Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Ram being sucked dry, internet slow as [bleep] and freezes. [Closed]

Started by Ategenos , Aug 03 2015 11:46 AM

This topic is locked

#1
Ategenos

Posted 03 August 2015 - 11:46 AM

Member

Member
63 posts

Hello to anyone willing to help. My internet browser has been running slow as [bleep] for a while now but I dealt with it. But now after the other day I downloaded Malwarebytes from a third party and ever since my computer is running like absolute crap. I play WoW and I can't be in the game more than 5 minutes before the game becomes so bogged down that it freezes and I have to task manager out. It's not on their end. I've run their repair tool and deleted/replaced necessary files and so forth. So far I've ran JRT, RogueKiller, CCleaner, Advanced System Care 8, revo. Any help would be greatly appreciated. Here are my FRST file texts. Thank you.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by [bleep] Jones (administrator) on MOTHER[bleep]ERJON (03-08-2015 11:33:05)
Running from C:\Users\[bleep] Jones\Downloads
Loaded Profiles: [bleep] Jones (Available Profiles: [bleep] Jones & Administrator)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Logitech©) C:\Program Files (x86)\Logitech\G930\G930.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4271\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5952\Battle.net.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5887264 2015-06-08] (IObit)
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\Run: [SmartRAM] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe [535840 2014-09-02] (IObit)
IFEO\maintenanceservice.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\maintenanceservice_tmp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-444016094-2512616490-1840167777-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://duckduckgo.com/
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-444016094-2512616490-1840167777-1001 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No File
ShellExecuteHooks-x32: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{8614A1D3-8EEB-41B2-A501-331F326173C3}: [DhcpNameServer] 192.168.0.1 205.171.2.25

FireFox:
========
FF ProfilePath: C:\Users\[bleep] Jones\AppData\Roaming\Mozilla\Firefox\Profiles\v61utz8k.default
FF DefaultSearchEngine.US: Google
FF SelectedSearchEngine: Yahoo!
FF Homepage: https://duckduckgo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-31] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-31] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-12] (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-29] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\[bleep] Jones\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\[bleep] Jones\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @talk.google.com/O1DPlugin -> C:\Users\[bleep] Jones\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @tools.google.com/Google Update;version=3 -> C:\Users\[bleep] Jones\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @tools.google.com/Google Update;version=9 -> C:\Users\[bleep] Jones\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\[bleep] Jones\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\[bleep] Jones\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF Extension: No Name - C:\Users\[bleep] Jones\AppData\Roaming\Mozilla\Firefox\Profiles\v61utz8k.default\extensions\[email protected] [not found]

Chrome:
=======
CHR Profile: C:\Users\[bleep] Jones\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-19] (Microsoft Corporation)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-23] (NVIDIA Corporation)
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [878880 2015-05-12] (IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-23] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-23] (NVIDIA Corporation)
S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-07-31] (Realtek Semiconductor)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-03-05] (IObit)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-03-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-03-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
S3 cpuz138; No ImagePath
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2014-11-09] (DT Soft Ltd)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-13] (REALiX™)
S3 LADF_BakerCOnly; C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys [410184 2011-03-18] (Logitech)
S3 LADF_BakerROnly; C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys [335688 2011-03-18] (Logitech)
S3 MBAMSwissArmy; No ImagePath
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-02] (NVIDIA Corporation)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-03-14] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-12-01] (Basil Projects)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-03 11:33 - 2015-08-03 11:33 - 00013004 _____ C:\Users\[bleep] Jones\Downloads\FRST.txt
2015-08-03 11:32 - 2015-08-03 11:32 - 02169856 ____C (Farbar) C:\Users\[bleep] Jones\Downloads\FRST64.exe
2015-08-03 11:32 - 2015-08-03 11:32 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\FRST-OlderVersion
2015-08-03 10:07 - 2015-08-03 10:07 - 00000077 _____ C:\WINDOWS\setupact.log
2015-08-03 10:07 - 2015-08-03 10:07 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-03 10:06 - 2015-08-03 10:06 - 00486336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-03 10:05 - 2015-08-03 10:05 - 00000690 _____ C:\WINDOWS\PFRO.log
2015-08-03 02:27 - 2015-08-03 10:37 - 00106405 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-03 00:08 - 2015-08-03 00:08 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-08-02 20:55 - 2015-08-03 10:08 - 00002914 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC ([bleep] Jones)
2015-08-02 20:55 - 2015-08-02 20:55 - 00003272 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scan
2015-08-02 20:55 - 2015-08-02 20:55 - 00003224 _____ C:\WINDOWS\System32\Tasks\SmartDefrag4_Startup
2015-08-02 20:55 - 2015-08-02 20:55 - 00003222 _____ C:\WINDOWS\System32\Tasks\SmartDefrag4_Update
2015-08-02 20:55 - 2015-08-02 20:55 - 00003216 _____ C:\WINDOWS\System32\Tasks\Driver Booster Update
2015-08-02 20:55 - 2015-08-02 20:55 - 00002172 ____C C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-08-02 20:55 - 2015-08-02 20:55 - 00001194 ____C C:\Users\Public\Desktop\Smart Defrag 4.lnk
2015-08-02 20:55 - 2015-08-02 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-08-02 20:55 - 2015-08-02 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-08-02 20:55 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\SysWOW64\IObitSmartDefragExtension.dll
2015-08-02 20:55 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2015-08-02 20:55 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
2015-08-02 20:52 - 2015-08-02 20:52 - 00001201 ____C C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-08-02 20:52 - 2015-08-02 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-08-02 20:34 - 2015-08-02 20:35 - 22653000 _____ C:\Users\[bleep] Jones\Downloads\RogueKillerX64.exe
2015-08-02 20:16 - 2015-08-02 20:16 - 00002462 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Mother[bleep]er_Jones
2015-08-02 20:16 - 2015-08-02 20:16 - 00000336 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Mother[bleep]er_Jones.job
2015-08-02 20:11 - 2015-08-02 20:11 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\ProductData
2015-08-02 20:10 - 2015-08-02 20:55 - 00000000 ____D C:\ProgramData\ProductData
2015-08-02 20:07 - 2015-08-02 20:07 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp!
2015-08-02 20:06 - 2015-08-02 20:07 - 00000000 ____D C:\Program Files (x86)\CleanUp!
2015-08-02 20:06 - 2015-08-02 20:06 - 00003022 _____ C:\Users\[bleep] Jones\Desktop\JRT.txt
2015-08-02 19:58 - 2015-07-27 11:44 - 01798176 _____ (Malwarebytes Corporation) C:\Users\[bleep] Jones\Desktop\JRT_NEW.exe
2015-08-02 19:36 - 2015-08-02 19:36 - 00001272 _____ C:\Users\[bleep] Jones\Desktop\Win Fix.lnk
2015-08-02 18:56 - 2015-08-02 18:56 - 00001274 ____C C:\Users\Public\Desktop\World of Warcraft.lnk
2015-08-01 23:50 - 2015-08-01 23:50 - 00000000 ____D C:\Users\Administrator\AppData\Local\GWX
2015-07-31 18:00 - 2015-07-31 18:02 - 04789071 _____ C:\Users\[bleep] Jones\Downloads\WowMatrix.zip
2015-07-31 17:53 - 2015-07-31 17:53 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-31 17:52 - 2015-07-31 17:52 - 04496600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-07-31 17:52 - 2015-07-31 17:52 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 03195416 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 02930904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 02862488 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-07-31 17:52 - 2015-07-31 17:52 - 02702040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-07-31 17:52 - 2015-07-31 17:52 - 01748184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 01576976 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00166616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-07-31 17:38 - 2015-07-31 17:38 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\IObit Driver Booster Pro 2.4.0.19 FINAL + Serials [TechTools.NET]
2015-07-31 17:11 - 2015-07-31 17:11 - 00000900 _____ C:\Users\[bleep] Jones\Documents\hosts.txt
2015-07-31 17:02 - 2015-07-31 17:02 - 00003224 _____ C:\WINDOWS\System32\Tasks\ASC8_PerformanceMonitor
2015-07-31 17:01 - 2015-08-02 21:50 - 00000300 _____ C:\WINDOWS\Tasks\ASC8_SkipUac_Mother[bleep]er Jones.job
2015-07-31 17:01 - 2015-07-31 17:01 - 00002426 _____ C:\WINDOWS\System32\Tasks\ASC8_SkipUac_Mother[bleep]er Jones
2015-07-31 17:01 - 2015-07-31 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-07-31 16:32 - 2015-07-31 16:36 - 49202853 ____R C:\Users\[bleep] Jones\Downloads\Advanced.System.Care.Pro.v8.2.0.797.rar
2015-07-31 15:40 - 2015-08-03 00:33 - 00000000 ____D C:\Program Files\CCleaner
2015-07-31 15:40 - 2015-07-31 15:40 - 00002830 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-07-31 15:40 - 2015-07-31 15:40 - 00000836 ____C C:\Users\Public\Desktop\CCleaner.lnk
2015-07-31 15:40 - 2015-07-31 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-31 02:15 - 2015-07-31 02:17 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\CCleaner Free Professional Business Technician 5.07.5261 Final + Portable + Keymaker - AppzDam
2015-07-30 01:59 - 2015-06-29 13:07 - 00606920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-07-30 01:55 - 2015-06-29 16:53 - 31514312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 24200336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 22992072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 18634264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 17559432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 16128768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 15294280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 14497568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 13916600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 13828032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 12896400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-07-30 01:55 - 2015-06-29 16:53 - 11272240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 11209192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 04245832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 03986632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 03209736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 02823992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 01907400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434174.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434174.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 00945480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 00907464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 00903496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 00870032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-07-30 01:55 - 2015-06-29 16:53 - 00026155 _____ C:\WINDOWS\system32\nvinfo.pb
2015-07-30 01:32 - 2015-07-02 15:21 - 19877376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-07-30 01:32 - 2015-07-02 14:50 - 02279424 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-07-30 01:32 - 2015-07-02 14:49 - 25193984 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-07-30 01:32 - 2015-07-02 14:23 - 02885632 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-07-30 01:32 - 2015-07-02 14:19 - 12855296 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-07-30 01:32 - 2015-07-02 13:55 - 01310720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-07-30 01:32 - 2015-07-02 13:20 - 14453248 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-07-30 01:32 - 2015-07-02 12:59 - 01545728 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-07-30 01:31 - 2015-07-25 07:34 - 01084928 ____C (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-07-30 01:31 - 2015-06-29 16:43 - 00026288 ____C (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-07-30 01:31 - 2015-06-29 09:07 - 01145856 ____C (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-07-30 01:31 - 2015-06-29 09:07 - 00764928 ____C (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-07-30 01:31 - 2015-06-29 09:07 - 00433152 ____C (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-07-30 01:31 - 2015-06-29 09:07 - 00067584 ____C (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-07-30 01:31 - 2015-06-26 17:21 - 00726528 ____C (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-07-30 01:31 - 2015-06-26 17:21 - 00227328 ____C (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-07-30 01:31 - 2015-05-21 07:08 - 00193536 ____C (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-07-30 01:30 - 2015-07-09 13:51 - 00136904 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-07-30 01:30 - 2015-07-09 12:40 - 00359936 ____C (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-07-30 01:30 - 2015-07-09 10:03 - 03701760 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-07-30 01:30 - 2015-07-09 09:54 - 00035840 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-07-30 01:30 - 2015-07-09 09:53 - 00140288 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-07-30 01:30 - 2015-07-09 09:50 - 00409088 ____C (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-07-30 01:30 - 2015-07-09 09:50 - 00095744 ____C (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-07-30 01:30 - 2015-07-09 09:48 - 00891904 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-07-30 01:30 - 2015-07-09 09:46 - 02229248 ____C (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-07-30 01:30 - 2015-07-09 09:38 - 00029696 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-07-30 01:30 - 2015-07-09 09:37 - 00124928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-07-30 01:30 - 2015-07-09 09:35 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-07-30 01:30 - 2015-07-09 09:34 - 00721920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-07-30 01:30 - 2015-07-01 16:08 - 05923840 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-07-30 01:30 - 2015-07-01 15:14 - 04520448 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-07-30 01:30 - 2015-05-30 15:18 - 00037888 ____C (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-07-30 01:30 - 2015-05-30 13:36 - 00230400 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-07-30 01:30 - 2015-05-30 13:35 - 00911360 ____C (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-07-30 01:30 - 2015-03-19 21:49 - 00309760 ____C (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-07-30 01:30 - 2015-03-19 21:08 - 00477184 ____C (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-07-30 01:30 - 2015-03-19 20:37 - 00367104 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-07-30 01:30 - 2015-03-19 20:07 - 01091072 ____C (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-07-29 19:08 - 2015-07-02 22:28 - 00069992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-07-29 19:08 - 2015-07-02 22:28 - 00065896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-07-29 19:08 - 2015-07-02 22:28 - 00047976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-07-27 16:52 - 2015-07-27 16:52 - 00003003 ____C C:\Users\Public\Desktop\Sesame Street - Learn, Play & Grow.lnk
2015-07-27 16:52 - 2015-07-27 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sesame Street
2015-07-27 16:51 - 2015-07-27 16:51 - 00000000 ____D C:\Program Files (x86)\Sesame Street
2015-07-27 00:13 - 2015-07-27 00:13 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-07-27 00:13 - 2015-07-27 00:13 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-07-27 00:13 - 2015-07-27 00:13 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-07-27 00:13 - 2015-07-27 00:13 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-07-27 00:13 - 2015-07-27 00:13 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-07-27 00:13 - 2015-07-27 00:13 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-07-27 00:13 - 2015-07-27 00:13 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-07-27 00:13 - 2015-07-27 00:13 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-07-27 00:13 - 2015-07-27 00:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-07-24 20:04 - 2015-07-25 02:25 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Adult Beginners (2014)
2015-07-24 20:02 - 2015-07-25 02:40 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Barely Lethal (2015)
2015-07-24 02:18 - 2015-07-24 02:29 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Passenger-All The Little Lights (2CD)(2012) 320Kbit(mp3) DMT
2015-07-23 22:22 - 2015-07-23 22:25 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Awful Nice (2013)
2015-07-23 22:21 - 2015-07-23 22:25 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Child 44 (2015)
2015-07-23 18:07 - 2015-07-23 18:39 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\The Amazing Spider Man 2 (2014)
2015-07-23 01:54 - 2015-07-23 02:44 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\True Story (2015)
2015-07-22 19:03 - 2015-07-21 16:36 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-22 19:03 - 2015-07-21 16:36 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-22 08:35 - 2015-07-22 11:23 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\The Last Survivors (2014) [1080p]
2015-07-22 08:35 - 2015-07-22 09:22 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\The Town That Dreaded Sundown (2014) [1080p]
2015-07-22 08:08 - 2015-07-23 03:33 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Furious Seven (2015) [1080p]
2015-07-21 16:35 - 2015-07-21 16:35 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys
2015-07-21 16:33 - 2015-07-21 16:33 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-07-21 16:33 - 2015-07-21 16:33 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-07-21 16:32 - 2015-07-21 16:32 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-07-21 16:32 - 2015-07-21 16:32 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-07-21 16:32 - 2015-07-21 16:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-07-21 16:32 - 2015-07-21 16:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-07-21 16:32 - 2015-07-21 16:32 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-07-21 16:29 - 2015-07-21 16:29 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-07-21 16:29 - 2015-07-21 16:29 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-07-21 16:29 - 2015-07-21 16:29 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-07-21 16:29 - 2015-07-21 16:29 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-07-21 16:29 - 2015-07-21 16:29 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-07-21 16:29 - 2015-07-21 16:29 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-21 16:29 - 2015-07-21 16:29 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-07-21 16:29 - 2015-07-21 16:29 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-07-21 16:28 - 2015-07-21 16:28 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-07-21 16:28 - 2015-07-21 16:28 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-07-21 16:28 - 2015-07-21 16:28 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-07-21 16:28 - 2015-07-21 16:28 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-07-21 16:28 - 2015-07-21 16:28 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-07-21 16:28 - 2015-07-21 16:28 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-07-21 16:28 - 2015-07-21 16:28 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-07-21 16:28 - 2015-07-21 16:28 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-07-21 16:28 - 2015-07-21 16:28 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-07-21 16:28 - 2015-07-21 16:28 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-07-21 16:28 - 2015-07-21 16:28 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-07-21 16:28 - 2015-07-21 16:28 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-07-21 16:28 - 2015-07-21 16:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-07-21 16:28 - 2015-07-21 16:28 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-07-20 19:46 - 2015-07-20 19:47 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Brother's Keeper (2013) [1080p]
2015-07-20 19:42 - 2015-07-20 19:46 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\The Road Within (2014)
2015-07-12 20:58 - 2015-07-12 21:34 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Backcountry (2014)
2015-07-12 20:58 - 2015-07-12 20:58 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Wyrmwood Road of the Dead (2014)
2015-07-11 20:20 - 2015-07-11 21:25 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Burying the Ex (2014)
2015-07-08 08:19 - 2015-07-08 08:19 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-07-08 08:19 - 2015-07-08 08:19 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-07-08 08:19 - 2015-07-08 08:19 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-07-07 13:02 - 2015-07-31 17:20 - 00000000 ____D C:\Program Files (x86)\Winamp
2015-07-07 13:02 - 2015-07-07 15:46 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\Winamp
2015-07-07 13:02 - 2015-07-07 13:02 - 00000991 ____C C:\Users\Public\Desktop\Winamp.lnk
2015-07-07 13:02 - 2015-07-07 13:02 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
2015-07-07 13:02 - 2015-07-07 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-07-07 13:02 - 2015-07-07 13:02 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2015-07-07 12:55 - 2015-07-07 12:55 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Winamp PRO 5.666 Build 3516 FULL + Serials [ThumperDC]
2015-07-05 14:26 - 2015-07-31 17:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-04 19:15 - 2015-07-04 19:25 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Home (2015)

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-03 11:33 - 2015-03-29 13:57 - 00000000 ___DC C:\FRST
2015-08-03 11:32 - 2014-05-19 19:30 - 00000000 ___DC C:\Users\[bleep] Jones\AppData\Local\Battle.net
2015-08-03 11:00 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-03 10:19 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-03 10:08 - 2014-11-12 12:05 - 00000000 __RDO C:\Users\[bleep] Jones\OneDrive
2015-08-03 10:07 - 2013-08-22 08:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-03 10:04 - 2013-08-22 07:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-08-03 06:27 - 2014-04-24 15:18 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-444016094-2512616490-1840167777-1001
2015-08-03 00:35 - 2014-10-18 18:37 - 00000000 ___DC C:\Program Files (x86)\Adobe
2015-08-03 00:35 - 2014-04-24 15:34 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\uTorrent
2015-08-02 21:22 - 2014-05-19 19:30 - 00000000 ___DC C:\Program Files (x86)\World of Warcraft
2015-08-02 20:55 - 2014-04-24 15:41 - 00000000 ___DC C:\ProgramData\IObit
2015-08-02 20:55 - 2014-04-24 15:41 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\IObit
2015-08-02 20:54 - 2014-04-24 15:41 - 00000000 ___DC C:\Program Files (x86)\IObit
2015-08-02 20:47 - 2014-07-15 01:36 - 00000000 ___DC C:\ProgramData\RogueKiller
2015-08-02 20:19 - 2014-03-31 11:42 - 00000000 ___DC C:\AdwCleaner
2015-08-02 20:09 - 2014-11-10 00:24 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-02 20:07 - 2013-12-10 11:07 - 00000000 ___DC C:\temp
2015-08-02 00:07 - 2014-11-10 01:24 - 87801856 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2015-08-02 00:07 - 2014-11-10 01:24 - 00294912 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2015-08-02 00:07 - 2014-11-10 01:24 - 00065536 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2015-08-02 00:07 - 2014-11-10 01:24 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2015-08-01 23:56 - 2015-03-13 12:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2015-08-01 23:45 - 2014-11-10 00:27 - 00000000 ____D C:\Users\[bleep] Jones
2015-08-01 21:32 - 2015-03-29 13:53 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Local\Deployment
2015-08-01 21:31 - 2014-05-19 19:53 - 00000000 ___DC C:\Users\[bleep] Jones\AppData\Local\._LiveCode_
2015-08-01 19:27 - 2014-05-05 18:02 - 00000000 ___DC C:\Program Files\Common Files\Apple
2015-08-01 19:27 - 2014-05-05 18:01 - 00000000 ___DC C:\ProgramData\Apple
2015-07-31 17:52 - 2014-11-10 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-07-31 17:46 - 2014-07-18 21:37 - 00000830 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-31 17:45 - 2014-11-13 13:27 - 04980736 _____ C:\WINDOWS\system32\config\DRIVERS.iodefrag.bak
2015-07-31 17:24 - 2014-07-18 21:37 - 00003720 ____C C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-31 17:22 - 2014-11-10 00:24 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-31 17:22 - 2014-05-03 10:48 - 00000000 ___DC C:\Users\[bleep] Jones\AppData\Local\CrashDumps
2015-07-31 17:20 - 2015-04-06 22:23 - 00000000 ____D C:\Program Files (x86)\Mumble
2015-07-31 17:20 - 2014-12-02 16:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-31 17:20 - 2014-12-01 17:20 - 00000000 ____D C:\Program Files\KMSpico
2015-07-31 17:20 - 2014-10-28 15:01 - 00000000 ___DC C:\Program Files (x86)\Microsoft Visual Studio 8
2015-07-31 17:20 - 2014-10-18 13:10 - 00000000 ___DC C:\Program Files (x86)\iTunes
2015-07-31 17:20 - 2014-04-27 12:39 - 00000000 ___DC C:\Program Files (x86)\Steam
2015-07-31 17:20 - 2014-03-31 12:04 - 00000000 ___DC C:\Qoobox
2015-07-31 17:20 - 2013-08-22 09:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-31 16:56 - 2014-11-09 22:01 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\uTorrent Plus v3.4.2 Build 33023 Stable
2015-07-31 16:30 - 2015-03-04 12:25 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\The.Hobbit.Battle.Of.The.Five.Armies.2014.1080p.WEBRip.x264-tomcat12[ETRG]
2015-07-31 16:14 - 2013-12-17 20:48 - 00000000 ____D C:\Users\[bleep] Jones\Documents\My Digital Editions
2015-07-30 18:31 - 2013-12-26 02:49 - 09039872 _____ (Acreon Inc.) C:\Users\[bleep] Jones\Desktop\WowMatrix.exe
2015-07-30 12:25 - 2015-06-17 00:10 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\LG Electronics
2015-07-30 03:58 - 2015-04-22 03:41 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-07-30 03:58 - 2014-11-19 05:36 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-07-30 03:58 - 2013-08-22 09:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-30 03:46 - 2015-02-03 12:25 - 00000000 ____D C:\Users\[bleep] Jones\Desktop\memes
2015-07-30 02:00 - 2014-04-24 16:04 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-30 01:56 - 2014-11-10 00:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-30 01:52 - 2014-10-28 15:01 - 00000000 ___DC C:\ProgramData\Microsoft Help
2015-07-30 01:52 - 2013-08-22 09:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-30 01:50 - 2014-04-25 04:47 - 00000000 ___DC C:\WINDOWS\system32\MRT
2015-07-30 01:44 - 2015-04-14 04:12 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-30 01:40 - 2015-04-14 04:12 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-07-29 18:25 - 2014-11-10 00:45 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-29 11:39 - 2015-04-24 22:31 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-07-23 22:21 - 2014-12-16 16:58 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-07-23 22:21 - 2014-12-16 16:58 - 01423304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-07-23 22:21 - 2014-07-29 11:31 - 01756608 ____C (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-07-23 22:21 - 2014-07-29 11:31 - 01316000 ____C (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-07-05 04:08 - 2014-04-24 15:27 - 00300704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-07-04 19:28 - 2015-07-01 23:32 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Time Lapse (2014)

==================== Files in the root of some directories =======

2015-02-04 19:27 - 2015-02-04 19:27 - 0000017 _____ () C:\Users\[bleep] Jones\AppData\Local\resmon.resmoncfg
2014-08-05 18:41 - 2014-08-05 18:41 - 0000057 ____C () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\[bleep] Jones\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-29 11:18

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
Ran by [bleep] Jones (2015-08-03 11:33:57)
Running from C:\Users\[bleep] Jones\Downloads
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-444016094-2512616490-1840167777-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-444016094-2512616490-1840167777-501 - Limited - Disabled)
[bleep] Jones (S-1-5-21-444016094-2512616490-1840167777-1001 - Administrator - Enabled) => C:\Users\[bleep] Jones

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.2.0 - IObit)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CleanUp! (HKLM-x32\...\CleanUp!) (Version: - )
Curse Client (HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Game Assistant 3 (HKLM-x32\...\GameAssistant_is1) (Version: 3.0 - IObit)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HP Deskjet 3050 J610 series Basic Device Software (HKLM\...\{6457BD83-98CF-4267-93D7-F173FF3E7C25}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Help (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Deskjet 3050 J610 series Product Improvement Study (HKLM\...\{5FB5B723-6B6E-45ED-BA73-F264D52AF916}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.2 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
Logitech G930 (HKLM\...\{91C4D79C-3579-48E8-ADFA-8818042AEB73}) (Version: 1.0.364 - Logitech)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.74 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.74 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
Rosetta Stone Language Training (HKLM-x32\...\{00384623-4937-4D7D-BDD9-23513D1C50AB}) (Version: 5.0.13.0 - Rosetta Stone, Ltd)
Rosetta Stone Ltd Services (HKLM-x32\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Sesame Street - Learn, Play & Grow (HKLM-x32\...\{33785AE7-2203-4D93-B6B3-35B7CC3C4906}) (Version: 1.0.2.2 - Nova Development)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
SlingPlayer for Web (HKLM-x32\...\{46994DA0-6572-4A02-9354-FC49ACE8C104}) (Version: 2.4.089 - Sling Media)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.1 - IObit)
SMPlayer 14.3.0 (HKLM-x32\...\SMPlayer) (Version: 14.3.0 - Ricardo Villalba)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 2.1.0 - IObit)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version: - Ubisoft Singapore)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{4a44fbf2-69ce-4a7f-b93d-510103af14db}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

==================== Restore Points =========================

27-07-2015 00:12:37 Windows Modules Installer
27-07-2015 16:48:01 Installed Sesame Street - Learn, Play & Grow.
31-07-2015 16:16:59 Removed Safari
31-07-2015 16:54:36 Revo Uninstaller Pro's restore point - Alien Isolation version 1.0 *Update 3*
31-07-2015 17:23:47 Driver Booster : Realtek High Definition Audio

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2015-08-03 10:03 - 00000747 ___AC C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01DA3A75-90EA-40D1-B59B-6E257B7150C6} - System32\Tasks\Uninstaller_SkipUac_Mother[bleep]er_Jones => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {11AD6328-3701-4FB2-92CF-38F485D4A68E} - \Uninstaller_SkipUac_Administrator No Task File <==== ATTENTION
Task: {16E0661B-ABEC-401D-A67B-8BC1BA1DB966} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {383A2028-697D-4417-AF34-A9D75B5687F3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-03-02] ()
Task: {3B5FBFF1-D372-402E-8DD4-FB7847D63B7A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {4A877B4B-C20E-4847-B169-910298CA3741} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-03-03] (IObit)
Task: {4D040B3B-CB99-4157-823E-2941686A28BB} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-07-06] (IObit)
Task: {504DCABF-F777-4E91-972F-6372B2B692C8} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [2015-05-26] (IObit)
Task: {5563739F-4EEB-41B0-8DB4-908739505F4F} - \Driver Booster SkipUAC (SYSTEM) No Task File <==== ATTENTION
Task: {73023F17-6F41-4FD8-8864-784B9741B13C} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2014-07-12] ()
Task: {76B79A18-9E3F-4AD3-8839-D800D1DA34C6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {78C0FAF1-3274-4001-A1CB-C5D4CA52F3B9} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-07-06] (IObit)
Task: {86500E74-C911-439D-B3D1-D8D33B91EEFE} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-04-24] ()
Task: {8FECB438-3F92-4FFC-863C-5E9DDAC2E6C5} - System32\Tasks\Driver Booster SkipUAC ([bleep] Jones) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-07-06] (IObit)
Task: {9F611BB3-4971-4A49-BB44-37590BE131B8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001Core => C:\Users\[bleep] Jones\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-30] (Facebook Inc.)
Task: {E79720CC-2D33-40CB-9B15-EDEF0E63BBD0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-31] (Adobe Systems Incorporated)
Task: {F3F4A011-8117-4007-BCC6-D4CCD83D636A} - System32\Tasks\ASC8_SkipUac_Mother[bleep]er Jones => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-05-08] (IObit)
Task: {FF1B94C7-421E-40D9-99AE-3D6DD76B948E} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-04-09] (IObit)
Task: {FF5EA5FD-2399-47B1-9FDA-7BE5099E9F68} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001UA => C:\Users\[bleep] Jones\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-30] (Facebook Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC8_SkipUac_Mother[bleep]er Jones.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001Core.job => C:\Users\[bleep] Jones\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001UA.job => C:\Users\[bleep] Jones\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Mother[bleep]er_Jones.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (Whitelisted) ==============

2014-11-10 00:24 - 2015-06-29 14:42 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 ____C () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 ____C () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-07-31 17:01 - 2014-07-11 16:04 - 01106720 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
2015-07-31 17:01 - 2013-10-25 12:08 - 00517408 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-08-02 20:52 - 2015-01-09 18:46 - 00517408 ____C () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
2014-04-24 15:42 - 2014-10-16 11:26 - 00622880 ____C () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-07-31 17:01 - 2013-01-15 18:48 - 00348992 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-07-31 17:01 - 2013-01-15 18:48 - 00183616 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-07-31 17:01 - 2013-01-15 18:48 - 00051008 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-08-02 20:55 - 2013-01-15 18:47 - 00893248 ____C () C:\Program Files (x86)\IObit\Smart Defrag 4\webres.dll
2015-03-10 11:33 - 2015-03-05 15:34 - 00348960 ____C () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2015-03-10 11:33 - 2015-03-05 15:33 - 00180856 ____C () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2015-03-10 11:33 - 2015-03-05 15:34 - 00050976 ____C () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2015-03-10 11:33 - 2015-03-05 15:35 - 00268920 ____C () C:\Program Files (x86)\IObit\Start Menu 8\sqlite3.dll
2015-03-10 11:33 - 2015-03-05 15:34 - 00053024 ____C () C:\Program Files (x86)\IObit\Start Menu 8\parseAuto.dll
2015-03-10 11:33 - 2015-03-05 15:34 - 00622880 ____C () C:\Program Files (x86)\IObit\Start Menu 8\ProductStatistics.dll
2015-03-10 11:33 - 2015-03-05 15:36 - 00041248 ____C () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2014-11-09 18:51 - 2014-11-09 18:52 - 00107520 _____ () C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll
2015-03-30 14:55 - 2015-07-23 22:22 - 00011920 ____C () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-31 17:01 - 2013-01-15 18:47 - 00893248 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2015-07-31 17:01 - 2013-01-15 18:48 - 00348992 ____C () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-07-31 17:01 - 2013-01-15 18:48 - 00183616 ____C () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-07-31 17:01 - 2013-01-15 18:48 - 00051008 ____C () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-06-29 12:59 - 2015-06-29 12:59 - 26065408 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5952\libcef.dll
2015-06-29 12:59 - 2015-06-29 12:59 - 00739840 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5952\libGLESv2.dll
2015-06-29 12:59 - 2015-06-29 12:59 - 00909312 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5952\platforms\qwindows.dll
2015-06-29 12:59 - 2015-06-29 12:59 - 00130048 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5952\libEGL.dll
2015-06-29 12:59 - 2015-06-29 12:59 - 00020992 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5952\imageformats\qgif.dll
2015-06-29 12:59 - 2015-06-29 12:59 - 00021504 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5952\imageformats\qico.dll
2015-06-29 12:59 - 2015-06-29 12:59 - 00205312 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5952\imageformats\qjpeg.dll
2015-06-29 12:59 - 2015-06-29 12:59 - 00225792 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5952\imageformats\qmng.dll
2015-06-29 12:59 - 2015-06-29 12:59 - 00015872 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5952\imageformats\qsvg.dll
2015-06-29 12:59 - 2015-06-29 12:59 - 00312832 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5952\imageformats\qtiff.dll
2015-06-29 12:59 - 2015-06-29 12:59 - 00010240 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5952\qml\QtQuick.2\qtquick2plugin.dll
2015-06-29 12:59 - 2015-06-29 12:59 - 00054272 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5952\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-29 12:59 - 2015-06-29 12:59 - 00010240 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5952\qml\QtQml\Models.2\modelsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\[bleep] Jones\OneDrive:ms-properties
AlternateDataStreams: C:\Users\[bleep] Jones\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\.DS_Store:AFP_AfpInfo

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4791 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-444016094-2512616490-1840167777-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1 - 205.171.2.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
MSCONFIG\startupreg: BCSSync => "c:\program files (x86)\microsoft office\office14\bcssync.exe" /delayservices
MSCONFIG\startupreg: CCleaner Monitoring =>
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "c:\program files (x86)\daemon tools pro\dtagent.exe" -autorun
MSCONFIG\startupreg: HP Software Update => c:\program files (x86)\hp\hp software update\hpwuschd2.exe
MSCONFIG\startupreg: iTunesHelper =>
MSCONFIG\startupreg: Logitech G930 => c:\program files (x86)\logitech\g930\g930.exe
MSCONFIG\startupreg: Search Protection =>
MSCONFIG\startupreg: SearchProtection =>
MSCONFIG\startupreg: SearchSettings =>
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Logitech G930"
HKLM\...\StartupApproved\Run32: => "uTorrent"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - PrinterBitch.lnk"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - Print$tuff.lnk"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\StartupFolder: => "Logitech blank Product Registration.lnk"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "Advanced SystemCare 7"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "HP Deskjet 3050 J610 series (NET)"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{195E1A0E-D279-4B0F-800E-1708D7F694D2}] => (Block) C:\users\[bleep] jones\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe
FirewallRules: [{F4ECC309-EEE7-415C-98CD-7D6E7540F1BE}] => (Block) C:\users\[bleep] jones\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe
FirewallRules: [UDP Query User{27F25138-2418-45EC-B9DC-59903CB34FA0}C:\users\[bleep] jones\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe] => (Allow) C:\users\[bleep] jones\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe
FirewallRules: [TCP Query User{C8DD6980-5763-46F4-961C-B201650DB0D5}C:\users\[bleep] jones\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe] => (Allow) C:\users\[bleep] jones\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe
FirewallRules: [{39A7464D-8F9E-4249-8667-FE5E4000A259}] => (Allow) C:\Users\[bleep] Jones\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{A0B10E8C-8F21-44A9-9353-287C46BF1A6B}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{A7B12EE5-5619-48B6-AE60-2C821C6040A3}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8AF1E4E4-0F9C-40AD-9E53-0C25D14A810C}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{A908DA92-34D8-4C16-BAAA-BACD91642C11}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{CDFEB8D2-7C1B-4A5D-9AE7-B731D9A23BDA}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{4779ACE4-231A-4F58-A521-281CEB524BDC}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A3813E8E-BF09-4B73-B446-DF75F9751E5A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F6FD2146-6CAD-43F7-9D0D-AE35D356F167}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{55E44769-8FFA-40FA-A337-7065A285D839}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{51F1AFBB-16E1-4843-B8D8-50C801C940C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{B974EAAF-AFC8-4B74-ACCE-F7232706B855}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{6BD56A72-62F3-4FF0-952E-5FC4C98EFADF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CB140583-0755-417D-8125-E07FA55D55BB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6A11701E-E624-4924-80A0-0DC5444510CF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FA94F681-2F63-48BF-B322-31A62C138D15}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{35CEA1DE-0731-4D1F-85C1-7621472DED04}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9B477B02-424A-428E-9F10-A623354BAA87}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9FBDD6D0-7C54-4864-ADD5-CD52694E27F9}] => (Allow) LPort=1689
FirewallRules: [{49592F62-A36A-4DDF-8BD3-1D31E91AA18F}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{A6AC6DDC-725A-4D93-AF09-7090D09F4DA0}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [TCP Query User{89EF54E7-7D58-42DB-A8D8-A83A1C15B33C}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{2B7DBCE2-0496-4F0B-8560-C648951833F2}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{7C504189-94A2-4372-982A-0B1F43561997}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{DD8BDCCF-47FA-4C0F-B570-37BB1E741F32}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{8C0EA1EF-71C5-41BC-AC93-866120FAEDE0}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{04590E5B-DB04-41DC-AF66-171676883120}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{BD40C593-9BE9-4374-BBCE-EA0C3852A232}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{4CA9024E-3D66-48F6-9C09-908FA9690FF9}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{A75838CA-CBA6-42E9-A445-278586906B2A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9F71B3EC-2E54-46F6-8283-D251E1769B49}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4621E3D3-360D-43B5-B833-5F5E0938480F}] => (Allow) LPort=1689
FirewallRules: [{F107414F-8B00-47B8-ACC6-D8A493FF00DD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{66FFB245-BCBD-42EA-BE96-3A72922181B7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{63118B6F-58A9-4507-BD14-1D5C4A157B24}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A77497D9-A151-43C5-9C6A-4175FA893EAB}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{89F0D478-BFA3-433B-B8B0-09C713F1C3D7}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{F9F9289C-1DDF-4828-9461-ADECF29D9CBC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms NA\Launcher.exe
FirewallRules: [{00B2A218-7E35-4A47-817A-CB495C6F8A0B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms NA\Launcher.exe
FirewallRules: [TCP Query User{5F573237-4A2C-4635-B961-A1B32B79520F}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{2569840A-1047-40C4-8415-FC10070262D0}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [{ADCA684C-9DEC-4F43-B46F-173380B8DBC3}] => (Block) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [{B8543032-C99A-4512-A79D-EA520F44E70D}] => (Block) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{C94EF24C-785A-47F3-BFB8-0300F970500B}C:\users\[bleep] jones\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\[bleep] jones\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{22D683FE-4927-484B-A507-71E3B9597D97}C:\users\[bleep] jones\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\[bleep] jones\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{68E5DF1B-EAD8-4B4C-B0C9-B7066345E7DE}] => (Block) C:\users\[bleep] jones\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{82E9F666-FBF8-41BC-8A3D-98A52521D835}] => (Block) C:\users\[bleep] jones\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{262398AF-333B-48FE-A2D5-DFA20874DC6C}] => (Allow) C:\Users\[bleep] Jones\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D9AE3007-EC99-44C1-BD40-88E6E73BEDEF}] => (Allow) C:\Users\[bleep] Jones\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0EDD2A18-25A0-42E7-98D5-2367AA6B1366}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{960B3840-9334-4DB0-857B-6A012FC9F9F9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{11D4CB3B-48F4-425C-BA65-93D5C917AFF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{58ACBE4C-C9DA-4A96-AAF3-8D22479BD886}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E30BEC3E-6F9D-42FD-AD1D-216EA371C7B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F4D27B44-3A3D-4BFD-9B57-470CC0961464}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5CDB7D6F-5630-4F0A-B308-D34F885351D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/03/2015 11:04:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.

Error: (08/03/2015 10:07:59 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
   The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
   The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: The plug-in manager <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application

Details:
   (HRESULT : 0x8e5e0210) (0x8e5e0210)

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
   The content index catalog is corrupt.   0xc0041801 (0xc0041801)

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
   0x8e5e0210 (0x8e5e0210)

Error: (08/03/2015 10:07:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer (3452) Windows: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb000C8.log.

System errors:
=============
Error: (08/03/2015 11:03:39 AM) (Source: DCOM) (EventID: 10010) (User: MOTHER[bleep]ERJON)
Description: {3C5E2B20-B911-44E2-A2DD-9F05E7B5E775}

Error: (08/03/2015 10:19:02 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070057: Microsoft.Reader.

Error: (08/03/2015 10:08:22 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (08/03/2015 10:08:03 AM) (Source: DCOM) (EventID: 10005) (User: MOTHER[bleep]ERJON)
Description: 1053WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (08/03/2015 10:08:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (08/03/2015 10:08:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (08/03/2015 10:08:03 AM) (Source: DCOM) (EventID: 10005) (User: MOTHER[bleep]ERJON)
Description: 1053WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (08/03/2015 10:08:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (08/03/2015 10:08:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (08/03/2015 10:08:03 AM) (Source: DCOM) (EventID: 10005) (User: MOTHER[bleep]ERJON)
Description: 1053WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Microsoft Office:
=========================
Error: (08/03/2015 11:04:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (08/03/2015 10:07:59 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
   The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application

Details:
   The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
Search.TripoliIndexer

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Context: Windows Application

Details:
   (HRESULT : 0x8e5e0210) (0x8e5e0210)
Search.TripoliIndexer

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
   The content index catalog is corrupt.   0xc0041801 (0xc0041801)
The catalog is corrupt

Error: (08/03/2015 10:07:52 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description:
Details:
   0x8e5e0210 (0x8e5e0210)
4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)

Error: (08/03/2015 10:07:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer3452Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb000C8.log-1811 (0xfffff8ed)

CodeIntegrity:
===================================
Date: 2015-08-01 22:15:08.461
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-01 22:15:07.499
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-01 22:15:07.054
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-01 22:15:06.599
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-01 22:15:06.002
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-01 22:15:05.453
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-01 22:15:05.019
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-01 22:15:04.556
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-01 22:15:04.072
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-01 22:15:03.572
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU 930 @ 2.80GHz
Percentage of memory in use: 16%
Total physical RAM: 7159.11 MB
Available physical RAM: 5959.21 MB
Total Virtual: 8823.11 MB
Available Virtual: 6962.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:72.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2D883ED2)
Partition 1: (Active) - (Size=99 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of log ============================

#2
Essexboy

Posted 07 August 2015 - 11:12 AM

GeekU Moderator

Retired Staff
69,964 posts

Hi there sorry for the delay ... Do you still require assistance.

If so could you post a fresh FRST scan

#3
Ategenos

Posted 11 August 2015 - 10:24 AM

Member

Topic Starter
Member
63 posts

sure. and no worries. I apologize for not responding to my other post in the past.

#4
Ategenos

Posted 11 August 2015 - 10:26 AM

Member

Topic Starter
Member
63 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015
Ran by [bleep] Jones (administrator) on MOTHER[bleep]ERJON (11-08-2015 10:23:44)
Running from C:\Users\[bleep] Jones\Desktop
Loaded Profiles: [bleep] Jones (Available Profiles: [bleep] Jones & Administrator)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
(Microsoft Corporation) C:\Windows\System32\ApplicationFrameHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.12101.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4271\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6061\Battle.net.exe
(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Wow-64.exe
(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Utils\WowBrowserProxy.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-07-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5887264 2015-06-08] (IObit)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\Run: [uTorrent] => C:\Users\[bleep] Jones\AppData\Roaming\uTorrent\uTorrent.exe [1693024 2015-07-31] (BitTorrent Inc.)
IFEO\maintenanceservice.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\maintenanceservice_tmp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoReactivator.exe
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll [2015-08-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll [2015-08-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll [2015-08-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll [2015-08-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll [2015-08-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll [2015-08-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll [2015-08-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll [2015-08-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll [2015-08-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll [2015-08-05] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://duckduckgo.com/
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-444016094-2512616490-1840167777-1001 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No File
ShellExecuteHooks-x32: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{8614a1d3-8eeb-41b2-a501-331f326173c3}: [DhcpNameServer] 192.168.0.1 205.171.2.25

FireFox:
========
FF ProfilePath: C:\Users\[bleep] Jones\AppData\Roaming\Mozilla\Firefox\Profiles\v61utz8k.default
FF DefaultSearchEngine.US: Google
FF SelectedSearchEngine: Yahoo!
FF Homepage: https://duckduckgo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-31] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-31] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-12] (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-29] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\[bleep] Jones\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\[bleep] Jones\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @talk.google.com/O1DPlugin -> C:\Users\[bleep] Jones\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @tools.google.com/Google Update;version=3 -> C:\Users\[bleep] Jones\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @tools.google.com/Google Update;version=9 -> C:\Users\[bleep] Jones\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF user.js: detected! => C:\Users\[bleep] Jones\AppData\Roaming\Mozilla\Firefox\Profiles\v61utz8k.default\user.js [2015-08-09]
FF Plugin ProgramFiles/Appdata: C:\Users\[bleep] Jones\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\[bleep] Jones\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)

Chrome:
=======
CHR Profile: C:\Users\[bleep] Jones\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
S3 AJRouter; C:\Windows\System32\AJRouter.dll [23040 2015-07-10] (Microsoft Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [658568 2015-08-05] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-05] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-05] (Microsoft Corporation)
S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [196096 2015-07-10] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33280 2015-07-10] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S2 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [63488 2015-07-10] (Microsoft Corporation)
R2 DoSvc; C:\Windows\system32\dosvc.dll [1169408 2015-08-05] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [143872 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-23] (NVIDIA Corporation)
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-05] (Microsoft Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [878880 2015-05-12] (IObit)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [27136 2015-07-10] (Microsoft Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [186368 2015-07-10] (Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [268800 2015-07-10] (Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [512000 2015-07-10] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-23] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-23] (NVIDIA Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session3; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session3; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session3; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session3; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [2987520 2014-11-19] (Microsoft Corporation) [File not signed]
S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-08-05] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-07-31] (Realtek Semiconductor)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-05] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [229376 2015-08-05] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [583680 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [503808 2015-08-05] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-05] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-05] (Microsoft Corporation)
R3 UnistoreSvc_Session3; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session3; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-08-05] (Microsoft Corporation)
R3 UserDataSvc_Session3; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session3; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [717312 2015-07-10] (Microsoft Corporation)
S3 UsoSvc; C:\Windows\system32\usocore.dll [343040 2015-08-05] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 WpnService; C:\Windows\system32\WpnService.dll [49152 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [32256 2015-07-10] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [116736 2015-07-10] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39264 2015-07-10] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2014-11-09] (DT Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
S3 fcvsc; C:\Windows\System32\drivers\fcvsc.sys [31232 2015-07-10] (Microsoft Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50016 2015-07-10] (Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-13] (REALiX™)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
S3 LADF_BakerCOnly; C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys [410184 2011-03-18] (Logitech)
S3 LADF_BakerROnly; C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys [335688 2011-03-18] (Logitech)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [104800 2015-07-10] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-05] (Malwarebytes Corporation)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59744 2015-07-10] (Avago Technologies)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [48128 2015-07-10] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [94720 2015-07-10] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-02] (NVIDIA Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58208 2015-07-10] (LSI Corporation)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [58720 2015-07-10] (Avago Technologies)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [934752 2015-08-05] (Microsoft Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [40288 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
R3 tapoas; C:\Windows\System32\drivers\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-05] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [245088 2015-07-10] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [94048 2015-07-10] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [127840 2015-07-10] (Microsoft Corporation)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [28512 2015-07-10] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [57696 2015-07-10] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [27488 2015-07-10] (Microsoft Corporation)
S3 vhf; C:\Windows\System32\drivers\vhf.sys [31744 2015-07-10] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [685056 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-12-01] (Basil Projects)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: dosvc -> C:\Windows\system32\dosvc.dll (Microsoft Corporation)
NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation)
NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> No File
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-11 10:23 - 2015-08-11 10:24 - 00026092 _____ C:\Users\[bleep] Jones\Desktop\FRST.txt
2015-08-11 10:23 - 2015-08-11 10:23 - 02171392 ____C (Farbar) C:\Users\[bleep] Jones\Desktop\FRST64.exe
2015-08-11 10:23 - 2015-08-11 10:23 - 00000000 ____D C:\Users\[bleep] Jones\Desktop\FRST-OlderVersion
2015-08-11 10:02 - 2015-08-11 10:02 - 00016148 _____ C:\WINDOWS\system32\MOTHER[bleep]ERJON_Mother[bleep]er Jones_HistoryPrediction.bin
2015-08-10 18:36 - 2015-08-10 21:54 - 00001675 _____ C:\WINDOWS\setupact.log
2015-08-10 18:36 - 2015-08-10 18:36 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-10 07:45 - 2015-08-10 07:45 - 00000906 _____ C:\WINDOWS\PFRO.log
2015-08-08 20:54 - 2015-08-08 20:56 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Aloha (2015)
2015-08-08 19:28 - 2015-08-08 21:44 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Step Up (2006)
2015-08-08 14:05 - 2015-08-09 17:09 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Local\Deployment
2015-08-07 13:25 - 2015-08-10 08:45 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Blackbird (2014) [1080p]
2015-08-07 11:08 - 2015-08-07 11:09 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\The Weeknd - Beauty Behind the Madness [R&B] 3 Pre-Order Tracks [2015] [iTunes Plus M4A AAC] [UJ.rip]
2015-08-06 19:43 - 2015-08-06 19:43 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-06 19:17 - 2015-08-06 19:17 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-08-06 18:42 - 2015-08-06 18:42 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Local\PeerDistRepub
2015-08-05 22:59 - 2015-08-06 08:26 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Unfriended (2014)
2015-08-05 22:58 - 2015-08-06 10:36 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\The Age of Adaline (2015)
2015-08-05 22:52 - 2015-08-05 23:02 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\That Sugar Film (2014)
2015-08-05 19:19 - 2015-08-05 18:59 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-05 19:15 - 2015-08-05 19:16 - 00000000 ___DC C:\Windows.old
2015-08-05 19:14 - 2015-08-05 19:14 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 22319520 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 20854776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 16707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-05 19:14 - 2015-08-05 19:14 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-05 19:14 - 2015-08-05 19:14 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-05 19:14 - 2015-08-05 19:14 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-05 19:14 - 2015-08-05 19:14 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00495616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-05 19:14 - 2015-08-05 19:14 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-05 19:14 - 2015-08-05 19:14 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-05 19:10 - 2015-08-05 19:10 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-05 19:08 - 2015-08-05 19:08 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-05 19:08 - 2015-08-05 19:08 - 00000000 ____D C:\Program Files\MSBuild
2015-08-05 19:08 - 2015-08-05 19:08 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-05 19:08 - 2015-08-05 17:28 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-05 19:07 - 2015-06-17 20:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-05 19:07 - 2015-06-17 20:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-05 19:07 - 2015-06-17 20:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-05 19:07 - 2015-05-29 23:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-05 19:07 - 2015-05-29 23:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-05 19:07 - 2015-05-29 23:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-05 18:56 - 2015-08-05 18:56 - 78897152 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2015-08-05 18:56 - 2015-08-05 18:56 - 00253952 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2015-08-05 18:56 - 2015-08-05 18:56 - 00065536 _____ C:\WINDOWS\system32\config\SAM.iobit
2015-08-05 18:56 - 2015-08-05 18:56 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2015-08-05 18:51 - 2015-08-05 18:51 - 00002574 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Mother[bleep]er_Jones
2015-08-05 18:51 - 2015-08-05 18:51 - 00000336 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Mother[bleep]er_Jones.job
2015-08-05 18:03 - 2015-08-05 18:03 - 07812296 _____ (Microsoft Corporation) C:\Users\[bleep] Jones\Downloads\OneDriveSetup.exe
2015-08-05 18:03 - 2015-08-05 18:03 - 00002418 _____ C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-05 18:01 - 2015-08-05 18:01 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Local\MicrosoftEdge
2015-08-05 17:59 - 2015-08-05 17:59 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-08-05 17:57 - 2015-08-05 17:57 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Local\Publishers
2015-08-05 17:56 - 2015-08-05 17:58 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Local\Comms
2015-08-05 17:56 - 2015-08-05 17:56 - 00000020 ___SH C:\Users\[bleep] Jones\ntuser.ini
2015-08-05 17:56 - 2015-08-05 17:56 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Local\TileDataLayer
2015-08-05 17:41 - 2015-08-10 21:56 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-05 17:36 - 2015-07-10 04:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-05 17:32 - 2015-08-05 17:32 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-05 17:32 - 2015-08-05 17:32 - 00000000 ____D C:\Users\Default\AppData\Roaming\IObit
2015-08-05 17:32 - 2015-08-05 17:32 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IObit
2015-08-05 17:27 - 2015-08-05 17:27 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-08-05 17:25 - 2015-08-11 09:18 - 00000000 ____D C:\Users\[bleep] Jones
2015-08-05 17:25 - 2015-08-05 17:56 - 00000000 ___RD C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-05 17:25 - 2015-08-05 17:39 - 00000000 ____D C:\Users\Administrator
2015-08-05 17:25 - 2015-08-05 17:27 - 00000000 ___RD C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-05 17:25 - 2015-07-10 05:04 - 00000000 __RSD C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-05 17:25 - 2015-07-10 05:04 - 00000000 __RSD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-05 17:25 - 2015-07-10 05:04 - 00000000 ___RD C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-05 17:25 - 2015-07-10 05:04 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-05 17:25 - 2015-07-10 05:04 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-05 17:25 - 2015-07-10 05:04 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-05 17:25 - 2015-07-10 05:04 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-05 17:25 - 2015-07-10 05:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-05 17:23 - 2015-08-05 17:28 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-05 17:23 - 2015-08-05 17:23 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-05 17:23 - 2015-08-05 17:23 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-08-05 17:23 - 2015-08-05 17:23 - 00000000 ____D C:\Program Files\Realtek
2015-08-05 17:23 - 2015-06-29 14:42 - 06783304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-05 17:23 - 2015-06-29 14:42 - 03522192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-05 17:23 - 2015-06-29 14:42 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-05 17:23 - 2015-06-29 14:42 - 00932040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-05 17:23 - 2015-06-29 14:42 - 00385352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-05 17:23 - 2015-06-29 14:42 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-05 17:23 - 2015-06-29 05:02 - 04437364 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-05 17:22 - 2015-08-05 17:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-05 17:22 - 2015-08-05 17:28 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-05 17:22 - 2015-08-05 17:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-08-05 17:21 - 2015-08-05 17:21 - 00029043 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-04 11:40 - 2015-08-09 17:11 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\backups
2015-08-04 11:40 - 2015-08-04 11:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\[bleep] Jones\Downloads\HijackThis.exe
2015-08-04 08:44 - 2015-08-04 08:44 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\ProductData
2015-08-03 20:45 - 2015-08-11 09:17 - 00000000 ____D C:\ProgramData\ProductData
2015-08-03 19:59 - 2015-08-03 19:59 - 00002135 _____ C:\Users\[bleep] Jones\Desktop\JRT.txt
2015-08-03 19:25 - 2015-08-05 18:47 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-03 19:21 - 2015-08-03 19:24 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\[bleep] Jones\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-03 19:03 - 2015-08-03 19:04 - 02248704 _____ C:\Users\[bleep] Jones\Downloads\AdwCleaner(2).exe
2015-08-03 11:33 - 2015-08-03 20:01 - 00045336 _____ C:\Users\[bleep] Jones\Downloads\FRST.txt
2015-08-03 11:33 - 2015-08-03 11:34 - 00047639 _____ C:\Users\[bleep] Jones\Downloads\Addition.txt
2015-08-03 11:32 - 2015-08-03 11:32 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\FRST-OlderVersion
2015-08-02 20:55 - 2015-08-05 17:42 - 00003374 _____ C:\WINDOWS\System32\Tasks\SmartDefrag4_Update
2015-08-02 20:55 - 2015-08-05 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-08-02 20:55 - 2015-08-02 20:55 - 00001194 ____C C:\Users\Public\Desktop\Smart Defrag 4.lnk
2015-08-02 20:55 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\SysWOW64\IObitSmartDefragExtension.dll
2015-08-02 20:55 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2015-08-02 20:55 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
2015-08-02 20:52 - 2015-08-05 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-08-02 20:52 - 2015-08-02 20:52 - 00001201 ____C C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-08-02 20:34 - 2015-08-02 20:35 - 22653000 _____ C:\Users\[bleep] Jones\Downloads\RogueKillerX64.exe
2015-08-02 20:07 - 2015-08-05 17:27 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp!
2015-08-02 20:06 - 2015-08-02 20:07 - 00000000 ____D C:\Program Files (x86)\CleanUp!
2015-08-02 19:58 - 2015-07-27 11:44 - 01798176 _____ (Malwarebytes Corporation) C:\Users\[bleep] Jones\Desktop\JRT_NEW.exe
2015-08-02 19:36 - 2015-08-02 19:36 - 00001272 _____ C:\Users\[bleep] Jones\Desktop\Win Fix.lnk
2015-08-02 18:56 - 2015-08-02 18:56 - 00001274 ____C C:\Users\Public\Desktop\World of Warcraft.lnk
2015-08-01 23:50 - 2015-08-01 23:50 - 00000000 ____D C:\Users\Administrator\AppData\Local\GWX
2015-07-31 18:00 - 2015-07-31 18:02 - 04789071 _____ C:\Users\[bleep] Jones\Downloads\WowMatrix.zip
2015-07-31 17:53 - 2015-07-31 17:53 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-31 17:52 - 2015-07-31 17:52 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-07-31 17:52 - 2015-07-31 17:52 - 04496600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-07-31 17:52 - 2015-07-31 17:52 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 03195416 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 02930904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 02862488 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-07-31 17:52 - 2015-07-31 17:52 - 02702040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-07-31 17:52 - 2015-07-31 17:52 - 01748184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 01576976 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 01316056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00166616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-07-31 17:52 - 2015-07-31 17:52 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-07-31 17:38 - 2015-07-31 17:38 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\IObit Driver Booster Pro 2.4.0.19 FINAL + Serials [TechTools.NET]
2015-07-31 17:11 - 2015-07-31 17:11 - 00000900 _____ C:\Users\[bleep] Jones\Documents\hosts.txt
2015-07-31 17:02 - 2015-08-05 17:42 - 00003376 _____ C:\WINDOWS\System32\Tasks\ASC8_PerformanceMonitor
2015-07-31 17:01 - 2015-08-09 23:46 - 00000300 _____ C:\WINDOWS\Tasks\ASC8_SkipUac_Mother[bleep]er Jones.job
2015-07-31 17:01 - 2015-08-05 17:42 - 00002536 _____ C:\WINDOWS\System32\Tasks\ASC8_SkipUac_Mother[bleep]er Jones
2015-07-31 17:01 - 2015-08-05 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-07-31 16:32 - 2015-07-31 16:36 - 49202853 ____R C:\Users\[bleep] Jones\Downloads\Advanced.System.Care.Pro.v8.2.0.797.rar
2015-07-31 15:40 - 2015-08-05 17:42 - 00002940 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-07-31 15:40 - 2015-08-05 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-31 15:40 - 2015-08-03 00:33 - 00000000 ____D C:\Program Files\CCleaner
2015-07-31 15:40 - 2015-07-31 15:40 - 00000836 ____C C:\Users\Public\Desktop\CCleaner.lnk
2015-07-31 02:15 - 2015-07-31 02:17 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\CCleaner Free Professional Business Technician 5.07.5261 Final + Portable + Keymaker - AppzDam
2015-07-30 01:59 - 2015-06-29 13:07 - 00606920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-07-29 19:08 - 2015-07-02 22:28 - 00069992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-07-29 19:08 - 2015-07-02 22:28 - 00065896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-07-29 19:08 - 2015-07-02 22:28 - 00047976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-07-27 16:52 - 2015-08-05 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sesame Street
2015-07-27 16:52 - 2015-07-27 16:52 - 00003003 ____C C:\Users\Public\Desktop\Sesame Street - Learn, Play & Grow.lnk
2015-07-27 16:51 - 2015-07-27 16:51 - 00000000 ____D C:\Program Files (x86)\Sesame Street
2015-07-24 20:04 - 2015-07-25 02:25 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Adult Beginners (2014)
2015-07-24 20:02 - 2015-07-25 02:40 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Barely Lethal (2015)
2015-07-24 02:18 - 2015-07-24 02:29 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Passenger-All The Little Lights (2CD)(2012) 320Kbit(mp3) DMT
2015-07-23 22:22 - 2015-07-23 22:25 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Awful Nice (2013)
2015-07-23 22:21 - 2015-07-23 22:25 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Child 44 (2015)
2015-07-23 18:07 - 2015-07-23 18:39 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\The Amazing Spider Man 2 (2014)
2015-07-23 01:54 - 2015-07-23 02:44 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\True Story (2015)
2015-07-22 08:35 - 2015-07-22 11:23 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\The Last Survivors (2014) [1080p]
2015-07-22 08:35 - 2015-07-22 09:22 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\The Town That Dreaded Sundown (2014) [1080p]
2015-07-22 08:08 - 2015-07-23 03:33 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Furious Seven (2015) [1080p]
2015-07-20 19:46 - 2015-07-20 19:47 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Brother's Keeper (2013) [1080p]
2015-07-20 19:42 - 2015-07-20 19:46 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\The Road Within (2014)
2015-07-12 20:58 - 2015-07-12 21:34 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Backcountry (2014)
2015-07-12 20:58 - 2015-07-12 20:58 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\Wyrmwood Road of the Dead (2014)

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-11 10:23 - 2015-03-29 13:57 - 00000000 ___DC C:\FRST
2015-08-11 10:17 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-11 10:16 - 2014-05-19 19:30 - 00000000 ___DC C:\Users\[bleep] Jones\AppData\Local\Battle.net
2015-08-10 09:44 - 2014-04-24 15:34 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\uTorrent
2015-08-10 08:05 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-10 07:48 - 2015-07-10 06:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-10 07:45 - 2015-07-10 06:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-09 23:47 - 2015-07-10 03:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-08-09 21:11 - 2014-05-03 10:48 - 00000000 ___DC C:\Users\[bleep] Jones\AppData\Local\CrashDumps
2015-08-09 17:09 - 2014-05-19 19:53 - 00000000 ___DC C:\Users\[bleep] Jones\AppData\Local\._LiveCode_
2015-08-08 11:25 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-06 20:44 - 2015-07-10 06:20 - 00344584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-06 20:41 - 2015-07-05 14:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-06 19:09 - 2015-07-10 04:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-06 19:08 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-06 07:19 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-05 19:19 - 2015-07-10 05:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-05 19:15 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-05 19:15 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-05 19:15 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-05 19:15 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-05 19:15 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-05 19:15 - 2015-07-10 03:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-05 19:15 - 2015-07-10 03:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-05 19:14 - 2015-07-10 05:06 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-05 19:14 - 2015-07-10 05:06 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-05 18:35 - 2014-11-12 12:05 - 00000000 __RDO C:\Users\[bleep] Jones\OneDrive
2015-08-05 18:18 - 2014-04-24 15:13 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Local\Packages
2015-08-05 17:57 - 2015-07-10 05:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-05 17:57 - 2015-07-10 05:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-05 17:57 - 2015-07-10 05:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-05 17:56 - 2015-07-10 05:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-05 17:46 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-05 17:46 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-05 17:45 - 2014-11-10 00:27 - 00040008 _____ C:\WINDOWS\diagwrn.xml
2015-08-05 17:45 - 2014-11-10 00:27 - 00040008 _____ C:\WINDOWS\diagerr.xml
2015-08-05 17:43 - 2014-11-10 00:40 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-05 17:42 - 2015-03-13 12:59 - 00003704 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-444016094-2512616490-1840167777-500
2015-08-05 17:42 - 2015-03-01 11:18 - 00003968 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-08-05 17:42 - 2014-12-01 17:20 - 00003936 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2015-08-05 17:42 - 2014-09-30 22:15 - 00004102 ____C C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001UA
2015-08-05 17:42 - 2014-09-30 22:15 - 00003752 ____C C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001Core
2015-08-05 17:42 - 2014-08-05 18:42 - 00003800 ____C C:\WINDOWS\System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series
2015-08-05 17:42 - 2014-07-18 21:37 - 00003830 ____C C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-05 17:42 - 2014-07-12 02:54 - 00003340 _____ C:\WINDOWS\System32\Tasks\Game_Booster_AutoUpdate
2015-08-05 17:42 - 2014-04-24 15:18 - 00003708 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-444016094-2512616490-1840167777-1001
2015-08-05 17:40 - 2015-07-10 05:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-05 17:34 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-08-05 17:34 - 2015-07-10 03:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-05 17:32 - 2013-08-22 07:36 - 00000000 ____D C:\Users\Default.migrated
2015-08-05 17:29 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-05 17:29 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-05 17:29 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-08-05 17:29 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-08-05 17:29 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-08-05 17:28 - 2015-07-10 07:14 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-05 17:28 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-05 17:28 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\InputMethod
2015-08-05 17:28 - 2015-07-10 05:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-05 17:28 - 2015-07-07 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-08-05 17:28 - 2015-06-17 00:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2015-08-05 17:28 - 2015-05-27 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-08-05 17:28 - 2015-05-07 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-08-05 17:28 - 2015-04-26 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-08-05 17:28 - 2015-04-24 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-08-05 17:28 - 2015-04-06 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2015-08-05 17:28 - 2015-03-30 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-08-05 17:28 - 2015-02-27 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-05 17:28 - 2014-12-30 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone
2015-08-05 17:28 - 2014-12-04 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-08-05 17:28 - 2014-12-01 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-05 17:28 - 2014-12-01 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2015-08-05 17:28 - 2014-11-09 21:50 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
2015-08-05 17:28 - 2014-10-29 12:19 - 00000000 ___DC C:\WINDOWS\system32\%LOCALAPPDATA%
2015-08-05 17:28 - 2014-10-28 15:04 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-08-05 17:28 - 2014-10-28 15:04 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-05 17:28 - 2014-10-25 13:18 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-08-05 17:28 - 2014-08-05 18:42 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-08-05 17:28 - 2014-07-12 02:54 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
2015-08-05 17:28 - 2014-05-19 19:31 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-08-05 17:28 - 2014-05-19 19:29 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-08-05 17:28 - 2014-05-18 16:50 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Assistant
2015-08-05 17:28 - 2014-05-18 16:39 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-08-05 17:28 - 2014-04-27 12:39 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-05 17:28 - 2014-04-24 16:25 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer
2015-08-05 17:28 - 2014-04-24 16:04 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-05 17:28 - 2014-04-24 15:41 - 00000000 ___DC C:\Program Files (x86)\IObit
2015-08-05 17:28 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-08-05 17:28 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-08-05 17:28 - 2009-07-14 01:45 - 00000000 __RDC C:\Users\Public\Recorded TV
2015-08-05 17:27 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-05 17:27 - 2015-07-07 13:02 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
2015-08-05 17:27 - 2015-03-29 13:54 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2015-08-05 17:27 - 2014-06-22 17:54 - 00000000 ___DC C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
2015-08-05 17:27 - 2014-04-27 12:55 - 00000000 ___DC C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-05 17:27 - 2014-04-24 15:41 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\IObit
2015-08-05 17:26 - 2015-03-13 12:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2015-08-05 17:26 - 2015-03-13 12:53 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2015-08-05 17:24 - 2015-07-10 03:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-05 17:24 - 2013-12-09 13:19 - 00000000 ___DC C:\Recovery
2015-08-05 17:23 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\Help
2015-08-05 17:23 - 2013-12-10 11:07 - 00000000 ___DC C:\temp
2015-08-05 17:21 - 2015-07-10 03:05 - 00000000 __RHD C:\Users\Default
2015-08-05 16:52 - 2015-07-10 07:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-03 19:56 - 2014-04-24 15:41 - 00000000 ___DC C:\ProgramData\IObit
2015-08-03 19:05 - 2014-03-31 11:42 - 00000000 ___DC C:\AdwCleaner
2015-08-03 11:56 - 2014-05-19 19:29 - 00000000 ___DC C:\Program Files (x86)\Battle.net
2015-08-03 00:35 - 2014-10-18 18:37 - 00000000 ___DC C:\Program Files (x86)\Adobe
2015-08-02 21:22 - 2014-05-19 19:30 - 00000000 ___DC C:\Program Files (x86)\World of Warcraft
2015-08-02 20:47 - 2014-07-15 01:36 - 00000000 ___DC C:\ProgramData\RogueKiller
2015-08-01 19:27 - 2014-05-05 18:02 - 00000000 ___DC C:\Program Files\Common Files\Apple
2015-08-01 19:27 - 2014-05-05 18:01 - 00000000 ___DC C:\ProgramData\Apple
2015-07-31 17:46 - 2014-07-18 21:37 - 00000830 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-31 17:20 - 2015-07-07 13:02 - 00000000 ____D C:\Program Files (x86)\Winamp
2015-07-31 17:20 - 2015-04-06 22:23 - 00000000 ____D C:\Program Files (x86)\Mumble
2015-07-31 17:20 - 2014-12-02 16:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-31 17:20 - 2014-12-01 17:20 - 00000000 ____D C:\Program Files\KMSpico
2015-07-31 17:20 - 2014-10-28 15:01 - 00000000 ___DC C:\Program Files (x86)\Microsoft Visual Studio 8
2015-07-31 17:20 - 2014-10-18 13:10 - 00000000 ___DC C:\Program Files (x86)\iTunes
2015-07-31 17:20 - 2014-04-27 12:39 - 00000000 ___DC C:\Program Files (x86)\Steam
2015-07-31 17:20 - 2014-03-31 12:04 - 00000000 ___DC C:\Qoobox
2015-07-31 16:56 - 2014-11-09 22:01 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\uTorrent Plus v3.4.2 Build 33023 Stable
2015-07-31 16:30 - 2015-03-04 12:25 - 00000000 ____D C:\Users\[bleep] Jones\Downloads\The.Hobbit.Battle.Of.The.Five.Armies.2014.1080p.WEBRip.x264-tomcat12[ETRG]
2015-07-31 16:14 - 2013-12-17 20:48 - 00000000 ____D C:\Users\[bleep] Jones\Documents\My Digital Editions
2015-07-30 18:31 - 2013-12-26 02:49 - 09039872 _____ (Acreon Inc.) C:\Users\[bleep] Jones\Desktop\WowMatrix.exe
2015-07-30 12:25 - 2015-06-17 00:10 - 00000000 ____D C:\Users\[bleep] Jones\AppData\Roaming\LG Electronics
2015-07-30 03:58 - 2013-08-22 09:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-30 03:46 - 2015-02-03 12:25 - 00000000 ____D C:\Users\[bleep] Jones\Desktop\memes
2015-07-30 01:52 - 2014-10-28 15:01 - 00000000 ___DC C:\ProgramData\Microsoft Help
2015-07-30 01:50 - 2014-04-25 04:47 - 00000000 ___DC C:\WINDOWS\system32\MRT
2015-07-29 11:39 - 2015-04-24 22:31 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-07-23 22:21 - 2014-12-16 16:58 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-07-23 22:21 - 2014-12-16 16:58 - 01423304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-07-23 22:21 - 2014-07-29 11:31 - 01756608 ____C (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-07-23 22:21 - 2014-07-29 11:31 - 01316000 ____C (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll

==================== Files in the root of some directories =======

2015-02-04 19:27 - 2015-02-04 19:27 - 0000017 _____ () C:\Users\[bleep] Jones\AppData\Local\resmon.resmoncfg
2014-08-05 18:41 - 2014-08-05 18:41 - 0000057 ____C () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\[bleep] Jones\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-05 17:20

==================== End of log ============================

#5
Ategenos

Posted 11 August 2015 - 10:27 AM

Member

Topic Starter
Member
63 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-08-2015
Ran by [bleep] Jones (2015-08-11 10:24:51)
Running from C:\Users\[bleep] Jones\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-444016094-2512616490-1840167777-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-444016094-2512616490-1840167777-503 - Limited - Disabled)
Guest (S-1-5-21-444016094-2512616490-1840167777-501 - Limited - Disabled)
[bleep] Jones (S-1-5-21-444016094-2512616490-1840167777-1001 - Administrator - Enabled) => C:\Users\[bleep] Jones

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.2.0 - IObit)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CleanUp! (HKLM-x32\...\CleanUp!) (Version: - )
Curse Client (HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Game Assistant 3 (HKLM-x32\...\GameAssistant_is1) (Version: 3.0 - IObit)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HP Deskjet 3050 J610 series Basic Device Software (HKLM\...\{6457BD83-98CF-4267-93D7-F173FF3E7C25}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Help (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Deskjet 3050 J610 series Product Improvement Study (HKLM\...\{5FB5B723-6B6E-45ED-BA73-F264D52AF916}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.2 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
Logitech G930 (HKLM\...\{91C4D79C-3579-48E8-ADFA-8818042AEB73}) (Version: 1.0.364 - Logitech)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.74 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.74 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
Rosetta Stone Language Training (HKLM-x32\...\{00384623-4937-4D7D-BDD9-23513D1C50AB}) (Version: 5.0.13.0 - Rosetta Stone, Ltd)
Rosetta Stone Ltd Services (HKLM-x32\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Sesame Street - Learn, Play & Grow (HKLM-x32\...\{33785AE7-2203-4D93-B6B3-35B7CC3C4906}) (Version: 1.0.2.2 - Nova Development)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
SlingPlayer for Web (HKLM-x32\...\{46994DA0-6572-4A02-9354-FC49ACE8C104}) (Version: 2.4.089 - Sling Media)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.1 - IObit)
SMPlayer 14.3.0 (HKLM-x32\...\SMPlayer) (Version: 14.3.0 - Ricardo Villalba)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version: - Ubisoft Singapore)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{d7113896-5674-455c-ac6d-77d5f5b2789e}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

06-08-2015 19:08:06 Windows Update
06-08-2015 19:08:34 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2015-08-03 10:03 - 00000747 ___AC C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {01BDDDA4-0245-407F-AF0A-64018BA62EA9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {04113517-2147-4FC8-9084-689BB4B58792} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {0BAD34BF-8BE4-40D2-BF0F-538DF26B2BC3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {11AD6328-3701-4FB2-92CF-38F485D4A68E} - \Uninstaller_SkipUac_Administrator -> No File <==== ATTENTION
Task: {14C25D79-5555-46DB-A3FE-0456E4392299} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {16E0661B-ABEC-401D-A67B-8BC1BA1DB966} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation)
Task: {2286593C-1915-48E5-94BC-00E4CDED90F1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2650B69D-F854-4191-A71C-A7E66518872A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {29174248-42BF-4A25-9423-3F32BD6538FA} - System32\Tasks\Uninstaller_SkipUac_Mother[bleep]er_Jones => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {383A2028-697D-4417-AF34-A9D75B5687F3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-03-02] ()
Task: {3B5FBFF1-D372-402E-8DD4-FB7847D63B7A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {47F1095E-FCDF-4C5E-A768-15E1622AC9C3} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {4A877B4B-C20E-4847-B169-910298CA3741} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-03-03] (IObit)
Task: {4D25CA74-6524-4162-A767-4BC17E142399} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5563739F-4EEB-41B0-8DB4-908739505F4F} - \Driver Booster SkipUAC (SYSTEM) -> No File <==== ATTENTION
Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {66FBEA28-E9A8-4485-BB42-3F4A56BDBEA5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {73023F17-6F41-4FD8-8864-784B9741B13C} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2014-07-12] ()
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2015-08-05] (Microsoft Corporation)
Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-08-05] (Microsoft Corporation)
Task: {86500E74-C911-439D-B3D1-D8D33B91EEFE} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-04-24] ()
Task: {89E01361-4E46-4510-B6B1-3C4630940967} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-05] (Microsoft Corporation)
Task: {9F611BB3-4971-4A49-BB44-37590BE131B8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001Core => C:\Users\[bleep] Jones\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-30] (Facebook Inc.)
Task: {A32CF277-6830-421C-A3A5-FC10AF2FCE46} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation)
Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C6D46FE7-4E57-4A4A-B07B-DA8965F2F22C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation)
Task: {DCA124CB-D475-45FC-9C88-8FF4807CF521} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E388ADED-A10E-42CD-8ADB-BD5F432353A5} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {E79720CC-2D33-40CB-9B15-EDEF0E63BBD0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-31] (Adobe Systems Incorporated)
Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-08-05] (Microsoft Corporation)
Task: {F3F4A011-8117-4007-BCC6-D4CCD83D636A} - System32\Tasks\ASC8_SkipUac_Mother[bleep]er Jones => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-05-08] (IObit)
Task: {FF1B94C7-421E-40D9-99AE-3D6DD76B948E} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-04-09] (IObit)
Task: {FF5EA5FD-2399-47B1-9FDA-7BE5099E9F68} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001UA => C:\Users\[bleep] Jones\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-30] (Facebook Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC8_SkipUac_Mother[bleep]er Jones.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001Core.job => C:\Users\[bleep] Jones\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001UA.job => C:\Users\[bleep] Jones\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Mother[bleep]er_Jones.job => 0x000A01005E1F40BF1AF1834AA60ECEB3AA89E63846004E01000000003C000A00200000000014730F000000000513040000200021000000000000000000000000000000000000430043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0049004F006200690074005C0049004F00620069007400200055006E0069006E007300740061006C006C00650072005C0049004F0062006900740055006E0069006E007300740061006C00650072002E00650078006500000013002F0055006E0069006E007300740061006C006C004500780070006C006F007200650072000000000023004D004F0054004800450052004600550043004B00450052004A004F004E005C004D006F0074006800650072006600750063006B006500720020004A006F006E0065007300000000000000080003130400000000000000

==================== Loaded Modules (Whitelisted) ==============

2015-08-05 19:14 - 2015-08-05 19:14 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-05 17:23 - 2015-06-29 14:42 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 ____C () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 ____C () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-07-10 04:59 - 2015-07-10 04:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 05:00 - 2015-07-10 07:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-05 19:14 - 2015-08-05 19:14 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-31 17:01 - 2014-07-11 16:04 - 01106720 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
2015-08-06 08:19 - 2015-08-06 08:19 - 00007168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-08-06 08:19 - 2015-08-06 08:19 - 11284480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-07-10 07:17 - 2015-07-10 07:17 - 07897088 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
2015-07-31 17:01 - 2013-10-25 12:08 - 00517408 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-08-02 20:52 - 2015-01-09 18:46 - 00517408 ____C () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
2014-04-24 15:42 - 2014-10-16 11:26 - 00622880 ____C () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-07-31 17:01 - 2013-01-15 18:48 - 00348992 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-07-31 17:01 - 2013-01-15 18:48 - 00183616 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-07-31 17:01 - 2013-01-15 18:48 - 00051008 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-03-30 14:55 - 2015-07-23 22:22 - 00011920 ____C () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-31 17:01 - 2013-01-15 18:48 - 00348992 ____C () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-07-31 17:01 - 2013-01-15 18:48 - 00183616 ____C () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-07-31 17:01 - 2013-01-15 18:48 - 00051008 ____C () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-08-03 11:52 - 2015-08-03 11:52 - 26065408 ____C () C:\Program Files (x86)\Battle.net\Battle.net.6061\libcef.dll
2015-08-03 11:52 - 2015-08-03 11:52 - 00739840 ____C () C:\Program Files (x86)\Battle.net\Battle.net.6061\libGLESv2.dll
2015-08-03 11:52 - 2015-08-03 11:52 - 00909312 ____C () C:\Program Files (x86)\Battle.net\Battle.net.6061\platforms\qwindows.dll
2015-08-03 11:52 - 2015-08-03 11:52 - 00130048 ____C () C:\Program Files (x86)\Battle.net\Battle.net.6061\libEGL.dll
2015-08-03 11:52 - 2015-08-03 11:52 - 00020992 ____C () C:\Program Files (x86)\Battle.net\Battle.net.6061\imageformats\qgif.dll
2015-08-03 11:52 - 2015-08-03 11:52 - 00021504 ____C () C:\Program Files (x86)\Battle.net\Battle.net.6061\imageformats\qico.dll
2015-08-03 11:52 - 2015-08-03 11:52 - 00205312 ____C () C:\Program Files (x86)\Battle.net\Battle.net.6061\imageformats\qjpeg.dll
2015-08-03 11:52 - 2015-08-03 11:52 - 00225792 ____C () C:\Program Files (x86)\Battle.net\Battle.net.6061\imageformats\qmng.dll
2015-08-03 11:52 - 2015-08-03 11:52 - 00015872 ____C () C:\Program Files (x86)\Battle.net\Battle.net.6061\imageformats\qsvg.dll
2015-08-03 11:52 - 2015-08-03 11:52 - 00312832 ____C () C:\Program Files (x86)\Battle.net\Battle.net.6061\imageformats\qtiff.dll
2015-08-03 11:52 - 2015-08-03 11:52 - 00010240 ____C () C:\Program Files (x86)\Battle.net\Battle.net.6061\qml\QtQuick.2\qtquick2plugin.dll
2015-08-03 11:52 - 2015-08-03 11:52 - 00054272 ____C () C:\Program Files (x86)\Battle.net\Battle.net.6061\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-03 11:52 - 2015-08-03 11:52 - 00010240 ____C () C:\Program Files (x86)\Battle.net\Battle.net.6061\qml\QtQml\Models.2\modelsplugin.dll
2015-02-27 15:20 - 2015-02-27 15:20 - 23950848 ____C () C:\Program Files (x86)\World of Warcraft\Utils\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\[bleep] Jones\OneDrive:ms-properties
AlternateDataStreams: C:\Users\[bleep] Jones\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\.DS_Store:AFP_AfpInfo

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4791 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-444016094-2512616490-1840167777-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1 - 205.171.2.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
MSCONFIG\startupreg: BCSSync => "c:\program files (x86)\microsoft office\office14\bcssync.exe" /delayservices
MSCONFIG\startupreg: CCleaner Monitoring =>
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "c:\program files (x86)\daemon tools pro\dtagent.exe" -autorun
MSCONFIG\startupreg: HP Software Update => c:\program files (x86)\hp\hp software update\hpwuschd2.exe
MSCONFIG\startupreg: iTunesHelper =>
MSCONFIG\startupreg: Logitech G930 => c:\program files (x86)\logitech\g930\g930.exe
MSCONFIG\startupreg: Search Protection =>
MSCONFIG\startupreg: SearchProtection =>
MSCONFIG\startupreg: SearchSettings =>
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Logitech G930"
HKLM\...\StartupApproved\Run32: => "uTorrent"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - PrinterBitch.lnk"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - Print$tuff.lnk"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\StartupFolder: => "Logitech blank Product Registration.lnk"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "Advanced SystemCare 7"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "HP Deskjet 3050 J610 series (NET)"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{5CDB7D6F-5630-4F0A-B308-D34F885351D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F4D27B44-3A3D-4BFD-9B57-470CC0961464}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E30BEC3E-6F9D-42FD-AD1D-216EA371C7B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{58ACBE4C-C9DA-4A96-AAF3-8D22479BD886}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{11D4CB3B-48F4-425C-BA65-93D5C917AFF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{960B3840-9334-4DB0-857B-6A012FC9F9F9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{0EDD2A18-25A0-42E7-98D5-2367AA6B1366}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D9AE3007-EC99-44C1-BD40-88E6E73BEDEF}] => (Allow) C:\Users\[bleep] Jones\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{262398AF-333B-48FE-A2D5-DFA20874DC6C}] => (Allow) C:\Users\[bleep] Jones\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{82E9F666-FBF8-41BC-8A3D-98A52521D835}] => (Block) C:\users\[bleep] jones\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{68E5DF1B-EAD8-4B4C-B0C9-B7066345E7DE}] => (Block) C:\users\[bleep] jones\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{22D683FE-4927-484B-A507-71E3B9597D97}C:\users\[bleep] jones\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\[bleep] jones\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{C94EF24C-785A-47F3-BFB8-0300F970500B}C:\users\[bleep] jones\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\[bleep] jones\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{B8543032-C99A-4512-A79D-EA520F44E70D}] => (Block) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [{ADCA684C-9DEC-4F43-B46F-173380B8DBC3}] => (Block) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{2569840A-1047-40C4-8415-FC10070262D0}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{5F573237-4A2C-4635-B961-A1B32B79520F}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [{00B2A218-7E35-4A47-817A-CB495C6F8A0B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms NA\Launcher.exe
FirewallRules: [{F9F9289C-1DDF-4828-9461-ADECF29D9CBC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms NA\Launcher.exe
FirewallRules: [{89F0D478-BFA3-433B-B8B0-09C713F1C3D7}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{A77497D9-A151-43C5-9C6A-4175FA893EAB}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [UDP Query User{63118B6F-58A9-4507-BD14-1D5C4A157B24}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{66FFB245-BCBD-42EA-BE96-3A72922181B7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{F107414F-8B00-47B8-ACC6-D8A493FF00DD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{4621E3D3-360D-43B5-B833-5F5E0938480F}] => (Allow) LPort=1689
FirewallRules: [{9F71B3EC-2E54-46F6-8283-D251E1769B49}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A75838CA-CBA6-42E9-A445-278586906B2A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4CA9024E-3D66-48F6-9C09-908FA9690FF9}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{BD40C593-9BE9-4374-BBCE-EA0C3852A232}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{04590E5B-DB04-41DC-AF66-171676883120}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{8C0EA1EF-71C5-41BC-AC93-866120FAEDE0}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{DD8BDCCF-47FA-4C0F-B570-37BB1E741F32}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{7C504189-94A2-4372-982A-0B1F43561997}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [UDP Query User{2B7DBCE2-0496-4F0B-8560-C648951833F2}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [TCP Query User{89EF54E7-7D58-42DB-A8D8-A83A1C15B33C}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{A6AC6DDC-725A-4D93-AF09-7090D09F4DA0}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{49592F62-A36A-4DDF-8BD3-1D31E91AA18F}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{9FBDD6D0-7C54-4864-ADD5-CD52694E27F9}] => (Allow) LPort=1689
FirewallRules: [{9B477B02-424A-428E-9F10-A623354BAA87}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{35CEA1DE-0731-4D1F-85C1-7621472DED04}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FA94F681-2F63-48BF-B322-31A62C138D15}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6A11701E-E624-4924-80A0-0DC5444510CF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CB140583-0755-417D-8125-E07FA55D55BB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6BD56A72-62F3-4FF0-952E-5FC4C98EFADF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B974EAAF-AFC8-4B74-ACCE-F7232706B855}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{51F1AFBB-16E1-4843-B8D8-50C801C940C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{55E44769-8FFA-40FA-A337-7065A285D839}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{F6FD2146-6CAD-43F7-9D0D-AE35D356F167}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{A3813E8E-BF09-4B73-B446-DF75F9751E5A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{4779ACE4-231A-4F58-A521-281CEB524BDC}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CDFEB8D2-7C1B-4A5D-9AE7-B731D9A23BDA}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{A908DA92-34D8-4C16-BAAA-BACD91642C11}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{8AF1E4E4-0F9C-40AD-9E53-0C25D14A810C}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{A7B12EE5-5619-48B6-AE60-2C821C6040A3}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{A0B10E8C-8F21-44A9-9353-287C46BF1A6B}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{39A7464D-8F9E-4249-8667-FE5E4000A259}] => (Allow) C:\Users\[bleep] Jones\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{C8DD6980-5763-46F4-961C-B201650DB0D5}C:\users\[bleep] jones\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe] => (Allow) C:\users\[bleep] jones\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe
FirewallRules: [UDP Query User{27F25138-2418-45EC-B9DC-59903CB34FA0}C:\users\[bleep] jones\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe] => (Allow) C:\users\[bleep] jones\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe
FirewallRules: [{F4ECC309-EEE7-415C-98CD-7D6E7540F1BE}] => (Block) C:\users\[bleep] jones\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe
FirewallRules: [{195E1A0E-D279-4B0F-800E-1708D7F694D2}] => (Block) C:\users\[bleep] jones\downloads\utorrent plus v3.4.2 build 33023 stable\utorrent.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/11/2015 09:20:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OHub.exe, version: 16.0.6106.2350, time stamp: 0x55c40ea1
Faulting module name: combase.dll, version: 10.0.10240.16384, time stamp: 0x559f3aac
Exception code: 0xc0000005
Fault offset: 0x0000000000081c5a
Faulting process id: 0x6c0
Faulting application start time: 0xOHub.exe0
Faulting application path: OHub.exe1
Faulting module path: OHub.exe2
Report Id: OHub.exe3
Faulting package full name: OHub.exe4
Faulting package-relative application ID: OHub.exe5

Error: (08/11/2015 01:15:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MOTHER[bleep]ERJON)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/10/2015 06:18:40 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (260) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (08/10/2015 06:18:40 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (260) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (08/10/2015 06:18:30 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (260) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (08/10/2015 06:18:30 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (260) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (08/10/2015 06:18:20 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (260) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (08/10/2015 06:18:20 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (260) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (08/10/2015 06:18:09 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (260) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (08/10/2015 06:18:09 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (260) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

System errors:
=============
Error: (08/11/2015 09:21:12 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (08/11/2015 09:18:15 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (08/11/2015 09:16:12 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (08/11/2015 01:15:05 AM) (Source: DCOM) (EventID: 10010) (User: MOTHER[bleep]ERJON)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (08/11/2015 01:15:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/11/2015 01:15:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/11/2015 01:15:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/11/2015 01:15:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/10/2015 06:16:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (08/10/2015 06:13:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Microsoft Office:
=========================
Error: (08/11/2015 09:20:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1combase.dll10.0.10240.16384559f3aacc00000050000000000081c5a6c001d0d4493834ef0aC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\system32\combase.dlle2fae146-dd69-45da-885a-4dfe5a183581Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (08/11/2015 01:15:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MOTHER[bleep]ERJON)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (08/10/2015 06:18:40 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost260-1032

Error: (08/10/2015 06:18:40 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost260C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (08/10/2015 06:18:30 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost260-1032

Error: (08/10/2015 06:18:30 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost260C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (08/10/2015 06:18:20 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost260-1032

Error: (08/10/2015 06:18:20 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost260C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (08/10/2015 06:18:09 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost260-1032

Error: (08/10/2015 06:18:09 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost260C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

CodeIntegrity:
===================================
Date: 2015-08-10 07:57:11.989
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-08 11:06:27.729
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-07 10:21:09.353
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-06 23:47:01.174
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-06 23:47:01.066
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-06 23:47:00.981
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-06 23:47:00.870
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-06 23:47:00.730
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-06 23:47:00.642
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-06 23:47:00.495
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU 930 @ 2.80GHz
Percentage of memory in use: 36%
Total physical RAM: 7159.11 MB
Available physical RAM: 4573.45 MB
Total Virtual: 8311.11 MB
Available Virtual: 5327.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:59.17 GB) NTFS
Drive f: () (Removable) (Total:3.75 GB) (Free:3.75 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2D883ED2)
Partition 1: (Active) - (Size=99 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)

========================================================
Disk: 5 (Size: 3.8 GB) (Disk ID: 0A1EA586)
Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0B)

==================== End of log ============================

#6
Essexboy

Posted 11 August 2015 - 10:45 AM

GeekU Moderator

Retired Staff
69,964 posts

Hi there is no apparent malware present

When the system locks up what process is taking the most RAM ?

Open task manager and under options select Always on top
Click the Memory column so that the largest number is at the top
Then use the system normally until it freezes and note the top process

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
Toolbar: HKU\S-1-5-21-444016094-2512616490-1840167777-1001 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No File
ShellExecuteHooks-x32: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
Task: {01BDDDA4-0245-407F-AF0A-64018BA62EA9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {04113517-2147-4FC8-9084-689BB4B58792} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {0BAD34BF-8BE4-40D2-BF0F-538DF26B2BC3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {11AD6328-3701-4FB2-92CF-38F485D4A68E} - \Uninstaller_SkipUac_Administrator -> No File <==== ATTENTION
Task: {2286593C-1915-48E5-94BC-00E4CDED90F1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2650B69D-F854-4191-A71C-A7E66518872A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {4D25CA74-6524-4162-A767-4BC17E142399} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5563739F-4EEB-41B0-8DB4-908739505F4F} - \Driver Booster SkipUAC (SYSTEM) -> No File <==== ATTENTION
Task: {66FBEA28-E9A8-4485-BB42-3F4A56BDBEA5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {89E01361-4E46-4510-B6B1-3C4630940967} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A32CF277-6830-421C-A3A5-FC10AF2FCE46} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C6D46FE7-4E57-4A4A-B07B-DA8965F2F22C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {DCA124CB-D475-45FC-9C88-8FF4807CF521} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
EmptyTemp:
CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

#7
Ategenos

Posted 11 August 2015 - 03:08 PM

Member

Topic Starter
Member
63 posts

Ok thank you. I will get back to you and let you know what happens. As far as task manager it always says firefox on top unless I'm runnign WoW then 2nd is always System.

#8
Ategenos

Posted 11 August 2015 - 03:23 PM

Member

Topic Starter
Member
63 posts

definitely notice a difference. Still a little slow but thinking now it has more to do with needing a hardware update on my pc. Thank you for your time.

#9
Essexboy

Posted 12 August 2015 - 07:27 AM

GeekU Moderator

Retired Staff
69,964 posts

You might want to free some space on your C drive and run the defrag on it

Drive c: () (Fixed) (Total:930.97 GB) (Free:59.17 GB) NTFS

Also have you updated Firefox after the last zero day ? http://www.securityw...-exploited-wild

#10
Essexboy

Posted 16 August 2015 - 04:14 AM

GeekU Moderator

Retired Staff
69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.