Jump to content

Could you please look at my logs?


Recommended Posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:04-10-2015
Ran by Gakutenou (administrator) on FROSTIE (05-10-2015 09:29:28)
Running from C:\Documents\Downloads
Loaded Profiles: Gakutenou (Available Profiles: Gakutenou)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Comodo) C:\Program Files\COMODO\Dragon\dragon_updater.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(The Pidgin developer community) C:\Program Files\Pidgin\pidgin.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Dropbox, Inc.) C:\Users\Gakutenou\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1713152 2010-02-10] (VIA)
HKLM\...\Run: [AdobeCS4ServiceManager] => C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1361088 2015-08-07] (COMODO)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2015-03-31] (Apple Inc.)
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-29] (Oracle Corporation)
HKLM\...\Run: [startCCC] => C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-09-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-09-11] (Apple Inc.)
HKU\S-1-5-21-272638289-1113591862-871824825-1000\...\Run: [Pidgin] => C:\Program Files\Pidgin\pidgin.exe [60176 2014-11-23] (The Pidgin developer community)
HKU\S-1-5-21-272638289-1113591862-871824825-1000\...\Run: [Dropbox Update] => C:\Users\Gakutenou\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-272638289-1113591862-871824825-1000\...\MountPoints2: {c21ebcb2-55c1-11e4-9d1e-0015834d078b} - E:\CMADownloader.exe
HKU\S-1-5-21-272638289-1113591862-871824825-1000\...\MountPoints2: {e963ec6a-0c8e-11e0-a8f4-0002720a4462} - E:\Setup.exe
HKU\S-1-5-21-272638289-1113591862-871824825-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gakutenou\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gakutenou\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gakutenou\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
Startup: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\Gakutenou\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 62.101.93.101 83.103.25.250
Tcpip\..\Interfaces\{6D0F3120-29BF-4C8E-8D62-D7ECF0110863}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{6D0F3120-29BF-4C8E-8D62-D7ECF0110863}: [DhcpNameServer] 192.168.1.254 62.101.93.101 83.103.25.250
Tcpip\..\Interfaces\{D02B0216-D50C-4AD5-9A71-15CB1ACDA42E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-272638289-1113591862-871824825-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.it/
HKU\S-1-5-21-272638289-1113591862-871824825-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://it.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-272638289-1113591862-871824825-1000 -> {852D8FC4-0542-4AC4-874C-C0B27AC721F7} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default
FF DefaultSearchEngine: Yahoo
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-29] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.4 -> C:\Program Files\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom)
FF Plugin HKU\S-1-5-21-272638289-1113591862-871824825-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-09-11] (Apple Inc.)
FF Extension: BarTab Lite X - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\bartablitex@szabolcs.hubai.xpi [2015-06-03]
FF Extension: Ghostery - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\firefox@ghostery.com.xpi [2013-08-03]
FF Extension: Tumblr Savior - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi [2014-03-27]
FF Extension: The Addon Bar (restored) - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2014-05-10]
FF Extension: Session Manager - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2011-08-03]
FF Extension: X-notifier - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2014-10-16]
FF Extension: NoScript - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-04-30]
FF Extension: LJlogin - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\{ad4ee9e5-49c7-4589-acf3-db9fa76a95c9}.xpi [2011-07-07]
FF Extension: Adblock Plus - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-10-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-10-02]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4353840 2015-09-08] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664704 2015-08-07] (COMODO)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-27] (Comodo)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-07-22] (Flexera Software, Inc.)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [4101624 2011-03-15] (INCA Internet Co., Ltd.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [43680 2011-03-31] (Windows ® Win 7 DDK provider) [File not signed]
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17064 2015-08-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [626776 2015-08-05] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [41736 2015-08-05] (COMODO)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91176 2015-08-05] (COMODO)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [94936 2015-07-24] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-07-24] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-10-05] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-07-24] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-12-21] () [File not signed]
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1119232 2010-01-11] (VIA Technologies, Inc.)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)
R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [22104 2015-07-28] (SplitmediaLabs Limited)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 XDva403; \??\C:\Windows\system32\XDva403.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\Drivers\adfs.sys 6D7F09CD92A9FEF3A8EFCE66231FDD79
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys D0B388DA1D111A34366E04EB4A5DD156
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 78581D6CC903731D9CC497D53C510806
C:\Windows\System32\DRIVERS\atikmpag.sys 8810CD45C5CBFE7ECDC606408E82185F
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\system32\drivers\appid.sys C532028F7EFF8831BE6B5E3C417E07FA
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\Drivers\AthDfu.sys 99925B8EC4FCCDB3992292FBCB31069E
C:\Windows\System32\drivers\AtihdW73.sys 5C86176DD05907F40906A3F07F201965
C:\Windows\System32\drivers\AtiHdmi.sys 8DF873D0587596C1D35A9CECECC61DA1
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthEnum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BTHport.sys 1153DE2E4F5941E10C399CB5592F78A1
C:\Windows\System32\Drivers\BTHUSB.sys C81E9413A25A439F436B1D4B6A0CF9E9
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 33A60554882FDF59CDA3E1806370BBA1
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cmderd.sys 5976375EB1C44B6B1D9723597D8E8830
C:\Windows\System32\DRIVERS\cmdguard.sys 48BE7107E2FD2424236F7007E8321401
C:\Windows\System32\DRIVERS\cmdhlp.sys 19B64DE22CC9E76F16583E6A1613E89B
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 3051724F223EA48968B19567DE2A81F4
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 3583A5A8CC2E682BFFBD4630D0FEC08B
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\system32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hamachi.sys 833051C6C6C42117191935F734CFBD97
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys 487569E5DA56A5A432FF8AF6D3599CF9
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\inspect.sys 4198E206AB735E1565B3634CFDC15F94
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys EB34CE31FABD4DC4343FD2AD16D2CAF9
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 88246FD556E98BF416AC00C418B83D1D
C:\Windows\System32\Drivers\ksecpkg.sys C41140DBF0BEA35E480A9CF9823B2B08
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbamchameleon.sys A1E3A332E76F48410CF403FDF85FAFE0
C:\Windows\system32\drivers\mbam.sys B4CD87E78A01562E3DA67FE1C2779204
C:\Windows\system32\drivers\MBAMSwissArmy.sys 739164A8B8FB2F1B50A498F20AF7B21E
C:\Windows\system32\drivers\mwac.sys 490F0F3ED8A970E2BAA38F719242B8F7
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys BAD9C0366134BA181514E9263C8CE606
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 03F899F521D2AAED1C55008F734DF252
C:\Windows\System32\DRIVERS\mrxsmb.sys BAF4E2BE25E8EDFDAA98AA17D92E3C35
C:\Windows\System32\DRIVERS\mrxsmb10.sys 300E85A19AFD4DF992AB6297C6E64CA1
C:\Windows\System32\DRIVERS\mrxsmb20.sys 70EF9F86474BA28A6898228E1C9ABDCB
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\system32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ASACPI.sys CBE71C122434805CB73FFB6619F60598
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\system32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Ntfs.sys C8DFF8D07755A66C7A4A738930F0FEAC
C:\Windows\system32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\System32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys AEBC369F7DC72AB3F5B9BDF34FA0D43F
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 65375DF758CA1872AB7EBBBA457FD5E6
C:\Windows\system32\Drivers\RDPWD.sys CD9214A6AE17D188D17C3CF8CB9CC693
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys CB928D9E6DAF51879DD6BA8D02F01321
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt86win7.sys 7DFD48E24479B68B258D8770121155A0
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\system32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 5579DD18546999F5D0EC39D018726C6B
C:\Windows\System32\DRIVERS\tcpip.sys 5579DD18546999F5D0EC39D018726C6B
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys 7FE680A3DFA421C4A8E4879AE4C5AAB0
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 6C5139E4283249518F7743D7043775B3
C:\Windows\System32\drivers\tsusbflt.sys C6A5FBD4977305E1FA23E02C042DB463
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 0803FBA9FE829D61AE26EC0BCC910C46
C:\Windows\system32\drivers\usbcir.sys 2352AB5F9F8F097BF9D41D5A4718A041
C:\Windows\system32\drivers\usbehci.sys D40855F89B69305140BBD7E9A3BA2DA6
C:\Windows\System32\DRIVERS\usbhub.sys EDF2DF71C4F1E13A6AC75F5224DE655A
C:\Windows\system32\drivers\usbohci.sys 9828C8D14CC2676421778F0DE638CF97
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\system32\drivers\usbuhci.sys 800AABFD625EEFF899F7E5496BDE37AB
C:\Windows\System32\Drivers\usbvideo.sys DE014425522610BEDCA3821BB8C0F1D5
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\System32\drivers\viahduaa.sys B9ECF6756858C8FED4FE68E966BF2F5F
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacommousefilter.sys 427A8BC96F16C40DF81C2D2F4EDD32DD
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacomvhid.sys 846B58EA44BF8C92E4B59F4E2252C4C0
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 25944D2CC49E0A6C581D02A74B7D6645
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\Windows\System32\DRIVERS\xnacc.sys CE0C846127D6ABB1E2A22E59682B2527
C:\Windows\System32\drivers\xspltspk.sys 2BD580B5074C3AFAD34BF0C6494BBB2B
C:\Windows\System32\DRIVERS\xusb21.sys A640C90B007762939507C28A021BE3B3

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-05 09:18 - 2015-10-05 09:29 - 00000000 ____D C:\FRST
2015-10-05 04:07 - 2015-10-05 04:07 - 00000352 _____ C:\Windows\PFRO.log
2015-10-03 11:14 - 2015-10-03 11:14 - 00001067 _____ C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2015-10-03 11:14 - 2015-10-03 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2015-10-03 07:35 - 2015-10-03 07:35 - 00013191 _____ C:\Users\Gakutenou\Desktop\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} (成年コミック) [雑誌] コミックアンリアル 2015年10月号 Vol.57.zip.torrent
2015-10-02 23:08 - 2015-10-02 23:08 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-02 21:11 - 2015-10-05 04:07 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-09-27 16:39 - 2015-09-27 16:39 - 00002503 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-27 16:39 - 2015-09-27 16:39 - 00000000 ___RD C:\Program Files\Skype
2015-09-27 16:39 - 2015-09-27 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-27 16:39 - 2015-09-27 16:39 - 00000000 ____D C:\Program Files\Common Files\Skype
2015-09-27 16:27 - 2015-09-27 16:27 - 00098143 _____ C:\Users\Gakutenou\Documents\CisReport_x86_v8.2.0.4703_20150927-162704.zip
2015-09-27 16:08 - 2015-09-27 16:08 - 00000000 ____D C:\Windows\it
2015-09-27 16:07 - 2015-09-27 16:07 - 00001251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-09-27 16:05 - 2015-09-27 16:05 - 00001320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-09-22 19:40 - 2015-09-22 19:40 - 00000000 ____D C:\Users\Gakutenou\Tracing
2015-09-21 01:00 - 2015-10-05 05:45 - 00005496 _____ C:\Windows\setupact.log
2015-09-21 01:00 - 2015-09-21 01:00 - 00000000 _____ C:\Windows\setuperr.log
2015-09-11 08:52 - 2015-09-11 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-09-11 08:52 - 2015-09-11 08:52 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-11 08:52 - 2015-09-11 08:52 - 00000000 ____D C:\Program Files\QuickTime
2015-09-09 12:57 - 2015-09-09 12:57 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 12:57 - 2015-09-09 12:57 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 12:57 - 2015-09-09 12:57 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 12:57 - 2015-09-09 12:57 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 12:57 - 2015-09-09 12:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 12:57 - 2015-09-09 12:57 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 12:57 - 2015-09-09 12:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 12:57 - 2015-09-09 12:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-09 12:57 - 2015-09-09 12:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 12:57 - 2015-09-09 12:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 12:57 - 2015-09-09 12:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 12:57 - 2015-09-09 12:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 19856896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 12857344 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-09-09 12:56 - 2015-09-09 12:56 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-09 12:56 - 2015-09-09 12:56 - 02384896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 12:56 - 2015-09-09 12:56 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 12:56 - 2015-09-09 12:56 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 12:56 - 2015-09-09 12:56 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 12:56 - 2015-09-09 12:56 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00344168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-09 12:56 - 2015-09-09 12:56 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-09 12:56 - 2015-09-09 12:56 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-09 12:56 - 2015-09-09 12:56 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-09 12:56 - 2015-09-09 12:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 12:56 - 2015-09-09 12:56 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 12:56 - 2015-09-09 12:56 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-09 12:56 - 2015-09-09 12:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-09 12:56 - 2015-09-09 12:56 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-09 12:56 - 2015-09-09 12:56 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-09 12:56 - 2015-09-09 12:56 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-09 12:56 - 2015-09-09 12:56 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-09 12:56 - 2015-09-09 12:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 12:56 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 12:56 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 12:54 - 2015-09-09 12:54 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 12:54 - 2015-09-09 12:54 - 00105408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 12:54 - 2015-09-09 12:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-09 12:53 - 2015-09-09 12:53 - 02953728 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 12:53 - 2015-09-09 12:53 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 12:53 - 2015-09-09 12:53 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 12:53 - 2015-09-09 12:53 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 12:53 - 2015-09-09 12:53 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 12:53 - 2015-09-09 12:53 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 12:53 - 2015-09-09 12:53 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 12:53 - 2015-09-09 12:53 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 12:53 - 2015-09-09 12:53 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 12:53 - 2015-09-09 12:53 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 12:53 - 2015-09-09 12:53 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 12:52 - 2015-09-09 12:52 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-08 20:16 - 2015-09-08 20:16 - 00000000 ____D C:\ProgramData\Comodo Downloader
2015-09-04 09:12 - 2015-09-04 09:12 - 00051811 _____ C:\Windows\system32\CCCInstall_201509040912299199.log
2015-09-04 09:12 - 2015-09-04 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-09-04 09:12 - 2015-09-04 09:12 - 00000000 ____D C:\ProgramData\ATI
2015-08-29 10:39 - 2015-08-29 10:39 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\Sun
2015-08-29 10:39 - 2015-08-29 10:39 - 00000000 ____D C:\Users\Gakutenou\.oracle_jre_usage
2015-08-29 10:39 - 2015-08-29 10:39 - 00000000 ____D C:\Program Files\Common Files\Java
2015-08-29 10:37 - 2015-08-29 10:37 - 00000000 ____D C:\Users\Gakutenou\AppData\LocalLow\Oracle
2015-08-12 08:58 - 2015-08-12 08:58 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 07:15 - 2015-08-12 07:15 - 00952832 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 07:15 - 2015-08-12 07:15 - 00934400 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 07:15 - 2015-08-12 07:15 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 07:15 - 2015-08-12 07:15 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 07:15 - 2015-08-12 07:15 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 07:15 - 2015-08-12 07:15 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 07:14 - 2015-08-12 07:14 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 07:14 - 2015-08-12 07:14 - 06131200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 07:14 - 2015-08-12 07:14 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 07:14 - 2015-08-12 07:14 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 07:14 - 2015-08-12 07:14 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 07:14 - 2015-08-12 07:14 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 07:14 - 2015-08-12 07:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 07:14 - 2015-08-12 07:14 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 07:14 - 2015-08-12 07:14 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 07:14 - 2015-08-12 07:14 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 07:14 - 2015-08-12 07:14 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 07:14 - 2015-08-12 07:14 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 07:14 - 2015-08-12 07:14 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 07:14 - 2015-08-12 07:14 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 07:14 - 2015-08-12 07:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 07:14 - 2015-08-12 07:14 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 07:14 - 2015-08-12 07:14 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 07:13 - 2015-08-12 07:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-06 11:43 - 2015-08-06 11:43 - 00094208 _____ (Apple Inc.) C:\Windows\system32\QuickTimeVR.qtx
2015-08-06 11:43 - 2015-08-06 11:43 - 00069632 _____ (Apple Inc.) C:\Windows\system32\QuickTime.qts
2015-08-05 17:23 - 2015-08-05 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2015-08-05 17:19 - 2015-08-05 17:23 - 00001001 _____ C:\Users\Public\Desktop\qBittorrent.lnk
2015-08-04 08:28 - 2015-09-04 09:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc32.dll
2015-08-04 08:28 - 2015-09-04 09:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom32.dll
2015-08-04 08:25 - 2015-09-04 09:07 - 00268488 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-08-04 08:21 - 2015-09-04 09:07 - 19503104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-08-04 08:19 - 2015-09-04 09:05 - 00203776 _____ C:\Windows\system32\clinfo.exe
2015-08-04 08:14 - 2015-09-04 09:07 - 39714304 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl.dll
2015-08-04 08:09 - 2015-09-04 09:07 - 00059392 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-04 07:57 - 2015-09-04 09:07 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl.dll
2015-08-04 06:12 - 2015-09-04 09:07 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle32.dll
2015-08-04 05:43 - 2015-09-04 09:07 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle32.dll
2015-08-04 05:21 - 2015-09-04 09:07 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl32.dll
2015-08-04 04:32 - 2015-09-04 09:07 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atioglxx.dll
2015-08-04 04:25 - 2015-09-04 09:07 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-08-04 04:25 - 2015-09-04 09:07 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt.dll
2015-08-04 04:25 - 2015-08-04 04:25 - 00660928 _____ C:\Windows\system32\atiapfxx.blb
2015-08-04 04:24 - 2015-09-04 09:07 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl.dll
2015-08-04 04:21 - 2015-09-04 09:07 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd.dll
2015-08-04 04:21 - 2015-09-04 09:07 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl.dll
2015-08-04 04:07 - 2015-09-04 09:07 - 00189952 _____ C:\Windows\system32\amdgfxinfo32.dll
2015-08-04 04:07 - 2015-09-04 09:07 - 00143872 _____ C:\Windows\system32\atieah32.exe
2015-08-04 04:07 - 2015-09-04 09:07 - 00029184 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-08-04 04:06 - 2015-09-04 09:07 - 00543744 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-08-04 04:06 - 2015-09-04 09:07 - 00214528 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-08-04 04:05 - 2015-09-04 09:07 - 00164352 _____ (AMD) C:\Windows\system32\atitmmxx.dll
2015-08-04 04:00 - 2015-08-04 04:00 - 03471376 _____ C:\Windows\system32\atiumdva.cap
2015-08-04 03:43 - 2015-09-04 09:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-08-04 03:42 - 2015-09-04 09:07 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atigktxx.dll
2015-08-04 03:41 - 2015-09-04 09:07 - 00532480 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-08-04 03:37 - 2015-09-04 09:07 - 00102400 _____ C:\Windows\system32\hsa-thunk.dll
2015-08-04 03:35 - 2015-09-04 09:07 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-07-25 18:25 - 2015-07-25 18:25 - 00000000 ____D C:\Users\Gakutenou\AppData\Local\CEF
2015-07-15 12:20 - 2015-09-04 09:08 - 00086016 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-07-15 12:20 - 2015-09-04 09:08 - 00078848 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW73.sys
2015-07-15 10:11 - 2015-08-29 10:38 - 00097888 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-07-15 09:33 - 2015-07-15 09:33 - 00051811 _____ C:\Windows\system32\CCCInstall_201507150933427669.log
2015-07-15 04:21 - 2015-07-15 04:21 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 04:21 - 2015-07-15 04:21 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 04:21 - 2015-07-15 04:21 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 04:21 - 2015-07-15 04:21 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 04:21 - 2015-07-15 04:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 04:21 - 2015-07-15 04:21 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 04:21 - 2015-07-15 04:21 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 04:21 - 2015-07-15 04:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 04:21 - 2015-07-15 04:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 04:21 - 2015-07-15 04:21 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 04:21 - 2015-07-15 04:21 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 04:21 - 2015-07-15 04:21 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 04:21 - 2015-07-15 04:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-14 15:28 - 2015-07-14 15:28 - 00000855 _____ C:\Users\Gakutenou\Desktop\Doomsday Engine.lnk
2015-07-14 15:28 - 2015-07-14 15:28 - 00000824 _____ C:\Users\Gakutenou\Desktop\Doomsday Shell.lnk
2015-07-14 15:28 - 2015-07-14 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doomsday Engine
2015-07-13 17:19 - 2015-07-13 17:19 - 00169152 _____ C:\Windows\system32\ativce03.dat
2015-07-13 17:19 - 2015-07-13 17:19 - 00167456 _____ C:\Windows\system32\amde31a.dat
2015-07-10 20:16 - 2015-09-29 16:33 - 00000000 ____D C:\ProgramData\69B6DBD2-8E05-476F-B662-CF8D235FD499
2015-07-10 20:16 - 2015-07-10 20:16 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\CELSYS
2015-07-10 20:16 - 2015-07-10 20:16 - 00000000 ____D C:\ProgramData\FEA3F5DE-0F10-454D-B6C0-55E35B170A9D
2015-07-10 20:11 - 2015-07-10 20:11 - 00001002 _____ C:\Users\Public\Desktop\CLIP STUDIO PAINT.lnk
2015-07-10 20:11 - 2015-07-10 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO
2015-07-10 20:11 - 2015-07-10 20:11 - 00000000 ____D C:\Program Files\CELSYS
2015-07-10 09:40 - 2015-07-10 09:40 - 00833798 _____ C:\Windows\system32\amdicdxx.dat

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-05 09:23 - 2014-12-24 03:41 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2015-10-05 09:14 - 2015-03-26 18:13 - 00000978 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-05 08:44 - 2015-06-19 09:30 - 00000934 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-272638289-1113591862-871824825-1000UA.job
2015-10-05 08:37 - 2012-11-17 17:29 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\.purple
2015-10-05 05:54 - 2009-07-14 06:34 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-05 05:54 - 2009-07-14 06:34 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-05 05:49 - 2012-11-17 14:29 - 01470400 _____ C:\Windows\WindowsUpdate.log
2015-10-05 05:46 - 2010-11-29 00:46 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\Dropbox
2015-10-05 05:43 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-05 05:40 - 2015-06-20 00:59 - 00000000 ____D C:\AdwCleaner
2015-10-05 05:25 - 2014-05-21 01:09 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-05 04:13 - 2012-04-11 08:40 - 00000000 ____D C:\Users\Gakutenou\AppData\Local\CrashDumps
2015-10-05 04:07 - 2012-04-25 14:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-10-05 04:02 - 2010-12-01 03:10 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\Skype
2015-10-05 03:50 - 2010-12-27 20:28 - 00000000 ____D C:\Program Files\Steam
2015-10-05 00:41 - 2015-06-19 09:30 - 00000882 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-272638289-1113591862-871824825-1000Core.job
2015-10-04 14:27 - 2010-02-18 18:08 - 00000000 ____D C:\Data
2015-10-03 11:09 - 2013-06-30 17:22 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\qBittorrent
2015-10-03 07:46 - 2010-11-27 20:01 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\CDisplayEx
2015-09-30 07:43 - 2010-12-01 03:10 - 00000000 ____D C:\ProgramData\Skype
2015-09-27 16:41 - 2012-08-05 15:36 - 00000000 ____D C:\Users\Gakutenou\AppData\Local\Windows Live
2015-09-27 16:25 - 2010-11-26 12:48 - 01790318 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-27 16:25 - 2009-07-14 10:21 - 00741336 _____ C:\Windows\system32\perfh010.dat
2015-09-27 16:25 - 2009-07-14 10:21 - 00147442 _____ C:\Windows\system32\perfc010.dat
2015-09-27 16:05 - 2014-03-31 21:34 - 00322248 _____ (Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2015-09-27 16:04 - 2012-08-05 15:39 - 00000000 ____D C:\Program Files\Windows Live
2015-09-27 16:03 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-27 15:52 - 2012-08-05 14:51 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\avidemux
2015-09-24 19:51 - 2013-06-26 17:11 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-23 23:10 - 2010-02-19 14:54 - 00000000 ____D C:\Games
2015-09-23 08:14 - 2015-03-26 18:13 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-09-23 08:14 - 2015-03-26 18:13 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-09-22 19:40 - 2010-11-26 12:48 - 00000000 ____D C:\Users\Gakutenou
2015-09-21 17:53 - 2014-11-27 13:09 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\MPC-HC
2015-09-20 10:27 - 2011-07-06 18:58 - 00000000 ____D C:\Program Files\CCleaner
2015-09-12 15:50 - 2013-02-15 12:36 - 00000000 ____D C:\Users\Gakutenou\AppData\Local\gtk-2.0
2015-09-11 01:20 - 2014-11-02 12:27 - 00001179 _____ C:\Users\Gakutenou\Desktop\SyncBackFree.lnk
2015-09-10 05:51 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-09-10 05:13 - 2009-07-14 06:33 - 02332256 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 05:07 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2015-09-10 04:46 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-10 04:04 - 2013-07-13 03:01 - 00000000 ____D C:\Windows\system32\MRT
2015-09-10 03:12 - 2010-11-27 17:43 - 132039072 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2011-07-10 21:24 - 2011-07-10 21:26 - 0000015 _____ () C:\Program Files\plugin.ini
2013-08-23 20:07 - 2013-08-10 07:59 - 0012005 _____ () C:\Users\Gakutenou\AppData\Roaming\alsoft.ini
2011-01-24 19:22 - 2011-01-24 19:32 - 0000742 _____ () C:\Users\Gakutenou\AppData\Roaming\net.telestream.ustreamproducer.prefs.xml
2012-08-11 18:05 - 2014-08-01 18:43 - 0005120 _____ () C:\Users\Gakutenou\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-04-14 18:04 - 2011-04-14 18:04 - 0000048 _____ () C:\ProgramData\.SimImages
1999-07-07 02:00 - 1999-07-07 02:00 - 0000006 __RSH () C:\ProgramData\4690C72B-FD52-46BD-BB70-A7B9C359EFD3
1999-07-07 02:00 - 1999-07-07 02:00 - 0000006 __RSH () C:\ProgramData\808E7E11-B8F8-4EE0-8929-9B241425315C
1999-07-07 02:00 - 1999-07-07 02:00 - 0000006 __RSH () C:\ProgramData\D81EDBF9-D167-4011-B77D-211DF920EB80
2010-12-01 03:12 - 2010-12-01 03:12 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-07-19 01:14 - 2011-05-20 01:14 - 0000032 ____R () C:\ProgramData\hash.dat

Some files in TEMP:
====================
C:\Users\Gakutenou\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp343sti.dll
C:\Users\Gakutenou\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identificatore          {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  it-IT
inherit                 {globalsettings}
default                 {current}
resumeobject            {e79724fe-f982-11df-8852-e5868dab723b}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Caricatore di avvio di Windows
-------------------
identificatore          {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  it-IT
inherit                 {bootloadersettings}
recoverysequence        {e7972500-f982-11df-8852-e5868dab723b}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {e79724fe-f982-11df-8852-e5868dab723b}
nx                      OptIn

Caricatore di avvio di Windows
-------------------
identificatore          {e7972500-f982-11df-8852-e5868dab723b}
device                  ramdisk=[C:]\Recovery\e7972500-f982-11df-8852-e5868dab723b\Winre.wim,{e7972501-f982-11df-8852-e5868dab723b}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\e7972500-f982-11df-8852-e5868dab723b\Winre.wim,{e7972501-f982-11df-8852-e5868dab723b}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Ripresa da modalità di ibernazione
---------------------
identificatore          {e79724fe-f982-11df-8852-e5868dab723b}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  it-IT
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
pae                     Yes
debugoptionenabled      No

Tester memoria di Windows
---------------------
identificatore          {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Diagnostica memoria Windows
locale                  it-IT
inherit                 {globalsettings}
badmemoryaccess         Yes

Impostazioni Servizi di gestione emergenze
------------
identificatore          {emssettings}
bootems                 Yes

Impostazioni debugger
-----------------
identificatore          {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

Problemi RAM
-----------
identificatore          {badmemory}

Impostazioni globali
---------------
identificatore          {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Impostazioni caricatore di avvio
-------------------
identificatore          {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Impostazioni hypervisor
-------------------
identificatore          {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Impostazioni Resume Loader
----------------------
identificatore          {resumeloadersettings}
inherit                 {globalsettings}

Opzioni dispositivo
--------------
identificatore          {e7972501-f982-11df-8852-e5868dab723b}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\e7972500-f982-11df-8852-e5868dab723b\boot.sdi



LastRegBack: 2015-10-01 01:09

==================== End of FRST.txt ============================

Link to post
Share on other sites

Users shortcut scan result (x86) Version:04-10-2015
Ran by Gakutenou (2015-10-05 09:30:32)
Running from C:\Documents\Downloads
Boot Mode: Normal

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Livestream Procaster.lnk -> C:\Program Files\Livestream Procaster\Procaster.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk -> C:\Program Files\WinZip\WINZIP32.EXE (WinZip Computing, S.L.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk -> C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk -> C:\Program Files\Adobe\Adobe Device Central CS4\DeviceCentral.exe (Adobe Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk -> C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ConnectUI\Adobe Drive CS4.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk -> C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit CS4\ExtendScript Toolkit.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk -> C:\Program Files\Adobe\Adobe Extension Manager CS4\Adobe Extension Manager CS4.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk -> C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Content Manager Assistant for PlayStation®.lnk -> C:\Program Files\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk -> C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk -> C:\Program Files\Pidgin\pidgin.exe (The Pidgin developer community)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\‰©¨ƒtƒƒ“ƒeƒBƒA\“Œ•ûSãY˜O\“Œ•ûSãY˜O ‚ðƒAƒ“ƒCƒ“ƒXƒg[ƒ‹‚·‚é.lnk -> C:\Games\Touhou Project\Touhou 13.5 - Hopeless Masquerade\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\‰©¨ƒtƒƒ“ƒeƒBƒA\“Œ•ûSãY˜O\“Œ•ûSãY˜O.lnk -> C:\Games\Touhou Project\Touhou 13.5 - Hopeless Masquerade\th135.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ãŠCƒAƒŠƒXŒ¶žÙ’c\“Œ•û‹Pjé\readme.lnk -> C:\Games\Touhou Project\Touhou 14 - Double Dealing Character\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ãŠCƒAƒŠƒXŒ¶žÙ’c\“Œ•û‹Pjé\ŠÂ‹«Ý’è.lnk -> C:\Games\Touhou Project\Touhou 14 - Double Dealing Character\custom.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ãŠCƒAƒŠƒXŒ¶žÙ’c\“Œ•û‹Pjé\ƒAƒ“ƒCƒ“ƒXƒg[ƒ‹.lnk -> C:\Games\Touhou Project\Touhou 14 - Double Dealing Character\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ãŠCƒAƒŠƒXŒ¶žÙ’c\“Œ•û‹Pjé\ƒLƒƒƒ‰Ý’è‚ƃGƒLƒXƒgƒ‰ƒXƒg[ƒŠ[.lnk -> C:\Games\Touhou Project\Touhou 14 - Double Dealing Character\omake.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ãŠCƒAƒŠƒXŒ¶žÙ’c\“Œ•û‹Pjé\“Œ•û‹Pjé ƒZ[ƒuƒtƒHƒ‹ƒ_.lnk -> C:\Users\Gakutenou\AppData\Roaming\ShanghaiAlice\th14 ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ãŠCƒAƒŠƒXŒ¶žÙ’c\“Œ•û‹Pjé\“Œ•û‹Pjé.lnk -> C:\Games\Touhou Project\Touhou 14 - Double Dealing Character\th14.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ãŠCƒAƒŠƒXŒ¶žÙ’c\“Œ•û_—ì•_‘ÌŒ±”Å\“Œ•û_—ì•_ ‘ÌŒ±”Å ƒZ[ƒuƒtƒHƒ‹ƒ_.lnk -> C:\Users\Gakutenou\AppData\Roaming\ShanghaiAlice\th13tr ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit\XSplit Broadcaster.lnk -> C:\Program Files\SplitMediaLabs\XSplit\XSplit.Core.exe (SplitMediaLabs)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\WinZip 16.0.lnk -> C:\Program Files\WinZip\WINZIP32.EXE (WinZip Computing, S.L.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Guida a WinRAR.lnk -> C:\Program Files\WinRAR\winrar.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manuale di RAR in modalità carattere.lnk -> C:\Program Files\WinRAR\Rar.Txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Uninstall Winamp.lnk -> C:\Program Files\Winamp\UninstWA.exe (Nullsoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\What's New.lnk -> C:\Program Files\Winamp\whatsnew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp.lnk -> C:\Program Files\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechArts3D\カスタム少女\カスタム少女.lnk -> C:\Program Files\TechArts3D\3D Custom Girl\ObsDX9.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.lnk -> C:\Windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C92.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster Help.lnk -> C:\Program Files\SpywareBlaster\sbhelp.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster\SpywareBlaster.lnk -> C:\Program Files\SpywareBlaster\spywareblaster.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages\SimilarImages.lnk -> C:\Program Files\SimilarImages\SimImages.exe (Nils Maier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages\Uninstall SimilarImages.lnk -> C:\Program Files\SimilarImages\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages\Docs\SimilarImages Release Notes.lnk -> C:\Program Files\SimilarImages\Docs\Notes.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Semagic\Semagic.lnk -> C:\Program Files\Semagic\LiveJournalU.exe (Alexey Semenov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Semagic\Uninstall Semagic.lnk -> C:\Program Files\Semagic\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\League of Legends\Play League of Legends.lnk -> C:\Riot Games\League of Legends\lol.launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Recuva.lnk -> C:\Program Files\Recuva\Recuva.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Uninstall Recuva.lnk -> C:\Program Files\Recuva\uninst.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk -> C:\Windows\Installer\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent\qBittorrent.lnk -> C:\Program Files\qBittorrent\qbittorrent.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent\Uninstall.lnk -> C:\Program Files\qBittorrent\uninst.exe (The qBittorrent project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Base.lnk -> C:\Program Files\OpenOffice.org 3\program\sbase.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Calc.lnk -> C:\Program Files\OpenOffice.org 3\program\scalc.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Draw.lnk -> C:\Program Files\OpenOffice.org 3\program\sdraw.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Impress.lnk -> C:\Program Files\OpenOffice.org 3\program\simpress.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Math.lnk -> C:\Program Files\OpenOffice.org 3\program\smath.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org Writer.lnk -> C:\Program Files\OpenOffice.org 3\program\swriter.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3\OpenOffice.org.lnk -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Disinstalla Malwarebytes Anti-Malware.lnk -> C:\Program Files\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Livestream Procaster\Livestream Procaster.lnk -> C:\Program Files\Livestream Procaster\Procaster.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader.lnk -> C:\Program Files\JDownloader\JDownloader.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader\Uninstall JDownloader.lnk -> C:\Program Files\JDownloader\uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configura Java.lnk -> C:\Program Files\Java\jre1.8.0_60\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2.lnk -> C:\Program Files\Guild Wars 2\Gw2.exe (ArenaNet)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Tyrian 2000\Uninstall Tyrian 2000.lnk -> C:\Games\Tyrian 2000\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Tyrian 2000\Documents\A Guide to Tyrian.lnk -> C:\Games\Tyrian 2000\TyrianFunDoc\Contents.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Tyrian 2000\Documents\Cheats.lnk -> C:\Games\Tyrian 2000\TyrCheat.doc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Tyrian 2000\Documents\Help.lnk -> C:\Games\Tyrian 2000\HELPME.TXT ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Tyrian 2000\Documents\Readme.lnk -> C:\Games\Tyrian 2000\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Tyrian 2000\Documents\Ship Editor.lnk -> C:\Games\Tyrian 2000\SHIPEDIT.TXT ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Serious Sam The First Encounter\Serious Sam The First Encounter.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\Bin\SeriousSam.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Serious Sam The First Encounter\Uninstall Serious Sam The First Encounter.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Serious Sam The First Encounter\Tools\Dedicated Server.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\Bin\DedicatedServer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Serious Sam The First Encounter\Tools\Modeler.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\Bin\SeriousModeler.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Serious Sam The First Encounter\Documents\Manual.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\Help\Manual\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Serious Sam The First Encounter\Documents\Readme.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\ReadMe.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Pandemonium\Pandemonium.lnk -> C:\Games\Pandemonium\PANDY3.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Pandemonium\Uninstall Pandemonium.lnk -> C:\Games\Pandemonium\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Painkiller Black\Editor.lnk -> C:\Games\Painkiller Black\Bin\Editor\PainEditor.exe (People Can Fly)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Painkiller Black\Painkiller Black.lnk -> C:\Games\Painkiller Black\Bin\Painkiller.exe (People Can Fly)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Painkiller Black\Uninstall Painkiller Black.lnk -> C:\Games\Painkiller Black\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Painkiller Black\Documents\Manual.lnk -> C:\Games\Painkiller Black\Docs\Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Painkiller Black\Documents\Pain Engine.lnk -> C:\Games\Painkiller Black\Docs\Pain Engine.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Painkiller Black\Documents\Readme.lnk -> C:\Games\Painkiller Black\Docs\ReadMe.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\One Unit Whole Blood\Uninstall One Unit Whole Blood.lnk -> C:\Games\One Unit Whole Blood\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\One Unit Whole Blood\Documents\Manual.lnk -> C:\Games\One Unit Whole Blood\Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\One Unit Whole Blood\Documents\Readme.lnk -> C:\Games\One Unit Whole Blood\README.TXT ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Mutant Mudds\Mutant Mudds.lnk -> C:\Program Files\GOG.com\Mutant Mudds\MutantMudds.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Mutant Mudds\Uninstall Mutant Mudds.lnk -> C:\Program Files\GOG.com\Mutant Mudds\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Guilty Gear X2 Reload\Guilty Gear X2 Reload.lnk -> C:\Games\Guilty Gear X2 Reload\launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Guilty Gear X2 Reload\Settings.lnk -> C:\Games\Guilty Gear X2 Reload\config.exe (SEGA ARC SYSTEM WORKS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Guilty Gear X2 Reload\Uninstall Guilty Gear X2 Reload.lnk -> C:\Games\Guilty Gear X2 Reload\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Guilty Gear X2 Reload\Documents\Manual.lnk -> C:\Games\Guilty Gear X2 Reload\manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Guilty Gear X2 Reload\Documents\Readme.lnk -> C:\Games\Guilty Gear X2 Reload\README.TXT ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Escape Goat\Escape Goat.lnk -> C:\Games\Escape Goat\EscapeGoat.exe (MagicalTimeBean)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Escape Goat\Uninstall Escape Goat.lnk -> C:\Games\Escape Goat\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Duke Nukem 3D\Uninstall Duke Nukem 3D.lnk -> C:\Games\Duke Nukem 3D\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Duke Nukem 3D\Documents\Manual.lnk -> C:\Games\Duke Nukem 3D\manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doomsday Engine\Doomsday Engine on the Web.lnk -> C:\Games\Doomsday\doomsday.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doomsday Engine\Doomsday Engine.lnk -> C:\Games\Doomsday\snowberry\snowberry.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doomsday Engine\Doomsday Shell.lnk -> C:\Games\Doomsday\bin\doomsday-shell.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doomsday Engine\Uninstall Doomsday Engine.lnk -> C:\Games\Doomsday\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CosmicBreak_eng\CosmicBreak_eng.lnk -> C:\CyberStep\CosmicBreak_eng\CosmicBreak.exe (サイバーステップ株式会社)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO\Dragon\Comodo Dragon.lnk -> C:\Program Files\COMODO\Dragon\dragon.exe (Comodo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO\Dragon\Uninstall Comodo Dragon.lnk -> C:\Program Files\COMODO\Dragon\uninstall.exe (Comodo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\CCCP Settings.lnk -> C:\Program Files\Combined Community Codec Pack\CCCP-Settings.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\CCCP Uninstall.lnk -> C:\Program Files\Combined Community Codec Pack\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\Media Player Classic Home Cinema.lnk -> C:\Program Files\Combined Community Codec Pack\MPC\mpc-hc.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO\CLIP STUDIO PAINT.lnk -> C:\Program Files\CELSYS\CLIP STUDIO EN\CLIP STUDIO PAINT\CLIPStudioPaint.exe (CELSYS,Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO\Uninstall Material.lnk -> C:\Program Files\CELSYS\CLIP STUDIO EN\CLIP STUDIO PAINT\MaterialUninstaller.exe (CELSYS,Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx\CDisplayEx.lnk -> C:\Program Files\CDisplayEx\cdisplayex.exe (CDisplayEx)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx\Disinstalla CDisplayEx.lnk -> C:\Program Files\CDisplayEx\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx\Uninstall CDisplayEx.lnk -> C:\Program Files\CDisplayEx\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo\Leggi.lnk -> C:\Program Files\Tablet\Pen\Leggi.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo\Preferenze Bamboo.lnk -> C:\Program Files\Tablet\Pen\Consumer_CPL.exe (Wacom Technology, Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo\Utility file di preferenze Bamboo.lnk -> C:\Program Files\Tablet\Pen\32\PrefUtil.exe (Wacom Technology, Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux\Avidemux 2.6 (32-bit).lnk -> C:\Program Files\Avidemux 2.6\avidemux.exe (Free Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux\Avidemux job control.lnk -> C:\Program Files\Avidemux 2.6\avidemux_jobs.exe (Free Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux\Change Log 2.6.lnk -> C:\Program Files\Avidemux 2.6\Change Log.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2013.lnk -> C:\Program Files\AVG\AVG2013\avgui.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Architecture 2010\Attach Digital Signatures.lnk -> C:\Program Files\AutoCAD Architecture 2010\AcSignApply.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Architecture 2010\Autodesk Content Browser.lnk -> C:\Program Files\AutoCAD Architecture 2010\AecCB.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Architecture 2010\Batch Standards Checker.lnk -> C:\Program Files\AutoCAD Architecture 2010\DwgCheckStandards.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Architecture 2010\Detail Component - Keynote Database Migration Utility.lnk -> C:\Program Files\AutoCAD Architecture 2010\AecDbMigrationUtility.exe (Autodesk, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Architecture 2010\Keynote Editor.lnk -> C:\Program Files\AutoCAD Architecture 2010\AecKeynoteEditor.exe (Autodesk, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Architecture 2010\Reference Manager.lnk -> C:\Program Files\AutoCAD Architecture 2010\AdRefMan.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Architecture 2010\Migrate Custom Settings\Migrate From a Previous Release.lnk -> C:\Program Files\AutoCAD Architecture 2010\AdMigrator.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aMSN\aMSN.lnk -> C:\Program Files\aMSN\amsn.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aMSN\Uninstall.lnk -> C:\Program Files\aMSN\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk -> C:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe (Advanced Micro Devices Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM\Uninstall AIM.lnk -> C:\Program Files\AIM\uninst.exe (AOL LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Media Player.lnk -> C:\Program Files\Adobe Media Player\Adobe Media Player.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks\SyncBackFree\Disinstalla SyncBackFree.lnk -> C:\Program Files\2BrightSparks\SyncBackFree\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks\SyncBackFree\Forum Online.lnk -> C:\Program Files\2BrightSparks\SyncBackFree\Forums.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks\SyncBackFree\Help.lnk -> C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.CHM ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks\SyncBackFree\Mailing List.lnk -> C:\Program Files\2BrightSparks\SyncBackFree\MailingList.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks\SyncBackFree\SyncBack Free.lnk -> C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks\SyncBackFree\Twitter.lnk -> C:\Program Files\2BrightSparks\SyncBackFree\Twitter.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{E20C50E3-7554-4D45-BC04-8A8E66575982}\PlayTasks\0\Launch.lnk -> C:\Program Files\Steam\steamapps\common\deus ex - human revolution\dxhr.exe (Square Enix Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D8530A10-295D-49AD-AA0D-F4AA8A438C02}\PlayTasks\3\Editor.lnk -> C:\Games\Painkiller Black\Bin\Editor\PainEditor.exe (People Can Fly)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D8530A10-295D-49AD-AA0D-F4AA8A438C02}\PlayTasks\2\Manual.lnk -> C:\Games\Painkiller Black\Docs\Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D8530A10-295D-49AD-AA0D-F4AA8A438C02}\PlayTasks\1\Readme.lnk -> C:\Games\Painkiller Black\Docs\ReadMe.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D8530A10-295D-49AD-AA0D-F4AA8A438C02}\PlayTasks\0\Play.lnk -> C:\Games\Painkiller Black\Bin\Painkiller.exe (People Can Fly)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C51411C0-11DB-AD74-0008-BDAB669A0C20}\PlayTasks\0\Play.lnk -> C:\Program Files\Guild Wars 2\Gw2.exe (ArenaNet)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{721E2CBF-6F7D-442B-9A20-7DB80AC18620}\PlayTasks\0\Play.lnk -> C:\Program Files\GOG.com\Mutant Mudds\MutantMudds.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{5499D378-060D-45DB-86F7-2D008780386B}\PlayTasks\0\Play.lnk -> C:\Games\Pandemonium\PANDY3.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{38699033-19AC-48D7-989C-9382C73CBD69}\PlayTasks\4\Manual.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\Help\Manual\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{38699033-19AC-48D7-989C-9382C73CBD69}\PlayTasks\3\Modeler.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\Bin\SeriousModeler.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{38699033-19AC-48D7-989C-9382C73CBD69}\PlayTasks\2\Dedicated Server.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\Bin\DedicatedServer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{38699033-19AC-48D7-989C-9382C73CBD69}\PlayTasks\1\Readme.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\ReadMe.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{38699033-19AC-48D7-989C-9382C73CBD69}\PlayTasks\0\Play.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\Bin\SeriousSam.exe ()
Shortcut: C:\ProgramData\Autodesk\ACA 2010\enu\Plotters\Add-A-Plotter Wizard.lnk -> C:\Program Files\AutoCAD Architecture 2010\addplwiz.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Autodesk\ACA 2010\enu\Plot Styles\Add-A-Plot Style Table Wizard.lnk -> C:\Program Files\AutoCAD Architecture 2010\styshwiz.exe (Autodesk, Inc.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Gakutenou\Links\Desktop.lnk -> C:\Users\Gakutenou\Desktop ()
Shortcut: C:\Users\Gakutenou\Links\Downloads.lnk -> C:\Users\Gakutenou\Downloads ()
Shortcut: C:\Users\Gakutenou\Links\Dropbox.lnk -> C:\Documents\My Dropbox ()
Shortcut: C:\Users\Gakutenou\Desktop\Adobe Photoshop CS4.lnk -> C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\Gakutenou\Desktop\Doomsday Engine.lnk -> C:\Games\Doomsday\snowberry\snowberry.exe ()
Shortcut: C:\Users\Gakutenou\Desktop\Doomsday Shell.lnk -> C:\Games\Doomsday\bin\doomsday-shell.exe ()
Shortcut: C:\Users\Gakutenou\Desktop\Guilty Gear X2 Reload (Netplay).lnk -> C:\Games\Guilty Gear X2 Reload (Netplay)\ggxx.exe (Sammy ARC SYSTEM WORKS)
Shortcut: C:\Users\Gakutenou\Desktop\join.me.lnk -> C:\Users\Gakutenou\AppData\Local\join.me\join.me.exe (LogMeIn, Inc.)
Shortcut: C:\Users\Gakutenou\Desktop\openCanvas 6.lnk -> C:\Program Files\Steam\steamapps\common\OpenCanvas 6\oC6.exe (PGN Co. Ltd.)
Shortcut: C:\Users\Gakutenou\Desktop\Painkiller Black.lnk -> C:\Games\Painkiller Black\Bin\Painkiller.exe (People Can Fly)
Shortcut: C:\Users\Gakutenou\Desktop\Paint Tool SAI.lnk -> C:\Program Files\PaintTool SAI English Pack\sai.exe ()
Shortcut: C:\Users\Gakutenou\Desktop\Semagic.lnk -> C:\Program Files\Semagic\LiveJournalU.exe (Alexey Semenov)
Shortcut: C:\Users\Gakutenou\Desktop\SyncBackFree.lnk -> C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte Ltd)
Shortcut: C:\Users\Gakutenou\Desktop\Touhou 13 -  Ten Desires.lnk -> C:\Games\Touhou Project\Touhou 13 - Ten Desires\th13e.exe ()
Shortcut: C:\Users\Gakutenou\Desktop\Touhou 14 – Double Dealing Character.lnk -> C:\Games\Touhou Project\Touhou 14 - Double Dealing Character\th14.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk -> C:\Users\Gakutenou\AppData\Local\join.me\join.me.exe (LogMeIn, Inc.)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Guida a WinRAR.lnk -> C:\Program Files\WinRAR\winrar.chm ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manuale di RAR in modalità carattere.lnk -> C:\Program Files\WinRAR\Rar.Txt ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra\Lode Runner Information.lnk -> C:\SIERRA\LODERUNN\LODERUNN.TXT ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra\Lode Runner Joystick Setup.lnk -> C:\SIERRA\LODERUNN\JOYSTICK.TXT ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra\Lode Runner.lnk -> C:\SIERRA\LODERUNN\LODERUNN.EXE ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PaintTool SAI English Pack\PaintTool SAI.lnk -> C:\Users\Gakutenou\PaintTool SAI English Pack\start-sai.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PaintTool SAI English Pack\Uninstall.lnk -> C:\Users\Gakutenou\PaintTool SAI English Pack\uninstall.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OwlboyDemo\OwlboyDemo.lnk -> C:\Program Files\DPad Studio\OwlboyDemo\Owlboy.exe (D-Pad Studio)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OwlboyDemo\Uninstall OwlboyDemo.lnk -> C:\Program Files\DPad Studio\OwlboyDemo\Uninstal.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale\AppLocale.lnk -> C:\Users\Gakutenou\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_294823.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale\readme.lnk -> C:\Users\Gakutenou\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_18be6784.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\About IrfanView.lnk -> C:\Program Files\IrfanView\i_about.txt ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available Languages.lnk -> C:\Program Files\IrfanView\i_languages.txt ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available PlugIns.lnk -> C:\Program Files\IrfanView\i_plugins.txt ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Command line Options.lnk -> C:\Program Files\IrfanView\i_options.txt ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 4.27.lnk -> C:\Program Files\IrfanView\i_view32.exe (Irfan Skiljan)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 4.38.lnk -> C:\Program Files\IrfanView\i_view32.exe (Irfan Skiljan)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Help.lnk -> C:\Program Files\IrfanView\i_view32.chm ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Uninstall IrfanView.lnk -> C:\Program Files\IrfanView\iv_uninstall.exe (Irfan Skiljan, IrfanView)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\What's New.lnk -> C:\Program Files\IrfanView\i_changes.txt ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\SendTo\Trasferimento file Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Semagic.lnk -> C:\Program Files\Semagic\LiveJournalU.exe (Alexey Semenov)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk -> C:\Program Files\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\XSplit Broadcaster.lnk -> C:\Program Files\SplitMediaLabs\XSplit\XSplit.Core.exe (SplitMediaLabs)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\openCanvas 5.5.lnk -> C:\Program Files\Steam\steamapps\common\openCanvas5.5\oC55.exe (PGN Co. Ltd.)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint Tool SAI.lnk -> C:\Program Files\PaintTool SAI English Pack\sai.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\724e6c6e1aea27c4\COMODO Antivirus.lnk -> C:\Program Files\COMODO\COMODO Internet Security\cis.exe (COMODO)
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{F7A6A160-CBAC-4BA6-A200-6AF1C8F84D57}\PlayTasks\0\Gioca.lnk -> C:\Games\Painkiller Black\Bin\Painkiller.exe (People Can Fly)
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{D8530A10-295D-49AD-AA0D-F4AA8A438C02}\PlayTasks\3\Editor.lnk -> C:\Games\Painkiller Black\Bin\Editor\PainEditor.exe (People Can Fly)
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{D8530A10-295D-49AD-AA0D-F4AA8A438C02}\PlayTasks\2\Manual.lnk -> C:\Games\Painkiller Black\Docs\Manual.pdf ()
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{D8530A10-295D-49AD-AA0D-F4AA8A438C02}\PlayTasks\1\Readme.lnk -> C:\Games\Painkiller Black\Docs\ReadMe.txt ()
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{D8530A10-295D-49AD-AA0D-F4AA8A438C02}\PlayTasks\0\Play.lnk -> C:\Games\Painkiller Black\Bin\Painkiller.exe (People Can Fly)
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{C43BED01-196E-4514-AF89-0BA0F3C3355A}\PlayTasks\0\Gioca.lnk -> C:\Program Files\GOG.com\Unreal Gold\System\Unreal.exe (No File)
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{721E2CBF-6F7D-442B-9A20-7DB80AC18620}\PlayTasks\0\Play.lnk -> C:\Program Files\GOG.com\Mutant Mudds\MutantMudds.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{6EC6B38D-584F-4C7D-A80A-F542DF120FDD}\PlayTasks\0\Gioca.lnk -> C:\Program Files\Steam\steamapps\common\ShadowMan\D3DConfigUtility.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{5499D378-060D-45DB-86F7-2D008780386B}\PlayTasks\0\Play.lnk -> C:\Games\Pandemonium\PANDY3.EXE ()
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{53212A29-9887-45B1-9F27-8E24B249CBF0}\PlayTasks\0\Gioca.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\Bin\SeriousSam.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{52C61ED9-70F0-4972-B7B9-B67CBBDA409C}\PlayTasks\0\Gioca.lnk -> C:\Program Files\Steam\steamapps\common\hexen 2\h2.exe (No File)
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{38699033-19AC-48D7-989C-9382C73CBD69}\PlayTasks\4\Manual.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\Help\Manual\index.html ()
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{38699033-19AC-48D7-989C-9382C73CBD69}\PlayTasks\3\Modeler.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\Bin\SeriousModeler.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{38699033-19AC-48D7-989C-9382C73CBD69}\PlayTasks\2\Dedicated Server.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\Bin\DedicatedServer.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{38699033-19AC-48D7-989C-9382C73CBD69}\PlayTasks\1\Readme.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\ReadMe.htm ()
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{38699033-19AC-48D7-989C-9382C73CBD69}\PlayTasks\0\Play.lnk -> C:\Program Files\GOG.com\Serious Sam The First Encounter\Bin\SeriousSam.exe ()
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{34D948EC-2E9D-4E12-AC22-270AAE26F348}\PlayTasks\0\Gioca.lnk -> C:\Program Files\Steam\steamapps\common\psychonauts\Psychonauts.exe (Double Fine Productions)
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{1B5E963C-B95F-42E8-AE4C-78D8BCB4E6B2}\PlayTasks\0\Gioca.lnk -> C:\Games\Divine Divinity\div.exe (No File)
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\GFWLive\Logs\InstallLog.lnk -> C:\Users\Gakutenou\AppData\Local\Microsoft\GFWLive\Install\Logs ()
Shortcut: C:\Users\Gakutenou\AppData\Local\Microsoft\GFWLive\Install\Logs\ClientLog.lnk -> C:\Users\Gakutenou\AppData\Local\Microsoft\GFWLive\Logs ()
Shortcut: C:\Users\Public\Desktop\aMSN.lnk -> C:\Program Files\aMSN\amsn.exe ()
Shortcut: C:\Users\Public\Desktop\Audacity.lnk -> C:\Program Files\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk -> C:\Program Files\Avidemux 2.6\avidemux.exe (Free Software Foundation)
Shortcut: C:\Users\Public\Desktop\CLIP STUDIO PAINT.lnk -> C:\Program Files\CELSYS\CLIP STUDIO EN\CLIP STUDIO PAINT\CLIPStudioPaint.exe (CELSYS,Inc.)
Shortcut: C:\Users\Public\Desktop\Escape Goat.lnk -> C:\Games\Escape Goat\EscapeGoat.exe (MagicalTimeBean)
Shortcut: C:\Users\Public\Desktop\Guild Wars 2.lnk -> C:\Program Files\Guild Wars 2\Gw2.exe (ArenaNet)
Shortcut: C:\Users\Public\Desktop\Guilty Gear X2 Reload.lnk -> C:\Games\Guilty Gear X2 Reload\launcher.exe ()
Shortcut: C:\Users\Public\Desktop\HD VDeck.lnk -> C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Pidgin.lnk -> C:\Program Files\Pidgin\pidgin.exe (The Pidgin developer community)
Shortcut: C:\Users\Public\Desktop\Play League of Legends.lnk -> C:\Riot Games\League of Legends\lol.launcher.exe ()
Shortcut: C:\Users\Public\Desktop\qBittorrent.lnk -> C:\Program Files\qBittorrent\qbittorrent.exe ()
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\XSplit Broadcaster.lnk -> C:\Program Files\SplitMediaLabs\XSplit\XSplit.Core.exe (SplitMediaLabs)
Shortcut: C:\Users\Test\Links\Desktop.lnk -> C:\Users\Gakutenou\Desktop ()
Shortcut: C:\Users\Test\Links\Downloads.lnk -> C:\Users\Gakutenou\Downloads ()
Shortcut: C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Test\AppData\Roaming\Microsoft\Windows\SendTo\Trasferimento file Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp (Safe Mode).lnk -> C:\Program Files\Winamp\winamp.exe (Nullsoft, Inc.) -> /SAFE=1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe () -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe () -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /i {80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Livestream Procaster\Uninstall.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {68E4C751-272B-44E1-94C7-4E1FDC40F7DA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Informazioni su Java.lnk -> C:\Program Files\Java\jre1.8.0_60\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rileva aggiornamenti.lnk -> C:\Program Files\Java\jre1.8.0_60\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Tyrian 2000\Graphic Mode Setup.lnk -> C:\Games\Tyrian 2000\DOSBOX\GOGDOSConfig.exe () -> GOGTYRIAN2000
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Tyrian 2000\Tyrian 2000.lnk -> C:\Games\Tyrian 2000\DOSBOX\DOSBox.exe (DOSBox Team) -> -conf "C:\Games\Tyrian 2000\dosboxT2K.conf" -conf "C:\Games\Tyrian 2000\dosboxT2K_single.conf" -noconsole -c exit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Tyrian 2000\Tools\Setup.lnk -> C:\Games\Tyrian 2000\DOSBOX\DOSBox.exe (DOSBox Team) -> -conf "C:\Games\Tyrian 2000\dosboxT2K.conf" -conf "C:\Games\Tyrian 2000\dosboxT2K_setup.conf" -noconsole -c exit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Tyrian 2000\Tools\Ship Editor.lnk -> C:\Games\Tyrian 2000\DOSBOX\DOSBox.exe (DOSBox Team) -> -conf "C:\Games\Tyrian 2000\dosboxT2K.conf" -conf "C:\Games\Tyrian 2000\dosboxT2K_editor.conf" -noconsole -c exit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Painkiller Black\Dedicated Server.lnk -> C:\Games\Painkiller Black\Bin\Painkiller.exe (People Can Fly) -> -dedicated
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\One Unit Whole Blood\Cryptic Passage.lnk -> C:\Games\One Unit Whole Blood\DOSBOX\DOSBox.exe (DOSBox Team) -> -conf "C:\Games\One Unit Whole Blood\dosboxBlood.conf" -conf "C:\Games\One Unit Whole Blood\dosboxBlood_addon.conf" -noconsole -c exit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\One Unit Whole Blood\Graphic Mode Setup.lnk -> C:\Games\One Unit Whole Blood\DOSBOX\GOGDOSConfig.exe () -> GOGONEUNITONEBLOOD
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\One Unit Whole Blood\Multiplayer.lnk -> C:\Games\One Unit Whole Blood\DOSBOX\GOGDOSConfig.exe () -> GOGONEUNITONEBLOOD NET
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\One Unit Whole Blood\One Unit Whole Blood.lnk -> C:\Games\One Unit Whole Blood\DOSBOX\DOSBox.exe (DOSBox Team) -> -conf "..\dosboxBlood.conf" -conf "..\dosboxBlood_single.conf" -noconsole -c exit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\One Unit Whole Blood\Settings.lnk -> C:\Games\One Unit Whole Blood\DOSBOX\DOSBox.exe (DOSBox Team) -> -conf "..\dosboxBlood.conf" -conf "..\dosboxBlood_settings.conf" -noconsole -c exit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Duke Nukem 3D\Duke Nukem 3D.lnk -> C:\Games\Duke Nukem 3D\DOSBOX\DOSBox.exe (DOSBox Team) -> -conf "C:\Games\Duke Nukem 3D\dosboxDuke3D.conf" -conf "C:\Games\Duke Nukem 3D\dosboxDuke3D_single.conf" -noconsole -c exit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Duke Nukem 3D\Editor.lnk -> C:\Games\Duke Nukem 3D\DOSBOX\DOSBox.exe (DOSBox Team) -> -conf "C:\Games\Duke Nukem 3D\dosboxDuke3D.conf" -conf "C:\Games\Duke Nukem 3D\dosboxDuke3D_editor.conf" -noconsole -c exit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Duke Nukem 3D\Graphic Mode Setup.lnk -> C:\Games\Duke Nukem 3D\DOSBOX\GOGDOSConfig.exe () -> GOGDUKE3D
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Duke Nukem 3D\Multiplayer.lnk -> C:\Games\Duke Nukem 3D\DOSBOX\GOGDOSConfig.exe () -> GOGDUKE3D NET
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Duke Nukem 3D\Settings.lnk -> C:\Games\Duke Nukem 3D\DOSBOX\DOSBox.exe (DOSBox Team) -> -conf "C:\Games\Duke Nukem 3D\dosboxDuke3D.conf" -conf "C:\Games\Duke Nukem 3D\dosboxDuke3D_settings.conf" -noconsole -c exit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO\COMODO Internet Security\Aggiungi e rimuovi componenti.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /I{18F14F4B-D8A9-4309-817E-3BC0B7664E53}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO\COMODO Internet Security\COMODO Internet Security.lnk -> C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO) -> --shortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\Filters\Haali Media Splitter Settings.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack\Filters\Haali\Splitter.ax",Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\Filters\LAV Audio Settings.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack\Filters\LAVFilters\LAVAudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\Filters\LAV Splitter Settings.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack\Filters\LAVFilters\LAVSplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\Filters\LAV Video Settings.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack\Filters\LAVFilters\LAVVideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\Filters\VSFilter Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack\Filters\vsfilter.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk 3ds Max 2012 32-bit - English\License Transfer Utility.lnk -> C:\Program Files\Common Files\Autodesk Shared\AdLM\R4\LTU.exe (Autodesk, Inc.) -> 128D1 2012.0.0.F
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Architecture 2010\AutoCAD Architecture 2010.lnk -> C:\Program Files\AutoCAD Architecture 2010\acad.exe (Autodesk, Inc.) -> /ld "C:\Program Files\AutoCAD Architecture 2010\AecBase.dbx" /p "AutoCAD Architecture (US Metric)"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Architecture 2010\License Transfer Utility.lnk -> C:\Program Files\Common Files\Autodesk Shared\AdLM\R1\LTU.exe (Autodesk, Inc.) -> 185B1 2010.0.0.F -d SA -l en-US
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Architecture 2010\Migrate Custom Settings\Export AutoCAD Architecture 2010 Settings.lnk -> C:\Program Files\AutoCAD Architecture 2010\AdMigrator.exe (Autodesk, Inc.) -> /e
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Architecture 2010\Migrate Custom Settings\Import AutoCAD Architecture 2010 Settings.lnk -> C:\Program Files\AutoCAD Architecture 2010\AdMigrator.exe (Autodesk, Inc.) -> /i
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Guida.lnk -> C:\Program Files\AMD\ATI.ACE\Core-Static\CLI.exe (Advanced Micro Devices Inc.) -> Start Help -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM\AIM.lnk -> C:\Program Files\AIM\aim.exe (AOL Inc.) -> /d locale=en-US
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Gakutenou\Desktop\Touhou 13.5 - Hopeless Masquerade.lnk -> C:\Windows\AppPatch\AppLoc.exe (Microsoft Corporation) -> "C:\Games\Touhou Project\Touhou 13.5 - Hopeless Masquerade\th135.exe" "/L0411"
ShortcutWithArgument: C:\Users\Gakutenou\Desktop\Vanguard Princess.lnk -> C:\Windows\AppPatch\AppLoc.exe (Microsoft Corporation) -> "C:\Games\Vanguard Princess\vanpri108e\vanpri108e.exe" "/L0411"
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk -> C:\Users\Gakutenou\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /systemstartup
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale\BBB.lnk -> C:\Windows\AppPatch\AppLoc.exe (Microsoft Corporation) -> "C:\Games\BIGBANG BEAT 1st Impression\BBB.exe" "/L0411"
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale\okuTO.lnk -> C:\Windows\AppPatch\AppLoc.exe (Microsoft Corporation) -> "C:\Users\Gakutenou\Desktop\And Okuu\OkuTO\okuTO.exe" "/L0411"
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale\option.lnk -> C:\Windows\AppPatch\AppLoc.exe (Microsoft Corporation) -> "C:\Games\BIGBANG BEAT 1st Impression\option.exe" "/L0411"
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale\RozenDiadem.lnk -> C:\Windows\AppPatch\AppLoc.exe (Microsoft Corporation) -> "C:\Users\Gakutenou\Desktop\RozenDiadem[Ver062]\RozenDiadem.exe" "/L0411"
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale\shin_gyakuten_touho.lnk -> C:\Windows\AppPatch\AppLoc.exe (Microsoft Corporation) -> "C:\Users\Gakutenou\Desktop\(C77)[すいかやさん] Shin Gyakuten Touhou\C77)真逆転東方(files+rr3%)\Files\shin_gyakuten_touho.exe" "/L0411"
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> C:\Program Files\IrfanView\i_view32.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\Gakutenou\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AIM.lnk -> C:\Program Files\AIM\aim.exe (AOL Inc.) -> /d locale=en-US
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{D8530A10-295D-49AD-AA0D-F4AA8A438C02}\PlayTasks\4\Dedicated Server.lnk -> C:\Games\Painkiller Black\Bin\Painkiller.exe (People Can Fly) -> -dedicated
ShortcutWithArgument: C:\Users\Public\Desktop\AutoCAD Architecture 2010 (US Metric).lnk -> C:\Program Files\AutoCAD Architecture 2010\acad.exe (Autodesk, Inc.) -> /ld "C:\Program Files\AutoCAD Architecture 2010\AecBase.dbx" /p "AutoCAD Architecture (US Metric)"
ShortcutWithArgument: C:\Users\Public\Desktop\COMODO Internet Security.lnk -> C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO) -> --shortcut
ShortcutWithArgument: C:\Users\Public\Desktop\One Unit Whole Blood.lnk -> C:\Games\One Unit Whole Blood\DOSBOX\DOSBox.exe (DOSBox Team) -> -conf "..\dosboxBlood.conf" -conf "..\dosboxBlood_single.conf" -noconsole -c exit
ShortcutWithArgument: C:\Users\Public\Desktop\Tyrian 2000.lnk -> C:\Games\Tyrian 2000\DOSBOX\DOSBox.exe (DOSBox Team) -> -conf "C:\Games\Tyrian 2000\dosboxT2K.conf" -conf "C:\Games\Tyrian 2000\dosboxT2K_single.conf" -noconsole -c exit
ShortcutWithArgument: C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Test\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Recuva Homepage.url -> hxxp://www.piriform.com/recuva
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visita Java.com.url -> hxxp://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visualizza la Guida.url -> hxxp://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2 Support Web Site.url -> hxxp://support.guildwars2.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2 Web Site.url -> hxxp://www.guildwars2.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Tyrian 2000\Documents\Support.url -> hxxp://www.gog.com/en/support/Tyrian 2000
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Serious Sam The First Encounter\Documents\Support (online).url -> hxxp://www.gog.com/en/support/serious_sam_the_first_encounter
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Pandemonium\Documents\Support (online).url -> hxxp://www.gog.com/en/support/pandemonium
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Painkiller Black\Documents\Support (online).url -> hxxp://www.gog.com/en/support/painkiller
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\One Unit Whole Blood\Documents\Support.url -> hxxp://www.gog.com/support/one_unit_whole_blood
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Mutant Mudds\Documents\Support (online).url -> hxxp://www.gog.com/en/support/mutant_mudds
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Guilty Gear X2 Reload\Documents\Support.url -> hxxp://www.gog.com/support/guilty_gear_x2_reload
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Escape Goat\Documents\Support.url -> hxxp://www.gog.com/support/escape_goat
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Duke Nukem 3D\Documents\Support.url -> hxxp://www.gog.com/support/duke_nukem_3d_atomic_edition
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\CCCP Playback FAQ.url -> hxxp://www.cccp-project.net/wiki/index.php?title=Main_Page
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack\CCCP Website.url -> hxxp://www.cccp-project.net/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM\Visit AIM on the Web.url -> hxxp://www.aim.com
InternetURL: C:\ProgramData\Microsoft\Windows\GameExplorer\{D8530A10-295D-49AD-AA0D-F4AA8A438C02}\PlayTasks\5\Support (online).url -> hxxp://www.gog.com/en/support/painkiller
InternetURL: C:\ProgramData\Microsoft\Windows\GameExplorer\{721E2CBF-6F7D-442B-9A20-7DB80AC18620}\SupportTasks\0\Support (online).url -> hxxp://www.gog.com/en/support/mutant_mudds
InternetURL: C:\ProgramData\Microsoft\Windows\GameExplorer\{5499D378-060D-45DB-86F7-2D008780386B}\SupportTasks\0\Support (online).url -> hxxp://www.gog.com/en/support/pandemonium
InternetURL: C:\ProgramData\Microsoft\Windows\GameExplorer\{38699033-19AC-48D7-989C-9382C73CBD69}\PlayTasks\5\Support (online).url -> hxxp://www.gog.com/en/support/serious_sam_the_first_encounter
InternetURL: C:\Users\Gakutenou\Favorites\Benvenuti su MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\Gakutenou\Favorites\Home Page di Microsoft Windows.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Gakutenou\Favorites\Microsoft Italia.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Gakutenou\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Gakutenou\Favorites\Siti Web Microsoft\Internet Explorer - Home.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Gakutenou\Favorites\Siti Web Microsoft\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Gakutenou\Favorites\MSN\MSN Intrattenimento.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\Gakutenou\Favorites\MSN\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\Gakutenou\Favorites\MSN\MSN Motori.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\Gakutenou\Favorites\MSN\MSN Notizie.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\Gakutenou\Favorites\MSN\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\Gakutenou\Favorites\MSN\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\Gakutenou\Favorites\Microsoft Websites\Gallery Add-on per IE.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Gakutenou\Favorites\Links\Siti suggeriti.url -> 0
InternetURL: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Team Fortress 2 Beta.url -> steam://rungameid/520
InternetURL: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> 0
InternetURL: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{D8530A10-295D-49AD-AA0D-F4AA8A438C02}\PlayTasks\5\Support (online).url -> hxxp://www.gog.com/en/support/painkiller
InternetURL: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{721E2CBF-6F7D-442B-9A20-7DB80AC18620}\SupportTasks\0\Support (online).url -> hxxp://www.gog.com/en/support/mutant_mudds
InternetURL: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{5499D378-060D-45DB-86F7-2D008780386B}\SupportTasks\0\Support (online).url -> hxxp://www.gog.com/en/support/pandemonium
InternetURL: C:\Users\Gakutenou\AppData\Local\Microsoft\Windows\GameExplorer\{38699033-19AC-48D7-989C-9382C73CBD69}\PlayTasks\5\Support (online).url -> hxxp://www.gog.com/en/support/serious_sam_the_first_encounter

==================== End of Shortcut.txt =============================

Addition.txt

Link to post
Share on other sites

# AdwCleaner v5.010 - Creato file registro eventi 05/10/2015 in 04:00:26
# Aggiornato 04/10/2015 da Xplode
# Database : 2015-10-04.3 [server]
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (x86)
# Nome utente : Gakutenou - FROSTIE
# In esecuzione da : C:\Documents\Downloads\adwcleaner_5.010.exe
# Opzione : Analisi
# Supporto : http://toolslib.net/forum

***** [ Servizi ] *****


***** [ Cartelle ] *****


***** [ File ] *****


***** [ DLLs ] *****


***** [ Collegamenti ] *****


***** [ Attività pianificate ] *****


***** [ Registry ] *****

Chiave Trovato : HKLM\SOFTWARE\Classes\CLSID\{525F116F-04AD-40A2-AE2F-A0C4E1AFEF98}
Chiave Trovato : HKLM\SOFTWARE\Classes\CLSID\{9852A670-F845-491B-9BE6-EBD841B8A613}
Chiave Trovato : HKLM\SOFTWARE\Classes\CLSID\{ACE4747B-35BD-4E97-9DD7-1D4245B0695C}
Chiave Trovato : HKLM\SOFTWARE\Classes\CLSID\{CE77C59C-CFD2-429F-868C-8B04D23F94CA}
Chiave Trovato : HKLM\SOFTWARE\Classes\CLSID\{F544E0F5-CA3C-47EA-A64D-35FCF1602396}

***** [ Browser web ] *****


*************************

C:\AdwCleaner[R1].txt - [1115 byte] - [16/07/2013 20:58:41]
C:\AdwCleaner[s1].txt - [1941 byte] - [25/06/2013 22:27:23]
C:\AdwCleaner[s2].txt - [1130 byte] - [16/07/2013 20:59:38]

########## EOF - C:\AdwCleaner\AdwCleaner[s22].txt - [1265 byte] ##########

 

(Successive scans resulted clean)

Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x86
Ran by Gakutenou on Mon 10/05/2015 at  4:47:26.22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Gakutenou\Appdata\Local\{3187EF8F-8407-404D-ADF9-E5B18BD716CA}
Successfully deleted: [Empty Folder] C:\Users\Gakutenou\Appdata\Local\{50CBDA0E-8504-45F8-993C-DB8D7E44C7B7}
Successfully deleted: [Empty Folder] C:\Users\Gakutenou\Appdata\Local\{6E6ECD21-0DE6-4020-AC9E-C585E2F73218}
Successfully deleted: [Empty Folder] C:\Users\Gakutenou\Appdata\Local\{7D9756DF-0FF5-4FA9-AA88-38A1315A802F}
Successfully deleted: [Empty Folder] C:\Users\Gakutenou\Appdata\Local\{973A47F0-603E-4927-A751-71E82A66A8AE}
Successfully deleted: [Folder] C:\Windows\System32\ai_recyclebin



~~~ FireFox

Emptied folder: C:\Users\Gakutenou\AppData\Roaming\mozilla\firefox\profiles\h8iwbwr6.default\minidumps [13 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 10/05/2015 at  4:53:14.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

(Successive scans resulted clean)

Link to post
Share on other sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Data scansione: 10/5/2015
Ora scansione: 09:43
File di log: MBAM-Log.txt
Amministratore: Sì

Versione: 2.1.8.1057
Database malware: v2015.10.05.02
Database rootkit: v2015.10.02.01
Licenza: Premium
Protezione da malware: Attivata
Protezione da siti web nocivi: Attivata
Auto-protezione: Attivata

SO: Windows 7 Service Pack 1
CPU: x86
File system: NTFS
Utente: Gakutenou

Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 394256
Tempo impiegato: 16 min, 51 sec

Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Euristiche: Attivata
PUP: Avviso
PUM: Attivata

Processi: 0
(Nessun elemento nocivo rilevato)

Moduli: 0
(Nessun elemento nocivo rilevato)

Chiavi di registro: 0
(Nessun elemento nocivo rilevato)

Valori di registro: 0
(Nessun elemento nocivo rilevato)

Dati di registro: 0
(Nessun elemento nocivo rilevato)

Cartelle: 0
(Nessun elemento nocivo rilevato)

File: 0
(Nessun elemento nocivo rilevato)

Settori fisici: 0
(Nessun elemento nocivo rilevato)


(end)

Link to post
Share on other sites

I ran a scan with the newest version of AdwCleaner, and the same registry keys have reappeared, but not the folders detected by JRT, with the exception of:

~~~ FireFox

Emptied folder: C:\Users\Gakutenou\AppData\Roaming\mozilla\firefox\profiles\h8iwbwr6.default\minidumps [1 files]


Can someone please help?

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-10-2015 01
Ran by Gakutenou (administrator) on FROSTIE (15-10-2015 19:05:53)
Running from C:\Documents\Downloads
Loaded Profiles: Gakutenou (Available Profiles: Gakutenou)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Comodo) C:\Program Files\COMODO\Dragon\dragon_updater.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
(The Pidgin developer community) C:\Program Files\Pidgin\pidgin.exe
(Dropbox, Inc.) C:\Users\Gakutenou\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc.) C:\Users\Gakutenou\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1713152 2010-02-10] (VIA)
HKLM\...\Run: [AdobeCS4ServiceManager] => C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1361088 2015-08-07] (COMODO)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2015-03-31] (Apple Inc.)
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-29] (Oracle Corporation)
HKLM\...\Run: [startCCC] => C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-09-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-09-11] (Apple Inc.)
HKU\S-1-5-21-272638289-1113591862-871824825-1000\...\Run: [Pidgin] => C:\Program Files\Pidgin\pidgin.exe [60176 2014-11-23] (The Pidgin developer community)
HKU\S-1-5-21-272638289-1113591862-871824825-1000\...\Run: [Dropbox Update] => C:\Users\Gakutenou\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-272638289-1113591862-871824825-1000\...\MountPoints2: {c21ebcb2-55c1-11e4-9d1e-0015834d078b} - E:\CMADownloader.exe
HKU\S-1-5-21-272638289-1113591862-871824825-1000\...\MountPoints2: {e963ec6a-0c8e-11e0-a8f4-0002720a4462} - E:\Setup.exe
HKU\S-1-5-21-272638289-1113591862-871824825-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gakutenou\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gakutenou\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gakutenou\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
Startup: C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\Gakutenou\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 62.101.93.101 83.103.25.250
Tcpip\..\Interfaces\{6D0F3120-29BF-4C8E-8D62-D7ECF0110863}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{6D0F3120-29BF-4C8E-8D62-D7ECF0110863}: [DhcpNameServer] 192.168.1.254 62.101.93.101 83.103.25.250
Tcpip\..\Interfaces\{D02B0216-D50C-4AD5-9A71-15CB1ACDA42E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-272638289-1113591862-871824825-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.it/
HKU\S-1-5-21-272638289-1113591862-871824825-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://it.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-272638289-1113591862-871824825-1000 -> {852D8FC4-0542-4AC4-874C-C0B27AC721F7} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default
FF DefaultSearchEngine: Yahoo
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-14] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-29] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.4 -> C:\Program Files\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom)
FF Plugin HKU\S-1-5-21-272638289-1113591862-871824825-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-09-11] (Apple Inc.)
FF Extension: BarTab Lite X - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\bartablitex@szabolcs.hubai.xpi [2015-06-03]
FF Extension: Ghostery - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\firefox@ghostery.com.xpi [2013-08-03]
FF Extension: Tumblr Savior - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi [2014-03-27]
FF Extension: The Addon Bar (restored) - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2014-05-10]
FF Extension: Session Manager - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2011-08-03]
FF Extension: X-notifier - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2014-10-16]
FF Extension: NoScript - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-04-30]
FF Extension: LJlogin - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\{ad4ee9e5-49c7-4589-acf3-db9fa76a95c9}.xpi [2011-07-07]
FF Extension: Adblock Plus - C:\Users\Gakutenou\AppData\Roaming\Mozilla\Firefox\Profiles\h8iwbwr6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-10-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-10-02]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4353840 2015-09-08] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664704 2015-08-07] (COMODO)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [1984696 2015-10-14] (Comodo)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-07-22] (Flexera Software, Inc.)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [4101624 2011-03-15] (INCA Internet Co., Ltd.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [43680 2011-03-31] (Windows ® Win 7 DDK provider) [File not signed]
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17064 2015-08-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [626776 2015-08-05] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [41736 2015-08-05] (COMODO)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91176 2015-08-05] (COMODO)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [94936 2015-07-24] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-07-24] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-10-13] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-07-24] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-12-21] () [File not signed]
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1119232 2010-01-11] (VIA Technologies, Inc.)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)
R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [22104 2015-07-28] (SplitmediaLabs Limited)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 XDva403; \??\C:\Windows\system32\XDva403.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-15 14:18 - 2015-10-15 14:18 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 14:18 - 2015-10-15 14:18 - 00999936 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-15 14:18 - 2015-10-15 14:18 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 14:18 - 2015-10-15 14:18 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 14:18 - 2015-10-15 14:18 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 14:18 - 2015-10-15 14:18 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 14:18 - 2015-10-15 14:18 - 00023384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 11:18 - 2015-10-15 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2015-10-15 11:09 - 2015-10-15 11:09 - 00044867 _____ C:\Users\Gakutenou\Desktop\gccx136.torrent
2015-10-13 19:39 - 2015-10-13 19:39 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-13 19:39 - 2015-10-13 19:39 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-13 19:38 - 2015-10-13 19:39 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 03990976 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-13 19:38 - 2015-10-13 19:38 - 03936192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-13 19:38 - 2015-10-13 19:38 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-13 19:38 - 2015-10-13 19:38 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-13 19:38 - 2015-10-13 19:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00139096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-13 19:38 - 2015-10-13 19:38 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-13 19:38 - 2015-10-13 19:38 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-13 19:38 - 2015-10-13 19:38 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-13 19:38 - 2015-10-13 19:38 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-13 19:38 - 2015-10-13 19:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-13 19:38 - 2015-10-13 19:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-13 19:38 - 2015-10-13 19:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 19:38 - 2015-10-13 19:38 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-13 19:37 - 2015-10-13 19:37 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-13 19:37 - 2015-10-13 19:37 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-13 19:37 - 2015-10-13 19:37 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-13 19:37 - 2015-10-13 19:37 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-13 19:37 - 2015-10-13 19:37 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-13 19:37 - 2015-10-13 19:37 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-13 19:37 - 2015-10-13 19:37 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-13 19:37 - 2015-10-13 19:37 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-13 19:37 - 2015-10-13 19:37 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-13 19:37 - 2015-10-13 19:37 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-13 19:37 - 2015-10-13 19:37 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-13 19:37 - 2015-10-13 19:37 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-13 19:37 - 2015-10-13 19:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 20357632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 12853760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-13 19:36 - 2015-10-13 19:36 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-13 19:36 - 2015-10-13 19:36 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 19:36 - 2015-10-13 19:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00345688 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-13 19:36 - 2015-10-13 19:36 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-13 19:36 - 2015-10-13 19:36 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 19:36 - 2015-10-13 19:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-13 19:36 - 2015-10-13 19:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-13 19:36 - 2015-10-13 19:36 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 19:36 - 2015-10-13 19:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 19:36 - 2015-09-16 05:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-13 19:36 - 2015-09-16 05:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-12 21:22 - 2015-10-12 21:23 - 23224700 _____ C:\Users\Gakutenou\Desktop\mikuroom.mp4
2015-10-12 18:55 - 2015-10-12 18:55 - 00013817 _____ C:\Users\Gakutenou\Desktop\[bakaBT.130148v1] The Gargoyle of the Yoshinagas.torrent
2015-10-05 18:59 - 2015-10-05 18:59 - 00000000 ____D C:\Users\Gakutenou\Documents\Telltale Games
2015-10-05 09:18 - 2015-10-15 19:05 - 00000000 ____D C:\FRST
2015-10-05 04:07 - 2015-10-13 21:03 - 00000714 _____ C:\Windows\PFRO.log
2015-10-03 11:14 - 2015-10-03 11:14 - 00001067 _____ C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2015-10-03 11:14 - 2015-10-03 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2015-10-02 23:08 - 2015-10-02 23:08 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-02 21:11 - 2015-10-05 04:07 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-09-27 16:39 - 2015-09-27 16:39 - 00002503 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-27 16:39 - 2015-09-27 16:39 - 00000000 ___RD C:\Program Files\Skype
2015-09-27 16:39 - 2015-09-27 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-27 16:39 - 2015-09-27 16:39 - 00000000 ____D C:\Program Files\Common Files\Skype
2015-09-27 16:27 - 2015-09-27 16:27 - 00098143 _____ C:\Users\Gakutenou\Documents\CisReport_x86_v8.2.0.4703_20150927-162704.zip
2015-09-27 16:08 - 2015-09-27 16:08 - 00000000 ____D C:\Windows\it
2015-09-27 16:07 - 2015-09-27 16:07 - 00001251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-09-27 16:05 - 2015-09-27 16:05 - 00001320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-09-22 19:40 - 2015-09-22 19:40 - 00000000 ____D C:\Users\Gakutenou\Tracing
2015-09-21 01:00 - 2015-10-15 19:01 - 00011096 _____ C:\Windows\setupact.log
2015-09-21 01:00 - 2015-09-21 01:00 - 00000000 _____ C:\Windows\setuperr.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-15 19:06 - 2012-11-17 14:29 - 02092388 _____ C:\Windows\WindowsUpdate.log
2015-10-15 19:02 - 2010-11-29 00:46 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\Dropbox
2015-10-15 19:01 - 2012-11-17 17:29 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\.purple
2015-10-15 18:59 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-15 18:58 - 2014-12-24 03:41 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2015-10-15 18:58 - 2009-07-14 06:34 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-15 18:58 - 2009-07-14 06:34 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-15 18:49 - 2012-04-11 08:40 - 00000000 ____D C:\Users\Gakutenou\AppData\Local\CrashDumps
2015-10-15 18:49 - 2010-11-26 12:48 - 01790318 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-15 18:49 - 2009-07-14 10:21 - 00741336 _____ C:\Windows\system32\perfh010.dat
2015-10-15 18:49 - 2009-07-14 10:21 - 00147442 _____ C:\Windows\system32\perfc010.dat
2015-10-15 18:41 - 2015-06-19 09:30 - 00000934 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-272638289-1113591862-871824825-1000UA.job
2015-10-15 18:40 - 2015-04-15 13:43 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-15 18:40 - 2014-05-02 11:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 18:36 - 2010-12-01 03:10 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\Skype
2015-10-15 18:14 - 2015-03-26 18:13 - 00000978 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-15 11:26 - 2013-06-30 17:22 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\qBittorrent
2015-10-15 11:18 - 2015-08-05 17:19 - 00001001 _____ C:\Users\Public\Desktop\qBittorrent.lnk
2015-10-15 11:18 - 2013-06-30 17:21 - 00000000 ____D C:\Program Files\qBittorrent
2015-10-15 00:49 - 2015-06-19 09:30 - 00000882 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-272638289-1113591862-871824825-1000Core.job
2015-10-14 21:04 - 2014-10-22 18:51 - 00000000 ____D C:\Program Files\COMODO
2015-10-14 15:37 - 2015-07-10 20:16 - 00000000 ____D C:\ProgramData\69B6DBD2-8E05-476F-B662-CF8D235FD499
2015-10-14 03:18 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-10-14 02:14 - 2015-03-26 18:13 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-10-14 02:14 - 2015-03-26 18:13 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-10-13 21:11 - 2015-06-20 00:59 - 00000000 ____D C:\AdwCleaner
2015-10-13 21:03 - 2010-12-27 20:28 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-10-13 21:00 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2015-10-13 20:57 - 2013-07-13 03:01 - 00000000 ____D C:\Windows\system32\MRT
2015-10-13 20:50 - 2010-11-27 17:43 - 141105520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-13 20:17 - 2014-05-21 01:09 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-12 02:00 - 2010-12-27 20:28 - 00000000 ____D C:\Program Files\Steam
2015-10-11 19:17 - 2015-04-25 21:38 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\Audacity
2015-10-10 00:20 - 2010-11-27 20:01 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\CDisplayEx
2015-10-09 17:27 - 2014-06-07 15:58 - 00000000 ____D C:\Users\Gakutenou\Documents\University
2015-10-08 11:24 - 2009-07-14 06:53 - 00032556 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-05 11:14 - 2011-07-06 18:58 - 00000000 ____D C:\Program Files\CCleaner
2015-10-05 04:07 - 2012-04-25 14:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-10-04 14:27 - 2010-02-18 18:08 - 00000000 ____D C:\Data
2015-09-30 07:43 - 2010-12-01 03:10 - 00000000 ____D C:\ProgramData\Skype
2015-09-27 16:41 - 2012-08-05 15:36 - 00000000 ____D C:\Users\Gakutenou\AppData\Local\Windows Live
2015-09-27 16:05 - 2014-03-31 21:34 - 00322248 _____ (Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2015-09-27 16:04 - 2012-08-05 15:39 - 00000000 ____D C:\Program Files\Windows Live
2015-09-27 16:03 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-27 15:52 - 2012-08-05 14:51 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\avidemux
2015-09-24 19:51 - 2013-06-26 17:11 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-23 23:10 - 2010-02-19 14:54 - 00000000 ____D C:\Games
2015-09-22 19:40 - 2010-11-26 12:48 - 00000000 ____D C:\Users\Gakutenou
2015-09-21 17:53 - 2014-11-27 13:09 - 00000000 ____D C:\Users\Gakutenou\AppData\Roaming\MPC-HC

==================== Files in the root of some directories =======

2011-07-10 21:24 - 2011-07-10 21:26 - 0000015 _____ () C:\Program Files\plugin.ini
2013-08-23 20:07 - 2013-08-10 07:59 - 0012005 _____ () C:\Users\Gakutenou\AppData\Roaming\alsoft.ini
2011-01-24 19:22 - 2011-01-24 19:32 - 0000742 _____ () C:\Users\Gakutenou\AppData\Roaming\net.telestream.ustreamproducer.prefs.xml
2012-08-11 18:05 - 2014-08-01 18:43 - 0005120 _____ () C:\Users\Gakutenou\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-04-14 18:04 - 2011-04-14 18:04 - 0000048 _____ () C:\ProgramData\.SimImages
1999-07-07 02:00 - 1999-07-07 02:00 - 0000006 __RSH () C:\ProgramData\4690C72B-FD52-46BD-BB70-A7B9C359EFD3
1999-07-07 02:00 - 1999-07-07 02:00 - 0000006 __RSH () C:\ProgramData\808E7E11-B8F8-4EE0-8929-9B241425315C
1999-07-07 02:00 - 1999-07-07 02:00 - 0000006 __RSH () C:\ProgramData\D81EDBF9-D167-4011-B77D-211DF920EB80
2010-12-01 03:12 - 2010-12-01 03:12 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-07-19 01:14 - 2011-05-20 01:14 - 0000032 ____R () C:\ProgramData\hash.dat

Files to move or delete:
====================
C:\ProgramData\hash.dat


Some files in TEMP:
====================
C:\Users\Gakutenou\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp03fmxl.dll
C:\Users\Gakutenou\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-11 00:53
 

Addition.txt

Link to post
Share on other sites

  • Root Admin

I do not see anything obvious to indicate an infection. The only obvious issue shown is this entry in your hosts file which is designed to pirate software from Adobe.

 

127.0.0.1 activate.adobe.com

 

I would recommend you remove the entry and any unauthorized software from Adobe.

 

 

At this time there are no more signs of an infection on your system.
However if you are still seeing any signs of an infection please let me know.

Let's go ahead and remove the tools and logs we've used during this process.

Most of the tools used are potentially dangerous to use unsupervised or if ran at the wrong time.
They are often updated daily so if you went to use them again in the future they would be outdated anyways.

The following procedures will implement some cleanup procedures to remove these tools.
 
bwebb7v.jpgDownload Delfix from here and save it to your desktop. (you may already have this)

  • Ensure Remove disinfection tools is checked.
  • Click the Run button.
  • Reboot

Any other programs or logs that are still remaining, you can manually delete. (right click.....Delete)
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST folder, FRST-OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall.


 
If there are any other left over Folders, Files, Logs then you can delete them on your own.
 
Please visit the following link to see how to delete old System Restore Points. Please delete all of them and create a new one at this time.
How to Delete System Protection Restore Points in Windows 7 and Windows 8

Remove all but the most recent Restore Point on Windows XP


As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers
How do I disable Java in my web browser? - Disable Java

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.
Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.


If you're not currently using Malwarebytes Premium then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.
 

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.