Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ISKYSOFT Removal Windows 10


  • This topic is locked This topic is locked
30 replies to this topic

#1 nocnock

nocnock

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:39 AM

Posted 15 August 2015 - 10:20 AM

Can someone please help me out! I found iSkysoft on my computer and I can't get this uninstalled. It's no where to be found in programs I search for the uninstaller and can't find anything. I ran RogueFix it picked it up but, it's still running.

 

I need some help and would hope someone can help me please.

 

Thank You!


Edited by nocnock, 15 August 2015 - 10:32 AM.


BC AdBot (Login to Remove)

 


#2 nocnock

nocnock
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:39 AM

Posted 15 August 2015 - 10:50 AM

Anyone please? This is driving me insane



#3 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:39 PM

Posted 15 August 2015 - 10:52 AM

Hello and welcome to the Malware Removal Logs area :)

My name is Alexstrasza and I will assist you with your problem. You can call me Alex :)

Before we begin, there are a few things I want to make sure you know:
  • I am currently in training, so my responses might be delayed. I will generally reply within 48 hours - if this is not possible, I will let you know.
  • Please do not run any tools without being instructed to, as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the Follow this topic button, and make sure a tick is in the receive notifications and is set to Instantly. Any replies should be made in this topic by clicking the Reply to this topic button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. Please inform me if you need more time.
Shall we begin then?

===

Please run this tool to get more information about your computer.

Farbar Recovery Scan Tool

Please download the correct version of Farbar Recovery Scan Tool and save it to your Desktop.

32-bit version here

64-bit version here

Note 1: Don't know if your Windows is 32-bit or 64-bit? Check it out here. The Automatic detection section should give you information about your OS. If it's not, use the Manual detection section.

Note 2: Temporary disable your antivirus and/or antimalware if they flag FRST as unsafe, as the tool is safe.
  • Right click on FRST/FRST64.exe and choose Run as Administrator.
  • When the tool launches, choose Yes at the disclaimer.
  • Choose Scan.
  • The tool will produces a log named FRST.txt in the same location where the tool is run from.
  • Please copy the log and paste it here.
On its first run FRST will generate an Addition.txt log in the same location as the other log. Please copy and paste that along with the main log in your reply.

Regards,
Alex

#4 nocnock

nocnock
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:39 AM

Posted 15 August 2015 - 10:56 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
Ran by Gambino (administrator) on GAMBINO-PC (15-08-2015 11:55:05)
Running from D:\Personal Files\Downloads
Loaded Profiles: Gambino (Available Profiles: Gambino & DefaultAppPool)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
() C:\Windows\DAODx.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4318\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6087\Battle.net.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2924080 2015-08-13] (Blizzard Entertainment)
HKU\S-1-5-18\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-3613700061-449632877-1553431701-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-14] (Oracle Corporation)
BHO-x32: iSkysoft Video Converter Ultimate 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\PROGRA~3\iSkysoft\VIDEOC~1\WSBROW~1.DLL No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-14] (Oracle Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1434650974831
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 -  No File
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{25a0bce1-f906-4113-a6e6-70a552bbab85}: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Gambino\AppData\Roaming\Mozilla\Firefox\Profiles\9pfgmnal.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll [2015-07-16] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Gambino\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-07-16] (Cisco WebEx LLC)
FF Extension: Avira Browser Safety - C:\Users\Gambino\AppData\Roaming\Mozilla\Firefox\Profiles\9pfgmnal.default\Extensions\abs@avira.com [2015-08-13]
FF Extension: Adblock Plus - C:\Users\Gambino\AppData\Roaming\Mozilla\Firefox\Profiles\9pfgmnal.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-30]
FF HKLM-x32\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com
 
Chrome: 
=======
CHR Profile: C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-13]
CHR Extension: (Google Docs) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-13]
CHR Extension: (Google Drive) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-13]
CHR Extension: (YouTube) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-13]
CHR Extension: (Google Search) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-13]
CHR Extension: (Google Sheets) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-13]
CHR Extension: (AdBlock) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-07-19]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-07-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-13]
CHR Extension: (Marc Ecko) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2015-04-17]
CHR Extension: (Gmail) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe [1475744 2012-05-25] (ASUSTeK Computer Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-07-29] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-07-29] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [41160 2015-07-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1575688 2015-07-24] (ESET)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [182984 2015-07-24] (ESET)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-07-29] (Microsoft Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-29] (Microsoft Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-04] (Electronic Arts)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-08-02] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-07-29] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-07-29] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-07-29] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-29] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-29] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-29] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-14] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [50688 2015-07-10] (Microsoft Corp.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [253752 2015-07-24] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186272 2015-07-24] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [169744 2015-07-24] (ESET)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2015-06-14] (Acronis International GmbH)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-29] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2015-06-14] (Acronis International GmbH)
S0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [234784 2015-06-14] (Acronis International GmbH)
R1 tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [307352 2015-05-29] (Trend Micro Inc.)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-07-29] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
NETSVC: dosvc -> C:\Windows\system32\dosvc.dll (Microsoft Corporation)
NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation)
NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> No File
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-15 11:55 - 2015-08-15 11:55 - 00000000 ____D C:\FRST
2015-08-15 11:47 - 2015-08-15 11:47 - 00001337 _____ C:\Users\Gambino\Desktop\Revo Uninstaller.lnk
2015-08-15 11:47 - 2015-08-15 11:47 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-15 11:43 - 2015-08-15 11:43 - 00001767 _____ C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ISHelper.lnk
2015-08-15 11:40 - 2015-08-15 11:41 - 00000000 ____D C:\Users\Gambino\AppData\Local\CrashDumps
2015-08-15 11:39 - 2015-08-15 11:47 - 00000000 ____D C:\Program Files\Reason
2015-08-15 11:37 - 2015-08-15 11:37 - 00532734 _____ C:\Users\Gambino\AppData\Local\census.cache
2015-08-15 11:37 - 2015-08-15 11:37 - 00200171 _____ C:\Users\Gambino\AppData\Local\ars.cache
2015-08-15 11:36 - 2015-08-15 11:36 - 00000010 _____ C:\Users\Gambino\AppData\Local\sponge.last.runtime.cache
2015-08-15 11:31 - 2015-08-15 11:31 - 00000036 _____ C:\Users\Gambino\AppData\Local\housecall.guid.cache
2015-08-15 11:31 - 2015-05-29 03:43 - 00307352 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2015-08-15 11:22 - 2015-08-15 11:22 - 00016148 _____ C:\WINDOWS\system32\GAMBINO-PC_Gambino_HistoryPrediction.bin
2015-08-15 11:22 - 2015-08-15 11:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-15 11:08 - 2015-08-15 11:09 - 00000669 _____ C:\AdwCleaner[S2].txt
2015-08-15 10:58 - 2015-08-15 11:23 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-08-15 10:58 - 2015-08-15 11:08 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-15 10:42 - 2015-08-15 10:42 - 00000000 ____D C:\Rbackup
2015-08-15 10:41 - 2015-08-15 10:41 - 00000042 _____ C:\WINDOWS\SysWOW64\AK083E209605E394C.lie
2015-08-15 10:05 - 2015-08-15 10:05 - 00000000 ____D C:\Users\Gambino\AppData\Local\ESET
2015-08-15 10:00 - 2015-08-15 10:00 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\ESET
2015-08-15 09:55 - 2015-08-15 09:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-08-15 09:55 - 2015-08-15 09:55 - 00000000 ____D C:\ProgramData\ESET
2015-08-15 09:55 - 2015-08-15 09:55 - 00000000 ____D C:\Program Files\ESET
2015-08-14 18:19 - 2015-08-12 04:57 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-14 18:19 - 2015-08-12 04:22 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-13 12:31 - 2015-08-13 12:31 - 00058661 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508131231086908.log
2015-08-13 12:31 - 2015-08-13 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-13 12:31 - 2015-08-13 12:31 - 00000000 ____D C:\ProgramData\ATI
2015-08-12 12:07 - 2015-08-12 12:07 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-08-11 22:07 - 2015-08-08 03:30 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 22:07 - 2015-08-08 03:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 22:07 - 2015-08-08 03:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-11 22:07 - 2015-08-08 03:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 22:07 - 2015-08-08 02:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-11 22:07 - 2015-08-08 02:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 22:07 - 2015-08-08 02:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 22:07 - 2015-08-08 02:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 22:07 - 2015-08-08 02:22 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 22:07 - 2015-08-08 02:21 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-11 22:07 - 2015-08-08 02:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 22:07 - 2015-08-08 02:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 22:07 - 2015-08-05 23:18 - 00290768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-11 22:07 - 2015-08-05 23:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-11 22:07 - 2015-08-05 23:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-11 22:07 - 2015-08-05 22:36 - 21874176 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-11 22:07 - 2015-08-05 22:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-11 22:07 - 2015-08-05 22:03 - 18805248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-11 22:07 - 2015-08-05 00:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-11 22:07 - 2015-08-05 00:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-11 22:07 - 2015-08-05 00:03 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-11 22:07 - 2015-08-05 00:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-11 22:07 - 2015-08-04 23:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-11 22:07 - 2015-08-04 23:47 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-11 22:07 - 2015-08-04 23:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-11 22:07 - 2015-08-04 23:43 - 01916416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-11 22:07 - 2015-08-04 23:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-11 22:07 - 2015-08-04 00:08 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-11 22:07 - 2015-08-04 00:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 22:07 - 2015-08-04 00:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-11 22:07 - 2015-08-04 00:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-11 22:07 - 2015-08-03 23:50 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-11 22:07 - 2015-08-03 23:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-11 22:07 - 2015-08-03 23:21 - 16709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 22:07 - 2015-08-03 23:10 - 13025792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 22:07 - 2015-08-03 22:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-11 22:07 - 2015-08-03 22:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-11 22:07 - 2015-08-02 22:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-11 22:07 - 2015-08-02 22:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-11 22:07 - 2015-08-02 22:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-11 22:07 - 2015-08-02 22:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-11 22:07 - 2015-08-02 22:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-11 22:07 - 2015-08-02 22:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-11 22:07 - 2015-08-02 22:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-11 22:07 - 2015-08-02 22:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-11 22:07 - 2015-08-02 22:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-11 22:07 - 2015-08-02 22:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-11 22:07 - 2015-08-02 22:13 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-11 22:07 - 2015-08-02 22:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-11 22:07 - 2015-08-02 21:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-11 22:07 - 2015-08-02 21:50 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-11 22:07 - 2015-08-02 21:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-11 22:07 - 2015-08-02 21:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-11 22:07 - 2015-08-02 21:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-11 22:07 - 2015-08-02 21:24 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-11 22:07 - 2015-08-02 21:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-11 22:07 - 2015-08-02 21:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-11 22:07 - 2015-08-02 21:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-11 22:07 - 2015-08-02 21:23 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-11 22:07 - 2015-08-02 21:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-11 22:07 - 2015-08-02 21:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-11 22:07 - 2015-08-02 21:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-11 22:07 - 2015-08-02 21:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-11 22:07 - 2015-08-02 21:22 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-11 22:07 - 2015-08-02 21:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-11 22:07 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 22:07 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 22:07 - 2015-08-02 21:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 22:07 - 2015-08-02 21:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-11 22:07 - 2015-08-02 21:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-11 22:07 - 2015-08-02 21:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-11 22:07 - 2015-08-02 21:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-11 22:07 - 2015-08-02 21:15 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-11 22:07 - 2015-08-02 21:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-11 22:07 - 2015-08-02 21:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-11 22:07 - 2015-08-02 21:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-11 22:07 - 2015-08-02 21:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-11 22:07 - 2015-08-02 21:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-11 22:07 - 2015-08-02 21:14 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-11 22:07 - 2015-08-02 21:12 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-11 22:07 - 2015-08-02 21:12 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-11 22:07 - 2015-08-02 21:12 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-11 22:07 - 2015-08-02 21:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-11 22:07 - 2015-08-02 21:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-11 22:07 - 2015-08-02 21:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-11 22:07 - 2015-08-02 21:11 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-11 22:07 - 2015-08-02 21:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-11 22:07 - 2015-08-02 21:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 22:07 - 2015-08-02 21:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-11 22:07 - 2015-08-02 21:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-11 22:07 - 2015-08-02 21:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-11 22:07 - 2015-08-02 21:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 22:07 - 2015-08-02 21:00 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-11 22:07 - 2015-08-02 20:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-08 06:58 - 2015-08-08 08:33 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\BitComet
2015-08-05 23:52 - 2015-07-30 02:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-05 23:52 - 2015-07-30 02:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-05 23:52 - 2015-07-30 02:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-05 23:52 - 2015-07-30 02:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-05 23:52 - 2015-07-30 02:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-05 23:52 - 2015-07-30 02:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-05 23:52 - 2015-07-30 02:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-05 23:52 - 2015-07-30 02:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-05 23:52 - 2015-07-30 02:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-05 23:52 - 2015-07-30 02:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-05 23:52 - 2015-07-30 02:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-05 23:52 - 2015-07-30 02:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-05 23:52 - 2015-07-30 02:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-05 23:52 - 2015-07-30 02:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-05 23:52 - 2015-07-30 01:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-05 23:52 - 2015-07-30 00:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-05 23:52 - 2015-07-30 00:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-05 23:52 - 2015-07-30 00:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-05 23:52 - 2015-07-30 00:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-05 23:52 - 2015-07-30 00:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-05 23:52 - 2015-07-30 00:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-05 23:52 - 2015-07-30 00:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-05 23:52 - 2015-07-30 00:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-05 23:52 - 2015-07-30 00:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-05 23:52 - 2015-07-30 00:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-05 23:52 - 2015-07-30 00:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-05 23:52 - 2015-07-30 00:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-05 23:52 - 2015-07-30 00:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-05 23:52 - 2015-07-30 00:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-05 23:52 - 2015-07-30 00:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-05 23:52 - 2015-07-30 00:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-05 23:52 - 2015-07-30 00:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-05 23:52 - 2015-07-30 00:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-05 23:52 - 2015-07-30 00:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-05 23:52 - 2015-07-29 23:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-05 23:52 - 2015-07-29 23:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-05 23:52 - 2015-07-29 23:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-05 23:52 - 2015-07-29 23:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-05 23:52 - 2015-07-29 23:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-05 23:52 - 2015-07-29 23:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-05 23:52 - 2015-07-29 23:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-05 23:52 - 2015-07-29 23:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-05 23:52 - 2015-07-29 23:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-05 23:52 - 2015-07-29 23:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-05 23:52 - 2015-07-29 23:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-05 23:52 - 2015-07-29 23:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-05 23:52 - 2015-07-29 23:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-05 23:52 - 2015-07-29 23:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-05 23:52 - 2015-07-29 23:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-05 23:52 - 2015-07-29 23:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-05 23:52 - 2015-07-29 23:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-05 23:52 - 2015-07-29 23:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-05 23:52 - 2015-07-29 23:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-05 23:52 - 2015-07-29 23:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-05 23:52 - 2015-07-29 23:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-05 23:52 - 2015-07-29 23:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-05 23:52 - 2015-07-29 23:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-05 23:52 - 2015-07-29 23:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-05 23:52 - 2015-07-29 23:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-05 23:52 - 2015-07-29 23:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-05 23:52 - 2015-07-29 23:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-05 23:52 - 2015-07-29 23:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-05 23:52 - 2015-07-29 23:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-05 23:52 - 2015-07-29 23:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-05 23:52 - 2015-07-29 23:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-05 23:52 - 2015-07-29 23:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-05 23:52 - 2015-07-29 23:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-05 23:52 - 2015-07-29 23:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-05 23:52 - 2015-07-29 23:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-05 23:52 - 2015-07-29 23:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-05 23:52 - 2015-07-29 23:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-05 23:52 - 2015-07-29 22:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-05 23:52 - 2015-07-29 22:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-05 12:14 - 2015-08-15 10:31 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\Anvsoft
2015-08-05 12:04 - 2015-08-05 12:05 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\NCH Software
2015-08-05 12:04 - 2015-08-05 12:04 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2015-08-05 12:04 - 2015-08-05 12:04 - 00000000 ____D C:\ProgramData\NCH Software
2015-08-05 11:56 - 2015-08-05 11:56 - 00000102 _____ C:\Users\Gambino\AppData\Roaming\settings.xml
2015-08-05 11:56 - 2015-08-05 11:56 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\convertaudiofree
2015-08-05 11:56 - 2015-08-05 11:56 - 00000000 ____D C:\Users\Gambino\AppData\Local\SkinSoft
2015-08-05 11:55 - 2015-08-05 11:55 - 00000000 ____D C:\Program Files (x86)\movtoavi_setup
2015-08-05 11:52 - 2015-08-05 11:54 - 00000000 ____D C:\ProgramData\iSkysoft Video Converter Ultimate
2015-08-05 11:52 - 2015-08-05 11:54 - 00000000 ____D C:\ProgramData\iSkysoft
2015-08-05 11:52 - 2015-08-05 11:52 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\iSkysoft Video Converter Ultimate
2015-08-05 11:52 - 2015-08-05 11:52 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2015-08-05 11:52 - 2015-08-05 11:52 - 00000000 ____D C:\Users\Gambino\AppData\Local\iSkysoft
2015-08-05 11:52 - 2015-08-05 11:52 - 00000000 ____D C:\Program Files (x86)\iSkysoft
2015-08-05 11:52 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\SysWOW64\ISCM64.dll
2015-08-05 11:28 - 2015-08-05 11:28 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-03 20:35 - 2015-08-03 20:35 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-08-03 20:34 - 2015-08-03 20:38 - 00000000 ____D C:\WINDOWS\pss
2015-07-31 14:56 - 2015-07-31 14:56 - 00055427 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507311456091163.log
2015-07-31 14:56 - 2015-07-31 14:56 - 00034243 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507311456304435.log
2015-07-31 14:52 - 2015-07-31 14:52 - 00056307 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507311452289220.log
2015-07-31 14:51 - 2015-07-31 14:51 - 00057781 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507311451527116.log
2015-07-31 14:51 - 2015-07-31 14:51 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2015-07-31 14:51 - 2015-07-31 14:51 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2015-07-31 14:51 - 2015-07-31 14:51 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2015-07-31 14:51 - 2015-07-31 14:51 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2015-07-30 17:08 - 2015-07-30 17:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-07-30 17:06 - 2015-08-11 10:51 - 00005226 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Gambino-Pc-Gambino Gambino-Pc
2015-07-30 17:06 - 2015-07-30 17:06 - 00000000 ____D C:\Users\Gambino\AppData\Local\PeerDistRepub
2015-07-29 19:34 - 2015-07-29 17:32 - 00000000 ___DC C:\WINDOWS\Panther
2015-07-29 19:34 - 2015-07-29 15:36 - 00000000 __SHD C:\Recovery
2015-07-29 19:32 - 2015-07-29 19:32 - 00000000 ____D C:\Windows.old
2015-07-29 19:31 - 2015-07-29 19:31 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-07-29 19:31 - 2015-07-29 19:31 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-07-29 19:31 - 2015-07-29 19:31 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-07-29 19:31 - 2015-07-29 19:31 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-07-29 19:30 - 2015-07-29 19:30 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-07-29 19:29 - 2015-08-09 06:47 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\Program Files\MSBuild
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\inetpub
2015-07-29 19:28 - 2015-06-17 22:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-07-29 19:28 - 2015-06-17 22:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-29 19:28 - 2015-06-17 22:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-07-29 19:28 - 2015-05-30 01:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-07-29 19:28 - 2015-05-30 01:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-07-29 19:28 - 2015-05-30 01:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-07-29 17:42 - 2015-07-29 17:42 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2015-07-29 17:42 - 2015-07-29 17:42 - 00000000 ____D C:\Users\DefaultAppPool
2015-07-29 17:42 - 2015-07-29 15:40 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-29 17:42 - 2015-07-29 15:40 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2015-07-29 17:42 - 2015-07-10 07:04 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-07-29 17:42 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-29 17:42 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-07-29 17:42 - 2015-07-10 07:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-29 16:49 - 2015-07-29 16:49 - 00000000 ___HD C:\$Windows.~WS
2015-07-29 16:40 - 2015-08-15 09:44 - 00000000 ____D C:\ProgramData\Avira
2015-07-29 16:40 - 2015-08-15 09:44 - 00000000 ____D C:\Program Files (x86)\Avira
2015-07-29 16:16 - 2015-07-29 16:16 - 00000000 ____D C:\Users\Gambino\AppData\Local\NetworkTiles
2015-07-29 16:08 - 2015-07-29 16:34 - 00000000 ____D C:\Users\Gambino\AppData\Local\Comms
2015-07-29 16:08 - 2015-07-29 16:08 - 00058661 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507291608277795.log
2015-07-29 16:07 - 2015-07-29 16:07 - 00066655 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507291607152846.log
2015-07-29 16:06 - 2015-07-29 16:07 - 00000000 ____D C:\Users\Gambino\AppData\Local\MicrosoftEdge
2015-07-29 16:01 - 2015-07-29 16:01 - 00002340 _____ C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-07-29 16:01 - 2015-07-29 16:01 - 00000000 ___RD C:\Users\Gambino\OneDrive
2015-07-29 16:01 - 2015-07-29 16:01 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-07-29 15:59 - 2015-08-07 11:56 - 00000000 ____D C:\Users\Gambino\AppData\Local\Packages
2015-07-29 15:59 - 2015-07-29 15:59 - 00000020 ___SH C:\Users\Gambino\ntuser.ini
2015-07-29 15:59 - 2015-07-29 15:59 - 00000000 ____D C:\Users\Gambino\AppData\Local\TileDataLayer
2015-07-29 15:59 - 2015-07-29 15:59 - 00000000 ____D C:\Users\Gambino\AppData\Local\Publishers
2015-07-29 15:42 - 2015-07-29 15:42 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-07-29 15:41 - 2015-07-10 06:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-07-29 15:40 - 2015-07-29 15:40 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-29 15:40 - 2015-07-29 15:40 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-07-29 15:40 - 2015-07-29 15:40 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-07-29 15:38 - 2015-07-29 15:38 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-07-29 15:37 - 2015-08-15 11:28 - 01009730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-29 15:37 - 2015-08-15 04:00 - 00000000 ____D C:\Users\Gambino
2015-07-29 15:37 - 2015-07-29 15:59 - 00000000 ___RD C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-29 15:37 - 2015-07-10 07:04 - 00000000 __RSD C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-07-29 15:37 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-29 15:37 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-07-29 15:37 - 2015-07-10 07:04 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-29 15:36 - 2015-08-15 09:43 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-29 15:36 - 2015-08-13 12:31 - 00000000 ____D C:\Program Files\AMD
2015-07-29 15:36 - 2015-08-13 12:30 - 00000000 ____D C:\ProgramData\AMD
2015-07-29 15:36 - 2015-07-31 14:56 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-07-29 15:36 - 2015-07-29 15:36 - 00961296 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-07-29 15:36 - 2015-07-29 15:36 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-07-29 15:36 - 2015-07-29 15:36 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-07-29 15:36 - 2015-07-29 15:36 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2015-07-29 15:35 - 2015-07-29 15:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-07-29 15:35 - 2015-07-29 15:35 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-07-29 15:35 - 2015-07-29 15:35 - 00000000 ____D C:\Program Files\Realtek
2015-07-29 15:34 - 2015-07-29 15:35 - 00026051 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-07-29 15:23 - 2015-07-29 17:32 - 00012638 _____ C:\WINDOWS\diagerr.xml
2015-07-29 15:23 - 2015-07-29 17:32 - 00011787 _____ C:\WINDOWS\diagwrn.xml
2015-07-24 03:30 - 2015-07-24 03:30 - 00253752 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2015-07-24 03:30 - 2015-07-24 03:30 - 00186272 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2015-07-24 03:30 - 2015-07-24 03:30 - 00169744 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfpr.sys
2015-07-22 15:37 - 2015-07-22 15:37 - 00000000 ____D C:\Users\Gambino\AppData\Local\CEF
2015-07-17 22:51 - 2015-07-17 22:51 - 00067632 _____ (Symantec Corporation) C:\WINDOWS\SysWOW64\msln.exe
2015-07-17 22:43 - 2015-07-17 23:00 - 00000000 ____D C:\NPE
2015-07-17 22:42 - 2015-07-17 22:42 - 00000000 ____D C:\Users\Gambino\Pavark
2015-07-17 22:39 - 2015-07-17 22:39 - 00186328 _____ (trend_company_name) C:\WINDOWS\system32\Drivers\tmrkb.sys
2015-07-17 22:35 - 2015-07-17 22:35 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2015-07-17 22:34 - 2015-07-17 23:04 - 00000000 ____D C:\Users\Gambino\AppData\Local\NPE
2015-07-17 22:34 - 2015-07-17 22:34 - 00000000 ____D C:\ProgramData\Norton
2015-07-17 22:33 - 2015-07-17 22:35 - 00000000 ____D C:\ProgramData\HitmanPro
2015-07-17 22:31 - 2015-07-17 22:31 - 00000000 ____D C:\Users\Gambino\DoctorWeb
2015-07-17 22:30 - 2015-07-17 22:30 - 00000000 ____D C:\Users\Gambino\Doctor Web
2015-07-17 16:54 - 2015-07-17 16:54 - 00000000 ____D C:\Users\Gambino\AppData\Local\SplitmediaLabs
2015-07-17 16:47 - 2015-07-17 16:47 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\SplitmediaLabs
2015-07-17 16:47 - 2015-07-17 16:47 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2015-07-17 12:44 - 2015-07-17 12:56 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\mIRC
2015-07-16 14:56 - 2015-07-16 14:56 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\webex
2015-07-16 14:56 - 2015-07-16 14:56 - 00000000 ____D C:\Users\Gambino\AppData\Local\WebEx
2015-07-16 14:56 - 2015-07-16 14:56 - 00000000 ____D C:\ProgramData\WebEx
2015-07-16 02:12 - 2015-07-16 02:12 - 00458472 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-07-16 02:12 - 2015-07-16 02:12 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-07-16 02:12 - 2015-07-16 02:12 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-07-16 02:12 - 2015-07-16 02:12 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-07-16 02:12 - 2015-07-16 02:12 - 00107784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-07-16 02:12 - 2015-07-16 02:12 - 00100568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-07-16 02:12 - 2015-07-16 02:12 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-07-16 02:12 - 2015-07-16 02:12 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-07-16 02:12 - 2015-07-16 02:12 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-07-16 02:12 - 2015-07-16 02:12 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-07-16 02:11 - 2015-07-16 02:11 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-07-16 02:11 - 2015-07-16 02:11 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-07-16 02:11 - 2015-07-16 02:11 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-07-16 02:11 - 2015-07-16 02:11 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-07-16 02:11 - 2015-07-16 02:11 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-07-16 02:11 - 2015-07-16 02:11 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-07-16 02:11 - 2015-07-16 02:11 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-07-16 02:11 - 2015-07-16 02:11 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-07-16 02:11 - 2015-07-16 02:11 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-07-16 02:11 - 2015-07-16 02:11 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-07-16 02:11 - 2015-07-16 02:11 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-07-16 02:06 - 2015-07-16 02:06 - 21622272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-07-16 02:01 - 2015-07-16 02:01 - 47785472 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-07-16 02:01 - 2015-07-16 02:01 - 01187342 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-07-16 02:01 - 2015-07-16 02:01 - 01061902 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-07-16 02:01 - 2015-07-16 02:01 - 00995342 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-07-16 02:01 - 2015-07-16 02:01 - 00798734 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-07-16 02:01 - 2015-07-16 02:01 - 00235008 _____ C:\WINDOWS\system32\clinfo.exe
2015-07-16 02:00 - 2015-07-16 02:00 - 39714816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-07-16 01:59 - 2015-07-16 01:59 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-07-16 01:59 - 2015-07-16 01:59 - 00059392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-07-16 01:58 - 2015-07-16 01:58 - 27535872 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-07-16 01:57 - 2015-07-16 01:57 - 22318592 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-07-16 01:35 - 2015-07-16 01:35 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-07-16 01:35 - 2015-07-16 01:35 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-07-16 01:35 - 2015-07-16 01:35 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-07-16 01:30 - 2015-07-16 01:30 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-07-16 01:29 - 2015-07-16 01:29 - 00134656 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-07-16 01:29 - 2015-07-16 01:29 - 00123392 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-07-16 01:28 - 2015-07-16 01:28 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-07-16 01:27 - 2015-07-16 01:27 - 00093184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-07-16 01:26 - 2015-07-16 01:26 - 07500800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-07-16 01:26 - 2015-07-16 01:26 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-07-16 01:25 - 2015-07-16 01:25 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-07-16 01:25 - 2015-07-16 01:25 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-07-16 01:24 - 2015-07-16 01:24 - 09102336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-07-16 01:23 - 2015-07-16 01:23 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-07-16 01:22 - 2015-07-16 01:22 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-07-16 01:22 - 2015-07-16 01:22 - 00204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2015-07-16 01:22 - 2015-07-16 01:22 - 00204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2015-07-16 01:22 - 2015-07-16 01:22 - 00157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2015-07-16 01:22 - 2015-07-16 01:22 - 00157144 _____ C:\WINDOWS\system32\ativvsva.dat
2015-07-16 01:21 - 2015-07-16 01:21 - 15716864 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-07-16 01:21 - 2015-07-16 01:21 - 00660912 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-07-16 01:21 - 2015-07-16 01:21 - 00660912 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-07-16 01:21 - 2015-07-16 01:21 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-07-16 01:21 - 2015-07-16 01:21 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-07-16 01:21 - 2015-07-16 01:21 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-07-16 01:21 - 2015-07-16 01:21 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-07-16 01:21 - 2015-07-16 01:21 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-07-16 01:20 - 2015-07-16 01:20 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-07-16 01:18 - 2015-07-16 01:18 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-07-16 01:17 - 2015-07-16 01:17 - 00672768 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-07-16 01:17 - 2015-07-16 01:17 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-07-16 01:17 - 2015-07-16 01:17 - 00246784 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-07-16 01:17 - 2015-07-16 01:17 - 00204800 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-07-16 01:17 - 2015-07-16 01:17 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-07-16 01:17 - 2015-07-16 01:17 - 00189952 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-07-16 01:17 - 2015-07-16 01:17 - 00160256 _____ C:\WINDOWS\system32\atieah64.exe
2015-07-16 01:17 - 2015-07-16 01:17 - 00143872 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-07-16 01:17 - 2015-07-16 01:17 - 00029696 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-07-16 01:15 - 2015-07-16 01:15 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-07-16 01:15 - 2015-07-16 01:15 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-07-16 01:14 - 2015-07-16 01:14 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-07-16 01:13 - 2015-07-16 01:13 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-07-16 01:13 - 2015-07-16 01:13 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-07-16 01:13 - 2015-07-16 01:13 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-07-16 01:13 - 2015-07-16 01:13 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-07-16 01:13 - 2015-07-16 01:13 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-07-16 01:13 - 2015-07-16 01:13 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-07-16 01:13 - 2015-07-16 01:13 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-07-16 01:13 - 2015-07-16 01:13 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-07-16 01:13 - 2015-07-16 01:13 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-07-16 01:12 - 2015-07-16 01:12 - 00865792 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-07-16 01:12 - 2015-07-16 01:12 - 00102912 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-07-16 01:12 - 2015-07-16 01:12 - 00102400 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-15 11:53 - 2015-03-13 16:37 - 00000000 ____D C:\Users\Gambino\AppData\Local\Battle.net
2015-08-15 11:23 - 2015-03-13 15:51 - 00000894 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-15 11:22 - 2015-07-10 08:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-15 11:22 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-15 11:22 - 2015-07-10 05:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-15 11:22 - 2015-03-13 16:27 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-15 11:22 - 2015-03-13 16:06 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-08-15 11:08 - 2015-03-13 15:51 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-15 09:42 - 2015-06-12 21:25 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-14 22:43 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-14 21:04 - 2015-07-10 06:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-13 17:47 - 2015-03-13 16:37 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-13 16:01 - 2015-06-21 17:17 - 00000000 ____D C:\Users\Gambino\Desktop\Hearthstone
2015-08-13 11:04 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-13 03:46 - 2015-07-10 08:20 - 00264232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-13 03:46 - 2015-04-14 11:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 03:46 - 2015-04-14 11:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 03:45 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 03:45 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 03:45 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-13 03:45 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-13 03:45 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-12 12:11 - 2015-04-14 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 12:11 - 2015-04-14 10:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 12:10 - 2015-03-13 15:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 12:07 - 2015-06-28 05:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-12 12:07 - 2015-03-13 15:50 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 12:07 - 2009-07-13 22:34 - 00000478 _____ C:\WINDOWS\win.ini
2015-08-08 20:08 - 2015-06-07 01:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-08 19:42 - 2015-07-10 06:53 - 00000080 _____ C:\Users\Gambino\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-08-08 18:02 - 2015-03-13 16:44 - 00000000 ____D C:\ProgramData\Origin
2015-08-08 11:38 - 2015-07-10 07:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 11:38 - 2015-07-10 07:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 11:23 - 2015-07-05 15:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-06 03:30 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-05 15:14 - 2015-04-14 08:56 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\foobar2000
2015-08-03 21:12 - 2015-04-14 08:54 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-03 20:43 - 2015-07-10 07:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-03 20:43 - 2015-07-10 05:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-03 20:04 - 2015-04-24 16:26 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\TeamViewer
2015-08-03 19:10 - 2015-04-14 09:00 - 00000000 __SHD C:\Users\Gambino\AppData\Local\EmieUserList
2015-08-03 19:10 - 2015-04-14 09:00 - 00000000 __SHD C:\Users\Gambino\AppData\Local\EmieSiteList
2015-08-03 15:15 - 2015-03-13 16:48 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-08-03 15:15 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-02 15:24 - 2015-07-10 06:59 - 00006656 _____ C:\WINDOWS\system32\lpcio.dll
2015-07-31 20:00 - 2015-03-13 16:41 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\TS3Client
2015-07-31 14:52 - 2015-03-13 16:03 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-31 14:51 - 2015-03-13 15:59 - 00000000 ____D C:\AMD
2015-07-31 09:04 - 2015-03-13 16:40 - 00000000 ____D C:\Program Files\CCleaner
2015-07-30 03:16 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-07-29 19:34 - 2015-07-10 07:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-07-29 19:32 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-07-29 19:32 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-07-29 19:32 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-07-29 19:32 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-07-29 19:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-07-29 19:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-07-29 19:29 - 2015-07-10 07:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-07-29 19:29 - 2015-07-10 07:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-07-29 19:29 - 2015-07-10 07:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-07-29 19:29 - 2015-07-10 07:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-07-29 19:29 - 2015-07-10 07:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-07-29 19:29 - 2015-07-10 07:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-07-29 19:29 - 2015-07-10 07:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-07-29 19:29 - 2015-07-10 07:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-07-29 19:29 - 2015-07-10 07:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-07-29 19:29 - 2015-07-10 07:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-07-29 19:29 - 2015-07-10 07:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-07-29 19:29 - 2015-07-10 07:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-07-29 19:29 - 2015-07-10 07:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-07-29 19:29 - 2015-07-10 07:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-07-29 19:29 - 2015-07-10 07:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-07-29 17:32 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT
2015-07-29 16:25 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-07-29 16:13 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-07-29 15:59 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-07-29 15:59 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-07-29 15:59 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-07-29 15:59 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-07-29 15:43 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Registration
2015-07-29 15:42 - 2015-07-10 07:04 - 00000000 __RSD C:\WINDOWS\Media
2015-07-29 15:42 - 2015-07-10 07:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-29 15:42 - 2015-04-30 14:07 - 00004052 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D5B7228F-2B0D-4843-91F2-1EFC6556D1FE}
2015-07-29 15:42 - 2015-03-13 16:57 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-07-29 15:42 - 2015-03-13 16:40 - 00002886 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-07-29 15:42 - 2015-03-13 15:51 - 00004004 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-29 15:42 - 2015-03-13 15:51 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-29 15:41 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-07-29 15:40 - 2015-07-10 09:14 - 00000000 ____D C:\WINDOWS\ShellNew
2015-07-29 15:40 - 2015-07-10 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-29 15:40 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-07-29 15:40 - 2015-06-12 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-07-29 15:40 - 2015-05-31 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2015-07-29 15:40 - 2015-04-14 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2015-07-29 15:40 - 2015-04-14 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-29 15:40 - 2015-04-14 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-07-29 15:40 - 2015-04-14 09:28 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-29 15:40 - 2015-04-14 09:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-29 15:40 - 2015-04-14 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-29 15:40 - 2015-04-14 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-29 15:40 - 2015-04-14 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-07-29 15:40 - 2015-03-13 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-07-29 15:40 - 2015-03-13 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-07-29 15:40 - 2015-03-13 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-29 15:40 - 2015-03-13 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-07-29 15:40 - 2015-03-13 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-29 15:40 - 2015-03-13 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-07-29 15:40 - 2015-03-13 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-29 15:40 - 2015-03-13 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2015-07-29 15:40 - 2009-07-13 23:20 - 00000000 ____D C:\Users\Default.migrated
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\schemas
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Cursors
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-29 15:38 - 2015-06-14 06:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-07-29 15:38 - 2015-05-30 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCZ Storage Solutions
2015-07-29 15:38 - 2015-04-29 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2015-07-29 15:38 - 2015-04-17 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-07-29 15:38 - 2015-04-14 16:18 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-07-29 15:38 - 2015-03-13 16:18 - 00000000 ____D C:\WINDOWS\system32\SPReview
2015-07-29 15:38 - 2015-03-13 16:18 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2015-07-29 15:38 - 2015-03-13 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
2015-07-29 15:38 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-07-29 15:38 - 2009-07-13 23:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-07-29 15:37 - 2015-07-08 14:40 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-07-29 15:37 - 2015-04-14 08:53 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
2015-07-29 15:36 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-07-29 15:34 - 2015-07-10 05:05 - 00000000 __RHD C:\Users\Default
2015-07-29 15:26 - 2009-07-14 00:45 - 00017120 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-29 15:26 - 2009-07-14 00:45 - 00017120 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-29 03:51 - 2015-04-11 10:31 - 00000000 ____D C:\ProgramData\Symantec
2015-07-23 14:34 - 2015-04-14 08:52 - 00000000 ____D C:\ProgramData\TEMP
2015-07-23 14:34 - 2015-04-14 08:52 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2015-07-17 22:47 - 2015-06-27 15:42 - 00000000 ____D C:\WINDOWS\erdnt
2015-07-17 22:28 - 2009-07-13 22:34 - 00000215 _____ C:\WINDOWS\system.ini
2015-07-16 14:56 - 2015-04-14 09:00 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\Mozilla
2015-07-16 04:23 - 2015-06-13 19:44 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
 
==================== Files in the root of some directories =======
 
2015-08-05 11:56 - 2015-08-05 11:56 - 0000102 _____ () C:\Users\Gambino\AppData\Roaming\settings.xml
2015-08-15 11:37 - 2015-08-15 11:37 - 0200171 _____ () C:\Users\Gambino\AppData\Local\ars.cache
2015-08-15 11:37 - 2015-08-15 11:37 - 0532734 _____ () C:\Users\Gambino\AppData\Local\census.cache
2015-08-15 11:31 - 2015-08-15 11:31 - 0000036 _____ () C:\Users\Gambino\AppData\Local\housecall.guid.cache
2015-08-15 11:36 - 2015-08-15 11:36 - 0000010 _____ () C:\Users\Gambino\AppData\Local\sponge.last.runtime.cache
2015-07-29 15:36 - 2015-07-29 15:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Gambino\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Gambino\AppData\Local\Temp\rscp_setup.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-15 08:34
 
==================== End of log ============================


#5 nocnock

nocnock
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:39 AM

Posted 15 August 2015 - 11:07 AM

I know where the folder is and I disabled the process from starting.. So, I'm trying to figure out how the hell to remove it because there's nothing to remove it or anything.. 



#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:39 PM

Posted 15 August 2015 - 01:44 PM

Hi there,

You are missing the Addition.txt file - please post that as well :)

#7 nocnock

nocnock
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:39 AM

Posted 15 August 2015 - 02:31 PM

Sorry..

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
Ran by Gambino (2015-08-15 11:55:37)
Running from D:\Personal Files\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3613700061-449632877-1553431701-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3613700061-449632877-1553431701-503 - Limited - Disabled)
Gambino (S-1-5-21-3613700061-449632877-1553431701-1000 - Administrator - Enabled) => C:\Users\Gambino
Guest (S-1-5-21-3613700061-449632877-1553431701-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET Endpoint Antivirus 6.2.2021.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.2.2021.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
Acronis True Image 2015 (HKLM-x32\...\{9C48ED33-4A66-4299-B274-BD8110AB6EAA}Visible) (Version: 18.0.6525 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.6525 - Acronis) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J625DW (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.0.19.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
ESET Endpoint Antivirus (HKLM\...\{2CEF5A8B-7BD4-4205-81FE-33A0C9A9F7D0}) (Version: 6.2.2021.0 - ESET, spol. s r.o.)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version:  - NetherRealm Studios)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Perfect Golf (HKLM-x32\...\Steam App 288140) (Version:  - PERFECT PARALLEL)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.1 - Power Software Ltd)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version:  - Ubisoft)
SpywareBlaster 5.2 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC)
SSD Guru (HKLM-x32\...\{821329AE-EB57-4E10-9868-792651B3336B}) (Version: 1.1.1292 - OCZ Storage Solutions)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
TP-LINK TL-WDN4800 Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WWE 2K15 (HKLM-x32\...\Steam App 240460) (Version:  - YUKE’S Co., Ltd.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
31-07-2015 14:52:04 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
03-08-2015 15:15:12 Removed Mirror's Edge™
05-08-2015 11:55:34 Installed movtoavi_setup
12-08-2015 12:03:37 Windows Update
15-08-2015 09:46:13 Installed ESET Endpoint Antivirus
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2015-08-15 11:47 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {027BD469-F16B-41B3-9F1A-3F462E6B0190} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {046C306C-D0E3-4501-9B01-6883D593A031} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {079C00BD-8171-478F-945A-5DD29A9025DB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {08791F85-D5DA-4E82-AC54-0A8E2420902B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0F877217-53CE-44B9-B769-32A95B424617} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {11E22368-6B9D-4092-924D-20BCF9EC4803} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {17B2F70F-79E9-4DA2-9A0D-4C5CD9BD602A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1C4712C6-324B-490A-BCD7-D71197CEE98A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation)
Task: {276025A8-1C29-4F15-B1EE-61061D150AA0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {2C64BD10-FFC3-49BB-BAF0-A29827A27AC0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {342A5C54-B8FA-43C4-B32A-FA429DEDDBF7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {390F1885-E92F-498C-BD27-EEF247D535AE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {3F0083DD-9830-42BF-B796-28D91D52C0ED} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {4AE68624-CB1F-4A14-BE30-3E48771D90E9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {50269455-D979-4415-B71F-8C7122AED227} - System32\Tasks\NCH Software\PrismSevenDays => C:\Program Files (x86)\NCH Software\Prism\Prism.exe
Task: {5716455F-059D-462D-A1B0-9DF7D32697A5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {58AA39BF-4B85-44DA-9D90-C9020BE09E02} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {631B397A-6424-45A4-852A-113E7516DEFE} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {65949766-CA58-4376-AAAA-B9B4DA14FC44} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {6893AE07-DA65-49BD-A3AA-1B5F0585B47C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {72AD6EF0-2B78-4E88-BCC6-3AA0F61CD7A8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {75620F71-67FF-4E20-8AF3-4EBF2876BB24} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-07-29] (Microsoft Corporation)
Task: {7DFA80FB-F1BD-4C8C-9680-99D74E9BC507} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {80830F72-E574-4C84-8BF4-E8E422F82646} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-07-29] (Microsoft Corporation)
Task: {8D8CF39E-7870-4F92-9A1E-394E6BC5FA35} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {8DBE09AB-5ACE-46DF-9CDD-79FE3D28F747} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-29] (Microsoft Corporation)
Task: {8E8E7295-33CB-474A-9D1A-CFB8438F513B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {8F4C3A2F-D807-437E-BAA4-10DF9721ED47} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: {9E7FABAD-2A6D-4610-8251-A6E7A8C97767} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {A526BF72-D236-40BC-B34C-DC19D4437DC4} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A5E58547-3700-4049-B0F1-08508C388CD4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {AC58C578-D027-4A83-B34A-E0D152F2CF77} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {AC837583-9F5A-431D-AECB-6136702E54AD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AECA5817-02E8-47A2-9CC2-A353AE853FD9} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B2EEA676-90E1-44E5-ADCE-8316F86A329F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation)
Task: {B9BF7478-8E06-434D-927A-7ACD60BB437A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {C39080E6-8CD0-4E8B-9BE5-E5131FB17773} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5A9FE2A-5939-411B-A5E7-2B01A3E5225E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CADE2697-5DD9-4249-B23A-6DAEDD07CE47} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Gambino-Pc-Gambino Gambino-Pc => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-06-26] (Microsoft Corporation)
Task: {D0764C73-2CD6-4077-BFCA-E792B8D746BA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation)
Task: {DDC6BAA3-4B95-4888-9B1B-EBD9EA3D1B7B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {E1048CF6-3811-41FF-B822-C5FDF803C0FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E7AD7EC7-C4CB-4177-925B-F919A3BD0275} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-07-29] (Microsoft Corporation)
Task: {ED058644-F6D9-4AA2-BB41-0CDD3E92A653} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {FED0AD1B-E918-43F3-8FD2-D1981873FC78} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => 0x000A0100327AAC4247F7ED479E360C93AE180AE94600D400000000003C000A00200000000014730F000000000513040020200401000000000000000000000000000000000000180043003A005C00570049004E0044004F00570053005C006500780070006C006F007200650072002E0065007800650000000C002F004E004F0055004100430043004800450043004B000000000018004500780070006C006F007200650072005300680065006C006C0055006E0065006C00650076006100740065006400000000000000080003130400000000000000
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-07-10 07:00 - 2015-07-10 07:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-04 00:25 - 2015-08-04 00:25 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2015-08-04 00:25 - 2015-08-04 00:25 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-06-01 05:42 - 2012-06-01 05:42 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-04-29 15:57 - 2005-04-22 00:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2015-08-05 23:52 - 2015-07-30 02:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2009-03-30 02:32 - 2009-03-30 02:32 - 00032768 ____R () C:\Windows\DAODx.exe
2014-09-18 03:23 - 2014-09-18 03:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 14:23 - 2015-03-12 14:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 03:23 - 2014-09-18 03:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 14:23 - 2015-03-12 14:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-07-31 09:04 - 2015-07-31 09:04 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-08-04 00:25 - 2015-08-04 00:25 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-08-05 11:52 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\SysWOW64\ISCM64.dll
2015-08-05 23:52 - 2015-07-30 02:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-11 22:07 - 2015-08-02 21:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-11 22:07 - 2015-08-02 21:08 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-11 22:07 - 2015-08-02 21:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-03 20:02 - 2015-08-15 11:22 - 00033792 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2015-05-30 15:33 - 2010-06-28 22:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libcef.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libGLESv2.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00909312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\platforms\qwindows.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libEGL.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qgif.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qico.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qjpeg.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qmng.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qsvg.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qtiff.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00038400 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\audio\qtaudio_windows.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQuick.2\qtquick2plugin.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQml\Models.2\modelsplugin.dll
2015-05-13 18:31 - 2015-05-13 18:31 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-08-11 13:09 - 2015-08-07 20:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-11 13:09 - 2015-08-07 20:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00034624 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-11-27 10:47 - 2014-11-27 10:47 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-11-27 10:44 - 2014-11-27 10:44 - 00129344 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2014-09-09 10:00 - 2014-09-09 10:00 - 00023576 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
There are 6091 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3613700061-449632877-1553431701-1000\Control Panel\Desktop\\Wallpaper -> D:\Personal Files\My Documents\My Pictures\Sexy Inked Chicks\heather moss - 478.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{03F16929-B184-483B-BCD9-321A729A7A57}] => (Allow) G:\Game Install Directory\GTA5.exe
FirewallRules: [{C91FECFF-6CAA-4A5B-8C6D-E70B722EA19D}] => (Allow) G:\Game Install Directory\GTA5.exe
FirewallRules: [{39B920D5-2161-4F95-904E-7082AD74D005}] => (Allow) G:\Game Install Directory\Ubisoft\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{2DBDC04C-6D24-4328-B9D5-8662C9212C6F}] => (Allow) G:\Game Install Directory\Ubisoft\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{F98315C1-77E5-4241-8B2E-61A39B60F63B}] => (Allow) G:\Game Install Directory\Ubisoft\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{E17FEAFC-935B-40E0-9A03-1006FDB17619}] => (Allow) G:\Game Install Directory\Ubisoft\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{414A85B6-49E2-4F6D-B508-FB67A5ADFF1C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A22C3C51-C219-4B34-A22A-456250FE30DC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D2A0DC6E-8DD5-4BA0-ACD2-9379EDF981CB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{6E93A43A-F265-4677-BCC8-640C9D4A48A2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B29A8C46-079D-431B-91A1-4E0A8E81DCF8}] => (Allow) G:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{58DC408B-6CD0-4482-A46C-A50F343F5ED7}] => (Allow) G:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{57D08375-1ED7-4283-953A-457320DF6196}] => (Allow) G:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{325924EF-03CB-4D2C-B65B-0BEDF5C431EC}] => (Allow) G:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{F13D5C97-3DB9-40F8-858F-1F5DC658E445}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{B1513F05-BB18-45B1-A901-9A871752BB18}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F1027775-F418-4774-943E-BE1637DD1085}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DABC6AD5-4319-4DA1-83F9-18BA2E9719E8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4507699A-600A-4260-9080-947903715112}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BD016582-6DCF-4D1A-ADF6-747F6255255D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E71D3349-F6B7-4368-A4FB-6AA4923A2F4B}] => (Allow) G:\SteamLibrary\steamapps\common\WWE 2K15\WWE2K15Launcher.exe
FirewallRules: [{ADB97D46-B183-4706-86A0-B21C099C111D}] => (Allow) G:\SteamLibrary\steamapps\common\WWE 2K15\WWE2K15Launcher.exe
FirewallRules: [{9AEE07E8-C7EA-4181-8C67-0DEE7727B820}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{869026E6-69E5-4475-9DD6-6BDCA7BF3DEA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{E84BC5E9-D820-4ACE-B6B9-AF9A0A65266C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{45AE7874-56D0-4D83-A5D8-EFAC01FF3E06}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{8468E443-A904-42BD-B356-2F659DA7998A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{6BC6A150-7201-40BA-BCD6-223094999D14}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E4390E7B-7AEF-49DD-8813-523C415E3988}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3E657F69-B503-49F7-9436-941D4E04833E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CD1A3696-A097-46FE-9C4F-EB0A4373A73B}] => (Allow) LPort=1900
FirewallRules: [{93BB53BF-4616-4CD1-8237-0F1F9194CDED}] => (Allow) LPort=2869
FirewallRules: [{D8B4F453-6239-419E-B6BB-58DAB833AE97}] => (Allow) E:\RouterSetup\QISWizard.exe
FirewallRules: [{08F9DBF9-28EA-49C1-B74E-9CEF1B9A6172}] => (Allow) E:\RouterSetup\QISWizard.exe
FirewallRules: [{058D43F3-4A74-4656-A2DB-8BFC99C2D7A2}] => (Allow) G:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AF8075F3-768D-413A-A4B1-6A132EA29268}] => (Allow) G:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{C43F0A14-1525-4E54-8F53-E76DFAD1F66A}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{C61AE0F2-74EB-4ACF-8CD8-C333CAF1F61A}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{6AD3DA59-9B5F-4A4B-BAC3-03994686A770}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{CC19D967-2879-46DC-BEE0-73A608C1366E}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{ACCE9222-70F7-4BFC-87A7-395302DEDC54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Perfect Golf\Perfect Golf.exe
FirewallRules: [{ACD6B354-62F3-4DCB-98EA-F157A014A274}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Perfect Golf\Perfect Golf.exe
FirewallRules: [{26F35B0A-14DB-4006-B611-F2E5294CDB67}] => (Allow) LPort=54925
FirewallRules: [{09183E14-6D1B-4226-8C32-0072BDADBFE9}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{C49A82A7-F8AF-4B31-8801-9F4A0A53C44A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{9993C32C-8BCD-43EB-9679-217A15A4BB35}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B2E0B582-2752-468E-9E01-A1E37482B9FA}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{22D16816-4354-4A44-A9C8-F2355774DE41}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{D17C86EA-37A4-407C-9949-23ACD9501DF1}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A58E1993-C258-4A6B-B6C2-8164E26E1E92}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{D802A889-02CB-49F6-894A-1D468E522AD0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0D6F6F24-4CB5-4F24-8DA3-91A9D7707B90}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2ABABFF2-8910-4267-9E6A-CC422185F26A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BCEA45D3-6382-4120-98EA-6AD07F83B8C4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F63A4E76-10F9-4EFF-B06D-2F4B2EFF47EE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{614B2215-3812-41F3-9BE9-99B98AE86E5C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2A936B6B-A474-48A6-9C41-8217BC81CF21}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5B0BFB53-AA1E-4B8C-BE88-B30D106DE1EE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9A2EF3BF-065C-49AC-8C00-20F911C123B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{CF8F088A-C532-4879-9306-CA3AE9156416}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{8463629A-0712-4211-96F3-7FA7F285A68C}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{136DA915-2B3D-4186-8262-5FB4B45D4952}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{B16759CA-6427-471C-BFA6-7F3E90A86208}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: H80iGT Cooler
Description: H80iGT Cooler
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/15/2015 11:41:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rsUI.exe, version: 1.0.8.0, time stamp: 0x55b2b134
Faulting module name: LSASRV.dll, version: 10.0.10240.16392, time stamp: 0x55a868f9
Exception code: 0xc0000005
Fault offset: 0x000000000004e20e
Faulting process id: 0x15f0
Faulting application start time: 0xrsUI.exe0
Faulting application path: rsUI.exe1
Faulting module path: rsUI.exe2
Report Id: rsUI.exe3
Faulting package full name: rsUI.exe4
Faulting package-relative application ID: rsUI.exe5
 
Error: (08/15/2015 11:40:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rsUI.exe, version: 1.0.8.0, time stamp: 0x55b2b134
Faulting module name: LSASRV.dll, version: 10.0.10240.16392, time stamp: 0x55a868f9
Exception code: 0xc0000005
Fault offset: 0x000000000004e20e
Faulting process id: 0x15f0
Faulting application start time: 0xrsUI.exe0
Faulting application path: rsUI.exe1
Faulting module path: rsUI.exe2
Report Id: rsUI.exe3
Faulting package full name: rsUI.exe4
Faulting package-relative application ID: rsUI.exe5
 
Error: (08/15/2015 09:52:59 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel.
 
Error: (08/15/2015 09:52:57 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel.
 
Error: (08/15/2015 09:52:57 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel.
 
Error: (08/15/2015 09:52:56 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel.
 
Error: (08/15/2015 09:52:52 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel.
 
Error: (08/15/2015 09:52:52 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel.
 
Error: (08/15/2015 09:52:42 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel.
 
Error: (08/15/2015 09:46:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
 
System errors:
=============
Error: (08/15/2015 11:22:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error: 
%%1058
 
Error: (08/15/2015 11:22:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ACP Kernel Service Driver service failed to start due to the following error: 
%%2
 
Error: (08/15/2015 11:22:26 AM) (Source: DCOM) (EventID: 10010) (User: Gambino-Pc)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/15/2015 11:22:26 AM) (Source: DCOM) (EventID: 10010) (User: Gambino-Pc)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/15/2015 11:22:26 AM) (Source: DCOM) (EventID: 10010) (User: Gambino-Pc)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/15/2015 11:22:26 AM) (Source: DCOM) (EventID: 10010) (User: Gambino-Pc)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/15/2015 11:22:26 AM) (Source: DCOM) (EventID: 10010) (User: Gambino-Pc)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/15/2015 11:22:26 AM) (Source: DCOM) (EventID: 10010) (User: Gambino-Pc)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/15/2015 11:22:26 AM) (Source: DCOM) (EventID: 10010) (User: Gambino-Pc)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/15/2015 11:22:26 AM) (Source: DCOM) (EventID: 10010) (User: Gambino-Pc)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
 
Microsoft Office:
=========================
Error: (08/15/2015 11:41:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: rsUI.exe1.0.8.055b2b134LSASRV.dll10.0.10240.1639255a868f9c0000005000000000004e20e15f001d0d7709716ce1eC:\Program Files\Reason\Security\rsUI.exeC:\WINDOWS\SYSTEM32\LSASRV.dlla556fcea-33a7-4017-8664-18fd91bb952b
 
Error: (08/15/2015 11:40:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: rsUI.exe1.0.8.055b2b134LSASRV.dll10.0.10240.1639255a868f9c0000005000000000004e20e15f001d0d7709716ce1eC:\Program Files\Reason\Security\rsUI.exeC:\WINDOWS\SYSTEM32\LSASRV.dlla76dd320-0ed3-45f0-b852-b43fe35d3909
 
Error: (08/15/2015 09:52:59 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel. (NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/15/2015 09:52:57 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel. (NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/15/2015 09:52:57 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel. (NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/15/2015 09:52:56 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel. (NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/15/2015 09:52:52 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel. (NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/15/2015 09:52:52 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel. (NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/15/2015 09:52:42 AM) (Source: MsiInstaller) (EventID: 11404) (User: Gambino-Pc)
Description: Product: ESET Endpoint Antivirus -- Error 1404. Could not delete key \Software\ESET\ESET Security.  System error .  Verify that you have sufficient access to that key, or contact your support personnel. (NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/15/2015 09:46:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
 
CodeIntegrity:
===================================
  Date: 2015-08-13 11:03:04.758
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-13 11:03:04.724
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-13 11:03:04.687
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-13 11:03:04.634
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-13 11:03:04.610
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-13 11:03:04.587
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-13 11:03:03.341
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-13 11:03:03.256
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-13 10:59:36.157
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-13 10:59:36.115
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-6300 Six-Core Processor 
Percentage of memory in use: 36%
Total physical RAM: 8088.62 MB
Available physical RAM: 5170.46 MB
Total Virtual: 16280.62 MB
Available Virtual: 13875.54 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:222.91 GB) (Free:124.69 GB) NTFS
Drive d: (Data Drive) (Fixed) (Total:698.52 GB) (Free:399.18 GB) NTFS
Drive g: (Program Drive) (Fixed) (Total:698.52 GB) (Free:511.78 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 1397.3 GB) (Disk ID: 436ABBD3)
 
Partition: GPT.
 
==================== End of log ============================

Edited by nocnock, 15 August 2015 - 02:34 PM.


#8 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:39 PM

Posted 17 August 2015 - 03:06 AM

Hello nocnock,

Please move FRST64.exe from D:\Personal Files\Downloads to your Desktop.

Do you use Avira Browser Safety?

===

We will use a special program to remove iSkySoft.

Revo Uninstaller

Note: Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.
Note: If the program you want to uninstall is not listed by Revo, let me know and we will try an alternate method of removal.
  • Please download and install Revo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:
    iSkySoft
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish
===

Fix with Farbar Recovery Scan Tool
  • Press the Windows key + R, type in notepad in the box and press Enter. Notepad will open.
  • Copy and paste the contents of the following codebox into Notepad:
    HKU\S-1-5-18\...\Run: [] => [X]
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    2015-08-15 11:31 - 2015-05-29 03:43 - 00307352 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
    2015-07-29 16:40 - 2015-08-15 09:44 - 00000000 ____D C:\ProgramData\Avira
    2015-07-29 16:40 - 2015-08-15 09:44 - 00000000 ____D C:\Program Files (x86)\Avira
    2015-08-08 19:42 - 2015-07-10 06:53 - 00000080 _____ C:\Users\Gambino\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
  • Save the file as fixlist.txt to the Desktop.
    Note: It's important that both FRST64.exe and fixlist.txt are in the same location or the fix will not work!
    WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system!
  • Run FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log named Fixlog.txt on the Desktop, please post it to your reply
Regards,
Alex 

#9 nocnock

nocnock
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:39 AM

Posted 17 August 2015 - 05:47 PM

Ok, so first off let me thank you for the response..

 

As far as Avira I was using that for virus protection when I updated to windows 10 because my old virus protection the version didn't work.

 

Now, for Revo Uninstaller I already tried running this the other day from I post I read and no where in the list in the program found. However, what I did while I was waiting for your response was go ahead and delete all files associated with iSkySoft so now where on the computer do I have any folders or files which that at all. The only program I had something found was Rogue Fix but, after I clicked delete it still started up at the time with the computer and was still running. So, I just killed the process and it no longer starts up or anything. There might be some registry keys I missed or something but, as far as files and folder I can't find anything.

 

Anywhere here is that file that you wanted..

 

Fix result of Farbar Recovery Scan Tool (x64) Version:17-08-2015
Ran by Gambino (2015-08-17 18:31:22) Run:1
Running from C:\Users\Gambino\Desktop
Loaded Profiles: Gambino (Available Profiles: Gambino & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-18\...\Run: [] => [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
2015-08-15 11:31 - 2015-05-29 03:43 - 00307352 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2015-07-29 16:40 - 2015-08-15 09:44 - 00000000 ____D C:\ProgramData\Avira
2015-07-29 16:40 - 2015-08-15 09:44 - 00000000 ____D C:\Program Files (x86)\Avira
2015-08-08 19:42 - 2015-07-10 06:53 - 00000080 _____ C:\Users\Gambino\AppData\Local???????????????????
*****************

HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully.
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
C:\WINDOWS\system32\Drivers\tmcomm.sys => moved successfully.
C:\ProgramData\Avira => moved successfully.
C:\Program Files (x86)\Avira => moved successfully.

"C:\Users\Gambino\AppData\Local???????????????????" folder move:

Could not move "C:\Users\Gambino\AppData\Local???????????????????" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-17 18:31:59)<=

"C:\Users\Gambino\AppData\Local???????????????????" => Could not move

==== End of Fixlog 18:31:59 ====

 

 

However, I did delete this Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 file but, it was auto created back so, i'm not sure what the hell that is.. but, it's still there and recreats itself everytime I delete it..

 

Let me know what the next step is..

 

Thank You!



#10 nocnock

nocnock
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:39 AM

Posted 17 August 2015 - 05:49 PM

FYI just googled Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 and seems to have something to do with GTA V.. So, maybe that's why it keep coming back..

 

 

http://steamcommunity.com/app/271590/discussions/0/611703999971057114/



#11 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:39 PM

Posted 18 August 2015 - 03:52 AM

Hello nocnock,

If you don't use Avira Browser Safety, you can remove it from the Extensions list in Mozilla Firefox. It's just a toolbar that comes with Avira and is required for Web Protection to run properly.

Please create a new set of FRST logs for me - remember to put a checkmark in Addition.txt!

Let me know how the computer is doing.

Regards,
Alex

#12 nocnock

nocnock
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:39 AM

Posted 18 August 2015 - 01:20 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
Ran by Gambino (administrator) on GAMBINO-PC (18-08-2015 14:13:15)
Running from C:\Users\Gambino\Desktop
Loaded Profiles: Gambino (Available Profiles: Gambino & DefaultAppPool)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
() C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
() C:\Windows\DAODx.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4318\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6087\Battle.net.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
() C:\Program Files\WindowsApps\Microsoft.BingNews_4.4.200.0_x86__8wekyb3d8bbwe\Microsoft.Msn.News.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1507.15010.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.12391.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2924080 2015-08-13] (Blizzard Entertainment)
HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-3613700061-449632877-1553431701-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-14] (Oracle Corporation)
BHO-x32: iSkysoft Video Converter Ultimate 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\PROGRA~3\iSkysoft\VIDEOC~1\WSBROW~1.DLL No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-14] (Oracle Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1434650974831
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 -  No File
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{25a0bce1-f906-4113-a6e6-70a552bbab85}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Gambino\AppData\Roaming\Mozilla\Firefox\Profiles\9pfgmnal.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll [2015-07-16] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Gambino\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-07-16] (Cisco WebEx LLC)
FF Extension: Adblock Plus - C:\Users\Gambino\AppData\Roaming\Mozilla\Firefox\Profiles\9pfgmnal.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-30]
FF HKLM-x32\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com

Chrome:
=======
CHR Profile: C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-13]
CHR Extension: (Google Docs) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-13]
CHR Extension: (Google Drive) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-13]
CHR Extension: (YouTube) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-13]
CHR Extension: (Google Search) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-13]
CHR Extension: (Google Sheets) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-13]
CHR Extension: (AdBlock) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-07-19]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-07-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-13]
CHR Extension: (Marc Ecko) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2015-04-17]
CHR Extension: (Gmail) - C:\Users\Gambino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe [1475744 2012-05-25] (ASUSTeK Computer Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-07-29] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-07-29] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [41160 2015-07-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1575688 2015-07-24] (ESET)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [182984 2015-07-24] (ESET)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-07-29] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-29] (Microsoft Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-04] (Electronic Arts)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-08-02] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-07-29] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-07-29] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-07-29] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-29] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-29] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-29] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-14] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
R3 cpuz138; C:\Users\Gambino\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2015-08-17] (CPUID)
S3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [50688 2015-07-10] (Microsoft Corp.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [253752 2015-07-24] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186272 2015-07-24] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [169744 2015-07-24] (ESET)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2015-06-14] (Acronis International GmbH)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-29] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2015-06-14] (Acronis International GmbH)
S0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [234784 2015-06-14] (Acronis International GmbH)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-07-29] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-18 14:13 - 2015-08-18 14:13 - 00025556 _____ C:\Users\Gambino\Desktop\FRST.txt
2015-08-18 14:13 - 2015-08-17 18:31 - 02173440 _____ (Farbar) C:\Users\Gambino\Desktop\FRST64.exe
2015-08-18 14:03 - 2015-08-18 14:03 - 00016148 _____ C:\WINDOWS\system32\GAMBINO-PC_Gambino_HistoryPrediction.bin
2015-08-18 12:11 - 2015-08-18 12:45 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-16 07:39 - 2015-08-16 07:39 - 00000080 _____ C:\Users\Gambino\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-08-15 15:46 - 2015-08-15 15:46 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-08-15 15:43 - 2015-08-15 15:43 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-08-15 15:37 - 2015-08-15 15:37 - 00024576 _____ (Silicon Laboratories) C:\WINDOWS\system32\Drivers\SiLib.sys
2015-08-15 15:37 - 2015-08-15 15:37 - 00019456 _____ (Silicon Laboratories) C:\WINDOWS\system32\Drivers\SiUSBXp.sys
2015-08-15 15:37 - 2015-08-15 15:37 - 00003212 _____ C:\WINDOWS\System32\Tasks\Start Corsair Link
2015-08-15 15:37 - 2015-08-15 15:37 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\Corsair
2015-08-15 15:37 - 2015-08-15 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair
2015-08-15 15:37 - 2015-08-15 15:37 - 00000000 ____D C:\Program Files (x86)\Silabs
2015-08-15 15:37 - 2015-08-15 15:37 - 00000000 ____D C:\Program Files (x86)\Corsair
2015-08-15 12:16 - 2015-08-17 18:31 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-08-15 11:55 - 2015-08-18 14:13 - 00000000 ____D C:\FRST
2015-08-15 11:47 - 2015-08-17 19:14 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-15 11:40 - 2015-08-15 12:09 - 00000000 ____D C:\Users\Gambino\AppData\Local\CrashDumps
2015-08-15 11:39 - 2015-08-15 11:47 - 00000000 ____D C:\Program Files\Reason
2015-08-15 11:37 - 2015-08-15 11:37 - 00532734 _____ C:\Users\Gambino\AppData\Local\census.cache
2015-08-15 11:37 - 2015-08-15 11:37 - 00200171 _____ C:\Users\Gambino\AppData\Local\ars.cache
2015-08-15 11:36 - 2015-08-15 11:36 - 00000010 _____ C:\Users\Gambino\AppData\Local\sponge.last.runtime.cache
2015-08-15 11:31 - 2015-08-15 11:31 - 00000036 _____ C:\Users\Gambino\AppData\Local\housecall.guid.cache
2015-08-15 10:58 - 2015-08-15 11:23 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-08-15 10:58 - 2015-08-15 11:08 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-15 10:42 - 2015-08-15 10:42 - 00000000 ____D C:\Rbackup
2015-08-15 10:41 - 2015-08-15 10:41 - 00000042 _____ C:\WINDOWS\SysWOW64\AK083E209605E394C.lie
2015-08-15 10:05 - 2015-08-15 10:05 - 00000000 ____D C:\Users\Gambino\AppData\Local\ESET
2015-08-15 10:00 - 2015-08-15 10:00 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\ESET
2015-08-15 09:55 - 2015-08-15 09:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-08-15 09:55 - 2015-08-15 09:55 - 00000000 ____D C:\ProgramData\ESET
2015-08-15 09:55 - 2015-08-15 09:55 - 00000000 ____D C:\Program Files\ESET
2015-08-14 18:19 - 2015-08-12 04:57 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-14 18:19 - 2015-08-12 04:22 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-13 12:31 - 2015-08-13 12:31 - 00058661 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508131231086908.log
2015-08-13 12:31 - 2015-08-13 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-13 12:31 - 2015-08-13 12:31 - 00000000 ____D C:\ProgramData\ATI
2015-08-12 12:07 - 2015-08-12 12:07 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-08-11 22:07 - 2015-08-08 03:30 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 22:07 - 2015-08-08 03:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 22:07 - 2015-08-08 03:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-11 22:07 - 2015-08-08 03:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 22:07 - 2015-08-08 02:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-11 22:07 - 2015-08-08 02:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 22:07 - 2015-08-08 02:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 22:07 - 2015-08-08 02:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 22:07 - 2015-08-08 02:22 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 22:07 - 2015-08-08 02:21 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-11 22:07 - 2015-08-08 02:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 22:07 - 2015-08-08 02:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 22:07 - 2015-08-05 23:18 - 00290768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-11 22:07 - 2015-08-05 23:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-11 22:07 - 2015-08-05 23:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-11 22:07 - 2015-08-05 22:36 - 21874176 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-11 22:07 - 2015-08-05 22:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-11 22:07 - 2015-08-05 22:03 - 18805248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-11 22:07 - 2015-08-05 00:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-11 22:07 - 2015-08-05 00:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-11 22:07 - 2015-08-05 00:03 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-11 22:07 - 2015-08-05 00:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-11 22:07 - 2015-08-04 23:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-11 22:07 - 2015-08-04 23:47 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-11 22:07 - 2015-08-04 23:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-11 22:07 - 2015-08-04 23:43 - 01916416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-11 22:07 - 2015-08-04 23:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-11 22:07 - 2015-08-04 00:08 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-11 22:07 - 2015-08-04 00:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 22:07 - 2015-08-04 00:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-11 22:07 - 2015-08-04 00:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-11 22:07 - 2015-08-03 23:50 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-11 22:07 - 2015-08-03 23:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-11 22:07 - 2015-08-03 23:21 - 16709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 22:07 - 2015-08-03 23:10 - 13025792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 22:07 - 2015-08-03 22:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-11 22:07 - 2015-08-03 22:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-11 22:07 - 2015-08-02 22:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-11 22:07 - 2015-08-02 22:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-11 22:07 - 2015-08-02 22:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-11 22:07 - 2015-08-02 22:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-11 22:07 - 2015-08-02 22:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-11 22:07 - 2015-08-02 22:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-11 22:07 - 2015-08-02 22:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-11 22:07 - 2015-08-02 22:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-11 22:07 - 2015-08-02 22:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-11 22:07 - 2015-08-02 22:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-11 22:07 - 2015-08-02 22:13 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-11 22:07 - 2015-08-02 22:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-11 22:07 - 2015-08-02 21:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-11 22:07 - 2015-08-02 21:50 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-11 22:07 - 2015-08-02 21:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-11 22:07 - 2015-08-02 21:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-11 22:07 - 2015-08-02 21:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-11 22:07 - 2015-08-02 21:24 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-11 22:07 - 2015-08-02 21:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-11 22:07 - 2015-08-02 21:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-11 22:07 - 2015-08-02 21:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-11 22:07 - 2015-08-02 21:23 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-11 22:07 - 2015-08-02 21:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-11 22:07 - 2015-08-02 21:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-11 22:07 - 2015-08-02 21:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-11 22:07 - 2015-08-02 21:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-11 22:07 - 2015-08-02 21:22 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-11 22:07 - 2015-08-02 21:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-11 22:07 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 22:07 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 22:07 - 2015-08-02 21:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 22:07 - 2015-08-02 21:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-11 22:07 - 2015-08-02 21:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-11 22:07 - 2015-08-02 21:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-11 22:07 - 2015-08-02 21:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-11 22:07 - 2015-08-02 21:15 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-11 22:07 - 2015-08-02 21:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-11 22:07 - 2015-08-02 21:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-11 22:07 - 2015-08-02 21:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-11 22:07 - 2015-08-02 21:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-11 22:07 - 2015-08-02 21:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-11 22:07 - 2015-08-02 21:14 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-11 22:07 - 2015-08-02 21:12 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-11 22:07 - 2015-08-02 21:12 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-11 22:07 - 2015-08-02 21:12 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-11 22:07 - 2015-08-02 21:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-11 22:07 - 2015-08-02 21:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-11 22:07 - 2015-08-02 21:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-11 22:07 - 2015-08-02 21:11 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-11 22:07 - 2015-08-02 21:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-11 22:07 - 2015-08-02 21:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 22:07 - 2015-08-02 21:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-11 22:07 - 2015-08-02 21:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-11 22:07 - 2015-08-02 21:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-11 22:07 - 2015-08-02 21:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 22:07 - 2015-08-02 21:00 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-11 22:07 - 2015-08-02 20:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-08 06:58 - 2015-08-08 08:33 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\BitComet
2015-08-05 23:52 - 2015-07-30 02:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-05 23:52 - 2015-07-30 02:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-05 23:52 - 2015-07-30 02:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-05 23:52 - 2015-07-30 02:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-05 23:52 - 2015-07-30 02:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-05 23:52 - 2015-07-30 02:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-05 23:52 - 2015-07-30 02:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-05 23:52 - 2015-07-30 02:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-05 23:52 - 2015-07-30 02:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-05 23:52 - 2015-07-30 02:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-05 23:52 - 2015-07-30 02:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-05 23:52 - 2015-07-30 02:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-05 23:52 - 2015-07-30 02:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-05 23:52 - 2015-07-30 02:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-05 23:52 - 2015-07-30 01:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-05 23:52 - 2015-07-30 00:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-05 23:52 - 2015-07-30 00:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-05 23:52 - 2015-07-30 00:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-05 23:52 - 2015-07-30 00:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-05 23:52 - 2015-07-30 00:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-05 23:52 - 2015-07-30 00:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-05 23:52 - 2015-07-30 00:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-05 23:52 - 2015-07-30 00:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-05 23:52 - 2015-07-30 00:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-05 23:52 - 2015-07-30 00:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-05 23:52 - 2015-07-30 00:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-05 23:52 - 2015-07-30 00:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-05 23:52 - 2015-07-30 00:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-05 23:52 - 2015-07-30 00:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-05 23:52 - 2015-07-30 00:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-05 23:52 - 2015-07-30 00:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-05 23:52 - 2015-07-30 00:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-05 23:52 - 2015-07-30 00:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-05 23:52 - 2015-07-30 00:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-05 23:52 - 2015-07-29 23:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-05 23:52 - 2015-07-29 23:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-05 23:52 - 2015-07-29 23:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-05 23:52 - 2015-07-29 23:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-05 23:52 - 2015-07-29 23:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-05 23:52 - 2015-07-29 23:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-05 23:52 - 2015-07-29 23:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-05 23:52 - 2015-07-29 23:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-05 23:52 - 2015-07-29 23:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-05 23:52 - 2015-07-29 23:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-05 23:52 - 2015-07-29 23:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-05 23:52 - 2015-07-29 23:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-05 23:52 - 2015-07-29 23:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-05 23:52 - 2015-07-29 23:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-05 23:52 - 2015-07-29 23:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-05 23:52 - 2015-07-29 23:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-05 23:52 - 2015-07-29 23:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-05 23:52 - 2015-07-29 23:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-05 23:52 - 2015-07-29 23:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-05 23:52 - 2015-07-29 23:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-05 23:52 - 2015-07-29 23:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-05 23:52 - 2015-07-29 23:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-05 23:52 - 2015-07-29 23:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-05 23:52 - 2015-07-29 23:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-05 23:52 - 2015-07-29 23:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-05 23:52 - 2015-07-29 23:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-05 23:52 - 2015-07-29 23:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-05 23:52 - 2015-07-29 23:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-05 23:52 - 2015-07-29 23:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-05 23:52 - 2015-07-29 23:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-05 23:52 - 2015-07-29 23:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-05 23:52 - 2015-07-29 23:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-05 23:52 - 2015-07-29 23:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-05 23:52 - 2015-07-29 23:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-05 23:52 - 2015-07-29 23:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-05 23:52 - 2015-07-29 23:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-05 23:52 - 2015-07-29 23:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-05 23:52 - 2015-07-29 22:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-05 23:52 - 2015-07-29 22:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-05 12:14 - 2015-08-15 10:31 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\Anvsoft
2015-08-05 12:04 - 2015-08-05 12:05 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\NCH Software
2015-08-05 12:04 - 2015-08-05 12:04 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2015-08-05 12:04 - 2015-08-05 12:04 - 00000000 ____D C:\ProgramData\NCH Software
2015-08-05 11:56 - 2015-08-05 11:56 - 00000102 _____ C:\Users\Gambino\AppData\Roaming\settings.xml
2015-08-05 11:56 - 2015-08-05 11:56 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\convertaudiofree
2015-08-05 11:56 - 2015-08-05 11:56 - 00000000 ____D C:\Users\Gambino\AppData\Local\SkinSoft
2015-08-05 11:55 - 2015-08-05 11:55 - 00000000 ____D C:\Program Files (x86)\movtoavi_setup
2015-08-05 11:52 - 2015-08-05 11:52 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2015-08-05 11:52 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\SysWOW64\ISCM64.dll
2015-08-05 11:28 - 2015-08-05 11:28 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-03 20:35 - 2015-08-03 20:35 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-08-03 20:34 - 2015-08-03 20:38 - 00000000 ____D C:\WINDOWS\pss
2015-07-31 14:56 - 2015-07-31 14:56 - 00055427 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507311456091163.log
2015-07-31 14:56 - 2015-07-31 14:56 - 00034243 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507311456304435.log
2015-07-31 14:52 - 2015-07-31 14:52 - 00056307 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507311452289220.log
2015-07-31 14:51 - 2015-07-31 14:51 - 00057781 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507311451527116.log
2015-07-31 14:51 - 2015-07-31 14:51 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2015-07-31 14:51 - 2015-07-31 14:51 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2015-07-31 14:51 - 2015-07-31 14:51 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2015-07-31 14:51 - 2015-07-31 14:51 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2015-07-30 17:08 - 2015-07-30 17:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-07-30 17:06 - 2015-08-11 10:51 - 00005226 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Gambino-Pc-Gambino Gambino-Pc
2015-07-30 17:06 - 2015-07-30 17:06 - 00000000 ____D C:\Users\Gambino\AppData\Local\PeerDistRepub
2015-07-29 19:34 - 2015-07-29 17:32 - 00000000 ___DC C:\WINDOWS\Panther
2015-07-29 19:34 - 2015-07-29 15:36 - 00000000 __SHD C:\Recovery
2015-07-29 19:32 - 2015-07-29 19:32 - 00000000 ____D C:\Windows.old
2015-07-29 19:31 - 2015-07-29 19:31 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-07-29 19:31 - 2015-07-29 19:31 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-07-29 19:31 - 2015-07-29 19:31 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-07-29 19:31 - 2015-07-29 19:31 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-07-29 19:31 - 2015-07-29 19:31 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-07-29 19:30 - 2015-07-29 19:30 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-07-29 19:29 - 2015-08-16 06:47 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\Program Files\MSBuild
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-29 19:29 - 2015-07-29 19:29 - 00000000 ____D C:\inetpub
2015-07-29 19:28 - 2015-06-17 22:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-07-29 19:28 - 2015-06-17 22:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-29 19:28 - 2015-06-17 22:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-07-29 19:28 - 2015-05-30 01:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-07-29 19:28 - 2015-05-30 01:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-07-29 19:28 - 2015-05-30 01:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-07-29 17:42 - 2015-07-29 17:42 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2015-07-29 17:42 - 2015-07-29 17:42 - 00000000 ____D C:\Users\DefaultAppPool
2015-07-29 17:42 - 2015-07-29 15:40 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-29 17:42 - 2015-07-29 15:40 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2015-07-29 17:42 - 2015-07-10 07:04 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-07-29 17:42 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-29 17:42 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-07-29 17:42 - 2015-07-10 07:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-29 16:49 - 2015-07-29 16:49 - 00000000 ___HD C:\$Windows.~WS
2015-07-29 16:16 - 2015-07-29 16:16 - 00000000 ____D C:\Users\Gambino\AppData\Local\NetworkTiles
2015-07-29 16:08 - 2015-07-29 16:34 - 00000000 ____D C:\Users\Gambino\AppData\Local\Comms
2015-07-29 16:08 - 2015-07-29 16:08 - 00058661 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507291608277795.log
2015-07-29 16:07 - 2015-07-29 16:07 - 00066655 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507291607152846.log
2015-07-29 16:06 - 2015-07-29 16:07 - 00000000 ____D C:\Users\Gambino\AppData\Local\MicrosoftEdge
2015-07-29 16:01 - 2015-07-29 16:01 - 00002340 _____ C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-07-29 16:01 - 2015-07-29 16:01 - 00000000 ___RD C:\Users\Gambino\OneDrive
2015-07-29 16:01 - 2015-07-29 16:01 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-07-29 15:59 - 2015-08-07 11:56 - 00000000 ____D C:\Users\Gambino\AppData\Local\Packages
2015-07-29 15:59 - 2015-07-29 15:59 - 00000020 ___SH C:\Users\Gambino\ntuser.ini
2015-07-29 15:59 - 2015-07-29 15:59 - 00000000 ____D C:\Users\Gambino\AppData\Local\TileDataLayer
2015-07-29 15:59 - 2015-07-29 15:59 - 00000000 ____D C:\Users\Gambino\AppData\Local\Publishers
2015-07-29 15:42 - 2015-07-29 15:42 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-07-29 15:41 - 2015-07-10 06:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-07-29 15:40 - 2015-07-29 15:40 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-29 15:40 - 2015-07-29 15:40 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-07-29 15:40 - 2015-07-29 15:40 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-07-29 15:38 - 2015-07-29 15:38 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-07-29 15:37 - 2015-08-17 18:38 - 01009730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-29 15:37 - 2015-08-15 12:12 - 00000000 ____D C:\Users\Gambino
2015-07-29 15:37 - 2015-07-29 15:59 - 00000000 ___RD C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-29 15:37 - 2015-07-10 07:04 - 00000000 __RSD C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-07-29 15:37 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-29 15:37 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-07-29 15:37 - 2015-07-10 07:04 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-29 15:36 - 2015-08-15 09:43 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-29 15:36 - 2015-08-13 12:31 - 00000000 ____D C:\Program Files\AMD
2015-07-29 15:36 - 2015-08-13 12:30 - 00000000 ____D C:\ProgramData\AMD
2015-07-29 15:36 - 2015-07-31 14:56 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-07-29 15:36 - 2015-07-29 15:36 - 00961296 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-07-29 15:36 - 2015-07-29 15:36 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-07-29 15:36 - 2015-07-29 15:36 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-07-29 15:36 - 2015-07-29 15:36 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2015-07-29 15:35 - 2015-07-29 15:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-07-29 15:35 - 2015-07-29 15:35 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-07-29 15:35 - 2015-07-29 15:35 - 00000000 ____D C:\Program Files\Realtek
2015-07-29 15:34 - 2015-07-29 15:35 - 00026051 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-07-29 15:23 - 2015-07-29 17:32 - 00012638 _____ C:\WINDOWS\diagerr.xml
2015-07-29 15:23 - 2015-07-29 17:32 - 00011787 _____ C:\WINDOWS\diagwrn.xml
2015-07-24 03:30 - 2015-07-24 03:30 - 00253752 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2015-07-24 03:30 - 2015-07-24 03:30 - 00186272 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2015-07-24 03:30 - 2015-07-24 03:30 - 00169744 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfpr.sys
2015-07-22 15:37 - 2015-07-22 15:37 - 00000000 ____D C:\Users\Gambino\AppData\Local\CEF

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-18 14:08 - 2015-03-13 15:51 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-18 14:07 - 2015-03-13 16:37 - 00000000 ____D C:\Users\Gambino\AppData\Local\Battle.net
2015-08-18 14:03 - 2015-06-12 21:25 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-18 13:50 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-18 12:47 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-17 18:45 - 2015-06-21 17:17 - 00000000 ____D C:\Users\Gambino\Desktop\Hearthstone
2015-08-17 18:32 - 2015-03-13 16:27 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-17 18:32 - 2015-03-13 15:51 - 00000894 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-17 18:31 - 2015-07-10 08:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-17 18:31 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-08-17 18:31 - 2015-07-10 05:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-17 18:31 - 2015-03-13 16:06 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-08-17 18:31 - 2009-07-13 23:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-08-17 14:27 - 2015-03-13 16:37 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-15 15:37 - 2015-03-13 15:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-15 12:16 - 2015-04-14 08:52 - 00000000 ____D C:\ProgramData\TEMP
2015-08-15 12:16 - 2015-04-14 08:52 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2015-08-14 21:04 - 2015-07-10 06:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-13 11:04 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-13 03:46 - 2015-07-10 08:20 - 00264232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-13 03:46 - 2015-04-14 11:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 03:46 - 2015-04-14 11:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 03:45 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 03:45 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 03:45 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-13 03:45 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-13 03:45 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-12 12:11 - 2015-04-14 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 12:11 - 2015-04-14 10:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 12:10 - 2015-03-13 15:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 12:07 - 2015-06-28 05:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-12 12:07 - 2015-03-13 15:50 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 12:07 - 2009-07-13 22:34 - 00000478 _____ C:\WINDOWS\win.ini
2015-08-08 20:08 - 2015-06-07 01:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-08 18:02 - 2015-03-13 16:44 - 00000000 ____D C:\ProgramData\Origin
2015-08-08 11:38 - 2015-07-10 07:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 11:38 - 2015-07-10 07:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 11:23 - 2015-07-05 15:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-06 03:30 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-05 15:14 - 2015-04-14 08:56 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\foobar2000
2015-08-03 21:12 - 2015-04-14 08:54 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-03 20:43 - 2015-07-10 07:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-03 20:43 - 2015-07-10 05:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-03 20:04 - 2015-04-24 16:26 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\TeamViewer
2015-08-03 19:10 - 2015-04-14 09:00 - 00000000 __SHD C:\Users\Gambino\AppData\Local\EmieUserList
2015-08-03 19:10 - 2015-04-14 09:00 - 00000000 __SHD C:\Users\Gambino\AppData\Local\EmieSiteList
2015-08-03 15:15 - 2015-03-13 16:48 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-08-03 15:15 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-02 15:24 - 2015-07-10 06:59 - 00006656 _____ C:\WINDOWS\system32\lpcio.dll
2015-07-31 20:00 - 2015-03-13 16:41 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\TS3Client
2015-07-31 14:52 - 2015-03-13 16:03 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-31 14:51 - 2015-03-13 15:59 - 00000000 ____D C:\AMD
2015-07-31 09:04 - 2015-03-13 16:40 - 00000000 ____D C:\Program Files\CCleaner
2015-07-30 03:16 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-07-29 19:34 - 2015-07-10 07:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-07-29 19:32 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-07-29 19:32 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-07-29 19:32 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-07-29 19:32 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-07-29 19:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-07-29 19:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-07-29 19:29 - 2015-07-10 07:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-07-29 19:29 - 2015-07-10 07:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-07-29 19:29 - 2015-07-10 07:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-07-29 19:29 - 2015-07-10 07:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-07-29 19:29 - 2015-07-10 07:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-07-29 19:29 - 2015-07-10 07:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-07-29 19:29 - 2015-07-10 07:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-07-29 19:29 - 2015-07-10 07:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-07-29 19:29 - 2015-07-10 07:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-07-29 19:29 - 2015-07-10 07:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-07-29 19:29 - 2015-07-10 07:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-07-29 19:29 - 2015-07-10 07:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-07-29 19:29 - 2015-07-10 07:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-07-29 19:29 - 2015-07-10 07:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-07-29 19:29 - 2015-07-10 07:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-07-29 19:29 - 2015-07-10 07:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-07-29 19:29 - 2015-07-10 07:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-07-29 17:32 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT
2015-07-29 16:25 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-07-29 16:13 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-07-29 15:59 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-07-29 15:59 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-07-29 15:59 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-07-29 15:59 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-07-29 15:43 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Registration
2015-07-29 15:42 - 2015-07-10 07:04 - 00000000 __RSD C:\WINDOWS\Media
2015-07-29 15:42 - 2015-07-10 07:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-29 15:42 - 2015-04-30 14:07 - 00004052 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D5B7228F-2B0D-4843-91F2-1EFC6556D1FE}
2015-07-29 15:42 - 2015-03-13 16:57 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-07-29 15:42 - 2015-03-13 16:40 - 00002886 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-07-29 15:42 - 2015-03-13 15:51 - 00004004 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-29 15:42 - 2015-03-13 15:51 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-29 15:41 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-07-29 15:40 - 2015-07-10 09:14 - 00000000 ____D C:\WINDOWS\ShellNew
2015-07-29 15:40 - 2015-07-10 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-29 15:40 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-07-29 15:40 - 2015-06-12 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-07-29 15:40 - 2015-05-31 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2015-07-29 15:40 - 2015-04-14 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2015-07-29 15:40 - 2015-04-14 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-29 15:40 - 2015-04-14 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-07-29 15:40 - 2015-04-14 09:28 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-29 15:40 - 2015-04-14 09:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-29 15:40 - 2015-04-14 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-29 15:40 - 2015-04-14 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-29 15:40 - 2015-04-14 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-07-29 15:40 - 2015-03-13 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-07-29 15:40 - 2015-03-13 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-07-29 15:40 - 2015-03-13 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-29 15:40 - 2015-03-13 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-07-29 15:40 - 2015-03-13 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-29 15:40 - 2015-03-13 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-07-29 15:40 - 2015-03-13 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-29 15:40 - 2015-03-13 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2015-07-29 15:40 - 2009-07-13 23:20 - 00000000 ____D C:\Users\Default.migrated
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\schemas
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Cursors
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-29 15:38 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-29 15:38 - 2015-06-14 06:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-07-29 15:38 - 2015-05-30 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCZ Storage Solutions
2015-07-29 15:38 - 2015-04-29 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2015-07-29 15:38 - 2015-04-17 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-07-29 15:38 - 2015-04-14 16:18 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-07-29 15:38 - 2015-03-13 16:18 - 00000000 ____D C:\WINDOWS\system32\SPReview
2015-07-29 15:38 - 2015-03-13 16:18 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2015-07-29 15:38 - 2015-03-13 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
2015-07-29 15:38 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-07-29 15:37 - 2015-07-08 14:40 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-07-29 15:37 - 2015-04-14 08:53 - 00000000 ____D C:\Users\Gambino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
2015-07-29 15:36 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-07-29 15:34 - 2015-07-10 05:05 - 00000000 __RHD C:\Users\Default
2015-07-29 15:26 - 2009-07-14 00:45 - 00017120 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-29 15:26 - 2009-07-14 00:45 - 00017120 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-29 03:51 - 2015-04-11 10:31 - 00000000 ____D C:\ProgramData\Symantec

==================== Files in the root of some directories =======

2015-08-05 11:56 - 2015-08-05 11:56 - 0000102 _____ () C:\Users\Gambino\AppData\Roaming\settings.xml
2015-08-15 11:37 - 2015-08-15 11:37 - 0200171 _____ () C:\Users\Gambino\AppData\Local\ars.cache
2015-08-15 11:37 - 2015-08-15 11:37 - 0532734 _____ () C:\Users\Gambino\AppData\Local\census.cache
2015-08-15 11:31 - 2015-08-15 11:31 - 0000036 _____ () C:\Users\Gambino\AppData\Local\housecall.guid.cache
2015-08-15 11:36 - 2015-08-15 11:36 - 0000010 _____ () C:\Users\Gambino\AppData\Local\sponge.last.runtime.cache
2015-07-29 15:36 - 2015-07-29 15:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-15 08:34

==================== End of log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-08-2015
Ran by Gambino (2015-08-18 14:14:02)
Running from C:\Users\Gambino\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3613700061-449632877-1553431701-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3613700061-449632877-1553431701-503 - Limited - Disabled)
Gambino (S-1-5-21-3613700061-449632877-1553431701-1000 - Administrator - Enabled) => C:\Users\Gambino
Guest (S-1-5-21-3613700061-449632877-1553431701-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Endpoint Antivirus 6.2.2021.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.2.2021.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
Acronis True Image 2015 (HKLM-x32\...\{9C48ED33-4A66-4299-B274-BD8110AB6EAA}Visible) (Version: 18.0.6525 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.6525 - Acronis) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J625DW (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.0.19.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Corsair Hydro Series 7289 USB Device (Driver Removal) (HKLM-x32\...\HYDROS7289&1B1C&0C02) (Version:  - Corsair Components, Inc.)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 3.2.5695 - Corsair)
Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
ESET Endpoint Antivirus (HKLM\...\{2CEF5A8B-7BD4-4205-81FE-33A0C9A9F7D0}) (Version: 6.2.2021.0 - ESET, spol. s r.o.)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version:  - NetherRealm Studios)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Perfect Golf (HKLM-x32\...\Steam App 288140) (Version:  - PERFECT PARALLEL)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.1 - Power Software Ltd)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version:  - Ubisoft)
SpywareBlaster 5.2 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC)
SSD Guru (HKLM-x32\...\{821329AE-EB57-4E10-9868-792651B3336B}) (Version: 1.1.1292 - OCZ Storage Solutions)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
TP-LINK TL-WDN4800 Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WWE 2K15 (HKLM-x32\...\Steam App 240460) (Version:  - YUKE’S Co., Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3613700061-449632877-1553431701-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Gambino\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

05-08-2015 11:55:34 Installed movtoavi_setup
12-08-2015 12:03:37 Windows Update
15-08-2015 09:46:13 Installed ESET Endpoint Antivirus

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2015-08-15 11:47 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {027BD469-F16B-41B3-9F1A-3F462E6B0190} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {046C306C-D0E3-4501-9B01-6883D593A031} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {079C00BD-8171-478F-945A-5DD29A9025DB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {08791F85-D5DA-4E82-AC54-0A8E2420902B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0F877217-53CE-44B9-B769-32A95B424617} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {11E22368-6B9D-4092-924D-20BCF9EC4803} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {17B2F70F-79E9-4DA2-9A0D-4C5CD9BD602A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1C4712C6-324B-490A-BCD7-D71197CEE98A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {276025A8-1C29-4F15-B1EE-61061D150AA0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {2C64BD10-FFC3-49BB-BAF0-A29827A27AC0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {342A5C54-B8FA-43C4-B32A-FA429DEDDBF7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {390F1885-E92F-498C-BD27-EEF247D535AE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {3F0083DD-9830-42BF-B796-28D91D52C0ED} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {4AE68624-CB1F-4A14-BE30-3E48771D90E9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {50269455-D979-4415-B71F-8C7122AED227} - System32\Tasks\NCH Software\PrismSevenDays => C:\Program Files (x86)\NCH Software\Prism\Prism.exe
Task: {5716455F-059D-462D-A1B0-9DF7D32697A5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {58AA39BF-4B85-44DA-9D90-C9020BE09E02} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {631B397A-6424-45A4-852A-113E7516DEFE} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {65949766-CA58-4376-AAAA-B9B4DA14FC44} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {6893AE07-DA65-49BD-A3AA-1B5F0585B47C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {72AD6EF0-2B78-4E88-BCC6-3AA0F61CD7A8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {75620F71-67FF-4E20-8AF3-4EBF2876BB24} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7DFA80FB-F1BD-4C8C-9680-99D74E9BC507} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {80830F72-E574-4C84-8BF4-E8E422F82646} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8D8CF39E-7870-4F92-9A1E-394E6BC5FA35} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {8DBE09AB-5ACE-46DF-9CDD-79FE3D28F747} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-29] (Microsoft Corporation)
Task: {8E8E7295-33CB-474A-9D1A-CFB8438F513B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {8F4C3A2F-D807-437E-BAA4-10DF9721ED47} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: {9E7FABAD-2A6D-4610-8251-A6E7A8C97767} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {A526BF72-D236-40BC-B34C-DC19D4437DC4} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A5E58547-3700-4049-B0F1-08508C388CD4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {AC58C578-D027-4A83-B34A-E0D152F2CF77} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {AC837583-9F5A-431D-AECB-6136702E54AD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AECA5817-02E8-47A2-9CC2-A353AE853FD9} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B2EEA676-90E1-44E5-ADCE-8316F86A329F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {B9BF7478-8E06-434D-927A-7ACD60BB437A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C39080E6-8CD0-4E8B-9BE5-E5131FB17773} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4A98A4C-1717-49A5-B9F0-F322DAB88F55} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2015-08-05] ()
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5A9FE2A-5939-411B-A5E7-2B01A3E5225E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CADE2697-5DD9-4249-B23A-6DAEDD07CE47} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Gambino-Pc-Gambino Gambino-Pc => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-06-26] (Microsoft Corporation)
Task: {D0764C73-2CD6-4077-BFCA-E792B8D746BA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {DDC6BAA3-4B95-4888-9B1B-EBD9EA3D1B7B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {E1048CF6-3811-41FF-B822-C5FDF803C0FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E7AD7EC7-C4CB-4177-925B-F919A3BD0275} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {ED058644-F6D9-4AA2-BB41-0CDD3E92A653} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {FED0AD1B-E918-43F3-8FD2-D1981873FC78} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => 0x000A0100327AAC4247F7ED479E360C93AE180AE94600D400000000003C000A00200000000014730F000000000513040020200401000000000000000000000000000000000000180043003A005C00570049004E0044004F00570053005C006500780070006C006F007200650072002E0065007800650000000C002F004E004F0055004100430043004800450043004B000000000018004500780070006C006F007200650072005300680065006C006C0055006E0065006C00650076006100740065006400000000000000080003130400000000000000
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 07:00 - 2015-07-10 07:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-07-29 19:31 - 2015-07-29 19:31 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-04 00:25 - 2015-08-04 00:25 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-08-04 00:25 - 2015-08-04 00:25 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-06-01 05:42 - 2012-06-01 05:42 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-07-29 19:31 - 2015-07-29 19:31 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-04-29 15:57 - 2005-04-22 00:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2015-08-05 23:52 - 2015-07-30 02:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-05 23:52 - 2015-07-30 02:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-05 11:52 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\SysWOW64\ISCM64.dll
2015-08-15 15:37 - 2015-08-05 11:32 - 03160384 _____ () C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe
2009-03-30 02:32 - 2009-03-30 02:32 - 00032768 ____R () C:\Windows\DAODx.exe
2015-07-10 06:59 - 2015-07-10 06:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-11 22:07 - 2015-08-02 21:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-11 22:07 - 2015-08-02 21:08 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-11 22:07 - 2015-08-02 21:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-09-18 03:23 - 2014-09-18 03:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 14:23 - 2015-03-12 14:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 03:23 - 2014-09-18 03:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 14:23 - 2015-03-12 14:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-07-31 09:04 - 2015-07-31 09:04 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-07-29 16:34 - 2015-07-29 16:34 - 00007680 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.4.200.0_x86__8wekyb3d8bbwe\Microsoft.Msn.News.exe
2015-07-29 16:34 - 2015-07-29 16:34 - 03633664 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1507.15010.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-08-18 12:47 - 2015-08-18 12:47 - 07824896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-08-18 12:47 - 2015-08-18 12:47 - 02062336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-02-10 14:12 - 2015-02-10 14:12 - 02210480 _____ () C:\Program Files\Microsoft Office\Office15\tmpod.dll
2014-01-23 16:05 - 2014-01-23 16:05 - 01424552 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2015-08-03 20:02 - 2015-08-17 18:31 - 00033792 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2015-05-30 15:33 - 2010-06-28 22:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-08-15 15:37 - 2015-08-05 11:27 - 00147968 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbRobbins.dll
2015-08-15 15:37 - 2015-08-05 11:27 - 00081920 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libcef.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libGLESv2.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00909312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\platforms\qwindows.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libEGL.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qgif.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qico.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qjpeg.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qmng.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qsvg.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qtiff.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00038400 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\audio\qtaudio_windows.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQuick.2\qtquick2plugin.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-13 17:47 - 2015-08-13 17:47 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQml\Models.2\modelsplugin.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00034624 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-11-27 10:47 - 2014-11-27 10:47 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-11-27 10:44 - 2014-11-27 10:44 - 00129344 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2015-07-29 16:34 - 2015-07-29 16:34 - 09459712 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.4.200.0_x86__8wekyb3d8bbwe\Microsoft.Msn.News.dll
2015-07-10 09:17 - 2015-07-10 09:17 - 06459392 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x86__8wekyb3d8bbwe\SharedLibrary.dll
2015-07-29 16:32 - 2015-07-29 16:32 - 00970240 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.4.200.0_x86__8wekyb3d8bbwe\SQLiteWrapper.dll
2015-07-29 16:32 - 2015-07-29 16:32 - 03517616 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.4.200.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll
2015-07-29 16:32 - 2015-07-29 16:32 - 00646144 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.4.200.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
2015-08-11 13:09 - 2015-08-07 20:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-11 13:09 - 2015-08-07 20:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-08-11 13:09 - 2015-08-07 20:13 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll
2014-09-09 10:00 - 2014-09-09 10:00 - 00023576 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3613700061-449632877-1553431701-1000\...\1001movie.com -> 1001movie.com

There are 6091 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3613700061-449632877-1553431701-1000\Control Panel\Desktop\\Wallpaper -> D:\Personal Files\My Documents\My Pictures\Sexy Inked Chicks\heather moss - 478.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{03F16929-B184-483B-BCD9-321A729A7A57}] => (Allow) G:\Game Install Directory\GTA5.exe
FirewallRules: [{C91FECFF-6CAA-4A5B-8C6D-E70B722EA19D}] => (Allow) G:\Game Install Directory\GTA5.exe
FirewallRules: [{39B920D5-2161-4F95-904E-7082AD74D005}] => (Allow) G:\Game Install Directory\Ubisoft\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{2DBDC04C-6D24-4328-B9D5-8662C9212C6F}] => (Allow) G:\Game Install Directory\Ubisoft\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{F98315C1-77E5-4241-8B2E-61A39B60F63B}] => (Allow) G:\Game Install Directory\Ubisoft\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{E17FEAFC-935B-40E0-9A03-1006FDB17619}] => (Allow) G:\Game Install Directory\Ubisoft\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{414A85B6-49E2-4F6D-B508-FB67A5ADFF1C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A22C3C51-C219-4B34-A22A-456250FE30DC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D2A0DC6E-8DD5-4BA0-ACD2-9379EDF981CB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{6E93A43A-F265-4677-BCC8-640C9D4A48A2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B29A8C46-079D-431B-91A1-4E0A8E81DCF8}] => (Allow) G:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{58DC408B-6CD0-4482-A46C-A50F343F5ED7}] => (Allow) G:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{57D08375-1ED7-4283-953A-457320DF6196}] => (Allow) G:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{325924EF-03CB-4D2C-B65B-0BEDF5C431EC}] => (Allow) G:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{F13D5C97-3DB9-40F8-858F-1F5DC658E445}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{B1513F05-BB18-45B1-A901-9A871752BB18}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F1027775-F418-4774-943E-BE1637DD1085}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DABC6AD5-4319-4DA1-83F9-18BA2E9719E8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4507699A-600A-4260-9080-947903715112}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BD016582-6DCF-4D1A-ADF6-747F6255255D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E71D3349-F6B7-4368-A4FB-6AA4923A2F4B}] => (Allow) G:\SteamLibrary\steamapps\common\WWE 2K15\WWE2K15Launcher.exe
FirewallRules: [{ADB97D46-B183-4706-86A0-B21C099C111D}] => (Allow) G:\SteamLibrary\steamapps\common\WWE 2K15\WWE2K15Launcher.exe
FirewallRules: [{9AEE07E8-C7EA-4181-8C67-0DEE7727B820}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{869026E6-69E5-4475-9DD6-6BDCA7BF3DEA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{E84BC5E9-D820-4ACE-B6B9-AF9A0A65266C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{45AE7874-56D0-4D83-A5D8-EFAC01FF3E06}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{8468E443-A904-42BD-B356-2F659DA7998A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{6BC6A150-7201-40BA-BCD6-223094999D14}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E4390E7B-7AEF-49DD-8813-523C415E3988}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3E657F69-B503-49F7-9436-941D4E04833E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CD1A3696-A097-46FE-9C4F-EB0A4373A73B}] => (Allow) LPort=1900
FirewallRules: [{93BB53BF-4616-4CD1-8237-0F1F9194CDED}] => (Allow) LPort=2869
FirewallRules: [{D8B4F453-6239-419E-B6BB-58DAB833AE97}] => (Allow) E:\RouterSetup\QISWizard.exe
FirewallRules: [{08F9DBF9-28EA-49C1-B74E-9CEF1B9A6172}] => (Allow) E:\RouterSetup\QISWizard.exe
FirewallRules: [{058D43F3-4A74-4656-A2DB-8BFC99C2D7A2}] => (Allow) G:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AF8075F3-768D-413A-A4B1-6A132EA29268}] => (Allow) G:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{C43F0A14-1525-4E54-8F53-E76DFAD1F66A}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{C61AE0F2-74EB-4ACF-8CD8-C333CAF1F61A}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{6AD3DA59-9B5F-4A4B-BAC3-03994686A770}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{CC19D967-2879-46DC-BEE0-73A608C1366E}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{ACCE9222-70F7-4BFC-87A7-395302DEDC54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Perfect Golf\Perfect Golf.exe
FirewallRules: [{ACD6B354-62F3-4DCB-98EA-F157A014A274}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Perfect Golf\Perfect Golf.exe
FirewallRules: [{26F35B0A-14DB-4006-B611-F2E5294CDB67}] => (Allow) LPort=54925
FirewallRules: [{09183E14-6D1B-4226-8C32-0072BDADBFE9}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{C49A82A7-F8AF-4B31-8801-9F4A0A53C44A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{9993C32C-8BCD-43EB-9679-217A15A4BB35}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B2E0B582-2752-468E-9E01-A1E37482B9FA}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{22D16816-4354-4A44-A9C8-F2355774DE41}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{D17C86EA-37A4-407C-9949-23ACD9501DF1}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A58E1993-C258-4A6B-B6C2-8164E26E1E92}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{D802A889-02CB-49F6-894A-1D468E522AD0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0D6F6F24-4CB5-4F24-8DA3-91A9D7707B90}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2ABABFF2-8910-4267-9E6A-CC422185F26A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BCEA45D3-6382-4120-98EA-6AD07F83B8C4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F63A4E76-10F9-4EFF-B06D-2F4B2EFF47EE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{614B2215-3812-41F3-9BE9-99B98AE86E5C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2A936B6B-A474-48A6-9C41-8217BC81CF21}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5B0BFB53-AA1E-4B8C-BE88-B30D106DE1EE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9A2EF3BF-065C-49AC-8C00-20F911C123B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{CF8F088A-C532-4879-9306-CA3AE9156416}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{8463629A-0712-4211-96F3-7FA7F285A68C}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{136DA915-2B3D-4186-8262-5FB4B45D4952}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{B16759CA-6427-471C-BFA6-7F3E90A86208}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/17/2015 08:14:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (3804) testing: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Gambino\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (08/17/2015 08:14:24 PM) (Source: ESENT) (EventID: 490) (User: )
Description: CCleaner64 (3804) testing: An attempt to open the file "C:\Users\Gambino\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (08/17/2015 06:50:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (1416) testing: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Gambino\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (08/17/2015 06:50:35 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (1416) testing: An attempt to open the file "C:\Users\Gambino\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (08/17/2015 06:50:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (1416) testing: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Gambino\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (08/17/2015 06:50:25 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (1416) testing: An attempt to open the file "C:\Users\Gambino\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (08/17/2015 02:29:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7110

Error: (08/17/2015 02:29:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7110

Error: (08/17/2015 02:29:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/17/2015 02:29:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5454


System errors:
=============
Error: (08/17/2015 06:33:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/17/2015 06:31:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:
%%1058

Error: (08/17/2015 06:31:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ACP Kernel Service Driver service failed to start due to the following error:
%%2

Error: (08/17/2015 06:31:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/17/2015 06:31:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/17/2015 06:31:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/17/2015 06:31:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/17/2015 02:29:11 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (08/17/2015 02:29:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/17/2015 02:29:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.


Microsoft Office:
=========================
Error: (08/17/2015 08:14:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner643804testing: C:\Users\Gambino\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)

Error: (08/17/2015 08:14:24 PM) (Source: ESENT) (EventID: 490) (User: )
Description: CCleaner643804testing: C:\Users\Gambino\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (08/17/2015 06:50:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner641416testing: C:\Users\Gambino\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)

Error: (08/17/2015 06:50:35 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner641416testing: C:\Users\Gambino\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (08/17/2015 06:50:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner641416testing: C:\Users\Gambino\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)

Error: (08/17/2015 06:50:25 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner641416testing: C:\Users\Gambino\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (08/17/2015 02:29:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7110

Error: (08/17/2015 02:29:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7110

Error: (08/17/2015 02:29:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/17/2015 02:29:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5454


CodeIntegrity:
===================================
  Date: 2015-08-13 11:03:04.758
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-08-13 11:03:04.724
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-08-13 11:03:04.687
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-08-13 11:03:04.634
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-08-13 11:03:04.610
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-08-13 11:03:04.587
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-08-13 11:03:03.341
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-08-13 11:03:03.256
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-08-13 10:59:36.157
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-08-13 10:59:36.115
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: AMD FX™-6300 Six-Core Processor
Percentage of memory in use: 40%
Total physical RAM: 8088.62 MB
Available physical RAM: 4821.04 MB
Total Virtual: 16280.62 MB
Available Virtual: 12301.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.91 GB) (Free:124.4 GB) NTFS
Drive d: (Data Drive) (Fixed) (Total:698.52 GB) (Free:395.04 GB) NTFS
Drive g: (Program Drive) (Fixed) (Total:698.52 GB) (Free:511.78 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 1397.3 GB) (Disk ID: 436ABBD3)

Partition: GPT.

==================== End of log ============================

 

I took Avira out so I deleted the extension in the broswer so I'm not worried about that..



#13 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:39 PM

Posted 19 August 2015 - 12:31 PM

Hi nocnock,

Do you see any other problems?

We will run some scans to make sure nothing is lurking.

AdwCleaner by Xplode

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • DO NOT CLEAN ANYTHING! Removal will be done after analysis of the log.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
Regards,
Alex

#14 nocnock

nocnock
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:39 AM

Posted 19 August 2015 - 02:36 PM

I'm not having any issues no. Everything seems to be ok.. However, tracking this down seems impossible.

 

Log came back clean..

 

# AdwCleaner v5.002 - Logfile created 19/08/2015 at 15:32:35
# Updated 18/08/2015 by Xplode
# Database : 2015-08-18.2 [Server]
# Operating system : Windows 10 Pro  (x64)
# Username : Gambino - GAMBINO-PC
# Running from : C:\Users\Gambino\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [502 bytes] ##########
 



#15 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:39 PM

Posted 20 August 2015 - 02:04 AM

Hello nocnock,
 
Please run these last two scans to make sure that things are clean.
 
Malwarebytes Anti-Malware

Download Malwarebytes Anti-Malware from here.

Double click on the file mbam-setup-2.x.x.xxxx.exe to install the application. (x.x.xxxx is the version)
  • Follow the prompt. At the end place a checkmark in Launch Malwarebytes Anti-Malware, then choose Finish.
  • When MBAM opens it will says Your database is out of date. Choose Fix Now.
  • Click on the Scan tab at the top of the window, choose Threat Scan, then Scan Now.
  • If you receive a message that updates are available, choose Update Now button (the scan will start after updates are completed).
  • Please be patient as the scan will take some time.
  • If MBAM detected threats, choose Quarantine for all items, then click Apply Actions.
  • While still on the Scan tab, choose View detailed log. In the window that opens, click the Export button, choose Text file (*.txt) and save the log to your Desktop.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


===

ESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Regards,
Alex 




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users