Random (popups) showing in Steam browser, and Ingame (dota2 in particular) [Archive]

yekere

2015-08-24, 04:55

Hello guys,

It's my first time posting so I hope I don't break any rules here. Since a couple of days, there's been random popups showing up while I'm using steam, with Russian and Aliexpress Ads, sometimes even with sound, lightboxes, the whole popup package. These Ads also appear when I'm on the menus of Dota 2. The Ads have an X on the top right corner to close it. When clicked, the button opens a browser (in-steam browser) window with aliexpress or some other random site. The sane behaviour happened to me in firefox once (just once) and it haven't happened ever since.

What have I tried:

* Malwares bytes
* Spybot 2 (of course)
* Reinstalling steam
* Using Google DNS
* Upgrading from win 8 to win 10
* CC cleaner

I haven't tried the last virus signature from spybot, because I'm having problems updating the AV, but that's a different story. Thanks for the help!

Requested logs:

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-08-2015
Ran by J (administrator) on JLEON-GAMING (23-08-2015 22:31:11)
Running from C:\Users\J\Desktop
Loaded Profiles: J (Available Profiles: J)
Platform: Windows 10 Home Single Language (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\SETB7.tmp
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\SET1AA.tmp
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Users\J\AppData\Local\Microsoft\OneDrive\OneDrive.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
(MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(TeamSpeak Systems GmbH) D:\Programas\Teamspeak\ts3client_win64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3347688 2015-08-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1440768 2014-01-28] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [SUPER CHARGER] => C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe [1047536 2014-02-21] (MSI)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-846674770-790806118-1279481075-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [252928 2014-02-06] (SteelSeries ApS)
HKU\S-1-5-21-846674770-790806118-1279481075-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-846674770-790806118-1279481075-1001\...\Run: [Spotify] => C:\Users\J\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-02-24] (Spotify Ltd)
HKU\S-1-5-21-846674770-790806118-1279481075-1001\...\Run: [Spotify Web Helper] => C:\Users\J\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-02-24] (Spotify Ltd)
HKU\S-1-5-21-846674770-790806118-1279481075-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-846674770-790806118-1279481075-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-846674770-790806118-1279481075-1001\...\Run: [OneDrive] => C:\Users\J\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-23] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-05-06]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{FF3BFE8F-D4B5-428A-9E62-464DCA7EBCFF}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-23] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-846674770-790806118-1279481075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi13.msn.com
HKU\S-1-5-21-846674770-790806118-1279481075-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKU\S-1-5-21-846674770-790806118-1279481075-1001 -> DefaultScope {8C9D77FB-E5FC-44C3-9C4F-930DD154B7B3} URL =
SearchScopes: HKU\S-1-5-21-846674770-790806118-1279481075-1001 -> {8C9D77FB-E5FC-44C3-9C4F-930DD154B7B3} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0ed76164-d9f0-46ad-8517-35d0d05eed6e}: [DhcpNameServer] 190.160.0.15 200.30.192.14 200.83.1.5
Tcpip\..\Interfaces\{f7c00113-4013-41dd-b09f-0c9d7aef95fe}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\y7qhe7sd.default
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-18] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-846674770-790806118-1279481075-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-03-31] ()
FF Extension: Adblock Plus - C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\y7qhe7sd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-25]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2015-08-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [936832 2015-03-11] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-24] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-24] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-08-23] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [125168 2014-12-03] (Intel Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-24] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe [162800 2014-02-21] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [995568 2015-08-09] (Overwolf LTD)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2013-12-09] (Qualcomm Atheros) [File not signed]
S3 RetailDemo; C:\Windows\system32\RDXService.dll [996352 2015-08-24] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-24] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-24] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-24] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-08-24] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2014-03-28] (Google Inc) [File not signed]
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
R3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 SAlphamBth; C:\Windows\System32\drivers\SAlphabt64.sys [31232 2012-10-16] (SteelSeries Corporation) [File not signed]
R3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
R3 SAlphaPS2; C:\Windows\System32\drivers\SAlphaPS264.sys [26496 2013-12-12] (SteelSeries Corporation)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [65576 2015-06-16] (Safer-Networking Ltd.)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-24] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] ()
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-24 00:55 - 2015-08-23 20:07 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-24 00:55 - 2015-08-23 19:57 - 00000000 __SHD C:\Recovery
2015-08-24 00:53 - 2015-08-24 00:54 - 00000000 ____D C:\Windows.old
2015-08-24 00:53 - 2015-08-24 00:53 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 18805760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 08021840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-24 00:53 - 2015-08-24 00:53 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-24 00:53 - 2015-08-24 00:53 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-24 00:53 - 2015-08-24 00:53 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-24 00:53 - 2015-08-24 00:53 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-24 00:53 - 2015-08-24 00:53 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-24 00:53 - 2015-08-24 00:53 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-24 00:51 - 2015-08-24 00:51 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-24 00:50 - 2015-08-24 00:50 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-24 00:50 - 2015-08-24 00:50 - 00000000 ____D C:\Program Files\MSBuild
2015-08-24 00:50 - 2015-08-24 00:50 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-24 00:50 - 2015-08-24 00:50 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-24 00:50 - 2015-06-17 23:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-24 00:50 - 2015-06-17 23:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-24 00:50 - 2015-06-17 23:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-24 00:50 - 2015-05-30 02:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-24 00:50 - 2015-05-30 02:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-24 00:50 - 2015-05-30 02:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-23 22:31 - 2015-08-23 22:31 - 00027335 _____ C:\Users\J\Desktop\FRST.txt
2015-08-23 22:29 - 2015-08-23 22:31 - 00000000 ____D C:\FRST
2015-08-23 22:28 - 2015-08-23 22:28 - 02173952 _____ (Farbar) C:\Users\J\Desktop\FRST64.exe
2015-08-23 22:16 - 2015-08-23 22:16 - 00053992 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller.dll
2015-08-23 22:16 - 2015-08-23 22:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETD_01009.Wdf
2015-08-23 22:09 - 2015-08-23 22:09 - 00000000 ___HD C:\OneDriveTemp
2015-08-23 22:08 - 2015-08-23 22:08 - 00016148 _____ C:\WINDOWS\system32\JLEON-GAMING_J_HistoryPrediction.bin
2015-08-23 22:05 - 2015-08-23 22:05 - 00000656 _____ C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-08-23 22:05 - 2015-08-23 22:05 - 00000628 _____ C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-08-23 22:05 - 2015-08-23 22:05 - 00000458 _____ C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2015-08-23 22:01 - 2015-08-23 22:01 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-08-23 22:00 - 2015-08-23 22:00 - 00000000 ____D C:\WINDOWS\pss
2015-08-23 21:47 - 2015-08-23 21:47 - 00451972 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20150823-214756.backup
2015-08-23 21:47 - 2015-08-23 21:44 - 00451972 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20150823-214744.backup
2015-08-23 21:34 - 2015-08-23 21:34 - 00004090 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7DA05A43-433C-4A46-B5BB-5F2E6A7D03EC}
2015-08-23 21:32 - 2015-08-23 22:05 - 00001470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-08-23 21:32 - 2015-08-23 22:05 - 00001458 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-08-23 21:32 - 2015-08-23 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-08-23 21:32 - 2015-06-16 17:32 - 00020760 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2015-08-23 21:27 - 2015-08-23 21:30 - 00000085 _____ C:\WINDOWS\wininit.ini
2015-08-23 21:25 - 2015-08-23 21:26 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\J\Downloads\spybot-2.4.exe
2015-08-23 21:01 - 2015-08-23 21:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-08-23 20:58 - 2015-08-23 20:58 - 00558320 _____ (Safer-Networking Ltd. ) C:\Users\J\Downloads\spybot2-license (1).exe
2015-08-23 20:58 - 2015-08-23 20:58 - 00000000 _____ C:\Users\J\Downloads\spybot2-license (1) (1).exe.t6x3sdb.partial
2015-08-23 20:44 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-23 20:41 - 2015-08-23 20:41 - 00558320 _____ (Safer-Networking Ltd. ) C:\Users\J\Downloads\spybot2-license.exe
2015-08-23 20:39 - 2015-08-23 18:02 - 00450771 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20150823-203913.backup
2015-08-23 20:37 - 2015-08-23 20:37 - 00450872 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
2015-08-23 20:18 - 2015-08-23 20:18 - 00001057 _____ C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2015-08-23 20:11 - 2015-08-23 20:11 - 00047288 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2015-08-23 20:10 - 2015-08-23 20:10 - 00000000 ____D C:\Users\J\AppData\Local\MicrosoftEdge
2015-08-23 20:08 - 2015-08-23 22:05 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-23 20:08 - 2015-08-23 22:05 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-23 20:08 - 2015-08-23 20:08 - 00002376 _____ C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-23 20:08 - 2015-08-23 20:08 - 00000000 ___RD C:\Users\J\OneDrive
2015-08-23 20:07 - 2015-08-23 22:12 - 00876942 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-23 20:07 - 2015-08-23 20:07 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-08-23 20:06 - 2015-08-23 20:06 - 00000020 ___SH C:\Users\J\ntuser.ini
2015-08-23 20:06 - 2015-08-23 20:06 - 00000000 ____D C:\Users\J\AppData\Local\TileDataLayer
2015-08-23 20:06 - 2015-08-23 20:06 - 00000000 ____D C:\Users\J\AppData\Local\Publishers
2015-08-23 20:06 - 2015-08-23 20:06 - 00000000 ____D C:\Users\J\AppData\Local\Comms
2015-08-23 20:02 - 2015-08-23 20:02 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-23 20:00 - 2015-08-23 20:00 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-23 20:00 - 2015-08-23 20:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-23 19:59 - 2015-08-23 19:59 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-23 19:58 - 2015-08-23 22:12 - 00000000 ____D C:\Users\J
2015-08-23 19:58 - 2015-08-23 20:06 - 00000000 ___RD C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-23 19:58 - 2015-08-23 19:58 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-08-23 19:58 - 2015-07-10 08:04 - 00000000 __RSD C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-23 19:58 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-23 19:58 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-23 19:58 - 2015-07-10 08:04 - 00000000 ____D C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-23 19:58 - 2015-07-10 07:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-23 19:57 - 2015-08-23 22:08 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-23 19:57 - 2015-08-23 19:57 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-08-23 19:57 - 2015-08-23 19:57 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-23 19:57 - 2015-08-23 19:57 - 00000000 ____D C:\Program Files\Realtek
2015-08-23 19:57 - 2015-07-17 23:58 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-08-23 19:57 - 2015-07-17 23:58 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-08-23 19:56 - 2015-08-23 19:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-23 19:56 - 2015-08-23 19:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-23 19:56 - 2015-08-23 19:58 - 00000000 ____D C:\Program Files\Intel
2015-08-23 19:56 - 2015-08-23 19:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-08-23 19:56 - 2015-08-23 19:56 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-23 19:56 - 2015-07-22 22:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-23 19:56 - 2015-07-22 22:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-23 19:56 - 2015-07-22 22:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-23 19:56 - 2015-07-22 22:10 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-08-23 19:56 - 2015-07-22 22:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-23 19:56 - 2015-07-22 22:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-23 19:56 - 2015-07-22 22:10 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-08-23 19:56 - 2015-07-22 22:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-23 19:56 - 2015-07-22 01:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-23 19:55 - 2015-08-23 21:31 - 00009918 _____ C:\WINDOWS\PFRO.log
2015-08-23 19:55 - 2015-08-23 19:56 - 00029814 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-23 19:44 - 2015-08-23 20:02 - 00006535 _____ C:\WINDOWS\comsetup.log
2015-08-23 18:29 - 2015-08-23 20:03 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-08-23 18:29 - 2015-08-23 20:03 - 00009528 _____ C:\WINDOWS\diagerr.xml
2015-08-23 18:29 - 2015-08-23 19:44 - 00000000 ___HD C:\$Windows.~BT
2015-08-23 18:11 - 2015-08-23 18:11 - 00000000 ___HD C:\$Windows.~WS
2015-08-23 18:02 - 2015-08-23 17:35 - 00450747 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20150823-180249.backup
2015-08-23 17:35 - 2015-08-22 17:23 - 00450771 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20150823-173519.backup
2015-08-23 14:26 - 2015-08-23 16:59 - 00000000 ____D C:\Users\J\Documents\Fiddler2
2015-08-23 14:26 - 2015-08-23 14:26 - 00001910 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiddler4.lnk
2015-08-23 14:26 - 2015-08-23 14:26 - 00000000 ____D C:\Program Files (x86)\Fiddler2
2015-08-23 13:23 - 2015-08-23 13:23 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-22 17:23 - 2013-08-22 10:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20150822-172353.backup
2015-08-19 23:51 - 2015-08-19 23:51 - 00000000 ____D C:\Users\J\Documents\ProcAlyzer Dumps
2015-08-19 21:44 - 2015-08-23 19:48 - 01137907 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-19 20:37 - 2015-08-23 20:02 - 00002900 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-08-19 20:36 - 2015-08-19 20:37 - 00000000 ____D C:\Program Files\CCleaner
2015-08-19 13:59 - 2015-08-23 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-19 13:59 - 2015-08-23 17:46 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-19 13:59 - 2015-08-19 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-19 13:59 - 2015-08-19 13:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-19 13:59 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-19 13:59 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-19 13:59 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-15 16:27 - 2015-08-15 16:27 - 00000000 ____D C:\Users\J\Documents\Add-in Express
2015-08-15 02:22 - 2015-08-15 02:22 - 00000450 _____ C:\Users\J\Desktop\Data.lnk
2015-08-15 02:20 - 2015-08-15 16:40 - 00000000 ____D C:\Users\J\Desktop\Banners V
2015-08-11 21:26 - 2015-08-23 12:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-05 23:25 - 2015-08-15 21:56 - 01689367 _____ C:\Users\J\Desktop\upcycle.ai
2015-07-27 13:37 - 2015-08-23 19:41 - 00000000 ____D C:\Users\J\AppData\Roaming\RStudio
2015-07-27 13:16 - 2015-08-23 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2015-07-27 13:16 - 2015-07-27 13:16 - 00000000 ____D C:\Program Files\RStudio
2015-07-27 13:08 - 2015-07-27 13:08 - 00000000 ____D C:\Program Files\R
2015-07-24 21:25 - 2015-08-23 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beats by Dr. Dre
2015-07-24 21:25 - 2015-07-24 21:25 - 00000000 ____D C:\Program Files (x86)\Beats by Dr. Dre

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-24 00:55 - 2015-07-10 08:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-24 00:53 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-24 00:53 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-24 00:53 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-24 00:53 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-24 00:53 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-24 00:53 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-24 00:53 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-24 00:53 - 2015-07-10 06:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-24 00:53 - 2015-07-10 06:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-23 22:24 - 2014-11-17 22:51 - 00000000 ____D C:\Users\J\AppData\Roaming\TS3Client
2015-08-23 22:16 - 2015-07-10 09:20 - 00020906 _____ C:\WINDOWS\setupact.log
2015-08-23 22:16 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-23 22:16 - 2015-07-10 07:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-23 22:16 - 2014-05-06 23:17 - 00000000 ____D C:\Program Files\Elantech
2015-08-23 22:16 - 2014-05-03 12:13 - 00454744 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-08-23 22:13 - 2014-11-17 19:55 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-23 22:09 - 2015-07-10 09:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-23 22:09 - 2014-11-17 19:36 - 00000000 ___DO C:\Users\J\SkyDrive
2015-08-23 22:07 - 2015-07-10 09:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-23 22:07 - 2015-07-10 06:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-23 22:00 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-23 21:34 - 2014-12-02 16:51 - 00000000 __SHD C:\Users\J\AppData\Local\EmieUserList
2015-08-23 21:34 - 2014-12-02 16:51 - 00000000 __SHD C:\Users\J\AppData\Local\EmieSiteList
2015-08-23 21:27 - 2015-07-10 09:20 - 00459824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-23 20:58 - 2014-11-25 10:34 - 00000000 ____D C:\Users\J\AppData\Roaming\uTorrent
2015-08-23 20:44 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-23 20:23 - 2014-11-17 19:29 - 00000000 ____D C:\Users\J\AppData\Local\Packages
2015-08-23 20:18 - 2015-07-10 10:14 - 00000000 ____D C:\WINDOWS\OCR
2015-08-23 20:11 - 2014-05-03 12:13 - 00428216 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\SET77.tmp
2015-08-23 20:06 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-23 20:06 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-23 20:06 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-23 20:06 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-23 20:03 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-23 20:02 - 2014-11-24 19:13 - 00003838 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2015-08-23 20:02 - 2014-11-17 19:34 - 00003706 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-846674770-790806118-1279481075-1001
2015-08-23 20:02 - 2014-05-06 23:28 - 00003282 _____ C:\WINDOWS\System32\Tasks\MSI_Dragon Gaming Center
2015-08-23 20:02 - 2014-05-06 23:09 - 00004046 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-08-23 20:02 - 2014-05-06 23:09 - 00003800 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-08-23 20:01 - 2015-07-10 08:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-23 20:00 - 2015-07-16 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-08-23 20:00 - 2015-07-10 08:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-23 20:00 - 2015-07-10 06:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-23 20:00 - 2015-07-10 06:05 - 00000000 __RHD C:\Users\Default
2015-08-23 20:00 - 2015-07-04 13:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2015-08-23 20:00 - 2015-06-05 18:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-08-23 20:00 - 2015-04-29 18:58 - 00000000 ____D C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2015-08-23 20:00 - 2015-04-29 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2015-08-23 20:00 - 2015-03-17 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-23 20:00 - 2015-01-28 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-08-23 20:00 - 2015-01-15 22:33 - 00000000 ____D C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-23 20:00 - 2015-01-15 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-23 20:00 - 2014-11-26 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-23 20:00 - 2014-11-25 19:35 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-23 20:00 - 2014-11-25 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-23 20:00 - 2014-11-20 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-08-23 20:00 - 2014-11-18 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-08-23 20:00 - 2014-11-17 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-08-23 20:00 - 2014-11-17 20:02 - 00000000 ____D C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-23 20:00 - 2014-11-17 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-23 20:00 - 2014-05-07 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnRecovery
2015-08-23 20:00 - 2014-05-06 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2015-08-23 20:00 - 2014-05-06 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-08-23 20:00 - 2014-05-06 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-08-23 20:00 - 2014-05-06 23:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-23 20:00 - 2014-05-06 23:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-08-23 20:00 - 2013-11-14 18:57 - 00000000 ____D C:\WINDOWS\uk
2015-08-23 20:00 - 2013-11-14 18:57 - 00000000 ____D C:\WINDOWS\tr
2015-08-23 20:00 - 2013-11-14 18:57 - 00000000 ____D C:\WINDOWS\th
2015-08-23 20:00 - 2013-11-14 18:57 - 00000000 ____D C:\WINDOWS\ru
2015-08-23 20:00 - 2013-11-14 18:57 - 00000000 ____D C:\WINDOWS\en
2015-08-23 20:00 - 2013-11-14 18:57 - 00000000 ____D C:\WINDOWS\ar
2015-08-23 20:00 - 2013-11-14 18:56 - 00000000 ____D C:\WINDOWS\fr
2015-08-23 20:00 - 2013-11-14 18:56 - 00000000 ____D C:\WINDOWS\es
2015-08-23 20:00 - 2013-08-22 10:36 - 00000000 ____D C:\Users\Default.migrated
2015-08-23 19:59 - 2015-07-16 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2015-08-23 19:59 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-23 19:59 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-23 19:59 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-23 19:59 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-08-23 19:59 - 2014-05-06 23:30 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2015-08-23 19:59 - 2014-05-06 23:16 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-08-23 19:59 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-08-23 19:59 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-08-23 19:58 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-23 19:58 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-23 19:58 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\InputMethod
2015-08-23 19:58 - 2015-07-10 08:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-23 19:58 - 2015-03-25 19:50 - 00000000 ____D C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-08-23 19:58 - 2015-01-15 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2015-08-23 19:58 - 2014-11-24 19:13 - 00000000 ____D C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2015-08-23 19:58 - 2014-05-07 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-08-23 19:58 - 2014-05-06 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
2015-08-23 19:58 - 2014-05-06 23:07 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-23 19:58 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-08-23 19:58 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-08-23 19:57 - 2015-07-10 06:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-23 19:56 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Help
2015-08-23 12:43 - 2014-12-10 19:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-22 16:32 - 2014-11-22 04:24 - 01029120 ___SH C:\Users\J\Desktop\Thumbs.db
2015-08-22 01:57 - 2014-11-18 04:22 - 00000000 ____D C:\Users\J\AppData\Local\CrashDumps
2015-08-19 23:37 - 2015-07-21 14:35 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-19 20:39 - 2015-07-22 20:51 - 00007664 _____ C:\Users\J\AppData\Local\Resmon.ResmonCfg
2015-08-19 17:38 - 2015-04-29 18:58 - 00000000 ____D C:\Users\J\AppData\Roaming\GitHub
2015-08-19 17:38 - 2015-04-29 18:58 - 00000000 ____D C:\Users\J\AppData\Local\GitHub
2015-08-19 14:10 - 2014-11-25 10:37 - 00000000 ____D C:\ProgramData\APN
2015-08-15 20:35 - 2014-11-25 19:36 - 00000034 _____ C:\Users\J\AppData\Roaming\AdobeWLCMCache.dat
2015-08-15 20:21 - 2014-11-26 00:31 - 00000000 ____D C:\Users\J\AppData\Roaming\vlc
2015-08-15 16:40 - 2015-02-24 16:26 - 00000000 ____D C:\Users\J\AppData\Roaming\Spotify
2015-08-15 15:40 - 2015-02-24 16:26 - 00000000 ____D C:\Users\J\AppData\Local\Spotify
2015-08-14 18:30 - 2014-12-02 16:51 - 00001456 _____ C:\Users\J\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-08-14 14:09 - 2014-11-17 19:29 - 00000000 ____D C:\Users\J\AppData\Roaming\Adobe
2015-08-13 20:27 - 2015-04-27 07:47 - 00000080 _____ C:\Users\J\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-08-13 20:13 - 2015-04-27 07:47 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-08-13 20:13 - 2015-04-27 07:46 - 00000000 ____D C:\Program Files\Rockstar Games
2015-08-13 13:13 - 2014-11-24 19:13 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-08-12 11:25 - 2014-11-19 03:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 11:23 - 2015-03-17 11:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 11:23 - 2014-11-19 03:09 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-08 12:38 - 2015-07-10 08:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 12:38 - 2015-07-10 08:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-24 21:25 - 2014-05-06 23:18 - 00000000 ____D C:\Program Files\DIFX
2015-07-24 01:21 - 2014-11-17 23:58 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-07-24 01:21 - 2014-11-17 23:58 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-07-24 01:21 - 2014-05-06 23:13 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-07-24 01:21 - 2014-05-06 23:13 - 01423304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

==================== Files in the root of some directories =======

2014-11-25 19:36 - 2015-08-15 20:35 - 0000034 _____ () C:\Users\J\AppData\Roaming\AdobeWLCMCache.dat
2014-12-02 16:51 - 2015-08-14 18:30 - 0001456 _____ () C:\Users\J\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-07-22 20:51 - 2015-08-19 20:39 - 0007664 _____ () C:\Users\J\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-23 19:55

==================== End of log ============================

FRST ADDITION:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-08-2015
Ran by J (2015-08-23 22:31:37)
Running from C:\Users\J\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-846674770-790806118-1279481075-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-846674770-790806118-1279481075-503 - Limited - Disabled)
Guest (S-1-5-21-846674770-790806118-1279481075-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-846674770-790806118-1279481075-1003 - Limited - Enabled)
J (S-1-5-21-846674770-790806118-1279481075-1001 - Administrator - Enabled) => C:\Users\J

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Spybot - Search and Destroy (Enabled - Up to date) {1A0DDE8C-B4BA-EFDD-22A8-0F557C7985F0}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-846674770-790806118-1279481075-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version: - Rocksteady Studios)
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1402.2101 - Micro-Star International Co., Ltd.)
Beats Updater (HKLM-x32\...\{C64D433B-C3FD-45FC-B464-33A8C7991304}) (Version: 2.0.54.0 - Apple Inc.)
BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version: - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boot Configure (HKLM\...\{5DEFD958-7239-4FA0-8B4E-3B532D7A14BF}) (Version: 10.014.02075 - Application)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1309.301 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version: - Techland)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.)
Dragon Gaming Center (x32 Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.) Hidden
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC)
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
ELAN Touchpad 15.13.1.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.1.1 - ELAN Microelectronic Corp.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version: - Monolith Productions, Inc.)
F.E.A.R. 2: Project Origin (HKLM-x32\...\Steam App 16450) (Version: - Monolith)
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version: - Day 1 Studios)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Far Cry (HKLM-x32\...\Steam App 13520) (Version: - Crytek Studios)
Far Cry 2 (HKLM-x32\...\Steam App 19900) (Version: - Ubisoft Montreal)
Far Cry 4 (HKLM-x32\...\Steam App 298110) (Version: - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version: - Ubisoft Montreal)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.6.0.2 - Telerik)
FINAL FANTASY TYPE-0 HD (HKLM-x32\...\Steam App 340170) (Version: - SQUARE ENIX)
Foto-galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GitHub (HKU\S-1-5-21-846674770-790806118-1279481075-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.3.1 - GitHub, Inc.)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1449.356) (HKLM\...\{302600C1-6BDF-4FD1-1411-148929CC1385}) (Version: 17.1.1411.0506 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation)
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version: - Tripwire Interactive)
Kingdoms of Amalur: Reckoning™ (HKLM-x32\...\Steam App 102500) (Version: - Big Huge Games)
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version: - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
MAGIX MX Suite (HKLM-x32\...\MAGIX_{43136332-880B-458A-966C-900C18752B66}) (Version: 1.13.0.121 - MAGIX AG)
MAGIX MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 en-GB)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
MSI Social Media Collection (HKLM-x32\...\{7ADEC426-BE95-48EF-84D4-086BD0F4D331}) (Version: 1.14.2251 - Micro-Star International Co., Ltd.)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.88.41.0 - Overwolf Ltd.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.38.1037 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.38.1037 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.1.38.1037 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.38.1037 - Qualcomm Atheros)
R for Windows 3.2.1 (HKLM\...\R for Windows 3.2.1_is1) (Version: 3.2.1 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21249 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
resident evil 4 / biohazard 4 (HKLM-x32\...\Steam App 254700) (Version: - Capcom)
Resident Evil 5 (HKLM-x32\...\Steam App 21690) (Version: - Capcom)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.467 - RStudio)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
SCM (HKLM\...\{6692DCAF-A445-4C6B-AF31-3DD85FC06FBA}) (Version: 13.014.01026 - Application)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Sniper Elite: Nazi Zombie Army (HKLM-x32\...\Steam App 227100) (Version: - Rebellion)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.05 - Creative Technology Limited)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version: - Yager)
Spotify (HKU\S-1-5-21-846674770-790806118-1279481075-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.427.1242 - SteelSeries)
SUPER CHARGER (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.024 - MSI)
Tableau Public 9.0 (9000.15.0318.1720) (HKLM\...\{AA6D77E5-5125-4671-8361-F9408EA22D15}) (Version: 9.0.2638 - Tableau Software)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Evil Within (HKLM-x32\...\Steam App 268050) (Version: - Tango Gameworks)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Beats Electronics, LLC (KernelModeUSB) USBDevice (02/11/2015 14.33.52.923) (HKLM\...\9406E469423777D54A77273EF19C483BF7EB8377) (Version: 02/11/2015 14.33.52.923 - Beats Electronics, LLC)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.21 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.1 - win.rar GmbH)
WinX Free MOV to MP4 Converter 5.0.9 (HKLM-x32\...\WinX Free MOV to MP4 Converter_is1) (Version: - Digiarty Software, Inc.)
Wireshark 1.12.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.2 - The Wireshark developer community, http://www.wireshark.org)
XSplit Gamecaster (HKLM-x32\...\{9C3D0D0D-3983-4C18-91EE-C6976D5AA349}) (Version: 1.5.1403.1907 - SplitMediaLabs)
Основи Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
معرض الصور (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-846674770-790806118-1279481075-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846674770-790806118-1279481075-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846674770-790806118-1279481075-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846674770-790806118-1279481075-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846674770-790806118-1279481075-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846674770-790806118-1279481075-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846674770-790806118-1279481075-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846674770-790806118-1279481075-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846674770-790806118-1279481075-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> D:\Programas\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-846674770-790806118-1279481075-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846674770-790806118-1279481075-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846674770-790806118-1279481075-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

23-08-2015 22:16:07 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 10:25 - 2015-08-23 21:47 - 00451972 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 1000 more lines.

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {003F09E7-DB95-4D8C-A9A5-50D93B09BF40} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {075B40DD-89A1-4EB5-83C7-4AD971B121C3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {272B2893-BC1C-4162-913D-C48D7C454E4B} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {39056D46-6420-412E-AC89-501951938C97} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {3E1D256E-C37F-4608-AC08-3B294B9A3B2D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {3F3C9548-93DF-4F09-BBBA-291C279A5954} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {4A0E9CEF-F6A7-418A-BC35-88226285CF4B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {53DC1EE0-5935-45EF-8A91-BDC2AD545C0C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {61C249BB-F86A-4459-B1EC-43F1797684FE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {6286A3F4-88E7-4D4F-88D9-5EA3676306DF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {62E2D36D-CEDB-4B53-BE08-0B140B05EC45} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6D99DAE8-2DD0-47E1-9272-8E89E99764E1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7C584E3C-83F8-4503-9B02-6A12444751C6} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {7FE3FF64-5526-4C17-82A3-4F4F8C565D37} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {86B941A4-9E71-44FC-9D82-BA8D77F2618B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-24] (Microsoft Corporation)
Task: {9DC1E0B1-0D80-4711-9089-DB70304DE1DD} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A983152F-F9A0-4015-91B1-8C546BC6E9E1} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe
Task: {AC2C01D1-4911-46A9-B5D8-759C2EDDF7E1} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {BC26EE04-A222-4A90-B9AD-DBDB2B21D294} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CEECAE2A-4862-45C3-AD7D-0BE7968BEDA7} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>)
Task: {D6C63126-8872-46AB-A478-8778B960F0CC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DC36F6F3-AA00-415C-A6A3-A282240F227C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {E48FAC68-83E7-40F8-85B3-DFF61E6C7E3D} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-08-09] (Overwolf LTD)
Task: {E7C21C80-A4C0-4BE1-A6E9-9AC5E4B22A56} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job =>
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job =>
Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job =>

==================== Loaded Modules (Whitelisted) ==============

2015-08-24 00:53 - 2015-08-24 00:53 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-23 19:56 - 2015-07-22 22:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-04-29 18:55 - 2015-03-19 23:33 - 00736962 _____ () D:\Programas\Git\git-cheetah\git_shell_ext64.dll
2015-07-10 07:59 - 2015-07-10 07:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 07:59 - 2015-07-10 07:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 08:00 - 2015-07-10 10:15 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-24 00:53 - 2015-08-24 00:53 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 08:00 - 2015-07-10 10:15 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-01-22 14:44 - 2014-01-22 14:44 - 00075912 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.dll
2014-05-06 23:28 - 2014-01-27 14:51 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2014-05-06 23:28 - 2014-01-27 14:49 - 00364032 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-09-18 04:23 - 2014-09-18 04:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 15:23 - 2015-03-12 15:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 04:23 - 2014-09-18 04:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 15:23 - 2015-03-12 15:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00801792 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00175104 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2015-08-23 20:07 - 2015-08-23 20:07 - 00089915 _____ () C:\Users\J\AppData\Local\Temp\c27469af-935f-41c3-b166-34b0034ae492\CliSecureRT64.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00289792 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00140288 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00145408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2013-01-10 02:46 - 2013-01-10 02:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 09674240 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2013-01-10 02:46 - 2013-01-10 02:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00209408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00349696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00173056 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00307200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00154624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00157184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-02-06 19:41 - 2014-02-06 19:41 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2013-12-09 19:12 - 2013-12-09 19:12 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-02-28 06:14 - 2015-08-04 21:17 - 00179176 _____ () D:\Programas\Teamspeak\quazip.dll
2014-08-04 10:43 - 2015-08-04 21:17 - 00103400 _____ () D:\Programas\Teamspeak\soundbackends\directsound_win64.dll
2014-08-04 10:43 - 2015-08-04 21:17 - 00108008 _____ () D:\Programas\Teamspeak\soundbackends\windowsaudiosession_win64.dll
2014-08-04 10:46 - 2015-08-04 21:17 - 00312296 _____ () D:\Programas\Teamspeak\plugins\clientquery_plugin.dll
2014-08-04 10:46 - 2015-08-04 21:17 - 00483816 _____ () D:\Programas\Teamspeak\plugins\teamspeak_control_plugin.dll
2014-06-05 10:48 - 2015-08-04 21:17 - 00318976 _____ () D:\Programas\Teamspeak\ssleay32.dll
2014-06-05 10:48 - 2015-08-04 21:17 - 01718784 _____ () D:\Programas\Teamspeak\LIBEAY32.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 00289672 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
2015-08-23 21:32 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-23 21:32 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-08-23 21:32 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-08-23 21:32 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-05-10 19:50 - 2015-07-24 01:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-05-06 23:08 - 2013-12-09 19:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-23 13:07 - 2015-07-03 13:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-23 13:07 - 2015-07-03 13:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-23 13:07 - 2015-08-19 17:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-23 13:07 - 2014-12-01 18:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-23 13:07 - 2014-12-01 18:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-23 13:07 - 2014-12-01 18:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-23 13:07 - 2014-12-01 18:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-23 13:07 - 2014-12-01 18:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-23 13:07 - 2015-07-03 13:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-23 13:07 - 2015-07-03 13:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-23 13:07 - 2015-08-19 17:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-08-23 13:07 - 2015-07-26 22:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-08-23 13:07 - 2015-07-03 13:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-23 13:07 - 2015-07-24 22:53 - 00115968 _____ () C:\Program Files (x86)\Steam\winh264.dll
2014-11-17 20:26 - 2015-07-18 20:30 - 00224648 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\launcher.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 00415624 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\tier0.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 00344968 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\vstdlib.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 00402312 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\filesystem_stdio.dll
2014-11-17 20:02 - 2015-08-18 23:17 - 05955976 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\engine.dll
2014-11-17 20:02 - 2015-08-18 23:17 - 01125768 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\networksystem.dll
2014-11-17 20:26 - 2015-07-18 20:30 - 00905096 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\inputsystem.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 01179528 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\materialsystem.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 00496008 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\datacache.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 00638344 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\studiorender.dll
2014-11-17 20:26 - 2015-07-18 20:30 - 00179592 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\soundemittersystem.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 01184136 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vphysics.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 00928648 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vscript.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 01442184 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vguimatsurface.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 00475528 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vgui2.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 05618568 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\scaleformui_4.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 00978312 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\shaderapidx9.dll
2014-11-17 20:26 - 2015-07-18 20:30 - 00158600 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\localize.dll
2014-11-17 20:26 - 2015-07-18 20:30 - 00244616 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\stdshader_dbg.dll
2014-11-17 20:02 - 2015-07-18 20:30 - 01142152 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\stdshader_dx9.dll
2014-11-17 20:02 - 2015-08-21 20:08 - 22552968 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\bin\client.dll
2014-11-17 20:02 - 2015-08-21 20:08 - 19794824 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\bin\server.dll
2014-11-17 20:26 - 2015-07-18 20:30 - 00196488 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\scenefilecache.dll
2014-11-17 20:26 - 2015-07-18 20:30 - 00113544 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vaudio_miles.dll
2014-11-17 20:26 - 2014-11-17 20:26 - 00071680 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\mssmp3.asi
2014-11-17 20:26 - 2014-11-17 20:26 - 00153088 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\mssvoice.asi
2014-11-17 20:26 - 2014-11-17 20:26 - 00013312 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\mssds3d.flt
2014-11-17 20:26 - 2014-11-17 20:26 - 00055808 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\msseax.flt

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\J\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7867 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-846674770-790806118-1279481075-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\J\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\photo gallery wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-846674770-790806118-1279481075-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-846674770-790806118-1279481075-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-846674770-790806118-1279481075-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{628C29FF-BAE5-4C6F-8808-39CD0C1B36E0}] => (Allow) C:\Program Files (x86)\Fiddler2\Fiddler.exe
FirewallRules: [{F7F61879-4008-49F7-8D81-C65CD2CF0AE5}] => (Allow) D:\Games\steamapps\common\FINAL FANTASY TYPE-0 HD\fftype0hdlauncher.exe
FirewallRules: [{5EED73C0-6F46-4F09-AE77-1CEBA6CD6E30}] => (Allow) D:\Games\steamapps\common\FINAL FANTASY TYPE-0 HD\fftype0hdlauncher.exe
FirewallRules: [UDP Query User{09C706C8-576A-4C6D-87DF-2C5739FF8155}C:\users\j\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\j\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{00ECC1B3-C208-4904-B0C3-59BB0398D757}C:\users\j\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\j\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BECBD679-FC0E-4438-AF11-A4B426E0FB36}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{4B7668C7-6581-4D0B-80AB-C53E8A6AB2F7}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{ADD8969A-31AD-4E15-9B63-360E55A766A7}] => (Allow) D:\Games\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{21DABA27-414A-4140-8C15-5CE121D563AE}] => (Allow) D:\Games\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{F31C5682-57A6-499E-9FBA-7E214A3BB0E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{C054DBBF-9DC0-48DF-9F50-D9BE0C0B119F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [UDP Query User{0B2ACB9B-723F-4A40-A19A-0DB669D40471}C:\program files (x86)\beats by dr. dre\beats updater.exe] => (Allow) C:\program files (x86)\beats by dr. dre\beats updater.exe
FirewallRules: [TCP Query User{F3DB4BDF-7332-4B66-BDD5-45C21C10BF35}C:\program files (x86)\beats by dr. dre\beats updater.exe] => (Allow) C:\program files (x86)\beats by dr. dre\beats updater.exe
FirewallRules: [{A969D72C-7D2F-42F0-BB1A-86BB7DCF4679}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4F494207-CD06-4086-BBFD-DF737F188EC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{10A34C54-EBBA-4B9F-8EB4-07E407DE8676}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{43FA6DFA-C85D-4BF0-9CBE-E283798A48B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6D5418FF-8818-41D6-9FD8-02C4FAAB6D1D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [UDP Query User{744F211C-0D37-4B9D-B892-F377CAE12A73}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B2394D9A-5F68-421E-88CE-7159F5C2D838}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{52875D82-E8D3-4280-B0D2-EB31C7596C90}] => (Allow) D:\Games\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{AD1407CA-36DF-4B19-9148-B4A5B6209CB7}] => (Allow) D:\Games\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{3B06ADAC-1C06-4655-B5B2-0A2D1BC902B4}] => (Allow) D:\Games\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{A182F1EC-77DB-4EE0-80FC-658BFBA9FFC6}] => (Allow) D:\Games\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{92FDB30C-149D-4A01-A799-9338087B427D}] => (Allow) D:\Games\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{6649E46C-5E45-42D1-BC3E-B596531CA7DA}] => (Allow) D:\Games\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{A52BF963-4590-41D0-9393-CF1C9BEDB250}] => (Allow) D:\Games\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{1536C252-896C-41AF-8707-4E033689DFAF}] => (Allow) D:\Games\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{4BD2C518-66C9-49AB-9552-231AF9FC73F6}] => (Allow) D:\Games\steamapps\common\TheEvilWithin\EvilWithin.exe
FirewallRules: [{69C0DC5B-CFFC-4091-8CEA-9D02A6779FC6}] => (Allow) D:\Games\steamapps\common\TheEvilWithin\EvilWithin.exe
FirewallRules: [{01C1A364-547A-4B29-AF9D-06D318ED795A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{87498297-9AE6-401E-A435-30A1C5E2CD51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{F7DB48A2-FA62-490C-9C09-ACE106F5DDEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{D73EDA01-9563-4221-9F05-DF8945A49728}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{AE7BA211-91EB-4354-90CA-69A40AAD50B4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1BB52944-5126-40CE-B153-6BA6B2DB43B8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{19F2CD46-DE80-4E89-9E69-4DFFA942626F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{971DEBC5-1C18-4D1F-BE5E-B14DE57005E7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{47AAB3AC-0F64-4ADD-9492-815DC5DFA017}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F214C5DC-D010-45CF-87A6-13146E0F808E}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [UDP Query User{F9676EF0-5F7F-420D-9FE3-F8547FE6C07E}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{D67497BB-9073-42C3-B124-8D96A6C2D07E}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{E98ED9BE-0538-4DF0-94E5-982EC898EFEE}] => (Allow) D:\Games\steamapps\common\Rust\legacy\rust.exe
FirewallRules: [{EE95D31B-FE53-4E30-B5C4-9209DD9A808B}] => (Allow) D:\Games\steamapps\common\Rust\legacy\rust.exe
FirewallRules: [{7F68B515-7654-4870-907B-D42DDAEF5880}] => (Allow) D:\Games\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{DD115974-0601-487E-9CD8-E0929DAC4C3B}] => (Allow) D:\Games\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{B818D4F0-1282-46A2-8F57-46753082D845}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A0255ED3-B414-4B66-BBF4-787BDA4F19C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{32BDE733-C3FA-4DB0-B970-BADC5AC3DCEA}] => (Allow) D:\Games\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{AAB92058-B9E4-4BB1-9326-46BF62398001}] => (Allow) D:\Games\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{4668BDED-22F4-4B2F-8366-D3AC4AEA24B1}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{210C1C14-9965-4793-A28A-B23BFE97DF59}] => (Allow) D:\Games\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{0247D54D-2115-462D-8AA1-0612C84853F6}] => (Allow) D:\Games\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{CC9FB044-B529-4189-882E-4A133A5C58B6}] => (Allow) D:\Games\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{3271E3D4-106C-4D20-B026-5A7D09342DDD}] => (Allow) D:\Games\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{E07A8097-3E0D-4A46-B215-AD2B3C5474B0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1D2F5C2B-187D-4F2A-BCFB-E941E0B1A39F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1A2EEDB8-E407-4C98-914F-F80DA20E9A19}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2AA39DF8-653E-406E-B3F6-047F267BCBFA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{90B98057-E311-4387-95B0-C5E4646BD8B7}] => (Allow) D:\Games\steamapps\common\Rust\legacy\rust.exe
FirewallRules: [{1206E878-117A-42B9-A7FA-AC696A2331A4}] => (Allow) D:\Games\steamapps\common\Rust\legacy\rust.exe
FirewallRules: [{82AFB3C0-480E-42A4-BB7F-CA8566E5ACE8}] => (Allow) D:\Games\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{8F333C39-2909-45F7-8455-1C509E3F381F}] => (Allow) D:\Games\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [UDP Query User{51BE26D0-4BF6-48C9-B083-06B34A741709}D:\games\steamapps\common\dayz\dayz.exe] => (Allow) D:\games\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{9F669CA1-8309-4578-8548-EBE5B4664244}D:\games\steamapps\common\dayz\dayz.exe] => (Allow) D:\games\steamapps\common\dayz\dayz.exe
FirewallRules: [{402A14AB-991F-4BF3-9D3D-4DB77C58F512}] => (Allow) c:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{8F40D6C9-79AE-4977-95C4-EED217AB2C6C}] => (Allow) c:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{F285498E-3BA3-4AD7-8EB5-48B3CD9CDB3E}] => (Allow) D:\Games\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{181B299F-19B6-4DCD-A375-88FA89997C79}] => (Allow) D:\Games\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{91975688-6526-43EA-9995-E1B642655F4E}] => (Allow) C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC521F6B-7DC1-45EE-A09A-426C2A022590}] => (Allow) C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5391C0AD-F1E6-4990-AC28-7D72DF19B46D}] => (Allow) D:\Games\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{A6E2E565-E3E4-4BB1-B6D0-5A8EFCE3A292}] => (Allow) D:\Games\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{F6103C8E-7AF0-4CFC-8DB0-F3AD6639BB06}] => (Allow) D:\Games\steamapps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{7FCD671A-3276-46E6-A7F4-A562C19CF2E2}] => (Allow) D:\Games\steamapps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{0CB7D881-E996-4A21-A5D1-8AD48FC28BDF}] => (Allow) D:\Games\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{78A0A157-BE05-4421-93D2-C1C1EF4C9ECF}] => (Allow) D:\Games\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{46D25BD9-A5DC-491D-ABEF-6BAC0825C01A}] => (Allow) D:\Games\steamapps\common\KOAReckoning\Reckoning.exe
FirewallRules: [{7AB27D4A-9C69-4482-971A-93B12DCBA6F2}] => (Allow) D:\Games\steamapps\common\KOAReckoning\Reckoning.exe
FirewallRules: [{5AD4C1E8-5D46-44BD-A21F-615A23502A1D}] => (Allow) D:\Games\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{65677BE3-96CE-4054-A43B-2280515FC850}] => (Allow) D:\Games\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{3828D1C1-CDE1-4AFF-93D0-91B2F62AB9A6}] => (Allow) D:\Games\steamapps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{CC98388C-E401-408E-A425-6FD9E7E3FD43}] => (Allow) D:\Games\steamapps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{CC576B45-474B-40E5-9F63-C6E53BE859C0}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{8266CB83-0C73-41E3-BAFE-271D155158A8}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{549AC384-462B-40E5-A3DE-AFE1987347B7}] => (Allow) D:\Games\steamapps\common\FEAR Ultimate Shooter Edition\FEAR.exe
FirewallRules: [{DCAB973B-AF00-4275-8595-CC49D56659CF}] => (Allow) D:\Games\steamapps\common\FEAR Ultimate Shooter Edition\FEAR.exe
FirewallRules: [{795D34CA-3D03-4F5B-84CB-B3BAD2D476B9}] => (Allow) D:\Games\steamapps\common\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{8A2D55A6-D873-494F-890A-D58A0A6E64CC}] => (Allow) D:\Games\steamapps\common\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{D6BF1196-6E23-4BAE-BCA7-1F0622755FDE}] => (Allow) D:\Games\steamapps\common\Far Cry 2\bin\FC2BenchmarkTool.exe
FirewallRules: [{82E737FB-436B-4F22-B597-6B8614E526D5}] => (Allow) D:\Games\steamapps\common\Far Cry 2\bin\FC2BenchmarkTool.exe
FirewallRules: [{BDF955D4-B020-4746-A7F4-3087C49A425E}] => (Allow) D:\Games\steamapps\common\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{F6D64C57-AD65-4CF3-AA84-BA12C7EEE6A6}] => (Allow) D:\Games\steamapps\common\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{14630DC9-8E65-4723-B24E-8B79AAA0223A}] => (Allow) D:\Games\steamapps\common\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{A564EEEC-2CE4-43D3-A656-1BE636DBD2AC}] => (Allow) D:\Games\steamapps\common\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{846A42FA-AF4C-4238-8DAA-CC10B89954A6}] => (Allow) D:\Games\steamapps\common\FEAR2\FEAR2.exe
FirewallRules: [{3E2C7813-3426-4483-B894-B25B5BB5498E}] => (Allow) D:\Games\steamapps\common\FEAR2\FEAR2.exe
FirewallRules: [{3BEC33A0-1DD0-4666-B655-0F4356874825}] => (Allow) D:\Games\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{26871D8E-C33B-42F4-AB87-091937B326E0}] => (Allow) D:\Games\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{60DE7344-A84F-4918-AA58-94F4E2D3A032}] => (Allow) D:\Games\steamapps\common\FarCry\Bin32\FarCryConfigurator.exe
FirewallRules: [{C8182F40-7FC1-457E-8F80-26611BE65AE7}] => (Allow) D:\Games\steamapps\common\FarCry\Bin32\FarCryConfigurator.exe
FirewallRules: [{03DD08BA-C319-4CB0-B011-673FEFCA555E}] => (Allow) D:\Games\steamapps\common\FarCry\Bin32\FarCry.exe
FirewallRules: [{8ADD1B71-1C11-4800-90A6-0A4F04E67044}] => (Allow) D:\Games\steamapps\common\FarCry\Bin32\FarCry.exe
FirewallRules: [{7AFB5F05-C298-45BA-943A-AC6FFCF34F7D}] => (Allow) D:\Games\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{D43AD531-A7D1-4BD7-BDBC-27F17856DC18}] => (Allow) D:\Games\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{DE8A183B-8103-4330-9A27-8B22BB35A2BC}] => (Allow) D:\Games\steamapps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{71ADB720-193C-4BC4-8337-0ABE8D8848EB}] => (Allow) D:\Games\steamapps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{1939DF1C-3C41-4C8D-AF9D-4CA6EE729FCD}] => (Allow) D:\Games\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{ADA999B8-DDA4-4ACA-99E9-63F22BADEE49}] => (Allow) D:\Games\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{759802CE-B1E3-498C-BBBB-27DF0344DEE0}] => (Allow) D:\Games\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{CA4DDDA0-5747-4651-BC9F-698B967CE2A8}] => (Allow) D:\Games\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{862EBE98-4857-44C3-9767-5C537C164955}] => (Allow) D:\Games\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{C1954D3E-C39D-40ED-89DF-B9794EA50533}] => (Allow) D:\Games\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{74D3965A-FD8E-4765-8453-A43DCEC1B16D}] => (Allow) D:\Games\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{12C19B88-98DC-45B7-8AD1-599C3E227BCE}] => (Allow) D:\Games\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{D9EBB3F5-D310-4B85-A17C-7E81B586D2E5}] => (Allow) D:\Games\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{EA1F43C1-93BC-4D50-9A88-30256A363E2E}] => (Allow) D:\Games\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{20BEF9B9-B009-4E97-8005-FB3DE3156424}] => (Allow) D:\Games\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{7608191F-0D4E-4598-9FEF-963117F9AE4E}] => (Allow) D:\Games\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{23D2F10F-3E6A-4A0A-A3DA-E42C4BB80C94}] => (Allow) D:\Games\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{BB163281-1F98-4F44-94BB-4C210F4DDA59}] => (Allow) D:\Games\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{0698DDFB-F567-435B-ABA1-CABE2504A353}] => (Allow) D:\Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{00601F0F-E148-4D91-8D98-868D2C9F697B}] => (Allow) D:\Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{5149B508-9CE1-4DCA-8B9D-88A57B44D23E}] => (Allow) D:\Games\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{90EC1BFD-8D73-41F6-A04F-89ED660D2E5D}] => (Allow) D:\Games\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{A4EE0556-CBED-4D9D-B168-4F80561C7AF0}] => (Allow) D:\Games\steamapps\common\Resident Evil 5\Launcher.exe
FirewallRules: [{2E27AD2E-9133-4C1F-9709-E70310D9FFB1}] => (Allow) D:\Games\steamapps\common\Resident Evil 5\Launcher.exe
FirewallRules: [{74C6EEF2-6A8C-47CA-BA7E-2ECECE65165F}] => (Allow) D:\Games\steamapps\common\Rust\Rust.exe
FirewallRules: [{7D7FF56E-0526-47D8-BE84-B968D638B827}] => (Allow) D:\Games\steamapps\common\Rust\Rust.exe
FirewallRules: [{0B6A3B00-C370-4D01-9FC7-A077706D4238}] => (Allow) D:\Games\steamapps\common\NZA\bin\NZA.exe
FirewallRules: [{5FD1CD96-E16E-43C0-AA0A-D87504E8B7E5}] => (Allow) D:\Games\steamapps\common\NZA\bin\NZA.exe
FirewallRules: [{79ACE989-6D67-44A6-81A3-7581300B9BA4}] => (Allow) D:\Games\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{06F2B9A7-404C-497A-AF81-7955E1AAD998}] => (Allow) D:\Games\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{4735B69E-53D5-4039-8BEC-6DE0F0310B23}] => (Allow) D:\Games\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{0BA2EAD4-5F51-4BA6-9F81-2E9BDA78BD1D}] => (Allow) D:\Games\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{0C08E608-2D1A-4445-967D-25683EDB2582}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{85BC22F6-AE81-4A58-8182-C00FCED47D9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{A33F66FD-4A2B-4F80-8AF7-69540C144B9C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B53202D1-5E41-4F86-A8C3-DCD991B4CFC6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5776B38D-6DD1-454C-9125-D9A08E015C57}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{571B2C22-DFE4-4E61-8F9F-B9A3D31BC199}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{63BACCDD-DFC0-4343-B80F-24EF0CBF03B4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{72B299D6-8BBC-4FCE-98B7-683E12FA344A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{554DED81-62A5-490C-99AE-E178DACAD63A}] => (Allow) LPort=1900
FirewallRules: [{C5BC13EB-A113-4A01-A65E-3DE087C1D4BE}] => (Allow) LPort=2869
FirewallRules: [{990129F9-BAF2-4387-848A-51D11922950E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/23/2015 10:16:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (08/23/2015 10:08:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.

Error: (08/23/2015 10:02:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JLEON-GAMING)
Description: Activation of app windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy:microsoft.windows.immersivecontrolpanel failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/23/2015 10:01:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JLEON-GAMING)
Description: Activation of app windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy:microsoft.windows.immersivecontrolpanel failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/23/2015 10:01:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JLEON-GAMING)
Description: Activation of app Microsoft.Getstarted_2.2.7.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/23/2015 10:00:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.

Error: (08/23/2015 09:55:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDOnAccess.exe, version: 2.5.42.11, time stamp: 0x535a5123
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0a1c55c0
Faulting process id: 0x808
Faulting application start time: 0xSDOnAccess.exe0
Faulting application path: SDOnAccess.exe1
Faulting module path: SDOnAccess.exe2
Report Id: SDOnAccess.exe3
Faulting package full name: SDOnAccess.exe4
Faulting package-relative application ID: SDOnAccess.exe5

Error: (08/23/2015 09:54:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JLEON-GAMING)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/23/2015 09:50:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SDTools.exe version 2.5.42.157 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 368

Start Time: 01d0de06b36f5fd5

Termination Time: 5

Application Path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTools.exe

Report Id: 192d0f60-49fa-11e5-8296-448a5b6fd35b

Faulting package full name:

Faulting package-relative application ID:

Error: (08/23/2015 09:32:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.

System errors:
=============
Error: (08/23/2015 10:11:11 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (08/23/2015 10:07:23 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1084dpsUnavailable{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (08/23/2015 10:07:22 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1084dpsUnavailable{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (08/23/2015 10:07:21 PM) (Source: DCOM) (EventID: 10005) (User: JLEON-GAMING)
Description: 1084WSearchUnavailable{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (08/23/2015 10:07:19 PM) (Source: DCOM) (EventID: 10005) (User: JLEON-GAMING)
Description: 1084WSearchUnavailable{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (08/23/2015 10:07:14 PM) (Source: DCOM) (EventID: 10005) (User: JLEON-GAMING)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/23/2015 10:05:23 PM) (Source: DCOM) (EventID: 10005) (User: JLEON-GAMING)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (08/23/2015 10:05:23 PM) (Source: DCOM) (EventID: 10005) (User: JLEON-GAMING)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (08/23/2015 10:05:21 PM) (Source: DCOM) (EventID: 10005) (User: JLEON-GAMING)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/23/2015 10:05:18 PM) (Source: DCOM) (EventID: 10005) (User: JLEON-GAMING)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Microsoft Office:
=========================
Error: (08/23/2015 10:16:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.

Error: (08/23/2015 10:08:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (08/23/2015 10:02:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JLEON-GAMING)
Description: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy:microsoft.windows.immersivecontrolpanel-2144927149

Error: (08/23/2015 10:01:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JLEON-GAMING)
Description: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy:microsoft.windows.immersivecontrolpanel-2144927149

Error: (08/23/2015 10:01:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JLEON-GAMING)
Description: Microsoft.Getstarted_2.2.7.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca-2144927149

Error: (08/23/2015 10:00:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (08/23/2015 09:55:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDOnAccess.exe2.5.42.11535a5123unknown0.0.0.000000000c00000050a1c55c080801d0de07817a1d8dC:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exeunknowna1dc260f-19c9-4c24-8696-e6a3b1609084

Error: (08/23/2015 09:54:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JLEON-GAMING)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (08/23/2015 09:50:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDTools.exe2.5.42.15736801d0de06b36f5fd55C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTools.exe192d0f60-49fa-11e5-8296-448a5b6fd35b

Error: (08/23/2015 09:32:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

CodeIntegrity:
===================================
Date: 2015-08-23 22:09:43.355
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 22:08:59.935
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 22:08:38.351
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.

Date: 2015-08-23 22:00:19.869
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 21:59:54.115
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.

Date: 2015-08-23 21:59:26.700
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\NisSrv.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-23 21:43:18.891
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 21:33:19.586
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-23 21:30:05.377
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\NisSrv.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-23 21:30:04.684
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 27%
Total physical RAM: 16302.95 MB
Available physical RAM: 11804.12 MB
Total Virtual: 19246.95 MB
Available Virtual: 13874.57 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:237.03 GB) (Free:43.99 GB) NTFS
Drive d: (Data) (Fixed) (Total:916.88 GB) (Free:154.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 42DB7278)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 42DB729E)

Partition: GPT.

==================== End of log ============================

ASWMBR:

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-08-23 22:35:19
-----------------------------
22:35:19.892 OS Version: Windows x64 6.2.9200
22:35:19.892 Number of processors: 8 586 0x3C03
22:35:19.893 ComputerName: JLEON-GAMING UserName: J
22:35:20.086 Initialize success
22:35:20.088 VM: initialized successfully
22:35:20.088 VM: Intel CPU supported
22:35:23.532 VM: disk I/O iaStorA.sys
22:38:07.139 AVAST engine defs: 15082301
22:40:39.983 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003d
22:40:39.985 Disk 0 Vendor: Intel___ 1.0. Size: 244200MB BusType: 8
22:40:39.986 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000003e
22:40:39.988 Disk 1 Vendor: HGST_HTS721010A9E630 JB0OA3J0 Size: 953869MB BusType: 8
22:40:39.996 Disk 0 MBR read successfully
22:40:39.998 Disk 0 MBR scan
22:40:40.001 Disk 0 unknown MBR code
22:40:40.004 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
22:40:40.012 Disk 0 scanning C:\WINDOWS\system32\drivers
22:40:43.080 Service scanning
22:40:52.188 Modules scanning
22:40:52.195 Disk 0 trace - called modules:
22:40:52.200 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
22:40:52.203 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00139fff060]
22:40:52.206 3 CLASSPNP.SYS[fffff801b4e546c5] -> nt!IofCallDriver -> \Device\0000003d[0xffffe00137fa3060]
22:40:52.477 AVAST engine scan C:\WINDOWS
22:40:52.838 AVAST engine scan C:\WINDOWS\system32
22:41:52.684 AVAST engine scan C:\WINDOWS\system32\drivers
22:41:57.337 AVAST engine scan C:\Users\J
22:43:19.978 AVAST engine scan C:\ProgramData
22:43:45.671 Disk 0 statistics 4929857/0/0 @ 4275.59 MB/s
22:43:45.675 Scan finished successfully
23:43:38.309 Disk 0 MBR has been saved successfully to "C:\Users\J\Desktop\MBR.dat"
23:43:38.312 The log file has been saved successfully to "C:\Users\J\Desktop\aswMBR.txt"

THANKS GUYS!!!

Juliet

2015-08-25, 19:48

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

start
CreateRestorePoint:
CloseProcesses:
2015-08-23 19:59 - 2014-05-06 23:30 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
Task: {075B40DD-89A1-4EB5-83C7-4AD971B121C3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {39056D46-6420-412E-AC89-501951938C97} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {3F3C9548-93DF-4F09-BBBA-291C279A5954} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4A0E9CEF-F6A7-418A-BC35-88226285CF4B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {53DC1EE0-5935-45EF-8A91-BDC2AD545C0C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6286A3F4-88E7-4D4F-88D9-5EA3676306DF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {62E2D36D-CEDB-4B53-BE08-0B140B05EC45} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7FE3FF64-5526-4C17-82A3-4F4F8C565D37} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {86B941A4-9E71-44FC-9D82-BA8D77F2618B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {BC26EE04-A222-4A90-B9AD-DBDB2B21D294} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D6C63126-8872-46AB-A478-8778B960F0CC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
EmptyTemp:
Hosts:
End

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

~~~~~~~~~~~~~~~~~~`

http://i.imgur.com/BY4dvz9.png AdwCleaner

Please download AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/) and save the file to your Desktop.
Right-Click AdwCleaner.exe and select http://i.imgur.com/AVOiBNU.jpg Run as administrator to run the programme.
Follow the prompts.
Click Scan.
Upon completion, click Report. A log (AdwCleaner[SX].txt) will open. Briefly check the log for anything you know to be legitimate.
Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
Follow the prompts and allow your computer to reboot.
After rebooting, a log (AdwCleaner[SX].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

http://imageshack.us/a/img841/7292/thisisujrt.gif
Please download Junkware Removal Tool (http://www.bleepingcomputer.com/download/junkware-removal-tool/)
or from here http://downloads.malwarebytes.org/file/jrt
to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

~~~
please post
Fixlog.txt
AdwCleaner[CX].txt
JRT.txt

yekere

2015-08-27, 14:40

Hi Juliet, thanks for the help!

I will do all these steps as soon as I get home (I'm at work now). I don't know if this is of any use, but I used fiddler to track html requests from my pc and detected a weird call to "web.abespi.com", which was requesting a sketchy js file. I added the this url to my host file (so it points to localhost), and now the symptoms are gone! Nevertheless, i don't want to have the root problem in my PC (it stills try to get the file, but it fails now, so no poups show), so I'll do everything you say later on today and I'll report back. Thanks again!

Juliet

2015-08-27, 15:24

We'll get it figured out.
Further on we may need to clean out Host and temp files.

Post results when you can.

yekere

2015-08-28, 15:17

I'm deeply sorry, but I didn't have the chance to do the last things you told me to, I got home really late and I just couldn't. I will do it tonight and post the results no matter what. Thanks again!

Juliet

2015-08-28, 15:24

Post results when you can.

yekere

2015-08-29, 00:25

Alright, I just ran all those programs. I encountered a problem with AdwCleaner though, it didn't have a "Report" (checked all menus), so I asumed thatit was the "log" button.

FRST LOG
=================================

Fix result of Farbar Recovery Scan Tool (x64) Version:28-08-2015
Ran by J (2015-08-28 19:06:29) Run:1
Running from C:\Users\J\Desktop
Loaded Profiles: J (Available Profiles: J)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
2015-08-23 19:59 - 2014-05-06 23:30 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
Task: {075B40DD-89A1-4EB5-83C7-4AD971B121C3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {39056D46-6420-412E-AC89-501951938C97} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {3F3C9548-93DF-4F09-BBBA-291C279A5954} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4A0E9CEF-F6A7-418A-BC35-88226285CF4B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {53DC1EE0-5935-45EF-8A91-BDC2AD545C0C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6286A3F4-88E7-4D4F-88D9-5EA3676306DF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {62E2D36D-CEDB-4B53-BE08-0B140B05EC45} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7FE3FF64-5526-4C17-82A3-4F4F8C565D37} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {86B941A4-9E71-44FC-9D82-BA8D77F2618B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {BC26EE04-A222-4A90-B9AD-DBDB2B21D294} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D6C63126-8872-46AB-A478-8778B960F0CC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
EmptyTemp:
Hosts:
End
*****************

Restore point was successfully created.
Processes closed successfully.
C:\WINDOWS\SysWOW64\AI_RecycleBin => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{075B40DD-89A1-4EB5-83C7-4AD971B121C3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{075B40DD-89A1-4EB5-83C7-4AD971B121C3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39056D46-6420-412E-AC89-501951938C97}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39056D46-6420-412E-AC89-501951938C97}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F3C9548-93DF-4F09-BBBA-291C279A5954}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F3C9548-93DF-4F09-BBBA-291C279A5954}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A0E9CEF-F6A7-418A-BC35-88226285CF4B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A0E9CEF-F6A7-418A-BC35-88226285CF4B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53DC1EE0-5935-45EF-8A91-BDC2AD545C0C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53DC1EE0-5935-45EF-8A91-BDC2AD545C0C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6286A3F4-88E7-4D4F-88D9-5EA3676306DF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6286A3F4-88E7-4D4F-88D9-5EA3676306DF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62E2D36D-CEDB-4B53-BE08-0B140B05EC45}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62E2D36D-CEDB-4B53-BE08-0B140B05EC45}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FE3FF64-5526-4C17-82A3-4F4F8C565D37}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FE3FF64-5526-4C17-82A3-4F4F8C565D37}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86B941A4-9E71-44FC-9D82-BA8D77F2618B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86B941A4-9E71-44FC-9D82-BA8D77F2618B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC26EE04-A222-4A90-B9AD-DBDB2B21D294}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC26EE04-A222-4A90-B9AD-DBDB2B21D294}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D6C63126-8872-46AB-A478-8778B960F0CC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6C63126-8872-46AB-A478-8778B960F0CC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.1 GB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 19:06:49 ====

AdwCleaner Log
==================================
# AdwCleaner v5.004 - Logfile created 28/08/2015 at 19:13:24
# Updated 26/08/2015 by Xplode
# Database : 2015-08-25.1 [Server]
# Operating system : Windows 10 Home Single Language (x64)
# Username : J - JLEON-GAMING
# Running from : C:\Users\J\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\Users\J\AppData\Roaming\RHEng
[x] Folder Not Deleted : C:\Users\J\Desktop\hosts

***** [ Files ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [759 bytes] ##########

JRT Log
=================================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.9 (08.27.2015:1)
OS: Windows 10 Home Single Language x64
Ran by J on 28/08/2015 at 19:19:27.46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] C:\Users\J\Documents\add-in express

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/08/2015 at 19:21:56.37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thats about it, Thanks again!

Juliet

2015-08-29, 03:18

AdwCleaner worked so don't worry over finding or creating a different log.

~~~~~~~~~~~
http://i.imgur.com/goGMWSt.gifP2P Warning

------------------------------
I see you have peer-to-peer (P2P) file sharing software installed on your computer (uTorrent). I advise you avoid P2P file sharing programmes; they are a security risk which can make your computer susceptible to malware. File sharing networks are thoroughly infested with malware - worms (http://en.wikipedia.org/wiki/Computer_worm), backdoor Trojans (http://www.symantec.com/security_response/writeup.jsp?docid=2001-062614-1754-99), IRCBots (http://en.wikipedia.org/wiki/IRC_bot), and rootkits (http://en.wikipedia.org/wiki/Rootkit) propagate via P2P file sharing networks, gaming, and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install malware. The best way to reduce the risk of infection is to avoid these types of web sites and P2P programmes. Please read the following articles for more information.

Risks of File-Sharing Technology (http://www.us-cert.gov/cas/tips/ST05-007.html)
P2P Software User Advisories (http://aresgalaxy.sourceforge.net/p2prisks.htm)
More malware is traveling on P2P networks these days (http://www.computerworld.com/s/article/9240067/More_malware_is_traveling_on_P2P_networks_these_days)

Your P2P software can be removed by following the instructions below.

Press the Windows Key http://i.imgur.com/pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
Search for the aforementioned programme(s), right-click and click Uninstall. Follow the prompts.

If you choose not to, please refrain from using the programme(s) during this process.

~~~~~~~~~~

I see you have Malwarebytes' Anti-Malware already on the machine. Let's update and run a quick scan.

~~~

On the Dashboard click on Update Now

Go to the Setting Tab

Under Setting go to Detection and Protection

Under PUP and PUM make sure both are set to show Treat Detections as Malware

Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked

Then on the Dashboard click on Scan

Make sure to select THREAT SCAN

Then click on Scan

When the scan is finished and the log pops up...select Copy to Clipboard

Please paste the log back into this thread for review

Exit Malwarebytes

~~~~~~~~~~~`

What we can do now is run an online scan with Eset, for the time being it is our most trusted scanner.
Most reliable and thorough.
The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
This scanner can take quite a bit of time to run, depending of course how full your computer is.

Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

http://i.imgur.com/GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

Please download ESET Online Scan (http://download.eset.com/special/eos/esetsmartinstaller_enu.exe) and save the file to your Desktop.
Temporarily disable your anti-virus software. For instructions, please refer to the following link (http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/).
Double-click esetsmartinstaller_enu.exe to run the programme.
Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
Agree to the Terms of Use once more and click Start. Allow components to download.
Place a checkmark next to Enable detection of potentially unwanted applications.
Click Advanced settings. Place a checkmark next to:

Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

Ensure Remove found threats is unchecked.
Click Start.
Wait for the scan to finish. Please be patient as this can take some time.
Upon completion, click http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png. If no threats were found, skip the next two bullet points.
Click http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
Push the Back button.
Place a checkmark next to http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click http://1-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
Re-enable your anti-virus software.
Copy the contents of the log and paste in your next reply.

please post these 2 logs in your next reply.

How is your computer now?

yekere

2015-08-29, 08:00

First of all, I really appreciate the help! Secondly, here's the logs:

Malwarebytes
=========================

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 28/08/2015
Scan Time: 22:47
Logfile:
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.08.28.06
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: J

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 364913
Time Elapsed: 4 min, 46 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

ESET LOG
========================

C:\Users\J\AppData\Roaming\uTorrent\updates\3.4.2_36318.exe a variant of Win32/OpenCandy.C potentially unsafe application
D:\BaUp\Gamez\2playgame\SMBX\smbx13.exe Win32/OpenCandy potentially unsafe application
D:\Desktop\WIN7\BaUp\Gamez\2playgame\SMBX\smbx13.exe Win32/OpenCandy potentially unsafe application
D:\Downloads\ccsetup508.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
D:\Downloads\FreemakeVideoConverterSetup.exe Win32/OpenCandy potentially unsafe application
D:\Downloads\Unlocker1.9.2.exe a variant of Win32/Toolbar.Babylon.E potentially unwanted application
D:\Downloads\uTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application

Thanks!!

Juliet

2015-08-29, 12:50

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

start
CloseProcesses:
C:\Users\J\AppData\Roaming\uTorrent\updates\3.4.2_36318.exe
D:\BaUp\Gamez\2playgame\SMBX\smbx13.exe
D:\Desktop\WIN7\BaUp\Gamez\2playgame\SMBX\smbx13.exe
D:\Downloads\ccsetup508.exe
D:\Downloads\FreemakeVideoConverterSetup.exe
D:\Downloads\Unlocker1.9.2.exe
D:\Downloads\uTorrent.exe
EmptyTemp:
End

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Please post this log when finished.

How is your computer now?

yekere

2015-08-29, 18:32

Hello Juliet,

Here are the requested logs. Sadly, the problem persists, popups still appear when I open steam.

Fix result of Farbar Recovery Scan Tool (x64) Version:28-08-2015
Ran by J (2015-08-29 13:27:34) Run:2
Running from C:\Users\J\Desktop
Loaded Profiles: J (Available Profiles: J)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
C:\Users\J\AppData\Roaming\uTorrent\updates\3.4.2_36318.exe
D:\BaUp\Gamez\2playgame\SMBX\smbx13.exe
D:\Desktop\WIN7\BaUp\Gamez\2playgame\SMBX\smbx13.exe
D:\Downloads\ccsetup508.exe
D:\Downloads\FreemakeVideoConverterSetup.exe
D:\Downloads\Unlocker1.9.2.exe
D:\Downloads\uTorrent.exe
EmptyTemp:
End
*****************

Processes closed successfully.
C:\Users\J\AppData\Roaming\uTorrent\updates\3.4.2_36318.exe => moved successfully
D:\BaUp\Gamez\2playgame\SMBX\smbx13.exe => moved successfully
D:\Desktop\WIN7\BaUp\Gamez\2playgame\SMBX\smbx13.exe => moved successfully
D:\Downloads\ccsetup508.exe => moved successfully
D:\Downloads\FreemakeVideoConverterSetup.exe => moved successfully
D:\Downloads\Unlocker1.9.2.exe => moved successfully
D:\Downloads\uTorrent.exe => moved successfully
EmptyTemp: => 172.1 MB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 13:27:47 ====

Thanks for your help and patience, Regards!

Juliet

2015-08-29, 23:02

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

start
CreateRestorePoint:
CloseProcesses:
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers
End

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

~~~~~~~~~~~~`

How To Reset Your Router
http://setuprouter.com/networking/how-to-reset-your-router/

After following the above requests, and the problem is still there, you may need to to uninstall then reinstall Steam.

yekere

2015-08-30, 23:08

Hi! I tried with the last fix and the problem persists, tried reinstalling steam too, no good.

Here are the log files:
=======================

Fix result of Farbar Recovery Scan Tool (x64) Version:30-08-2015
Ran by J (2015-08-30 18:03:15) Run:3
Running from C:\Users\J\Desktop
Loaded Profiles: J (Available Profiles: J)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers
End

*****************

Restore point was successfully created.
Processes closed successfully.

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= netsh winsock reset catalog =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

========= netsh int ip reset c:\resetlog.txt =========

Resetting Global, OK!
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= ipconfig /release =========

Windows IP Configuration

No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 4 while it has its media disconnected.

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::e1a0:8445:290c:cb45%10
Default Gateway . . . . . . . . . :

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

========= End of CMD: =========

========= ipconfig /renew =========

Windows IP Configuration

No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 4 while it has its media disconnected.

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . : iptv.microsoft.com
Link-local IPv6 Address . . . . . : fe80::e1a0:8445:290c:cb45%10
IPv4 Address. . . . . . . . . . . : 192.168.1.39
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1

Tunnel adapter isatap.iptv.microsoft.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : iptv.microsoft.com

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:288f:15a4:3f57:fed8
Link-local IPv6 Address . . . . . : fe80::288f:15a4:3f57:fed8%6
Default Gateway . . . . . . . . . : ::

========= End of CMD: =========

========= netsh int ipv4 reset =========

Resetting Interface, OK!
Resetting , failed.
Access is denied.

Restart the computer to complete this action.

========= End of CMD: =========

========= netsh int ipv6 reset =========

Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.8.10240 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

EmptyTemp: => 95.3 MB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 18:04:22 ====

Thank you!

Juliet

2015-08-31, 03:40

removing and blocking third party cookies.
In Firefox and Chrome you can install the Add-On Adblock Plus. In Firefox you can install NoScript that prevents ads and many
more uses such as preventing driveby installs of malware.
Disable third-party cookies in IE, Firefox, and Google Chrome | How To - CNET (http://howto.cnet.com/8301-11310_39-20042703-285/disable-third-party-cookies-in-ie-firefox-and-google-chrome/)
NoScript Security Suite :: Add-ons for Firefox (https://addons.mozilla.org/en-US/firefox/addon/noscript/)
Adblock Plus :: Add-ons for Firefox (https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/?src=ss)

Use CCleaner to cleanup the temporary files, logs, remove ALL cookies, etc. Use the default settings. No need to use
the Registry Cleaning Tool.....risky. Pay close attention while installing and UNcheck any offers of
toolbars especially Google. CCleaner - PC Optimization and Cleaning - Free Download (http://www.piriform.com/ccleaner)

https://steamcommunity.com/discussions/forum/1/624075566898242545/

Upper left of the client, click "Steam" > "Settings" > "Interface". Un-check "Notify me abount additions..." near the bottom.
Next, go to "In-Game" and un check "Enable Steam browser Overlay" near the top.

This might be something that you need to ask at the Steam Community forums board.
http://steamcommunity.com/app/570/discussions/0/

yekere

2015-08-31, 14:52

Ok, thanks a lot for all the help you provided! I really appreciate you time and dedication. I will search for feedback to this problem in the steam forums as you suggested. Al least, adding "web.abespi.com" to the hosts file stops the symptoms (leaving this here in case someone stumbles with the same problem in the future).

Thanks again!

Juliet

2015-08-31, 15:27

Let's remove the tools and quarantine folders.

http://i.imgur.com/AFZxnZc.jpgDelFix

Please download DelFix (http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/9-delfix) or from Here (http://www.bleepingcomputer.com/download/delfix/) and save the file to your Desktop.

Double-click DelFix.exe to run the programme.
Place a checkmark next to the following items:

Activate UAC
Remove disinfection tools

Click the Run button.
-- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

Juliet

2015-09-01, 22:10

Glad we could help. :)http://i204.photobucket.com/albums/bb106/Juliet702/sparkle.gif

Since this issue appears resolved ... this Topic is closed.