptunia Rebirth1\NeptuniaReBirth1.exe
FirewallRules: [{F9D88A9E-4181-4556-87DC-57F0C67BF4D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Neptunia Rebirth1\NeptuniaReBirth1.exe
FirewallRules: [{B8FDEDB7-94F4-42AB-8A71-DC9E35614BB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales Runner\ogpsteam.exe
FirewallRules: [{8E8E9376-CB1E-430C-8976-FCEDC4CA6E6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales Runner\ogpsteam.exe
FirewallRules: [TCP Query User{F7ACA562-B862-44BF-9DCA-E6D7E971ACB3}C:\program files (x86)\steam\steamapps\common\tales runner\trgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tales runner\trgame.exe
FirewallRules: [UDP Query User{6E138FAD-4F04-4B1B-BBD1-B28714BDBCFD}C:\program files (x86)\steam\steamapps\common\tales runner\trgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tales runner\trgame.exe
FirewallRules: [{74D2D662-0E2F-4F02-85C3-DA714245669A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{A8884582-7623-45E7-9300-2EA124C7C563}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7D5265C1-BAFD-4376-9BAB-180FC75507E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{64421815-B744-483C-83AE-EB1C5DAAEF18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{CB790B70-34A4-43F8-82DF-B6411F0EE4D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unholy Heights\UnholyHeights.exe
FirewallRules: [{921301E6-F284-4ED5-AF67-84255C5F1CF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unholy Heights\UnholyHeights.exe
FirewallRules: [{050EBB8B-7115-47D2-BE24-83C6BC2F061F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{DBEF8D81-02B0-42A1-B4C0-B2F0C146B75E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{5D0BBA24-35BF-4138-88B9-D786091BD07C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HuniePop\HuniePop.exe
FirewallRules: [{2E78B09D-41CF-45F2-8F2D-57BA4C5A2F90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HuniePop\HuniePop.exe
FirewallRules: [{956E7D06-55C9-4B1B-A923-9298B381E884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{940AD8A5-4E7F-47F4-B419-6EAC01FC5EEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{07EDA076-7A26-471F-8497-3136AE3FE410}C:\users\home\desktop\programs\teamspeak3-server_win32\ts3server_win32.exe] => (Allow) C:\users\home\desktop\programs\teamspeak3-server_win32\ts3server_win32.exe
FirewallRules: [UDP Query User{A39CEA43-F728-47B6-BF5D-C5FFDB7146DA}C:\users\home\desktop\programs\teamspeak3-server_win32\ts3server_win32.exe] => (Allow) C:\users\home\desktop\programs\teamspeak3-server_win32\ts3server_win32.exe
FirewallRules: [{D497AA7D-F22E-494C-9B11-3E0BEC637C0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{937FA67B-C665-4862-9672-2C0647D38C74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{E36B540D-1499-42E6-93E8-2E46153822E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{AB1A0E9E-5C0B-433E-BBE3-C65D5B9F7839}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{FA55ED57-EDD4-4791-AF51-A0A404959643}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Croixleur\CroixleurSigma.exe
FirewallRules: [{729A29EA-B365-476F-BABF-468A7F999CEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Croixleur\CroixleurSigma.exe
FirewallRules: [{219FBAE8-EF57-4802-9BE1-6C6A28AA5E6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Croixleur\CroixleurSigmaConfig.exe
FirewallRules: [{EEAE265A-594B-46DB-B13D-C15B739F3725}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Croixleur\CroixleurSigmaConfig.exe
FirewallRules: [TCP Query User{F78C769E-A659-4084-A6D1-6D8CE45681F8}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{435C0D6A-989F-4E12-B4C5-4D3D2559CE03}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{3277C0D8-4089-41B0-A2D0-042416D059A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CC7811A6-3066-4840-AA31-AF89BB0C5450}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8B95B40D-69FD-4CB3-BD14-130C5B932F4A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EA8B0609-97E0-4CEE-B2E7-C8DF40F2F31E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6CBEABE8-6B43-499B-874E-D5B32153BD2A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{02D677D9-2240-4CF2-9D73-F90DCA3C3BED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C29F085C-326B-4FA3-9CE7-70A301D9472D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cat Goes Fishing\Cat Goes Fishing.exe
FirewallRules: [{D6E6FE57-8818-4085-9DB9-1DD23D78294A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cat Goes Fishing\Cat Goes Fishing.exe
FirewallRules: [{E1461B67-A989-475B-8B1F-B3517FF567EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{A6BBFC84-3C12-4538-AA94-02B48D86A9CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{1E0A13B4-31D7-4591-AD9B-AC5460948032}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{214D6C0C-A9EA-4332-8A11-EED184B18920}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jigoku Kisetsukan\Jigoku_Kisetsukan.exe
FirewallRules: [{7BAAC252-80D6-471C-9FFE-DB290A6D25B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jigoku Kisetsukan\Jigoku_Kisetsukan.exe
FirewallRules: [{FB14770A-D8B8-4FAC-9C74-9D6B69480BD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{62A05150-DF0F-4BD4-A54C-E7FA7B54B27A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{CBA442E3-B24F-4930-B5DE-E51AA16717E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{53893B7F-2525-4F55-8342-4398D4F83153}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{7EF1E76B-6BC9-4C3C-9F8A-EA27ADB17560}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{B38FCCA8-47C2-4375-918C-73E993085C30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{EA05C726-3478-41C6-93EA-1019AF6C3FAB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0302A430-BD6B-4D5B-98CD-39685C79F29F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audition Online\Audition.exe
FirewallRules: [{90D1F43E-7292-4CA8-B727-F384781FA019}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audition Online\Audition.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: innfd_1_10_0_14
Description: innfd_1_10_0_14
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: innfd_1_10_0_14
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: qrnfd_1_10_0_9
Description: qrnfd_1_10_0_9
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: qrnfd_1_10_0_9
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/14/2015 03:04:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9906

Error: (06/14/2015 03:04:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9906

Error: (06/14/2015 03:04:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/11/2015 11:56:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9953

Error: (06/11/2015 11:56:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9953

Error: (06/11/2015 11:56:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/11/2015 02:43:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10499

Error: (06/11/2015 02:43:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10499

Error: (06/11/2015 02:43:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/11/2015 02:43:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5366


System errors:
=============
Error: (06/15/2015 10:26:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/13/2015 01:59:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UMVPFSrv service.

Error: (06/10/2015 01:40:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom
innfd_1_10_0_14
qrnfd_1_10_0_9

Error: (06/10/2015 01:40:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UpdateCheck service failed to start due to the following error:
%%3

Error: (06/10/2015 01:40:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Ralink UPnP Media Server service to connect.

Error: (06/10/2015 01:37:46 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (06/09/2015 02:36:45 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (06/08/2015 03:16:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom
innfd_1_10_0_14
qrnfd_1_10_0_9

Error: (06/08/2015 03:16:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UpdateCheck service failed to start due to the following error:
%%3

Error: (06/08/2015 03:16:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Ralink UPnP Media Server service to connect.


Microsoft Office:
=========================
Error: (06/14/2015 03:04:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9906

Error: (06/14/2015 03:04:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9906

Error: (06/14/2015 03:04:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/11/2015 11:56:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9953

Error: (06/11/2015 11:56:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9953

Error: (06/11/2015 11:56:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/11/2015 02:43:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10499

Error: (06/11/2015 02:43:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10499

Error: (06/11/2015 02:43:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/11/2015 02:43:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5366


==================== Memory info ===========================

Processor: AMD FX™-4100 Quad-Core Processor
Percentage of memory in use: 31%
Total physical RAM: 12198.77 MB
Available physical RAM: 8335.14 MB
Total Pagefile: 24395.74 MB
Available Pagefile: 19616.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:594.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 821B74F6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of log ============================



#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:11 PM

Posted 16 June 2015 - 04:11 PM

Hello,

 

 

Registry Editor / Cleaner Warning !!


The following is referring to Advanced SystemCare 8.
Please be aware that bleepingcomputer staff do not recommend the usage of registry cleaners / tools due to the following facts:

  • Registry tools can cause irreparable damage to your Operating System
  • Registry tools can, as a result of the above, render your pc to be inoperable.
This is done, assuming that the major audience here at this board might be inexperienced users and thus a suggested safeguard from our side.
If you feel you have the need for a registry cleaner, then you are just as welcome to keep it. This is what we refer to an "optional fix" and is up to the user, so just take this as a recommendation from my side.


For more information about why you should avoid using a such programs please take a look here => Registry Cleaners and System Tweaking Tools

 

 

Also I recommend you to uninstall all Iobit products as they have a bad reputation and also Iobit Malware Fighter isn't very effective to be used as a main antivirus software.

IOBit Steals Malwarebytes' Intellectual Property

 

I really recommend you to replace it with one of these:

 

http://www.chart.av-comparatives.org/chart1.php

 

 

 

STEP 1

 

 

Please create a new restore point first. See here how.

 

Now please download GeekUninstaller and save it to desktop.

Extract the archive and run the file geek.exe IxXO5oO.jpg

Right click on the CutterEngine and click on the Uninstall button. (here is an example pic for Mozilla Firefox)
 
XhV2QLa.png
 
Once the uninstallation is complete, the following window will appear to let you remove all leftovers including unnecessary files, useless folders, registry entries related to the uninstalled program.

 

 

Here is an example pic for Mozilla Firefox:

geekuninstaller-3.png

 

Click on the “Finish” button to remove all detected traces.

Finally, click on the “Close” button to complete and close the program.

 

 

 

STEP 2

 

 

Please download the following file => [attachment=166229:fixlist.txt] and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

 

STEP 3

 

 

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

 

STEP 4

 

 

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

 

Let me know how are things after the steps above.

 

 

 

Regards,

Georgi


cXfZ4wS.png


#5 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:11 PM

Posted 21 June 2015 - 12:55 AM

Hi,

It's been several days. Do you still need help on this?
This thread will be closed if you don't respond within 72 hours.
Thank you for your understanding!


Regards,
Georgi


cXfZ4wS.png


#6 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:11 PM

Posted 27 June 2015 - 04:20 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

cXfZ4wS.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users