Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

RegSvr32 Error Msg - Module Failed To Load [Solved]

Started by MissHYip , Aug 30 2015 04:03 AM

  • This topic is locked This topic is locked

#1
MissHYip
Posted 30 August 2015 - 04:03 AM

MissHYip

    New Member

  • Member
  • Pip
  • 8 posts

Hi there,

I'm hoping you can help me, I keep getting this error message that pops up:

 

The module "C:\Users\User\AppData\Local\Unmedia\tlqdyjwp.dll" failed to load.

Make sure the binary is stored at the specific path or debug it to check for problems with the binary or dependent .DLL files.

 

The module changes sometimes to other things such as:

 

"C:\Users\User\AppData\Local\Ebtion\blhjovcq.dll"

 

I'm not hugely computer literate and our laptop is a mess thanks to my husband so I'd really appreciate some assistance!

 

I have Windows 10 as of last night and this error message has been coming up for around 2 weeks.

 

Thanks!


  • 0

Advertisements

#2
Essexboy
Posted 30 August 2015 - 06:01 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, first I will need to take a look :)

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please post both logs generated.

  • 0

#3
MissHYip
Posted 30 August 2015 - 07:34 AM

MissHYip

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Hi Essexboy, thanks so much for your help!

here is the first:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:29-08-2015
Ran by User (administrator) on USER-PC (30-08-2015 14:29:15)
Running from C:\Users\User\Desktop
Loaded Profiles: UpdatusUser & User (Available Profiles: UpdatusUser & User)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\ASUS SonicMaster\SonicMasterTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [IntelPAN] => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BullGuard] => C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [1332776 2015-08-24] (BullGuard Ltd.)
HKLM\...\Run: [BullGuardUpdate2] => c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2855464 2015-08-24] (BullGuard Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\ASUS SonicMaster\SonicMasterTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-22] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [1634422014] => C:\ProgramData\msjnffzbd.exe
HKLM\...\Policies\Explorer\Run: [357883527] => C:\ProgramData\msekhj.exe
HKLM\...\Policies\Explorer\Run: [1749485417] => C:\ProgramData\mscszfdp.exe
HKLM\...\Policies\Explorer\Run: [57147645] => C:\ProgramData\msoow.exe
HKLM\...\Policies\Explorer\Run: [1931609809] => C:\ProgramData\msnjxfsvw.exe
HKLM\...\Policies\Explorer\Run: [1882625198] => C:\ProgramData\msqpot.exe
HKLM\...\Policies\Explorer\Run: [1194902873] => C:\ProgramData\mskjcfrxr.exe
HKLM\...\Policies\Explorer\Run: [1066485677] => C:\ProgramData\msejg.exe [86016 2015-06-15] ()
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3585935858-2496010385-1980518169-1000\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3585935858-2496010385-1980518169-1000\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3585935858-2496010385-1980518169-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-03-19] (Google Inc.)
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\...\Run: [Ebtion] => regsvr32.exe C:\Users\User\AppData\Local\Ebtion\blhjovcq.dll <===== ATTENTION
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\...\Run: [IWsoft] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\User\AppData\Local\Ummedia\tlqdyjwp.dll
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\...\Run: [OneDrive] => C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-30] (Microsoft Corporation)
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\...\RunOnce: [Uninstall C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64"
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\...\RunOnce: [Uninstall C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2015-01-04]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-01-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll [2015-08-09] ()
ShellIconOverlayIdentifiers: [BackupOverlayErr] -> {8749448C-D907-45BF-A842-4D3898894AC8} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2015-08-24] (BullGuard Ltd.)
ShellIconOverlayIdentifiers: [BackupOverlayInProgress] -> {3FFBF330-7839-476B-BE14-2C8597CE11B6} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2015-08-24] (BullGuard Ltd.)
ShellIconOverlayIdentifiers: [BackupOverlaySynced] -> {C62CF4DB-48CB-4B03-BFD0-30A29125FA49} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2015-08-24] (BullGuard Ltd.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Policy restriction on ProxySettings)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-3585935858-2496010385-1980518169-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001 -> DefaultScope {F6415753-F0BD-43BF-A98E-B9BEA4CCFB8E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001 -> {F6415753-F0BD-43BF-A98E-B9BEA4CCFB8E} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-05-06] (DivX, LLC)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7edeaf66-8586-46a3-be1d-da1031ff76c3}: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5py62s2l.default-1419100987010
FF Homepage: hxxp://www.google.co.uk/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2013-05-06] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-12-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-12-12] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3585935858-2496010385-1980518169-1001: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-3585935858-2496010385-1980518169-1001: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-3585935858-2496010385-1980518169-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-3585935858-2496010385-1980518169-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-10-26] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2013-09-13] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-02-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-02-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-02-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-02-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-02-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2013-09-13] (RealPlayer)
FF Extension: AudioVolumeMeter - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5py62s2l.default-1419100987010\Extensions\{21391433-3B28-26A8-B9B4-74D79BB928D9} [2015-08-09]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-22]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [antiphishing@bullguard] - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard
 
Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-08]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-08]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-08]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-08]
CHR Extension: (Google Cast) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-03-19]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-08]
CHR Extension: (File Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\egoilkobbnkdafmcllnicbohlpjcjegl [2015-03-19]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-02-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-08]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-08]
CHR HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\User\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [92800 2011-12-01] (ASUS)
R2 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll [904744 2015-08-24] (BullGuard Ltd.)
R2 BsBhvScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [663592 2015-08-25] (BullGuard Ltd.)
R2 BsCache; C:\Program Files\BullGuard Ltd\BullGuard\BsCache.dll [173608 2015-08-24] (BullGuard Ltd.)
R2 BsFileScan; c:\program files\bullguard ltd\bullguard\BsFileScan.dll [439336 2015-08-24] (BullGuard Ltd.)
R2 BsFire; c:\program files\bullguard ltd\bullguard\BsFire.dll [786984 2015-08-24] (BullGuard Ltd.)
R2 BsMailProxy; c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll [773160 2015-08-24] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [567840 2015-08-24] (BullGuard Ltd.)
R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [292904 2015-08-24] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [394280 2015-08-24] (BullGuard Ltd.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-30] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-30] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-30] (Microsoft Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
R2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-30] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-08-30] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-30] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-30] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-30] (Microsoft Corporation)
S3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
S3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-08-30] (Microsoft Corporation)
S3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-30] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-30] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AFW; C:\Windows\System32\DRIVERS\afw.sys [52912 2015-06-17] (Agnitum Ltd.)
R3 afwcore; C:\Windows\System32\DRIVERS\afwcore.sys [465072 2015-06-17] (Agnitum Ltd.)
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2011-10-15] (ASUSTek Computer Inc.)
R1 BdAgent; C:\Windows\System32\DRIVERS\BdAgent.sys [117184 2015-01-21] (BullGuard Ltd.)
R3 BdNet; C:\Windows\System32\drivers\BdNet.sys [34384 2015-01-21] (BullGuard Ltd.)
R1 BdSpy; C:\Windows\System32\drivers\BdSpy.sys [67680 2015-01-21] (BullGuard Ltd.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [15416 2009-07-20] ( )
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-30] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R1 NovaShieldFilterDriver; C:\Windows\System32\DRIVERS\NSKernel.sys [325488 2015-08-24] (BullGuard Ltd.)
R1 NovaShieldTDIDriver; C:\Windows\System32\DRIVERS\NSNetmon.sys [26776 2015-08-24] (BullGuard Ltd.)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-03-23] (BitDefender S.R.L.)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-30] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-30 14:29 - 2015-08-30 14:30 - 00032416 _____ C:\Users\User\Desktop\FRST.txt
2015-08-30 14:28 - 2015-08-30 14:28 - 02186752 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2015-08-30 14:27 - 2015-08-30 14:29 - 00000000 ____D C:\FRST
2015-08-30 14:14 - 2015-08-30 14:14 - 00016148 _____ C:\WINDOWS\system32\USER-PC_User_HistoryPrediction.bin
2015-08-30 10:30 - 2015-08-30 10:30 - 00002376 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-30 10:30 - 2015-08-30 10:30 - 00000000 ___RD C:\Users\User\OneDrive
2015-08-30 09:33 - 2015-08-30 01:09 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-30 09:32 - 2015-08-30 00:40 - 00000000 __SHD C:\Recovery
2015-08-30 09:23 - 2015-08-30 09:23 - 00000000 ____D C:\Windows.old
2015-08-30 09:22 - 2015-08-30 09:22 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 22319520 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 20854776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 16707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-30 09:22 - 2015-08-30 09:22 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-30 09:22 - 2015-08-30 09:22 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-30 09:22 - 2015-08-30 09:22 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-30 09:22 - 2015-08-30 09:22 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00495616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-30 09:22 - 2015-08-30 09:22 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-30 09:22 - 2015-08-30 09:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-30 09:19 - 2015-08-30 09:19 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-30 09:15 - 2015-08-30 09:15 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-08-30 09:15 - 2015-08-30 09:15 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-08-30 09:15 - 2015-08-30 09:15 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-08-30 09:15 - 2015-08-30 09:15 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-30 09:15 - 2015-08-30 09:15 - 00000000 ____D C:\Program Files\MSBuild
2015-08-30 09:15 - 2015-08-30 09:15 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-30 09:15 - 2015-08-30 09:15 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-30 09:15 - 2015-08-30 09:15 - 00000000 ____D C:\inetpub
2015-08-30 09:14 - 2015-06-18 03:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-30 09:14 - 2015-06-18 03:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-30 09:14 - 2015-06-18 03:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-30 09:14 - 2015-05-30 06:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-30 09:14 - 2015-05-30 06:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-30 09:14 - 2015-05-30 06:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-30 01:16 - 2015-08-30 01:16 - 00000000 ____D C:\Users\User\AppData\Local\Comms
2015-08-30 01:15 - 2015-08-30 01:15 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-08-30 01:15 - 2015-07-09 20:25 - 07850496 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0015.dll
2015-08-30 01:14 - 2015-08-30 01:14 - 00001053 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2015-08-30 01:14 - 2015-08-30 01:14 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BullGuard
2015-08-30 01:12 - 2015-08-30 01:12 - 00000000 ____D C:\Users\User\AppData\Local\Publishers
2015-08-30 01:10 - 2015-08-30 11:30 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2015-08-30 01:10 - 2015-08-30 01:10 - 00000000 ____D C:\Users\User\AppData\Local\TileDataLayer
2015-08-30 01:09 - 2015-08-30 01:09 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-08-30 01:09 - 2015-08-30 01:09 - 00000020 ___SH C:\Users\User\ntuser.ini
2015-08-30 01:06 - 2015-08-30 01:06 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-30 01:01 - 2015-08-30 01:01 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2015-08-30 00:58 - 2015-08-30 01:19 - 00000136 _____ C:\WINDOWS\system32\config\afw_hm.conf
2015-08-30 00:58 - 2015-08-30 01:19 - 00000004 _____ C:\WINDOWS\system32\config\afw_db.conf
2015-08-30 00:58 - 2015-07-10 11:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-30 00:57 - 2015-08-30 01:19 - 00142832 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
2015-08-30 00:52 - 2015-08-30 00:52 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-30 00:52 - 2015-08-30 00:52 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2015-08-30 00:52 - 2015-08-30 00:52 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2015-08-30 00:45 - 2015-08-30 00:45 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-08-30 00:42 - 2015-08-30 01:10 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-30 00:42 - 2015-08-30 00:44 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-30 00:42 - 2015-07-10 12:04 - 00000000 __RSD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-30 00:42 - 2015-07-10 12:04 - 00000000 __RSD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-30 00:42 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-30 00:42 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-30 00:42 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-30 00:42 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-30 00:42 - 2015-07-10 12:04 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-30 00:42 - 2015-07-10 12:04 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-30 00:41 - 2015-08-30 01:26 - 01005534 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-30 00:41 - 2015-08-30 00:41 - 00961296 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-08-30 00:40 - 2015-08-30 00:41 - 00021209 _____ C:\WINDOWS\iis.log
2015-08-30 00:39 - 2015-08-30 00:39 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2015-08-30 00:39 - 2015-08-30 00:39 - 00000000 ____D C:\ProgramData\SonicFocus
2015-08-30 00:39 - 2015-08-30 00:39 - 00000000 ____D C:\iBTWU
2015-08-30 00:38 - 2015-08-30 01:18 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-30 00:38 - 2015-08-30 00:54 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-08-30 00:38 - 2015-08-30 00:54 - 00000000 ____D C:\WINDOWS\system32\NV
2015-08-30 00:38 - 2015-08-30 00:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-30 00:38 - 2015-08-30 00:45 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-30 00:38 - 2015-08-30 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-30 00:38 - 2015-08-30 00:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-30 00:38 - 2015-08-30 00:38 - 00000000 ____D C:\Program Files\Realtek
2015-08-30 00:38 - 2015-07-13 18:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-30 00:38 - 2015-07-13 18:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-30 00:38 - 2015-07-13 18:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-30 00:38 - 2015-07-13 18:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-08-30 00:38 - 2015-07-13 18:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-30 00:38 - 2015-07-13 18:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-30 00:38 - 2015-07-13 18:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-08-30 00:38 - 2015-07-13 18:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-30 00:38 - 2015-07-13 17:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-30 00:37 - 2015-08-30 00:37 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-08-30 00:37 - 2015-08-30 00:37 - 00000000 ____D C:\Program Files\Synaptics
2015-08-30 00:35 - 2015-08-30 00:36 - 00035096 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-30 00:34 - 2015-08-30 01:18 - 00005986 _____ C:\WINDOWS\PFRO.log
2015-08-29 23:57 - 2015-07-10 12:00 - 00000001 ___SH C:\BOOTNXT
2015-08-29 23:53 - 2015-08-30 01:06 - 00006511 _____ C:\WINDOWS\comsetup.log
2015-08-29 23:49 - 2015-08-30 01:07 - 00014259 _____ C:\WINDOWS\diagerr.xml
2015-08-29 23:49 - 2015-08-30 01:07 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2015-08-29 23:18 - 2015-08-29 23:18 - 00302011 _____ C:\Users\User\Downloads\WindowsUpdateDiagnostic.diagcab
2015-08-29 23:06 - 2015-08-29 23:09 - 00000000 ____D C:\Users\User\AppData\Roaming\GoogleUpdate
2015-08-29 21:47 - 2015-08-29 21:47 - 00000000 ____D C:\Users\User\Desktop\WEDDING PHOTOS
2015-08-25 11:41 - 2015-08-25 11:42 - 00000000 ____D C:\Users\User\Desktop\WAKACJE
2015-08-25 11:21 - 2015-08-24 12:08 - 00169392 _____ (BullGuard Ltd.) C:\WINDOWS\system32\BgGamingMonitor.dll
2015-08-25 11:21 - 2015-08-24 12:08 - 00147768 _____ (BullGuard Ltd.) C:\WINDOWS\SysWOW64\BgGamingMonitor.dll
2015-08-25 11:21 - 2015-08-24 12:08 - 00076840 _____ (BullGuard Ltd.) C:\WINDOWS\system32\BGLsp.dll
2015-08-25 11:21 - 2015-08-24 12:08 - 00061992 _____ (BullGuard Ltd.) C:\WINDOWS\SysWOW64\BGLsp.dll
2015-08-23 13:53 - 2015-08-23 13:53 - 00000000 _____ C:\WINDOWS\SysWOW64\1.txt
2015-08-21 19:17 - 2015-08-21 19:17 - 00000000 ____D C:\ProgramData\pcgdwr
2015-08-16 21:30 - 2015-08-16 21:30 - 00001153 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-08-16 21:30 - 2015-08-16 21:30 - 00001111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-08-16 21:30 - 2015-08-16 21:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Canneverbe Limited
2015-08-16 21:30 - 2015-08-16 21:30 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2015-08-16 21:29 - 2015-08-16 21:30 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2015-08-16 21:28 - 2015-08-16 21:29 - 05650408 _____ (Canneverbe Limited ) C:\Users\User\Downloads\cdbxp_setup_4.5.5.5790.exe
2015-08-14 20:58 - 2015-08-30 00:03 - 01244687 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-09 21:17 - 2015-08-30 01:15 - 00000000 ____D C:\Users\User\AppData\Local\Ummedia
2015-08-09 21:17 - 2015-08-09 21:17 - 00000000 ____D C:\Users\User\AppData\Local\Ebtion
2015-08-09 20:00 - 2015-08-09 20:00 - 00033177 _____ C:\Users\User\Downloads\Mr.Holmes2015 - ThePirateBay.TO.torrent
2015-08-04 20:15 - 2015-08-04 20:15 - 00011943 _____ C:\Users\User\Downloads\Photographer Schedule.xlsx
2015-08-04 20:15 - 2015-08-04 20:15 - 00011350 _____ C:\Users\User\Downloads\Wedding Week.xlsx
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-30 14:29 - 2015-02-08 11:19 - 00000000 ____D C:\ProgramData\BullGuard
2015-08-30 14:24 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-30 14:22 - 2012-10-17 18:33 - 00000000 ____D C:\Users\User\Desktop\Holly
2015-08-30 14:04 - 2012-10-05 10:01 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-30 13:53 - 2015-03-19 13:30 - 00000904 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3585935858-2496010385-1980518169-1001UA.job
2015-08-30 13:38 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-30 13:33 - 2015-02-08 19:00 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 13:23 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-30 11:33 - 2015-02-08 19:00 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 11:28 - 2015-02-08 19:00 - 00003980 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 11:28 - 2015-02-08 19:00 - 00003748 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-30 10:32 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-30 09:33 - 2015-07-10 12:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-30 09:23 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-30 09:23 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-30 09:23 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-30 09:23 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-30 09:23 - 2015-07-10 10:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-30 09:23 - 2015-07-10 10:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-30 09:22 - 2015-07-10 12:06 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-30 09:22 - 2015-07-10 12:06 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-30 09:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-08-30 09:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-08-30 09:15 - 2015-07-10 12:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-08-30 09:15 - 2015-07-10 12:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-08-30 09:15 - 2015-07-10 12:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-08-30 09:15 - 2015-07-10 12:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-08-30 09:15 - 2015-07-10 12:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-08-30 09:15 - 2015-07-10 12:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-08-30 09:15 - 2015-07-10 12:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-08-30 09:15 - 2015-07-10 12:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-08-30 09:15 - 2015-07-10 12:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-08-30 09:15 - 2015-07-10 12:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-08-30 09:15 - 2015-07-10 12:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-08-30 09:15 - 2015-07-10 12:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-08-30 09:15 - 2015-07-10 12:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-08-30 09:15 - 2015-07-10 12:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-08-30 09:15 - 2015-07-10 12:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-08-30 09:15 - 2015-07-10 12:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-08-30 09:15 - 2015-07-10 12:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-08-30 09:15 - 2015-07-10 12:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-08-30 09:15 - 2015-07-10 12:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-08-30 09:15 - 2015-07-10 12:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-08-30 09:15 - 2015-07-10 12:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-08-30 09:15 - 2015-07-10 12:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-08-30 09:15 - 2015-07-10 12:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-08-30 09:15 - 2015-07-10 12:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-08-30 09:15 - 2015-07-10 12:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-08-30 09:15 - 2015-07-10 12:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-08-30 09:15 - 2015-07-10 12:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-08-30 09:15 - 2015-07-10 12:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-08-30 09:15 - 2015-07-10 12:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-08-30 09:15 - 2015-07-10 12:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-08-30 09:15 - 2015-07-10 12:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-08-30 09:15 - 2015-07-10 12:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-08-30 09:15 - 2015-07-10 12:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-08-30 09:15 - 2015-07-10 12:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-08-30 09:15 - 2015-07-10 12:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-08-30 09:15 - 2015-07-10 12:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-08-30 09:15 - 2015-07-10 12:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-08-30 01:18 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-30 01:18 - 2015-07-10 13:20 - 00338344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-30 01:17 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-08-30 01:15 - 2015-07-10 14:12 - 00000000 ____D C:\WINDOWS\OCR
2015-08-30 01:15 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-30 01:13 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-30 01:12 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-30 01:12 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-30 01:12 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-30 01:11 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-30 01:09 - 2015-02-08 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BullGuard
2015-08-30 01:09 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-08-30 01:07 - 2015-07-10 13:20 - 00019979 _____ C:\WINDOWS\setupact.log
2015-08-30 01:07 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-30 01:06 - 2015-03-26 22:44 - 00003510 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3585935858-2496010385-1980518169-1001
2015-08-30 01:06 - 2015-03-26 22:44 - 00003374 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3585935858-2496010385-1980518169-1001
2015-08-30 01:06 - 2015-03-19 13:30 - 00003986 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3585935858-2496010385-1980518169-1001UA
2015-08-30 01:06 - 2015-03-19 13:30 - 00003590 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3585935858-2496010385-1980518169-1001Core
2015-08-30 01:06 - 2014-12-20 18:39 - 00003294 _____ C:\WINDOWS\System32\Tasks\{5303FAEC-F93C-410A-8271-46C1AB921D8D}
2015-08-30 01:06 - 2014-12-12 21:03 - 00003488 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3585935858-2496010385-1980518169-1001
2015-08-30 01:06 - 2014-12-12 21:03 - 00003352 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3585935858-2496010385-1980518169-1001
2015-08-30 01:06 - 2014-11-02 12:11 - 00003102 _____ C:\WINDOWS\System32\Tasks\{474ED86E-59CD-4A6C-86CD-7DD709B3F772}
2015-08-30 01:06 - 2014-03-01 10:44 - 00003552 _____ C:\WINDOWS\System32\Tasks\{0B54ECCC-BF8A-4318-B75D-CEB86BA17E73}
2015-08-30 01:06 - 2014-02-23 15:21 - 00003584 _____ C:\WINDOWS\System32\Tasks\{40320A8A-8526-4A07-85AC-1E87036BCBA6}
2015-08-30 01:06 - 2013-08-29 20:10 - 00003488 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3585935858-2496010385-1980518169-1001
2015-08-30 01:06 - 2013-03-16 17:56 - 00003352 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3585935858-2496010385-1980518169-1001
2015-08-30 01:06 - 2013-02-28 20:11 - 00003198 _____ C:\WINDOWS\System32\Tasks\{927B74DC-DF64-4E13-8839-0388B6506CB7}
2015-08-30 01:06 - 2013-02-28 20:11 - 00003198 _____ C:\WINDOWS\System32\Tasks\{81BB8F5A-EA3B-4EC4-BA33-F8387623BCD8}
2015-08-30 01:06 - 2013-02-28 20:11 - 00003198 _____ C:\WINDOWS\System32\Tasks\{62012B90-FCF9-4C49-870A-6944E8961897}
2015-08-30 01:06 - 2013-02-28 19:40 - 00003258 _____ C:\WINDOWS\System32\Tasks\{9AE8EB31-C2EB-4BFA-878E-5E82AECE976D}
2015-08-30 01:06 - 2013-02-28 19:38 - 00003244 _____ C:\WINDOWS\System32\Tasks\{5AA67F70-11A1-4099-9C55-AAC0EBCC1091}
2015-08-30 01:06 - 2013-02-28 19:37 - 00003258 _____ C:\WINDOWS\System32\Tasks\{BECB1139-D1BA-4D39-B4FF-76B33FC21A88}
2015-08-30 01:06 - 2013-02-10 16:42 - 00003446 _____ C:\WINDOWS\System32\Tasks\{A50E90A3-CDBD-4E79-A013-D65493C5B464}
2015-08-30 01:06 - 2012-12-17 15:29 - 00003274 _____ C:\WINDOWS\System32\Tasks\WinZipDriverUpdaterRunAtStartup
2015-08-30 01:06 - 2012-10-05 10:01 - 00003878 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-30 01:06 - 2012-10-05 09:49 - 00003376 _____ C:\WINDOWS\System32\Tasks\AsusVibeSchedule
2015-08-30 01:06 - 2012-10-04 16:35 - 00003642 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2015-08-30 01:06 - 2012-02-08 22:22 - 00003126 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-08-30 01:06 - 2012-02-08 22:21 - 00003370 _____ C:\WINDOWS\System32\Tasks\USBChargerPlus
2015-08-30 01:06 - 2012-02-08 22:16 - 00003094 _____ C:\WINDOWS\System32\Tasks\ASUS SmartLogon Console Sensor
2015-08-30 01:06 - 2012-02-08 22:14 - 00003312 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2015-08-30 01:06 - 2012-02-08 22:14 - 00003154 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
2015-08-30 01:06 - 2012-02-08 22:10 - 00003094 _____ C:\WINDOWS\System32\Tasks\ATKOSD2
2015-08-30 01:05 - 2015-07-10 12:04 - 00000000 __RSD C:\WINDOWS\Media
2015-08-30 01:05 - 2015-07-10 12:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-30 01:02 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-30 00:54 - 2015-07-21 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-30 00:54 - 2015-07-21 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-30 00:54 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-30 00:54 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-30 00:54 - 2015-04-06 11:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp
2015-08-30 00:54 - 2015-03-19 13:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2015-08-30 00:54 - 2015-02-08 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-30 00:54 - 2015-01-04 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-08-30 00:54 - 2014-07-23 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG On-Screen Phone
2015-08-30 00:54 - 2014-03-09 21:25 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic V - Collectors Edition
2015-08-30 00:54 - 2014-01-12 18:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-30 00:54 - 2013-12-29 16:25 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-30 00:54 - 2013-12-29 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-30 00:54 - 2013-11-05 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-30 00:54 - 2013-09-08 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-08-30 00:54 - 2013-05-22 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
2015-08-30 00:54 - 2013-03-14 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-30 00:54 - 2012-10-05 23:17 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-30 00:54 - 2012-02-08 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2015-08-30 00:54 - 2012-02-08 22:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-08-30 00:54 - 2011-10-19 05:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-08-30 00:54 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-30 00:52 - 2015-07-10 12:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-30 00:52 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-30 00:52 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-30 00:52 - 2015-07-10 10:05 - 00000000 __RHD C:\Users\Default
2015-08-30 00:52 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2015-08-30 00:48 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-08-30 00:48 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-08-30 00:48 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-30 00:48 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2015-08-30 00:48 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-30 00:48 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-08-30 00:48 - 2015-01-04 18:39 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2015-08-30 00:47 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-08-30 00:47 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-30 00:47 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-08-30 00:47 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-30 00:47 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-30 00:47 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-30 00:47 - 2013-08-07 23:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-30 00:47 - 2011-02-18 21:08 - 00000000 ____D C:\WINDOWS\system32\SPReview
2015-08-30 00:47 - 2011-02-18 20:48 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2015-08-30 00:46 - 2015-07-10 14:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-30 00:46 - 2015-07-10 12:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-08-30 00:46 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\schemas
2015-08-30 00:46 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Resources
2015-08-30 00:46 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-30 00:46 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-30 00:46 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\IME
2015-08-30 00:46 - 2014-02-12 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-08-30 00:46 - 2013-11-23 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo
2015-08-30 00:46 - 2012-11-06 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2015-08-30 00:46 - 2012-10-05 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-08-30 00:46 - 2012-02-08 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-08-30 00:46 - 2012-02-08 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
2015-08-30 00:46 - 2012-02-08 22:15 - 00000000 ____D C:\WINDOWS\system32\AsMakeLink
2015-08-30 00:46 - 2012-02-08 22:13 - 00000000 ____D C:\Program Files (x86)\Intel Corporation
2015-08-30 00:46 - 2012-02-08 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
2015-08-30 00:46 - 2012-02-08 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-30 00:46 - 2012-02-08 22:06 - 00000000 ____D C:\ProgramData\Intel
2015-08-30 00:46 - 2012-02-08 22:02 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-30 00:46 - 2009-07-14 08:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-30 00:45 - 2015-07-10 12:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-08-30 00:45 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-30 00:45 - 2012-02-08 22:08 - 00000000 ____D C:\Program Files\Intel
2015-08-30 00:45 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-08-30 00:45 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-08-30 00:44 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-30 00:40 - 2015-07-10 10:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-30 00:38 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Help
2015-08-29 23:57 - 2009-07-29 07:03 - 00008192 __RSH C:\BOOTSECT.BAK
2015-08-29 23:53 - 2009-07-14 05:45 - 00018736 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-29 23:53 - 2009-07-14 05:45 - 00018736 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-29 23:49 - 2015-07-10 14:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-29 21:53 - 2015-03-19 13:30 - 00000852 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3585935858-2496010385-1980518169-1001Core.job
2015-08-29 17:35 - 2012-10-05 10:01 - 00000000 ____D C:\ProgramData\Adobe
2015-08-29 17:35 - 2012-10-05 09:07 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2015-08-29 16:13 - 2013-05-22 22:16 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2015-08-29 15:22 - 2012-10-20 19:03 - 00000000 ____D C:\Users\User\AppData\Roaming\Azureus
2015-08-26 08:28 - 2014-01-12 18:01 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-24 12:07 - 2015-01-23 09:01 - 00325488 _____ (BullGuard Ltd.) C:\WINDOWS\system32\Drivers\NSKernel.sys
2015-08-24 12:07 - 2015-01-23 09:01 - 00026776 _____ (BullGuard Ltd.) C:\WINDOWS\system32\Drivers\NSNetmon.sys
2015-08-21 19:19 - 2015-02-08 19:01 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-20 20:52 - 2014-11-17 21:30 - 00000000 ____D C:\Users\User\Desktop\WEDDING STUFF
2015-08-16 22:46 - 2013-07-03 12:17 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-08-16 21:44 - 2015-03-19 14:13 - 00010240 _____ C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-09 21:17 - 2014-12-20 15:57 - 00000000 __SHD C:\Users\User\AppData\Local\EmieBrowserModeList
2015-08-09 21:17 - 2014-09-16 20:36 - 00000000 __SHD C:\Users\User\AppData\Local\EmieUserList
2015-08-09 21:17 - 2014-09-16 20:36 - 00000000 __SHD C:\Users\User\AppData\Local\EmieSiteList
2015-08-08 11:26 - 2012-11-06 18:48 - 00021840 ____T C:\WINDOWS\SysWOW64\SINTFNT.DLL
2015-08-08 11:26 - 2012-11-06 18:48 - 00017212 ____T C:\WINDOWS\SysWOW64\SINTF32.DLL
2015-08-08 11:26 - 2012-11-06 18:48 - 00012067 ____T C:\WINDOWS\SysWOW64\SINTF16.DLL
2015-08-03 18:26 - 2012-10-20 19:03 - 00000000 ____D C:\Program Files (x86)\Vuze
 
==================== Files in the root of some directories =======
 
2015-02-03 19:46 - 2015-02-07 12:17 - 0000020 _____ () C:\Users\User\AppData\Roaming\appdataFr3.bin
2015-03-19 14:13 - 2015-08-16 21:44 - 0010240 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-19 05:26 - 2010-10-06 17:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2015-01-04 18:30 - 2015-01-04 18:45 - 0001296 _____ () C:\ProgramData\hpzinstall.log
2015-07-14 20:43 - 2015-06-15 22:42 - 0086016 ___SH () C:\ProgramData\msejg.exe
2014-12-20 18:38 - 2014-12-20 18:38 - 0001538 _____ () C:\ProgramData\tempimage.bmp
2012-02-08 22:21 - 2012-02-08 22:28 - 0000110 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-02-08 22:27 - 2012-02-08 22:28 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-02-08 22:27 - 2012-02-08 22:27 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2012-02-08 22:17 - 2012-02-08 22:20 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2012-02-08 22:20 - 2012-02-08 22:21 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2012-02-08 22:16 - 2012-02-08 22:17 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
 
Files to move or delete:
====================
C:\ProgramData\msejg.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-30 00:34
 
==================== End of FRST.txt ============================

  • 0

#4
MissHYip
Posted 30 August 2015 - 07:35 AM

MissHYip

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

and the second:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:29-08-2015
Ran by User (2015-08-30 14:30:44)
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3585935858-2496010385-1980518169-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3585935858-2496010385-1980518169-503 - Limited - Disabled)
Guest (S-1-5-21-3585935858-2496010385-1980518169-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3585935858-2496010385-1980518169-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-3585935858-2496010385-1980518169-1000 - Limited - Enabled) => C:\Users\UpdatusUser
User (S-1-5-21-3585935858-2496010385-1980518169-1001 - Administrator - Enabled) => C:\Users\User
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: BullGuard Antivirus (Enabled - Up to date) {EDBB5818-2352-E06B-028A-4E6873B92CC5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: BullGuard Antispyware (Enabled - Up to date) {56DAB9FC-0568-EFE5-383A-751A083E6678}
FW: BullGuard Firewall (Enabled) {D580D93D-693D-E133-29D5-E75D8D6A6BBE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AsMakeLink (HKLM\...\AsMakeLink) (Version:  - )
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.6.3.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.16 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0012 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS SonicMaster (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.5 - Synopsys)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.5 - ASUS)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3403.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.3403.52 - CyberLink Corp.) Hidden
AsusScr_N5_En (HKLM-x32\...\AsusScr_N5_En) (Version: 1.0.0001 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0013 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
BullGuard Internet Security (HKLM\...\BullGuard) (Version: 15.0 - BullGuard Ltd.)
C5200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
C5200_Help (x32 Version: 100.0.206.000 - Hewlett-Packard) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5790 - CDBurnerXP)
ChromecastApp (HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.41 - DivX, LLC)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Heroes of Might and Magic V - Collectors Edition (HKLM-x32\...\Heroes of Might and Magic V - Collectors Edition3.1) (Version: 3.1 - Ubisoft)
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.8 - ASUS)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® WiDi (HKLM-x32\...\{7257132D-7F65-41E6-A90F-43BF6099461A}) (Version: 2.1.42.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Kobo (HKLM-x32\...\Kobo) (Version: 3.12.0 - Rakuten Kobo Inc.)
LG On-Screen Phone (HKLM-x32\...\LG On-Screen Phone) (Version: 4.2.001.140114 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
Master of Olympus & Master of Atlantis (HKLM-x32\...\{8043219B-D2C0-4561-90AB-3F1113ED5A87}) (Version:  - )
Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.110.12020 (HKLM-x32\...\{F7D491DD-C4B9-D72D-F810-DA74C6512A20}) (Version: 2.16.110.12020 - Sony)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Driver 285.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 285.98 - NVIDIA Corporation)
NVIDIA Graphics Driver 285.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.98 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.24.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.24.0 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
PS_AIO_02_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
PWR Option (HKLM-x32\...\{B7B60C4F-0DB8-42EF-8EDC-5F21D4C2D73F}) (Version: 1.0.8 - ASUS)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
Spotify (HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TuneUp 2.4.8.5 (HKLM-x32\...\TuneUpMedia) (Version: 2.4.8.5 - TuneUp Media, Inc.)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.6.0.0 - Azureus Software, Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.0 - ASUS)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )
Wireless Console 3 (HKLM-x32\...\{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}) (Version: 3.0.24 - ASUS)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3585935858-2496010385-1980518169-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0135528C-C746-4772-BE3E-CB74548FFF56} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Task: {01C995FF-D178-4E7B-AC4A-9E950006A207} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {03DE5CEA-A563-45A8-8EFB-17BEF3853ACA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {0837D897-84CB-4E30-A8DD-807937A81DFC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {091C2F99-DE11-4F56-96EA-843AE87FF2BE} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3585935858-2496010385-1980518169-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0F1FC558-90E6-41AA-8D37-4FBE69053762} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {103BC49B-D3B5-4C56-9260-0CE58BAF670F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3585935858-2496010385-1980518169-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {148318FC-5974-4508-A415-B3AFD16E5DDB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1D106336-811D-4BA9-8378-78E5C3DFFBF8} - System32\Tasks\{BECB1139-D1BA-4D39-B4FF-76B33FC21A88} => Firefox.exe http://ui.skype.com/...e=tsProgressBar
Task: {24864E5F-0AA0-4712-9FA7-871934A4E7B4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {29308477-8F7E-4D4F-92D5-F1534E61B6F5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {33622E4A-041A-4675-B81B-15BF30DD14FB} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3585935858-2496010385-1980518169-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {35A745F7-C094-4071-9531-B1ED4C14CE5F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3585935858-2496010385-1980518169-1001Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-19] (Google Inc.)
Task: {3A931AF3-659A-494D-A68C-0BD03B83D951} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3C9616B2-742C-4820-AFAE-F3D2459E9677} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3CE0DA14-0DC3-4B2B-9499-B0FDA96800F6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3585935858-2496010385-1980518169-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {3D8254B8-287E-48EC-AD6C-B6EA3B165464} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3D966D87-5FE5-4FBC-8E90-DB0F48E454DB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {3E3E65EA-6693-4ACC-947D-206853F50D65} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {41FE730F-656E-4905-A26B-77EADE483113} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-08] (Google Inc.)
Task: {42145BE5-4059-431F-919A-1A381C5966DE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {45E0793B-597B-416F-8760-F9EBF609EC70} - System32\Tasks\{474ED86E-59CD-4A6C-86CD-7DD709B3F772} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-04-17] (Skype Technologies S.A.)
Task: {62586578-312D-4749-8A6F-79326CE80382} - System32\Tasks\{40320A8A-8526-4A07-85AC-1E87036BCBA6} => pcalua.exe -a "C:\Users\User\Documents\Vuze Downloads\Heroes of Might &amp; Magic V - Dzikie Hordy\Patche\heroes_might_magic_5_3.01_pl.exe" -d "C:\Users\User\Documents\Vuze Downloads\Heroes of Might &amp; Magic V - Dzikie Hordy\Patche"
Task: {64F9BD2B-2D49-4E7F-B668-CBFFFDDE019C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6710F1CF-B101-42D6-AE4B-0141116C3F0C} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3585935858-2496010385-1980518169-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {6987FF9A-BEBB-4E43-AA7D-26395EFC03B9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6ACDEA34-9FF8-4C76-A51E-BDFE110DFCC4} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe
Task: {6FE770FA-E4C2-43A6-9E4B-30927968AB2A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {6FECF9BE-AED8-4627-80ED-91FF5361960F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {70B432EC-A7C3-4C0A-A0BB-ECD5EDDC76FF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {773492A6-4F08-4DAF-9C1B-778BC17ACAED} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {78588675-6CF3-4E50-B5B1-1EC34EAA2F6B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7ADCD469-7035-427C-9743-08C9527CF0F5} - System32\Tasks\{5AA67F70-11A1-4099-9C55-AAC0EBCC1091} => Firefox.exe http://ui.skype.com/...#38;page=tsMain
Task: {7DDF9673-8D0B-4652-B795-1BEAD1206B65} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {808C3412-CE2B-49B2-83E6-DB65FA3FBE8E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8336644D-AAD7-4291-AA0A-2FD4C4405306} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8542276B-76D3-46A0-939F-A66635EB44C8} - \DonutQuotes -> No File <==== ATTENTION
Task: {88C3A9F3-B967-49DB-A3A3-6A24A437B1A3} - System32\Tasks\{927B74DC-DF64-4E13-8839-0388B6506CB7} => Firefox.exe http://ui.skype.com/...e=tsProgressBar
Task: {8C54601D-C6E7-4F60-823E-4DC8DF31AB45} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-30] (Microsoft Corporation)
Task: {8FC0383A-DB45-4E7A-AD18-CC30677408F2} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {97383BE6-B1CE-44B6-A44C-D6B84D29EAFC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9C787082-09D2-4990-AFC2-B720DC31E7E4} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2011-10-03] (ASUS)
Task: {A0B87939-884A-4856-B56A-0EF7D7151105} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2011-10-15] (ASUSTek Computer Inc.)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {AA921623-B84A-4EC8-A6DA-5D46323FC6D9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {AFF19327-FDA5-4024-B62E-F1BBFEA3985C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {B0738594-922A-4667-95A2-3CDC97523FB2} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {B582414D-65EE-46D1-80AD-765CC92F3E54} - System32\Tasks\WinZipDriverUpdaterRunAtStartup => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
Task: {B6E9C435-4AA0-4C4A-A534-C43810ECB104} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2011-11-17] (ASUSTeK Computer Inc.)
Task: {B714A132-AEB4-4BDC-8B1C-9C27A9A75EF1} - System32\Tasks\{A50E90A3-CDBD-4E79-A013-D65493C5B464} => pcalua.exe -a "C:\Users\User\Documents\Vuze Downloads\HOMM5_HOF\patch\heroes_might_magic_5_2.01_hu_pl.exe" -d "C:\Users\User\Documents\Vuze Downloads\HOMM5_HOF\patch"
Task: {C4370222-CD5F-421B-A4C0-C29EDBB2A7D5} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-06-01] (ASUS)
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C778374C-94FE-41B0-B705-5FC952201AC0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CB8C9BA3-7F3F-4D10-BC84-48D01AE31FD7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D2B22DB9-41CB-48A5-B745-5E42A68F0F20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-08] (Google Inc.)
Task: {D6C6D023-D6D7-4DF5-89EF-0CB12B42AC72} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D8E5F410-8CA1-4FD4-A383-116549509471} - System32\Tasks\{62012B90-FCF9-4C49-870A-6944E8961897} => Firefox.exe http://ui.skype.com/...e=tsProgressBar
Task: {DBB49B3E-5561-46DA-82D3-5377F411D1D1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {DD548504-31EE-43FF-A573-1E9BCB56DC76} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {E1C47C5B-EFD8-420A-AA54-CA5CC5B3A5E7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3585935858-2496010385-1980518169-1001UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-19] (Google Inc.)
Task: {E2A65CFA-2D05-44DA-9FD9-01F72E653719} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E40A6679-0E21-4E00-8EB2-C9F129C55B4B} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-22] (ASUS)
Task: {E534E0F2-5213-4E8C-8D2F-DD39B8AE7222} - System32\Tasks\{9AE8EB31-C2EB-4BFA-878E-5E82AECE976D} => Firefox.exe http://ui.skype.com/...e=tsProgressBar
Task: {E959E007-A71C-4952-8EA8-22DE146D6227} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {EE6F5CC5-3AF0-4C9F-90D3-87267796218F} - System32\Tasks\{5303FAEC-F93C-410A-8271-46C1AB921D8D} => pcalua.exe -a C:\Users\User\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=tugs <==== ATTENTION
Task: {F020E0C2-EFFE-411D-BF4B-8B29FA2314EB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3585935858-2496010385-1980518169-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {F0496437-71B1-4E96-9E9C-3BC2F52CDE46} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F34984EC-A5CC-468B-9B99-0B7EDD459BB4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F91E3CFE-4F79-452A-9068-5F93BC4ECFDD} - System32\Tasks\{81BB8F5A-EA3B-4EC4-BA33-F8387623BCD8} => Firefox.exe http://ui.skype.com/...e=tsProgressBar
Task: {FACB8164-0888-403B-B4E6-7F59329EA90F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {FBC8485F-A585-489F-8E2C-C65FEABC1BEF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FED97B5F-B6DD-4B78-A211-AEC21F327DA0} - System32\Tasks\{0B54ECCC-BF8A-4318-B75D-CEB86BA17E73} => pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\UserMODs\heroes_might_magic_5_3.01_pl.exe" -d "C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\UserMODs"
Task: {FFEE4F98-789F-4BC5-9EBF-91D4AC658C46} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3585935858-2496010385-1980518169-1001Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3585935858-2496010385-1980518169-1001UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-08-30 09:22 - 2015-08-30 09:22 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-30 00:38 - 2015-07-13 18:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-25 11:21 - 2015-08-24 12:08 - 00084008 _____ () c:\program files\bullguard ltd\bullguard\zlib1.dll
2015-08-25 11:21 - 2015-08-24 12:08 - 00602152 _____ () c:\program files\bullguard ltd\bullguard\SQLite.dll
2015-08-25 11:21 - 2015-08-24 12:08 - 00645160 _____ () c:\program files\bullguard ltd\bullguard\LibXml2.dll
2015-08-25 11:21 - 2015-08-24 12:08 - 00065064 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LIBBZ2.dll
2015-08-25 11:21 - 2015-08-24 12:08 - 00084008 _____ () C:\Program Files\BullGuard Ltd\BullGuard\zlib1.dll
2015-08-25 11:21 - 2015-08-24 12:08 - 00645160 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LibXml2.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-25 11:21 - 2015-08-24 12:08 - 00021800 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\en\BullGuardBhvScannerRes.dll
2014-03-24 22:12 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-08-25 11:21 - 2015-08-24 12:08 - 00602152 _____ () C:\Program Files\BullGuard Ltd\BullGuard\SQLite.dll
2015-08-24 12:08 - 2015-08-24 12:08 - 00281896 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\en\BpBackupRes.dll
2015-08-25 11:21 - 2015-08-24 12:08 - 00033064 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\en\BpMainRes.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-03-18 12:18 - 2015-01-27 16:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-08-09 21:16 - 2015-08-09 21:16 - 02572800 _____ () C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll
2015-08-30 01:21 - 2015-08-30 01:22 - 02174976 _____ () C:\ProgramData\Microsoft\Performance\Monitor\SecurityHelper.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 12:00 - 2015-07-10 14:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-30 09:22 - 2015-08-30 09:22 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 14:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2011-11-17 20:33 - 2011-11-17 20:33 - 00209920 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
2015-08-21 19:19 - 2015-08-18 06:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-21 19:19 - 2015-08-18 06:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:5216CD26
AlternateDataStreams: C:\ProgramData\Temp:9D0A16E4
AlternateDataStreams: C:\ProgramData\Temp:A4AF8D0D
AlternateDataStreams: C:\ProgramData\Temp:B69CF390
AlternateDataStreams: C:\ProgramData\Temp:CB959782
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3585935858-2496010385-1980518169-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Nuance PDF Reader-reminder => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynAsusAcpi => %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: WSHelperSetup.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{EFF75AD1-7FE7-45D1-BC6F-DCB48653528E}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{8F613334-F6DD-46C2-8BF9-D2FD4CC4BA96}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{37671D3A-02AD-43DE-9F38-79F99A66C806}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C67CD977-FB92-4330-A4AF-D83373504DEF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{53DA1B6E-7E77-487E-A048-AD423D87FB16}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{D749526A-9BF8-4A6D-ACFE-BCB95E128ED8}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [UDP Query User{A5A40CBC-277A-4562-BEDA-DE4D28320EB7}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{29AE804C-03D8-4D32-B749-D604658D2533}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{53CA35B7-8CAA-46F3-A79F-CD201D0303BD}C:\users\user\desktop\heroes of might and magic iii complete\heroes3.exe] => (Block) C:\users\user\desktop\heroes of might and magic iii complete\heroes3.exe
FirewallRules: [TCP Query User{A634F461-EA1A-46DE-B737-A0CEA118AFA7}C:\users\user\desktop\heroes of might and magic iii complete\heroes3.exe] => (Block) C:\users\user\desktop\heroes of might and magic iii complete\heroes3.exe
FirewallRules: [{30406BD0-DC75-4AD9-83BD-9000C892CF8B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{2BCEEF5B-8138-4D4A-BBB5-D4BC042A55EC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E86DF9F0-8D39-468C-BAD7-C5266DDD1894}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{75526142-7AAB-4014-8241-5441FBEB62A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{01C84A5F-2057-45B1-B3DF-67B99BAA2330}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{9A404D70-3E84-424B-A3B6-6B100B5427FA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{15ED443C-CE92-43D0-AFA6-587A84A2DD25}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{618DAA6A-D77D-4A9C-A0DA-1D908337A94F}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{64DCEA10-491E-4256-A8C6-9FE9F9E031C3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{84954535-88EA-446C-8CF6-38CFCBAD8199}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{5F59EF9A-F2DA-40A9-B3F9-C5BA051F3D77}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{6A50D9FF-A3FA-4EE7-A51D-F8F4EFAED368}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{64051096-3F47-4BAE-8C89-EB9DE05E37D5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{D9A06D0C-A9CE-45AD-9616-E4649C27B45F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{E6AB1CA0-4C80-4D7B-B0B6-0C7E097E81C5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{733E4308-196D-4195-8A6E-777366E25641}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{8C698ACA-2576-4742-B94A-BF3B2B7923FA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{5A4141E4-216C-4D92-8E42-1CFD4C2F8896}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{CE5F39EC-32D6-4B99-B21D-AEFBD7C1BB45}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{4F5D84E0-89CF-4880-B345-939D4A35ED9F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [UDP Query User{B75B87B6-81ED-4982-B6FB-89A307464265}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{D466C64A-4699-4D36-B7C8-34922841574E}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2B90FC8F-F15A-48CA-9F4F-262056739D6D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{FCAEA708-C4EC-44FE-850B-9CA3CEF71A6E}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0FA17B1B-F6C0-457A-9D08-EF6AA23B379B}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{07D1F91D-62EB-4C06-B9C9-598E337BA7D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{96D11E9C-2716-4ECA-86FE-82F9DDB78248}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F434C422-2C8D-4940-82C1-F6CAA42E24CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DE666CB0-D895-4169-BD1C-48A3FAD9FABB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{9E61BE45-AE13-498B-AF2B-7924A2ED9B7B}C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe] => (Block) C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [TCP Query User{70BEC315-6699-4B63-9A4A-36F87F41D042}C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe] => (Block) C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [UDP Query User{47C36A3C-66D1-4F8E-A42A-58C37E0CDFF0}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [TCP Query User{07C9CFE4-F771-4CF9-BC39-7BBB4C60E5CA}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [{3D6AE482-8F99-42BA-9DFE-2662F19289D0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{CA9644C6-ABD1-4049-B7AC-BB505C7A647D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [UDP Query User{5D6381E6-24B2-40A1-B44A-DA791F353DEE}C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe] => (Allow) C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [TCP Query User{7412DAFE-E2F6-492C-BF22-C083757D8678}C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe] => (Allow) C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [{9507F538-46B0-4D2E-9AB5-7AD9D9265054}] => (Allow) C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1C59D8E0-DAE6-4A75-A1F3-3848E0A582E6}] => (Allow) C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{DDEC4DF8-FEA5-4825-A9AB-B963ED35BC30}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{ECB44F5A-7B60-49C5-8A42-A4F7F761D275}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{AA6D646A-132A-4E7D-93E8-B0BB7EDC4333}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{20292D9D-6B32-4069-9EEB-0BAFF0080395}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/30/2015 02:23:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WinStore.Mobile.exe, version: 2015.7.1.1, time stamp: 0x55949b98
Faulting module name: twinapi.appcore.dll, version: 10.0.10240.16397, time stamp: 0x55af1390
Exception code: 0xc000027b
Fault offset: 0x000000000006687f
Faulting process id: 0x2ab0
Faulting application start time: 0xWinStore.Mobile.exe0
Faulting application path: WinStore.Mobile.exe1
Faulting module path: WinStore.Mobile.exe2
Report Id: WinStore.Mobile.exe3
Faulting package full name: WinStore.Mobile.exe4
Faulting package-relative application ID: WinStore.Mobile.exe5
 
Error: (08/30/2015 01:53:48 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: User-PC)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe32
 
Error: (08/30/2015 01:38:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WinStore.Mobile.exe, version: 2015.7.1.1, time stamp: 0x55949b98
Faulting module name: twinapi.appcore.dll, version: 10.0.10240.16397, time stamp: 0x55af1390
Exception code: 0xc000027b
Fault offset: 0x000000000006687f
Faulting process id: 0x1948
Faulting application start time: 0xWinStore.Mobile.exe0
Faulting application path: WinStore.Mobile.exe1
Faulting module path: WinStore.Mobile.exe2
Report Id: WinStore.Mobile.exe3
Faulting package full name: WinStore.Mobile.exe4
Faulting package-relative application ID: WinStore.Mobile.exe5
 
Error: (08/30/2015 10:33:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: User-PC)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147009280 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/30/2015 10:33:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: User-PC)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147009280 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/30/2015 01:22:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: User-PC)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/30/2015 01:22:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: User-PC)
Description: App Microsoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbwe+App did not launch within its allotted time.
 
Error: (08/30/2015 01:06:43 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
Details:
The content index catalog is corrupt.   0xc0041801 (0xc0041801)
 
Error: (08/30/2015 01:06:32 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=3600}. The service will attempt to automatically correct this problem by rebuilding the index.
 
Details:
The content index catalog is corrupt.   0xc0041801 (0xc0041801)
 
Error: (08/30/2015 01:06:27 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelQosEvent" whose target class "CIntelQosEvent" in //./ROOT/DEFAULT namespace does not exist. The query will be ignored.
 
 
System errors:
=============
Error: (08/30/2015 02:23:48 PM) (Source: DCOM) (EventID: 10016) (User: User-PC)
Description: application-specificLocalActivation{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}User-PCUserS-1-5-21-3585935858-2496010385-1980518169-1001LocalHost (Using LRPC)Microsoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
 
Error: (08/30/2015 01:38:44 PM) (Source: DCOM) (EventID: 10016) (User: User-PC)
Description: application-specificLocalActivation{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}User-PCUserS-1-5-21-3585935858-2496010385-1980518169-1001LocalHost (Using LRPC)Microsoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
 
Error: (08/30/2015 01:38:25 PM) (Source: DCOM) (EventID: 10016) (User: User-PC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-3585935858-2496010385-1980518169-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 
Error: (08/30/2015 01:38:25 PM) (Source: DCOM) (EventID: 10016) (User: User-PC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-3585935858-2496010385-1980518169-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 
Error: (08/30/2015 01:38:25 PM) (Source: DCOM) (EventID: 10016) (User: User-PC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-3585935858-2496010385-1980518169-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 
Error: (08/30/2015 01:38:25 PM) (Source: DCOM) (EventID: 10016) (User: User-PC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-3585935858-2496010385-1980518169-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 
Error: (08/30/2015 01:37:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070020: Store.
 
Error: (08/30/2015 01:36:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070020: MSN Money.
 
Error: (08/30/2015 01:35:51 PM) (Source: DCOM) (EventID: 10016) (User: User-PC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-3585935858-2496010385-1980518169-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 
Error: (08/30/2015 01:35:51 PM) (Source: DCOM) (EventID: 10016) (User: User-PC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-3585935858-2496010385-1980518169-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 
 
Microsoft Office:
=========================
Error: (08/30/2015 02:23:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WinStore.Mobile.exe2015.7.1.155949b98twinapi.appcore.dll10.0.10240.1639755af1390c000027b000000000006687f2ab001d0e3271ad8cc41C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exeC:\WINDOWS\SYSTEM32\twinapi.appcore.dll84f1ed43-7bb1-4764-afe3-de8fd12c421bMicrosoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbweApp
 
Error: (08/30/2015 01:53:48 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: User-PC)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe32
 
Error: (08/30/2015 01:38:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WinStore.Mobile.exe2015.7.1.155949b98twinapi.appcore.dll10.0.10240.1639755af1390c000027b000000000006687f194801d0e320cc7b6979C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exeC:\WINDOWS\SYSTEM32\twinapi.appcore.dll57fb3286-32c5-4648-959a-142bc4525585Microsoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbweApp
 
Error: (08/30/2015 10:33:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: User-PC)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe!App-2147009280
 
Error: (08/30/2015 10:33:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: User-PC)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe!App-2147009280
 
Error: (08/30/2015 01:22:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: User-PC)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe!App-2144927142
 
Error: (08/30/2015 01:22:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: User-PC)
Description: Microsoft.WindowsStore_2015.7.1.0_x64__8wekyb3d8bbwe+App
 
Error: (08/30/2015 01:06:43 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Details:
The content index catalog is corrupt.   0xc0041801 (0xc0041801)
The catalog is corrupt
 
Error: (08/30/2015 01:06:32 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Details:
The content index catalog is corrupt.   0xc0041801 (0xc0041801)
3600
 
Error: (08/30/2015 01:06:27 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: IntelWLANEventProviderselect * from CIntelQosEventCIntelQosEvent//./ROOT/DEFAULT
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 40%
Total physical RAM: 6054.05 MB
Available physical RAM: 3619.52 MB
Total Virtual: 12198.05 MB
Available Virtual: 9600.69 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:196.29 GB) (Free:31 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:244.47 GB) (Free:137.87 GB) NTFS
Drive e: (Poseidon) (CDROM) (Total:0.56 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5BE4A3F9)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=196.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=244.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

#5
Essexboy
Posted 30 August 2015 - 08:30 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK madame lets now get you cleaned up :)

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKLM\...\Policies\Explorer\Run: [1634422014] => C:\ProgramData\msjnffzbd.exe
HKLM\...\Policies\Explorer\Run: [357883527] => C:\ProgramData\msekhj.exe
HKLM\...\Policies\Explorer\Run: [1749485417] => C:\ProgramData\mscszfdp.exe
HKLM\...\Policies\Explorer\Run: [57147645] => C:\ProgramData\msoow.exe
HKLM\...\Policies\Explorer\Run: [1931609809] => C:\ProgramData\msnjxfsvw.exe
HKLM\...\Policies\Explorer\Run: [1882625198] => C:\ProgramData\msqpot.exe
HKLM\...\Policies\Explorer\Run: [1194902873] => C:\ProgramData\mskjcfrxr.exe
HKLM\...\Policies\Explorer\Run: [1066485677] => C:\ProgramData\msejg.exe [86016 2015-06-15] ()
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\...\Run: [Ebtion] => regsvr32.exe C:\Users\User\AppData\Local\Ebtion\blhjovcq.dll <===== ATTENTION
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\...\Run: [IWsoft] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\User\AppData\Local\Ummedia\tlqdyjwp.dll
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll [2015-08-09] ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Policy restriction on ProxySettings)
FF Extension: AudioVolumeMeter - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5py62s2l.default-1419100987010\Extensions\{21391433-3B28-26A8-B9B4-74D79BB928D9} [2015-08-09]
CHR HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\User\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
2015-08-30 01:06 - 2014-11-02 12:11 - 00003102 _____ C:\WINDOWS\System32\Tasks\{474ED86E-59CD-4A6C-86CD-7DD709B3F772}
2015-08-30 01:06 - 2014-03-01 10:44 - 00003552 _____ C:\WINDOWS\System32\Tasks\{0B54ECCC-BF8A-4318-B75D-CEB86BA17E73}
2015-08-30 01:06 - 2014-02-23 15:21 - 00003584 _____ C:\WINDOWS\System32\Tasks\{40320A8A-8526-4A07-85AC-1E87036BCBA6}
2015-08-30 01:06 - 2013-02-28 20:11 - 00003198 _____ C:\WINDOWS\System32\Tasks\{927B74DC-DF64-4E13-8839-0388B6506CB7}
2015-08-30 01:06 - 2013-02-28 20:11 - 00003198 _____ C:\WINDOWS\System32\Tasks\{81BB8F5A-EA3B-4EC4-BA33-F8387623BCD8}
2015-08-30 01:06 - 2013-02-28 20:11 - 00003198 _____ C:\WINDOWS\System32\Tasks\{62012B90-FCF9-4C49-870A-6944E8961897}
2015-08-30 01:06 - 2013-02-28 19:40 - 00003258 _____ C:\WINDOWS\System32\Tasks\{9AE8EB31-C2EB-4BFA-878E-5E82AECE976D}
2015-08-30 01:06 - 2013-02-28 19:38 - 00003244 _____ C:\WINDOWS\System32\Tasks\{5AA67F70-11A1-4099-9C55-AAC0EBCC1091}
2015-08-30 01:06 - 2013-02-28 19:37 - 00003258 _____ C:\WINDOWS\System32\Tasks\{BECB1139-D1BA-4D39-B4FF-76B33FC21A88}
2015-08-30 01:06 - 2013-02-10 16:42 - 00003446 _____ C:\WINDOWS\System32\Tasks\{A50E90A3-CDBD-4E79-A013-D65493C5B464}
2015-08-30 01:06 - 2012-12-17 15:29 - 00003274 _____ C:\WINDOWS\System32\Tasks\WinZipDriverUpdaterRunAtStartup
C:\ProgramData\msjnffzbd.exe
C:\ProgramData\msekhj.exe
C:\ProgramData\mscszfdp.exe
C:\ProgramData\msoow.exe
C:\ProgramData\msnjxfsvw.exe
C:\ProgramData\msqpot.exe
C:\ProgramData\mskjcfrxr.exe
C:\ProgramData\msejg.exe
C:\Users\User\AppData\Local\Ebtion
C:\Windows\SysWOW64\regsvr32.exe C:\Users\User\AppData\Local\Ummedia
C:\Users\User\AppData\Roaming\omiga-plus
Task: {3A931AF3-659A-494D-A68C-0BD03B83D951} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3D8254B8-287E-48EC-AD6C-B6EA3B165464} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {64F9BD2B-2D49-4E7F-B668-CBFFFDDE019C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6987FF9A-BEBB-4E43-AA7D-26395EFC03B9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8336644D-AAD7-4291-AA0A-2FD4C4405306} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8542276B-76D3-46A0-939F-A66635EB44C8} - \DonutQuotes -> No File <==== ATTENTION
Task: {97383BE6-B1CE-44B6-A44C-D6B84D29EAFC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CB8C9BA3-7F3F-4D10-BC84-48D01AE31FD7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D6C6D023-D6D7-4DF5-89EF-0CB12B42AC72} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {DBB49B3E-5561-46DA-82D3-5377F411D1D1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E2A65CFA-2D05-44DA-9FD9-01F72E653719} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EE6F5CC5-3AF0-4C9F-90D3-87267796218F} - System32\Tasks\{5303FAEC-F93C-410A-8271-46C1AB921D8D} => pcalua.exe -a C:\Users\User\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs <==== ATTENTION
Task: {F34984EC-A5CC-468B-9B99-0B7EDD459BB4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[Cx].txt as well.

  • 0

#6
MissHYip
Posted 30 August 2015 - 09:41 AM

MissHYip

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Hi,

after fixing, it rebooted and didn't show me a log so I'm guessing it's the file called fixlog.txt?

 

If so:

 

Fix result of Farbar Recovery Scan Tool (x64) Version:30-08-2015
Ran by User (2015-08-30 16:24:05) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: UpdatusUser & User (Available Profiles: UpdatusUser & User)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
HKLM\...\Policies\Explorer\Run: [1634422014] => C:\ProgramData\msjnffzbd.exe
HKLM\...\Policies\Explorer\Run: [357883527] => C:\ProgramData\msekhj.exe
HKLM\...\Policies\Explorer\Run: [1749485417] => C:\ProgramData\mscszfdp.exe
HKLM\...\Policies\Explorer\Run: [57147645] => C:\ProgramData\msoow.exe
HKLM\...\Policies\Explorer\Run: [1931609809] => C:\ProgramData\msnjxfsvw.exe
HKLM\...\Policies\Explorer\Run: [1882625198] => C:\ProgramData\msqpot.exe
HKLM\...\Policies\Explorer\Run: [1194902873] => C:\ProgramData\mskjcfrxr.exe
HKLM\...\Policies\Explorer\Run: [1066485677] => C:\ProgramData\msejg.exe [86016 2015-06-15] ()
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\...\Run: [Ebtion] => regsvr32.exe C:\Users\User\AppData\Local\Ebtion\blhjovcq.dll <===== ATTENTION
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\...\Run: [IWsoft] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\User\AppData\Local\Ummedia\tlqdyjwp.dll
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll [2015-08-09] ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Policy restriction on ProxySettings)
FF Extension: AudioVolumeMeter - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5py62s2l.default-1419100987010\Extensions\{21391433-3B28-26A8-B9B4-74D79BB928D9} [2015-08-09]
CHR HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\User\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
2015-08-30 01:06 - 2014-11-02 12:11 - 00003102 _____ C:\WINDOWS\System32\Tasks\{474ED86E-59CD-4A6C-86CD-7DD709B3F772}
2015-08-30 01:06 - 2014-03-01 10:44 - 00003552 _____ C:\WINDOWS\System32\Tasks\{0B54ECCC-BF8A-4318-B75D-CEB86BA17E73}
2015-08-30 01:06 - 2014-02-23 15:21 - 00003584 _____ C:\WINDOWS\System32\Tasks\{40320A8A-8526-4A07-85AC-1E87036BCBA6}
2015-08-30 01:06 - 2013-02-28 20:11 - 00003198 _____ C:\WINDOWS\System32\Tasks\{927B74DC-DF64-4E13-8839-0388B6506CB7}
2015-08-30 01:06 - 2013-02-28 20:11 - 00003198 _____ C:\WINDOWS\System32\Tasks\{81BB8F5A-EA3B-4EC4-BA33-F8387623BCD8}
2015-08-30 01:06 - 2013-02-28 20:11 - 00003198 _____ C:\WINDOWS\System32\Tasks\{62012B90-FCF9-4C49-870A-6944E8961897}
2015-08-30 01:06 - 2013-02-28 19:40 - 00003258 _____ C:\WINDOWS\System32\Tasks\{9AE8EB31-C2EB-4BFA-878E-5E82AECE976D}
2015-08-30 01:06 - 2013-02-28 19:38 - 00003244 _____ C:\WINDOWS\System32\Tasks\{5AA67F70-11A1-4099-9C55-AAC0EBCC1091}
2015-08-30 01:06 - 2013-02-28 19:37 - 00003258 _____ C:\WINDOWS\System32\Tasks\{BECB1139-D1BA-4D39-B4FF-76B33FC21A88}
2015-08-30 01:06 - 2013-02-10 16:42 - 00003446 _____ C:\WINDOWS\System32\Tasks\{A50E90A3-CDBD-4E79-A013-D65493C5B464}
2015-08-30 01:06 - 2012-12-17 15:29 - 00003274 _____ C:\WINDOWS\System32\Tasks\WinZipDriverUpdaterRunAtStartup
C:\ProgramData\msjnffzbd.exe
C:\ProgramData\msekhj.exe
C:\ProgramData\mscszfdp.exe
C:\ProgramData\msoow.exe
C:\ProgramData\msnjxfsvw.exe
C:\ProgramData\msqpot.exe
C:\ProgramData\mskjcfrxr.exe
C:\ProgramData\msejg.exe
C:\Users\User\AppData\Local\Ebtion
C:\Windows\SysWOW64\regsvr32.exe C:\Users\User\AppData\Local\Ummedia
C:\Users\User\AppData\Roaming\omiga-plus
Task: {3A931AF3-659A-494D-A68C-0BD03B83D951} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3D8254B8-287E-48EC-AD6C-B6EA3B165464} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {64F9BD2B-2D49-4E7F-B668-CBFFFDDE019C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6987FF9A-BEBB-4E43-AA7D-26395EFC03B9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8336644D-AAD7-4291-AA0A-2FD4C4405306} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8542276B-76D3-46A0-939F-A66635EB44C8} - \DonutQuotes -> No File <==== ATTENTION
Task: {97383BE6-B1CE-44B6-A44C-D6B84D29EAFC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CB8C9BA3-7F3F-4D10-BC84-48D01AE31FD7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D6C6D023-D6D7-4DF5-89EF-0CB12B42AC72} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {DBB49B3E-5561-46DA-82D3-5377F411D1D1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E2A65CFA-2D05-44DA-9FD9-01F72E653719} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EE6F5CC5-3AF0-4C9F-90D3-87267796218F} - System32\Tasks\{5303FAEC-F93C-410A-8271-46C1AB921D8D} => pcalua.exe -a C:\Users\User\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs <==== ATTENTION
Task: {F34984EC-A5CC-468B-9B99-0B7EDD459BB4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\1634422014 => value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\357883527 => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\1749485417 => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\57147645 => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\1931609809 => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\1882625198 => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\1194902873 => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\1066485677 => value removed successfully
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Ebtion => value removed successfully
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\Software\Microsoft\Windows\CurrentVersion\Run\\IWsoft => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\0PerformanceMonitor" => key removed successfully
"HKCR\CLSID\{3B5B973C-92A4-4855-9D3F-0F3D23332208}" => key removed successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxySettingsPerUser => value removed successfully
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5py62s2l.default-1419100987010\Extensions\{21391433-3B28-26A8-B9B4-74D79BB928D9} => moved successfully
"HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf" => key removed successfully
C:\WINDOWS\System32\Tasks\{474ED86E-59CD-4A6C-86CD-7DD709B3F772} => moved successfully
C:\WINDOWS\System32\Tasks\{0B54ECCC-BF8A-4318-B75D-CEB86BA17E73} => moved successfully
C:\WINDOWS\System32\Tasks\{40320A8A-8526-4A07-85AC-1E87036BCBA6} => moved successfully
C:\WINDOWS\System32\Tasks\{927B74DC-DF64-4E13-8839-0388B6506CB7} => moved successfully
C:\WINDOWS\System32\Tasks\{81BB8F5A-EA3B-4EC4-BA33-F8387623BCD8} => moved successfully
C:\WINDOWS\System32\Tasks\{62012B90-FCF9-4C49-870A-6944E8961897} => moved successfully
C:\WINDOWS\System32\Tasks\{9AE8EB31-C2EB-4BFA-878E-5E82AECE976D} => moved successfully
C:\WINDOWS\System32\Tasks\{5AA67F70-11A1-4099-9C55-AAC0EBCC1091} => moved successfully
C:\WINDOWS\System32\Tasks\{BECB1139-D1BA-4D39-B4FF-76B33FC21A88} => moved successfully
C:\WINDOWS\System32\Tasks\{A50E90A3-CDBD-4E79-A013-D65493C5B464} => moved successfully
C:\WINDOWS\System32\Tasks\WinZipDriverUpdaterRunAtStartup => moved successfully
"C:\ProgramData\msjnffzbd.exe" => File/Folder not found.
"C:\ProgramData\msekhj.exe" => File/Folder not found.
"C:\ProgramData\mscszfdp.exe" => File/Folder not found.
"C:\ProgramData\msoow.exe" => File/Folder not found.
"C:\ProgramData\msnjxfsvw.exe" => File/Folder not found.
"C:\ProgramData\msqpot.exe" => File/Folder not found.
"C:\ProgramData\mskjcfrxr.exe" => File/Folder not found.
C:\ProgramData\msejg.exe => moved successfully
C:\Users\User\AppData\Local\Ebtion => moved successfully
"C:\Windows\SysWOW64\regsvr32.exe C:\Users\User\AppData\Local\Ummedia" => File/Folder not found.
"C:\Users\User\AppData\Roaming\omiga-plus" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A931AF3-659A-494D-A68C-0BD03B83D951}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A931AF3-659A-494D-A68C-0BD03B83D951}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D8254B8-287E-48EC-AD6C-B6EA3B165464}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D8254B8-287E-48EC-AD6C-B6EA3B165464}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64F9BD2B-2D49-4E7F-B668-CBFFFDDE019C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64F9BD2B-2D49-4E7F-B668-CBFFFDDE019C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6987FF9A-BEBB-4E43-AA7D-26395EFC03B9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6987FF9A-BEBB-4E43-AA7D-26395EFC03B9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8336644D-AAD7-4291-AA0A-2FD4C4405306}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8336644D-AAD7-4291-AA0A-2FD4C4405306}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8542276B-76D3-46A0-939F-A66635EB44C8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8542276B-76D3-46A0-939F-A66635EB44C8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DonutQuotes" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97383BE6-B1CE-44B6-A44C-D6B84D29EAFC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97383BE6-B1CE-44B6-A44C-D6B84D29EAFC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB8C9BA3-7F3F-4D10-BC84-48D01AE31FD7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB8C9BA3-7F3F-4D10-BC84-48D01AE31FD7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6C6D023-D6D7-4DF5-89EF-0CB12B42AC72}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6C6D023-D6D7-4DF5-89EF-0CB12B42AC72}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DBB49B3E-5561-46DA-82D3-5377F411D1D1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBB49B3E-5561-46DA-82D3-5377F411D1D1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2A65CFA-2D05-44DA-9FD9-01F72E653719}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2A65CFA-2D05-44DA-9FD9-01F72E653719}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE6F5CC5-3AF0-4C9F-90D3-87267796218F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE6F5CC5-3AF0-4C9F-90D3-87267796218F}" => key removed successfully
C:\WINDOWS\System32\Tasks\{5303FAEC-F93C-410A-8271-46C1AB921D8D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5303FAEC-F93C-410A-8271-46C1AB921D8D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F34984EC-A5CC-468B-9B99-0B7EDD459BB4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F34984EC-A5CC-468B-9B99-0B7EDD459BB4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  netsh int ip reset c:\resetlog.txt =========
 
Resetting Global, OK!
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /release =========
 
 
Windows IP Configuration
 
No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 3 while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Local Area Connection* 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : fd66:5291:71a3:0:cc3b:7e81:2403:2824
   Temporary IPv6 Address. . . . . . : fd66:5291:71a3:0:c553:c7db:3f95:adf7
   Link-local IPv6 Address . . . . . : fe80::cc3b:7e81:2403:2824%7
   Default Gateway . . . . . . . . . : 
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.Home:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1c4c:28a4:fd23:edfd
   Link-local IPv6 Address . . . . . : fe80::1c4c:28a4:fd23:edfd%9
   Default Gateway . . . . . . . . . : 
 
========= End of CMD: =========
 
 
=========  ipconfig /renew =========
 
 
Windows IP Configuration
 
No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 3 while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Local Area Connection* 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : Home
   IPv6 Address. . . . . . . . . . . : fd66:5291:71a3:0:cc3b:7e81:2403:2824
   Temporary IPv6 Address. . . . . . : fd66:5291:71a3:0:c553:c7db:3f95:adf7
   Link-local IPv6 Address . . . . . : fe80::cc3b:7e81:2403:2824%7
   IPv4 Address. . . . . . . . . . . : 192.168.0.8
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Reusable ISATAP Interface {514B4173-E179-4279-975C-6D703BBF3EBB}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:28e9:14c6:3f57:fff7
   Link-local IPv6 Address . . . . . : fe80::28e9:14c6:3f57:fff7%9
   Default Gateway . . . . . . . . . : 
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Resetting Interface, OK!
Resetting , failed.
Access is denied.
 
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.8.10240 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 597.4 MB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 16:25:36 ====

  • 0

#7
MissHYip
Posted 30 August 2015 - 09:51 AM

MissHYip

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

And this is from the AdwCleaner:

 

# AdwCleaner v5.004 - Logfile created 30/08/2015 at 16:45:58
# Updated 26/08/2015 by Xplode
# Database : 2015-08-30.1 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : User - USER-PC
# Running from : C:\Users\User\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files (x86)\fasttsaulEr
[-] Folder Deleted : C:\Program Files (x86)\roocketdeal
 
***** [ Files ] *****
 
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : WinZipDriverUpdaterRunAtStartup
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\SDP
[-] Key Deleted : HKLM\SOFTWARE\98d7ae45-351d-596a-8fa5-7e9c161479d0
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\KanarCore
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\FreeHDSport TV
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\estdemin
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[!] Key Not Deleted : [x64] HKCU\Software\estdemin
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\FreeHDSport TV
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\FreeHDSport TV
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
 
***** [ Web browsers ] *****
 
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : uk.ask.com
 
*************************
 
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2657 bytes] ##########

  • 0

#8
Essexboy
Posted 30 August 2015 - 10:11 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer now ? Any outstanding problems

Please download Malwarebytes Anti-Malware to your desktop
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Ensure that "Enable free trial of Malwarebytes Anti-Malware Premium" is unchecked
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

To access logs from Malwarebytes Anti-Malware 2.0:

mbamlogs.JPG

1.Open Malwarebytes Anti-Malware 2.0
2.Click History > Application Logs
3.Double-click the log you would like to open

Scan Logs record detections from manual scans, including threats detected and the actions taken against them

To save a Scan Log:

1.Open the log file you would like to save
2.Click Export
3.Choose to export to a .txt
4.Choose a folder to save the log file in, then click Save
5.Post that log here
  • 0

#9
MissHYip
Posted 30 August 2015 - 11:31 AM

MissHYip

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Hi,

I did the scan as you said and it took about 1 hr to complete and found about 1025 threats!

It didn't give me the option to quarantine the items, only to delete. It said it would ignore the unchecked items so I panicked and deleted them all...

 

The computer seems ok and I havent seen that error message pop up yet?

 

the scan log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 8/30/2015
Scan Time: 5:17 PM
Logfile: scanlog.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.08.29.05
Rootkit Database: v2015.08.16.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: User
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 428598
Time Elapsed: 53 min, 25 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#10
Essexboy
Posted 30 August 2015 - 11:51 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I should imagine the vast majority were adware and the like... Did it produce a log ?

How is the computer behaving now ?
  • 0

#11
MissHYip
Posted 30 August 2015 - 11:58 AM

MissHYip

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Oops, sorry, here is the log!

 

The computer is a little slow but it's probably always slow...

 

The Log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 8/30/2015
Scan Time: 5:17 PM
Logfile: scanlog.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.08.29.05
Rootkit Database: v2015.08.16.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: User
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 428598
Time Elapsed: 53 min, 25 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 6
PUP.Optional.Bandoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6943DBA-62B9-4E75-9522-3A335BA15108}, Quarantined, [1287c34bcfbcb38354fe6d0eed175fa1], 
PUP.Optional.DataMngr, HKU\S-1-5-21-3585935858-2496010385-1980518169-1000\SOFTWARE\Datamngr, Quarantined, [12879876ef9cd85ee5a1b2d6ef150df3], 
PUP.Optional.SimpleNewTab, HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\SimpleNewTab, Quarantined, [970220ee5437a0961e07347be61e51af], 
PUP.Optional.CrossRider, HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{617D03BA-8A74-4BF5-88EF-944C4FC94B1F}, Quarantined, [643526e86922a294f306bec9986c6f91], 
PUP.Optional.CrossRider, HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{85E659B5-9129-4F41-91F4-6F8FBDF8828A}, Quarantined, [97029b73bccfdf57cf2b6c1b0df735cb], 
PUP.Optional.CrossRider, HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FE9E362A-A43B-482B-94A3-E599B25A3A4C}, Quarantined, [5d3c11fd32591f17a65387004fb5a55b], 
 
Registry Values: 5
PUP.Optional.Bandoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6943DBA-62B9-4E75-9522-3A335BA15108}|AppPath, C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar, Quarantined, [1287c34bcfbcb38354fe6d0eed175fa1]
PUP.Optional.CrossRider, HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{617D03BA-8A74-4BF5-88EF-944C4FC94B1F}|AppName, f25c6f6d-0101-430a-a666-5e2b62ba363a-2.exe-buttonutil.exe, Quarantined, [643526e86922a294f306bec9986c6f91]
PUP.Optional.CrossRider, HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{85E659B5-9129-4F41-91F4-6F8FBDF8828A}|AppName, f25c6f6d-0101-430a-a666-5e2b62ba363a-2.exe-codedownloader.exe, Quarantined, [97029b73bccfdf57cf2b6c1b0df735cb]
PUP.Optional.CrossRider, HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FE9E362A-A43B-482B-94A3-E599B25A3A4C}|AppName, FreeHDSport TV-enabler.exe-buttonutil.exe, Quarantined, [5d3c11fd32591f17a65387004fb5a55b]
Trojan.Agent.Gen, HKU\S-1-5-21-3585935858-2496010385-1980518169-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|{197D4B12-1DBE-D7B6-A648-5131DD771BEF}, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp9E2E.exe, Quarantined, [851448c62f5c2e08843d24da778cba46]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 166
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\00874a9d8005f37a439c7c15c2f1235b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\018e70cfaa25f3730adb4bedfb8095ff, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\026e56b9b5b6624c7aa1490893f62ab4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\045b51dba19bb1769fefe29aca15b355, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\049ffb1438f24f014f48605a6f324243, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0634b6919dd68bd8d315ba438a5b4b7d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0dda1c2659af8b6e5fb383c52c886ae0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0e513f7f1455b6582600cea35569a978, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0f140d53bee819ce2392b22eab05c71a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\10e4da999a70b5b51dae71f9e65e30c8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\13374a76b3b1daea42bb748abce86935, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1403050603c35c5afd186cbb6636caf0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1659925b0424b14ee7cfcd8ac76634de, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\19e8ed03550dbdea47c188280e31f66e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1da951fedf5672fdda9c3c9e93bd44ad, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3d3e89187bb82223e147fabdb8eea4dd, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3da514c7cfae54e9a636cfedbdc4485c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3f9dd2fc6c634cb5deefb2ce73d01167, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4002496a18c57d97c2538d5907b0f408, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4048ca6de7608eb3614ac2ac6df91da8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\409c81a9f0f15534feaae83e86165539, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\49476c9192dfb12b6b8ebaf15495ec91, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4dcd1f2719cc441a57ec1d0db1a61006, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4e028b6a15a673c168a31921c71f6313, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4e392adeb1680629cde3da6e6507d49e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9507ae908ea5d0f2c64fdc5bac0f0859, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\981a0881e4eb148bf7730200c42f015e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\983befbe0dd10145e45fc01307b12b44, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\98811f3240d129485509701132734d31, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9a79233c53d2aca2cb5b8d840c8a760b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9b325abd1c1af4e85f5f36097960bbc4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9bdfe7c99a4e55b0a3baeb0b26d91b90, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9c2040478166795ed391dcde4c32a071, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1dc6592eb8096cd2dc4667fe803953a9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1ed735061daf564c421a195d8e775fb4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1f71fb47d881dcf2ee0aa9eb3a7cd166, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\20e06c535758154093f5bf09ffd3c544, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\23173b916a66997d845f2ad7cf73a0e5, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\23d1ec9a8c4391beb517c389edf1947d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2466051082569f4457545756a1ab3a02, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\26dc37c7f9f0ebfb2903bd8879ca481a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d941a681c8fa84b38ae46b2642f909a4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\da33443fee1f30329be7140ecc324f86, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\df835d2d05edf41abe8c0f9afd136fbd, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e0e0c9bee355be9eda84fbf88e0c5d10, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e4f0d8e365dd54a24f2a193f4af5cba4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e5281907d882753fb73efbba28e9bcc4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e54cc60f183c6644f19408bfb1e1a048, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e55ba722b18b2dcaf632b468610d8847, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e588558a9bce41d0f0679386a2db94d9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e7812b8ad81c27be1406412d7d43d1bf, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e8285b29efaaa1e778de43d5ac6b803e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5d758f3fe20ade8a6663e38ef2fd6a98, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5d8a4b0e12ff2d27de7394dc8ae3ff41, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5daddc40c627a8acb7fd759f59c016f6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\609128b9cc1391f3c1739874ad10f6f9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\612e146104cce1a830f5c52d9718b757, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\626e4903afbaa849e7db6d18e48dba5a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\638739735a894dfca72f6af04be20a5f, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\686a1c8afdb350181f71475dbac0fb40, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6ac8c4b0d5bf73f44f80c429abd273b1, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6d6c015679720ddf12f30204bc57a265, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6d8c98ae43dbec1c8f87be42f91607db, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6e6db68cc6305703f9b068271486984a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\79299836d7f344cd86048ddf85b48162, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\795b5387a96ea834cb9eed7cde956086, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e88d2c20decd547f91b442ca024fb2d8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c1a16897364200f8d01f27f0dcb18c18, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c5967f085030011ac2c8e347c02407f0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c71901f8450ff12e9bfd7075563eb77d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c7a9333ed154e380d16b340784a355be, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c8a9977d80d876e39f22e7c2bb5f75c6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cb7402adb514d7e2604903af9435ac25, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cbec29ebcc8e5ce417567bf9c0ac3727, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cd8e8e7e7cbb8e7e8800b84853c8f955, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cf4544a97e9e252324c56fd5169d7184, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d06e30cc0745d8efcc1f417fffb5c6a2, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d260d668d4afcb8d06eb90eede59a2e8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d9139e70581e099622e31d8bf406244a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e984c6ffa63cf93a94f739d043f9212f, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea1da9e315aaa2956a156f1470eaadbf, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ee1de651f21f1bbe73420a71394f4aa6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ee6e4ca3a4935b9328fb456a4c4c471e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ee7c5d952d5eba70e39e168b858e2add, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ef73e19f15518094fe59d61ba6b887da, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f2079eb13e4aaba0946d17eb3cc8d285, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f32c95a4ee5654440896cc8da44562d6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f69728df35bdcb2657cbc4219525999b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f867067392b6105701bb504105e19385, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f8eb4f44cd57abf5f35f3f070dc6c45d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f9159d211c0118fdd4e7279948f2f603, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7da9d9fa99e16e0378d4e86f01eb5df9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8019c06006bcf08481748e959ea40edf, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8145df44d930242611a43e298cc17005, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\816e94a9e5d65dcae1afc8304dd280af, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\81d6973b2dadb7fcbdf65b58fcc24cac, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\83eaa1e99f6d7de26e100feb07377dbd, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\87604f529f6113fd89a10845292816f6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8ae927a69db34a8598885f2a716196b8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8e42d8b582df13f339057b432f8b0ebc, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8eb6f902c5dbe213e186f607def430c6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9132434153c23c86ef25b9ec32bf1710, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\93fe7eff65e8674be1a7b838204e4ab4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\94a6672ebcd80bc5521760948301705c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a803f5b497f6c9ac613a8c7a1b16de8e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a82966a0a72914d02dd94b7b3abbf7c1, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a9e2147956e03c0b064f5ee2c940ac04, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\aafcf498edbe66fdf36a8c5b44c6169c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\aef49a3314a99fa8a553fc6d2bcab846, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\afe289d03767e3a7de1943b7eada2d60, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b78e77122cc160db5e1aa726d491e84b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b80eaf894cdcee32f4f8a7da0e5a7bd2, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b84fc5145a27f1b9e3e33d503870f423, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b9abaccb2b34a1d8d4e20e35844dc774, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed559b9109df490cb81896be60e83, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bd2c2d8fe2003b7d0bbfdec54c83e5e9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bde52e0b309f6f7fad74b42a7f09e8db, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c06c39b1137b9e70a268f0fe5c34d322, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c0e79e3931fd58773ed8a2d23efbea26, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2c0c549d8f0feddffa2f67161b681804, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2cac0aab1ec0102a66db4a7e60541c21, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2cfb55ff4d2c88409d30b72e0fb88ecd, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2d0ef40ca9e4d12e528b1a094368dc03, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2dab6f356b357afea276f2894d11330d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2ffb5fa1392bef57dc133037343a8ef5, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3025c981b9efcc93a66422e15210c7ba, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\32b520ac9668eec7542964e152a2d4da, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\332646bb309848318b0a11b271c7c842, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3466e98db0daabce34c4fbad35fe8ded, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\368a62932eb52ff04d56c1fee56e2ada, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\36a04745b4623945cbc3d20a11d5ec62, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\36cc412c55250551d6138009c9ffe080, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\38a4374d9c9075eb809902482f865df6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\38c8165f0a4a62e79fa682a220f23ff0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4ebde897a8d494df423abc80519066c2, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\51202174c7dd39d602eec0c13e1c988f, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52bae071bc50b2c007c25bd1ce79de1a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52df4551d317af6885dd5cd810dd2060, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52e5ab64e95dce0b9c1aca9a54dd6c09, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5527f6b60e0f3bd4f62d738cd9cfae87, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\552aa1647230201cfd8083cdef3bf956, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5696bd27d7c7131835122cecc5f1c29e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5708f3a20050b84ee7e653e6c20665c5, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\59f668fe85505b96368346742183e98d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5b4ef91419134667fa6b1522087dfb2b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9cc0659947f708481b03a7ba6609023c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9d31e0127c9b5d84b1af9267189d4435, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9da106550deb464e078e614e7b91b84a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a0dd251db2672fee82d0c9cd38a3f3ce, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a0e6c6374dad577a79ba5a863bc67d5c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a120b0f88223841f4d2bc7be81f5fa45, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a1a94ba86be4aa05592dd9732da8af95, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a7666beb357b3d5ec76afb40b9ab7ba3, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
PUP.Optional.FastPlayer, C:\Users\User\AppData\Local\com\FastPlayer.exe_Url_ypw5ldaz5xtubzl3ykl5vaw3nmhswq1q, Quarantined, [2376c24c74179b9b3f6fbf477390cd33], 
PUP.Optional.FastPlayer, C:\Users\User\AppData\Local\com\FastPlayer.exe_Url_ypw5ldaz5xtubzl3ykl5vaw3nmhswq1q\1.0.0.3, Quarantined, [2376c24c74179b9b3f6fbf477390cd33], 
 
Files: 851
PUP.Optional.MultiPlug.Uns, C:\ProgramData\salesale\salesale.exe, Quarantined, [7b1ecf3f8605082eeaac0b790bf760a0], 
Trojan.Agent.msh, c:\programdata\microsoft\performance\monitor\temp\tmp1306.exe, Quarantined, [15840fff8803f83e92a4289d90715fa1], 
Trojan.Agent.MSH, c:\programdata\microsoft\performance\monitor\temp\tmp15bf.exe, Quarantined, [9efb67a7206b162006d50bc1d130a35d], 
Backdoor.Bot, c:\programdata\microsoft\performance\monitor\temp\tmp16a9.exe, Quarantined, [a7f2ac621a715cdac90accfba65ba65a], 
Trojan.Agent.MSH, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp785A.exe, Quarantined, [148551bd49425adc19c29636e71a12ee], 
Trojan.Agent.MSH, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp856.exe, Quarantined, [60394bc3d6b5ce684c8fbb11c53c21df], 
Trojan.Agent.msh, c:\programdata\microsoft\performance\monitor\temp\tmpb119.exe, Quarantined, [a4f51feffd8e53e3dc28dc6e9e676f91], 
Trojan.FakeMS, c:\programdata\microsoft\performance\monitor\temp\tmpc78d.exe, Quarantined, [2574e32b2c5f37ffea5a964055ac06fa], 
Trojan.Dorkbot.ED, c:\programdata\microsoft\performance\monitor\temp\tmpd296.exe, Quarantined, [3e5bb559fb90a98dc209f3238978639d], 
Trojan.Agent.Gen, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp9E2E.exe, Quarantined, [851448c62f5c2e08843d24da778cba46], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\155888c6ba2f0f61c95782ba6094851f, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\23ac5cb6770ecc4971c65565801254ce, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\34a398fb6c571d1c4d38e5f036bbe84e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\508203ef6321fb6dc738f00f21bad019, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\5763b29ae7ddca453f48658d9fcc9f9f, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\6df28ba66161ee6c0352c43eca6c22a5, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\75369d06180801862327e97085824fe3, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\7d1e4c44af12afcdb7b4aac0a5e16718, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\920639cb935cf6d3d419095a598352a1, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\9c0a2cca9cf4677d047a77e61717ce37, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\c6bbf9efdbd080cc2af0bad89d2aed6b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\dbadf687331785c824ea9f609eee1831, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\zepplauncher.mif, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\00874a9d8005f37a439c7c15c2f1235b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\018e70cfaa25f3730adb4bedfb8095ff, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\026e56b9b5b6624c7aa1490893f62ab4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\045b51dba19bb1769fefe29aca15b355, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\049ffb1438f24f014f48605a6f324243, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\0634b6919dd68bd8d315ba438a5b4b7d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\0dda1c2659af8b6e5fb383c52c886ae0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\0e513f7f1455b6582600cea35569a978, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\0f140d53bee819ce2392b22eab05c71a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\409c81a9f0f15534feaae83e86165539, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\49476c9192dfb12b6b8ebaf15495ec91, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4dcd1f2719cc441a57ec1d0db1a61006, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4e028b6a15a673c168a31921c71f6313, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4e392adeb1680629cde3da6e6507d49e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4ebde897a8d494df423abc80519066c2, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\51202174c7dd39d602eec0c13e1c988f, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\52bae071bc50b2c007c25bd1ce79de1a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\52df4551d317af6885dd5cd810dd2060, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\52e5ab64e95dce0b9c1aca9a54dd6c09, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5527f6b60e0f3bd4f62d738cd9cfae87, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\552aa1647230201cfd8083cdef3bf956, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5696bd27d7c7131835122cecc5f1c29e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5708f3a20050b84ee7e653e6c20665c5, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\9d31e0127c9b5d84b1af9267189d4435, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\9da106550deb464e078e614e7b91b84a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a0dd251db2672fee82d0c9cd38a3f3ce, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a0e6c6374dad577a79ba5a863bc67d5c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a120b0f88223841f4d2bc7be81f5fa45, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a1a94ba86be4aa05592dd9732da8af95, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a65324063d01973e672b725fab36bb6e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a7666beb357b3d5ec76afb40b9ab7ba3, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a803f5b497f6c9ac613a8c7a1b16de8e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a82966a0a72914d02dd94b7b3abbf7c1, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a9e2147956e03c0b064f5ee2c940ac04, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\20e06c535758154093f5bf09ffd3c544, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\23173b916a66997d845f2ad7cf73a0e5, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\23d1ec9a8c4391beb517c389edf1947d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2466051082569f4457545756a1ab3a02, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\25c3c77067e1c76ae25ec7e469130747, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\26dc37c7f9f0ebfb2903bd8879ca481a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2c0c549d8f0feddffa2f67161b681804, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2cac0aab1ec0102a66db4a7e60541c21, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2cfb55ff4d2c88409d30b72e0fb88ecd, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2d0ef40ca9e4d12e528b1a094368dc03, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2dab6f356b357afea276f2894d11330d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\2ffb5fa1392bef57dc133037343a8ef5, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\3025c981b9efcc93a66422e15210c7ba, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\32b520ac9668eec7542964e152a2d4da, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\332646bb309848318b0a11b271c7c842, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e0e0c9bee355be9eda84fbf88e0c5d10, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e4f0d8e365dd54a24f2a193f4af5cba4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e5281907d882753fb73efbba28e9bcc4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e54cc60f183c6644f19408bfb1e1a048, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e55ba722b18b2dcaf632b468610d8847, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e588558a9bce41d0f0679386a2db94d9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e7812b8ad81c27be1406412d7d43d1bf, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e8285b29efaaa1e778de43d5ac6b803e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e88d2c20decd547f91b442ca024fb2d8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e984c6ffa63cf93a94f739d043f9212f, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ea1da9e315aaa2956a156f1470eaadbf, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\10e4da999a70b5b51dae71f9e65e30c8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1f71fb47d881dcf2ee0aa9eb3a7cd166, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\3466e98db0daabce34c4fbad35fe8ded, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4048ca6de7608eb3614ac2ac6df91da8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5796bcc07cbb2cda2efb9eee3798e749, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6e6db68cc6305703f9b068271486984a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8eb6f902c5dbe213e186f607def430c6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\9cc0659947f708481b03a7ba6609023c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\aafcf498edbe66fdf36a8c5b44c6169c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c7a9333ed154e380d16b340784a355be, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\df835d2d05edf41abe8c0f9afd136fbd, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ee1de651f21f1bbe73420a71394f4aa6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\79299836d7f344cd86048ddf85b48162, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\795b5387a96ea834cb9eed7cde956086, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\7da9d9fa99e16e0378d4e86f01eb5df9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8019c06006bcf08481748e959ea40edf, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8145df44d930242611a43e298cc17005, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\816e94a9e5d65dcae1afc8304dd280af, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\81d6973b2dadb7fcbdf65b58fcc24cac, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\83eaa1e99f6d7de26e100feb07377dbd, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\87604f529f6113fd89a10845292816f6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8ae927a69db34a8598885f2a716196b8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8e42d8b582df13f339057b432f8b0ebc, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c8a9977d80d876e39f22e7c2bb5f75c6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\cb7402adb514d7e2604903af9435ac25, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\cbec29ebcc8e5ce417567bf9c0ac3727, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\cc9539033650fa2e4e0fa565ed296de4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\cd8e8e7e7cbb8e7e8800b84853c8f955, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\cf4544a97e9e252324c56fd5169d7184, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d06e30cc0745d8efcc1f417fffb5c6a2, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d260d668d4afcb8d06eb90eede59a2e8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d9139e70581e099622e31d8bf406244a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d941a681c8fa84b38ae46b2642f909a4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\da33443fee1f30329be7140ecc324f86, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\59f668fe85505b96368346742183e98d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5b4ef91419134667fa6b1522087dfb2b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5d758f3fe20ade8a6663e38ef2fd6a98, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5d8a4b0e12ff2d27de7394dc8ae3ff41, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5daddc40c627a8acb7fd759f59c016f6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\609128b9cc1391f3c1739874ad10f6f9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\612e146104cce1a830f5c52d9718b757, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\626e4903afbaa849e7db6d18e48dba5a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\638739735a894dfca72f6af04be20a5f, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\686a1c8afdb350181f71475dbac0fb40, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6ac8c4b0d5bf73f44f80c429abd273b1, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6d6c015679720ddf12f30204bc57a265, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6d8c98ae43dbec1c8f87be42f91607db, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\368a62932eb52ff04d56c1fee56e2ada, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\36a04745b4623945cbc3d20a11d5ec62, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\36cc412c55250551d6138009c9ffe080, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\38a4374d9c9075eb809902482f865df6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\38c8165f0a4a62e79fa682a220f23ff0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\3d3e89187bb82223e147fabdb8eea4dd, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\3da514c7cfae54e9a636cfedbdc4485c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\3f9dd2fc6c634cb5deefb2ce73d01167, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\4002496a18c57d97c2538d5907b0f408, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ee6e4ca3a4935b9328fb456a4c4c471e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ee7c5d952d5eba70e39e168b858e2add, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ef73e19f15518094fe59d61ba6b887da, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f2079eb13e4aaba0946d17eb3cc8d285, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f32c95a4ee5654440896cc8da44562d6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f69728df35bdcb2657cbc4219525999b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f867067392b6105701bb504105e19385, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f8eb4f44cd57abf5f35f3f070dc6c45d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f9159d211c0118fdd4e7279948f2f603, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\aef49a3314a99fa8a553fc6d2bcab846, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\afe289d03767e3a7de1943b7eada2d60, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\b78e77122cc160db5e1aa726d491e84b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\b80eaf894cdcee32f4f8a7da0e5a7bd2, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\b84fc5145a27f1b9e3e33d503870f423, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\b9abaccb2b34a1d8d4e20e35844dc774, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\bc3ed559b9109df490cb81896be60e83, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\bd2c2d8fe2003b7d0bbfdec54c83e5e9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\bde52e0b309f6f7fad74b42a7f09e8db, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c06c39b1137b9e70a268f0fe5c34d322, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c0e79e3931fd58773ed8a2d23efbea26, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c1a16897364200f8d01f27f0dcb18c18, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c5967f085030011ac2c8e347c02407f0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c71901f8450ff12e9bfd7075563eb77d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\9132434153c23c86ef25b9ec32bf1710, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\93fe7eff65e8674be1a7b838204e4ab4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\94a6672ebcd80bc5521760948301705c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\9507ae908ea5d0f2c64fdc5bac0f0859, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\981a0881e4eb148bf7730200c42f015e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\983befbe0dd10145e45fc01307b12b44, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\98811f3240d129485509701132734d31, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\9a79233c53d2aca2cb5b8d840c8a760b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\9b325abd1c1af4e85f5f36097960bbc4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\9bdfe7c99a4e55b0a3baeb0b26d91b90, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\9c2040478166795ed391dcde4c32a071, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\13374a76b3b1daea42bb748abce86935, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1403050603c35c5afd186cbb6636caf0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1659925b0424b14ee7cfcd8ac76634de, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\19e8ed03550dbdea47c188280e31f66e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1da951fedf5672fdda9c3c9e93bd44ad, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1dc6592eb8096cd2dc4667fe803953a9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1ed735061daf564c421a195d8e775fb4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\018e70cfaa25f3730adb4bedfb8095ff, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\026e56b9b5b6624c7aa1490893f62ab4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\045b51dba19bb1769fefe29aca15b355, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\049ffb1438f24f014f48605a6f324243, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\0634b6919dd68bd8d315ba438a5b4b7d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\0dda1c2659af8b6e5fb383c52c886ae0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\0e513f7f1455b6582600cea35569a978, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\0f140d53bee819ce2392b22eab05c71a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\1403050603c35c5afd186cbb6636caf0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\1659925b0424b14ee7cfcd8ac76634de, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\1da951fedf5672fdda9c3c9e93bd44ad, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\1ed735061daf564c421a195d8e775fb4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\20e06c535758154093f5bf09ffd3c544, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\23173b916a66997d845f2ad7cf73a0e5, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\23d1ec9a8c4391beb517c389edf1947d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\51202174c7dd39d602eec0c13e1c988f, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\52bae071bc50b2c007c25bd1ce79de1a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\52df4551d317af6885dd5cd810dd2060, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\52e5ab64e95dce0b9c1aca9a54dd6c09, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5527f6b60e0f3bd4f62d738cd9cfae87, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\552aa1647230201cfd8083cdef3bf956, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5696bd27d7c7131835122cecc5f1c29e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5796bcc07cbb2cda2efb9eee3798e749, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\59f668fe85505b96368346742183e98d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5b4ef91419134667fa6b1522087dfb2b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5d758f3fe20ade8a6663e38ef2fd6a98, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5d8a4b0e12ff2d27de7394dc8ae3ff41, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c06c39b1137b9e70a268f0fe5c34d322, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c0e79e3931fd58773ed8a2d23efbea26, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c1a16897364200f8d01f27f0dcb18c18, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c71901f8450ff12e9bfd7075563eb77d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c7a9333ed154e380d16b340784a355be, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c8a9977d80d876e39f22e7c2bb5f75c6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\cb7402adb514d7e2604903af9435ac25, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\cbec29ebcc8e5ce417567bf9c0ac3727, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\cc9539033650fa2e4e0fa565ed296de4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\cf4544a97e9e252324c56fd5169d7184, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d9139e70581e099622e31d8bf406244a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d941a681c8fa84b38ae46b2642f909a4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\2c0c549d8f0feddffa2f67161b681804, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\2cfb55ff4d2c88409d30b72e0fb88ecd, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\2dab6f356b357afea276f2894d11330d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\3025c981b9efcc93a66422e15210c7ba, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\32b520ac9668eec7542964e152a2d4da, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\332646bb309848318b0a11b271c7c842, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\36a04745b4623945cbc3d20a11d5ec62, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\36cc412c55250551d6138009c9ffe080, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\9132434153c23c86ef25b9ec32bf1710, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\94a6672ebcd80bc5521760948301705c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\981a0881e4eb148bf7730200c42f015e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\983befbe0dd10145e45fc01307b12b44, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\9a79233c53d2aca2cb5b8d840c8a760b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\9bdfe7c99a4e55b0a3baeb0b26d91b90, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\9c2040478166795ed391dcde4c32a071, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\9cc0659947f708481b03a7ba6609023c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\9da106550deb464e078e614e7b91b84a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a0dd251db2672fee82d0c9cd38a3f3ce, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a0e6c6374dad577a79ba5a863bc67d5c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a120b0f88223841f4d2bc7be81f5fa45, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a1a94ba86be4aa05592dd9732da8af95, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\26dc37c7f9f0ebfb2903bd8879ca481a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\38a4374d9c9075eb809902482f865df6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\4ebde897a8d494df423abc80519066c2, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5daddc40c627a8acb7fd759f59c016f6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8eb6f902c5dbe213e186f607def430c6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a65324063d01973e672b725fab36bb6e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\bd2c2d8fe2003b7d0bbfdec54c83e5e9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e0e0c9bee355be9eda84fbf88e0c5d10, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e5281907d882753fb73efbba28e9bcc4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e54cc60f183c6644f19408bfb1e1a048, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e55ba722b18b2dcaf632b468610d8847, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e588558a9bce41d0f0679386a2db94d9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e8285b29efaaa1e778de43d5ac6b803e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e88d2c20decd547f91b442ca024fb2d8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\ee6e4ca3a4935b9328fb456a4c4c471e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\ef73e19f15518094fe59d61ba6b887da, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\f69728df35bdcb2657cbc4219525999b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\f867067392b6105701bb504105e19385, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\f8eb4f44cd57abf5f35f3f070dc6c45d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\612e146104cce1a830f5c52d9718b757, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\626e4903afbaa849e7db6d18e48dba5a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6ac8c4b0d5bf73f44f80c429abd273b1, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6d6c015679720ddf12f30204bc57a265, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6e6db68cc6305703f9b068271486984a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\795b5387a96ea834cb9eed7cde956086, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\7da9d9fa99e16e0378d4e86f01eb5df9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8019c06006bcf08481748e959ea40edf, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8145df44d930242611a43e298cc17005, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\81d6973b2dadb7fcbdf65b58fcc24cac, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\83eaa1e99f6d7de26e100feb07377dbd, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8ae927a69db34a8598885f2a716196b8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a803f5b497f6c9ac613a8c7a1b16de8e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a82966a0a72914d02dd94b7b3abbf7c1, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a9e2147956e03c0b064f5ee2c940ac04, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\aafcf498edbe66fdf36a8c5b44c6169c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\aef49a3314a99fa8a553fc6d2bcab846, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\afe289d03767e3a7de1943b7eada2d60, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\b78e77122cc160db5e1aa726d491e84b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\b84fc5145a27f1b9e3e33d503870f423, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\b9abaccb2b34a1d8d4e20e35844dc774, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\bc3ed559b9109df490cb81896be60e83, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\38c8165f0a4a62e79fa682a220f23ff0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\3f9dd2fc6c634cb5deefb2ce73d01167, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\4002496a18c57d97c2538d5907b0f408, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\4048ca6de7608eb3614ac2ac6df91da8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\409c81a9f0f15534feaae83e86165539, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\4dcd1f2719cc441a57ec1d0db1a61006, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\4e028b6a15a673c168a31921c71f6313, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\018e70cfaa25f3730adb4bedfb8095ff, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\026e56b9b5b6624c7aa1490893f62ab4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\045b51dba19bb1769fefe29aca15b355, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\049ffb1438f24f014f48605a6f324243, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\0634b6919dd68bd8d315ba438a5b4b7d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\0dda1c2659af8b6e5fb383c52c886ae0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\0e513f7f1455b6582600cea35569a978, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\0f140d53bee819ce2392b22eab05c71a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\1403050603c35c5afd186cbb6636caf0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\1659925b0424b14ee7cfcd8ac76634de, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\1da951fedf5672fdda9c3c9e93bd44ad, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\1ed735061daf564c421a195d8e775fb4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\20e06c535758154093f5bf09ffd3c544, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\23173b916a66997d845f2ad7cf73a0e5, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\23d1ec9a8c4391beb517c389edf1947d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\26dc37c7f9f0ebfb2903bd8879ca481a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5696bd27d7c7131835122cecc5f1c29e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5796bcc07cbb2cda2efb9eee3798e749, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\59f668fe85505b96368346742183e98d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5b4ef91419134667fa6b1522087dfb2b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5d758f3fe20ade8a6663e38ef2fd6a98, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5d8a4b0e12ff2d27de7394dc8ae3ff41, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5daddc40c627a8acb7fd759f59c016f6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\612e146104cce1a830f5c52d9718b757, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c1a16897364200f8d01f27f0dcb18c18, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c71901f8450ff12e9bfd7075563eb77d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c7a9333ed154e380d16b340784a355be, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c8a9977d80d876e39f22e7c2bb5f75c6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\cb7402adb514d7e2604903af9435ac25, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\cbec29ebcc8e5ce417567bf9c0ac3727, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\cc9539033650fa2e4e0fa565ed296de4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\cf4544a97e9e252324c56fd5169d7184, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d9139e70581e099622e31d8bf406244a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d941a681c8fa84b38ae46b2642f909a4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e0e0c9bee355be9eda84fbf88e0c5d10, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e5281907d882753fb73efbba28e9bcc4, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\2c0c549d8f0feddffa2f67161b681804, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\2cfb55ff4d2c88409d30b72e0fb88ecd, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\2dab6f356b357afea276f2894d11330d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\3025c981b9efcc93a66422e15210c7ba, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\32b520ac9668eec7542964e152a2d4da, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\332646bb309848318b0a11b271c7c842, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\36a04745b4623945cbc3d20a11d5ec62, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\36cc412c55250551d6138009c9ffe080, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\38a4374d9c9075eb809902482f865df6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\38c8165f0a4a62e79fa682a220f23ff0, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\94a6672ebcd80bc5521760948301705c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\981a0881e4eb148bf7730200c42f015e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\983befbe0dd10145e45fc01307b12b44, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\9a79233c53d2aca2cb5b8d840c8a760b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\9bdfe7c99a4e55b0a3baeb0b26d91b90, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\9c2040478166795ed391dcde4c32a071, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\9cc0659947f708481b03a7ba6609023c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\9da106550deb464e078e614e7b91b84a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a0dd251db2672fee82d0c9cd38a3f3ce, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a0e6c6374dad577a79ba5a863bc67d5c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a120b0f88223841f4d2bc7be81f5fa45, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a1a94ba86be4aa05592dd9732da8af95, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a65324063d01973e672b725fab36bb6e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\552aa1647230201cfd8083cdef3bf956, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\626e4903afbaa849e7db6d18e48dba5a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\9132434153c23c86ef25b9ec32bf1710, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a803f5b497f6c9ac613a8c7a1b16de8e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c0e79e3931fd58773ed8a2d23efbea26, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e54cc60f183c6644f19408bfb1e1a048, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e55ba722b18b2dcaf632b468610d8847, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e588558a9bce41d0f0679386a2db94d9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e8285b29efaaa1e778de43d5ac6b803e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e88d2c20decd547f91b442ca024fb2d8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\ee6e4ca3a4935b9328fb456a4c4c471e, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\ef73e19f15518094fe59d61ba6b887da, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\f69728df35bdcb2657cbc4219525999b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\f867067392b6105701bb504105e19385, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\f8eb4f44cd57abf5f35f3f070dc6c45d, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\3f9dd2fc6c634cb5deefb2ce73d01167, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\4002496a18c57d97c2538d5907b0f408, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\4048ca6de7608eb3614ac2ac6df91da8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\409c81a9f0f15534feaae83e86165539, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\4dcd1f2719cc441a57ec1d0db1a61006, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\4e028b6a15a673c168a31921c71f6313, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\4ebde897a8d494df423abc80519066c2, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\51202174c7dd39d602eec0c13e1c988f, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\52bae071bc50b2c007c25bd1ce79de1a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\52df4551d317af6885dd5cd810dd2060, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\52e5ab64e95dce0b9c1aca9a54dd6c09, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5527f6b60e0f3bd4f62d738cd9cfae87, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a82966a0a72914d02dd94b7b3abbf7c1, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a9e2147956e03c0b064f5ee2c940ac04, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\aafcf498edbe66fdf36a8c5b44c6169c, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\aef49a3314a99fa8a553fc6d2bcab846, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\afe289d03767e3a7de1943b7eada2d60, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\b78e77122cc160db5e1aa726d491e84b, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\b84fc5145a27f1b9e3e33d503870f423, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\b9abaccb2b34a1d8d4e20e35844dc774, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\bc3ed559b9109df490cb81896be60e83, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\bd2c2d8fe2003b7d0bbfdec54c83e5e9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c06c39b1137b9e70a268f0fe5c34d322, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6ac8c4b0d5bf73f44f80c429abd273b1, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6d6c015679720ddf12f30204bc57a265, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6e6db68cc6305703f9b068271486984a, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\795b5387a96ea834cb9eed7cde956086, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\7da9d9fa99e16e0378d4e86f01eb5df9, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8019c06006bcf08481748e959ea40edf, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8145df44d930242611a43e298cc17005, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\81d6973b2dadb7fcbdf65b58fcc24cac, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\83eaa1e99f6d7de26e100feb07377dbd, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8ae927a69db34a8598885f2a716196b8, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8eb6f902c5dbe213e186f607def430c6, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\00874a9d8005f37a439c7c15c2f1235b\Jessabelle 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\00874a9d8005f37a439c7c15c2f1235b\Jessabelle 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\00874a9d8005f37a439c7c15c2f1235b\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\018e70cfaa25f3730adb4bedfb8095ff\Project Almanac 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\018e70cfaa25f3730adb4bedfb8095ff\Project Almanac 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\018e70cfaa25f3730adb4bedfb8095ff\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\026e56b9b5b6624c7aa1490893f62ab4\Shareaza Turbo Accelerator.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\026e56b9b5b6624c7aa1490893f62ab4\Shareaza Turbo Accelerator.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\045b51dba19bb1769fefe29aca15b355\pinnacle studio.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\045b51dba19bb1769fefe29aca15b355\pinnacle studio.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\045b51dba19bb1769fefe29aca15b355\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\049ffb1438f24f014f48605a6f324243\The Best of Me 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\049ffb1438f24f014f48605a6f324243\The Best of Me 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\049ffb1438f24f014f48605a6f324243\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0634b6919dd68bd8d315ba438a5b4b7d\Last Knights 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0634b6919dd68bd8d315ba438a5b4b7d\Last Knights 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0634b6919dd68bd8d315ba438a5b4b7d\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0dda1c2659af8b6e5fb383c52c886ae0\PhotoImpact.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0dda1c2659af8b6e5fb383c52c886ae0\PhotoImpact.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0dda1c2659af8b6e5fb383c52c886ae0\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0e513f7f1455b6582600cea35569a978\Regression 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0e513f7f1455b6582600cea35569a978\Regression 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0e513f7f1455b6582600cea35569a978\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0f140d53bee819ce2392b22eab05c71a\Easy Photo Frame.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0f140d53bee819ce2392b22eab05c71a\Easy Photo Frame.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\10e4da999a70b5b51dae71f9e65e30c8\Debut Video Capture Software Professional.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\10e4da999a70b5b51dae71f9e65e30c8\Debut Video Capture Software Professional.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\13374a76b3b1daea42bb748abce86935\Smosh The Movie 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\13374a76b3b1daea42bb748abce86935\Smosh The Movie 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\13374a76b3b1daea42bb748abce86935\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1403050603c35c5afd186cbb6636caf0\PDF OCR.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1403050603c35c5afd186cbb6636caf0\PDF OCR.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1659925b0424b14ee7cfcd8ac76634de\Blackhat 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1659925b0424b14ee7cfcd8ac76634de\Blackhat 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1659925b0424b14ee7cfcd8ac76634de\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\19e8ed03550dbdea47c188280e31f66e\office.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\19e8ed03550dbdea47c188280e31f66e\office.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\19e8ed03550dbdea47c188280e31f66e\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1da951fedf5672fdda9c3c9e93bd44ad\DSS DJ.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1da951fedf5672fdda9c3c9e93bd44ad\DSS DJ.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3d3e89187bb82223e147fabdb8eea4dd\NoteBurner Audio Converter.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3d3e89187bb82223e147fabdb8eea4dd\NoteBurner Audio Converter.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3da514c7cfae54e9a636cfedbdc4485c\Embird.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3da514c7cfae54e9a636cfedbdc4485c\Embird.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3f9dd2fc6c634cb5deefb2ce73d01167\lightroom.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3f9dd2fc6c634cb5deefb2ce73d01167\lightroom.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3f9dd2fc6c634cb5deefb2ce73d01167\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4002496a18c57d97c2538d5907b0f408\Dailymotion Video Downloader.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4002496a18c57d97c2538d5907b0f408\Dailymotion Video Downloader.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4048ca6de7608eb3614ac2ac6df91da8\driver pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4048ca6de7608eb3614ac2ac6df91da8\driver pack.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4048ca6de7608eb3614ac2ac6df91da8\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\409c81a9f0f15534feaae83e86165539\Guardians of the Galaxy 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\409c81a9f0f15534feaae83e86165539\Guardians of the Galaxy 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\409c81a9f0f15534feaae83e86165539\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\49476c9192dfb12b6b8ebaf15495ec91\Logo Design Studio.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\49476c9192dfb12b6b8ebaf15495ec91\Logo Design Studio.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4dcd1f2719cc441a57ec1d0db1a61006\Heroes of Might and Magic III.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4dcd1f2719cc441a57ec1d0db1a61006\Heroes of Might and Magic III.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4dcd1f2719cc441a57ec1d0db1a61006\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4e028b6a15a673c168a31921c71f6313\Slow West 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4e028b6a15a673c168a31921c71f6313\Slow West 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4e028b6a15a673c168a31921c71f6313\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4e392adeb1680629cde3da6e6507d49e\Pamela for Skype Basic Version.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4e392adeb1680629cde3da6e6507d49e\Pamela for Skype Basic Version.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9507ae908ea5d0f2c64fdc5bac0f0859\Skype.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9507ae908ea5d0f2c64fdc5bac0f0859\Skype.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\981a0881e4eb148bf7730200c42f015e\TuneUp.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\981a0881e4eb148bf7730200c42f015e\TuneUp.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\983befbe0dd10145e45fc01307b12b44\Poise.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\983befbe0dd10145e45fc01307b12b44\Poise.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\98811f3240d129485509701132734d31\matlab.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\98811f3240d129485509701132734d31\matlab.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\98811f3240d129485509701132734d31\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9a79233c53d2aca2cb5b8d840c8a760b\Jurassic World 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9a79233c53d2aca2cb5b8d840c8a760b\Jurassic World 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9a79233c53d2aca2cb5b8d840c8a760b\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9b325abd1c1af4e85f5f36097960bbc4\Fraps.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9b325abd1c1af4e85f5f36097960bbc4\Fraps.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9bdfe7c99a4e55b0a3baeb0b26d91b90\Maze Runner The Scorch Trials 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9bdfe7c99a4e55b0a3baeb0b26d91b90\Maze Runner The Scorch Trials 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9bdfe7c99a4e55b0a3baeb0b26d91b90\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9c2040478166795ed391dcde4c32a071\Express Files.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9c2040478166795ed391dcde4c32a071\Express Files.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1dc6592eb8096cd2dc4667fe803953a9\The Salvation 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1dc6592eb8096cd2dc4667fe803953a9\The Salvation 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1dc6592eb8096cd2dc4667fe803953a9\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1ed735061daf564c421a195d8e775fb4\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1ed735061daf564c421a195d8e775fb4\What We Do in the Shadows 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1ed735061daf564c421a195d8e775fb4\What We Do in the Shadows 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1f71fb47d881dcf2ee0aa9eb3a7cd166\The Transporter Refueled 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1f71fb47d881dcf2ee0aa9eb3a7cd166\The Transporter Refueled 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1f71fb47d881dcf2ee0aa9eb3a7cd166\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\20e06c535758154093f5bf09ffd3c544\ISO Commander.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\20e06c535758154093f5bf09ffd3c544\ISO Commander.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\20e06c535758154093f5bf09ffd3c544\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\23173b916a66997d845f2ad7cf73a0e5\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\23173b916a66997d845f2ad7cf73a0e5\Woman in Gold 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\23173b916a66997d845f2ad7cf73a0e5\Woman in Gold 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\23d1ec9a8c4391beb517c389edf1947d\PDF To Word Converter.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\23d1ec9a8c4391beb517c389edf1947d\PDF To Word Converter.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2466051082569f4457545756a1ab3a02\Teenage Mutant Ninja Turtles 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2466051082569f4457545756a1ab3a02\Teenage Mutant Ninja Turtles 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2466051082569f4457545756a1ab3a02\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747\While Were Young 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747\While Were Young 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\26dc37c7f9f0ebfb2903bd8879ca481a\Run All Night 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\26dc37c7f9f0ebfb2903bd8879ca481a\Run All Night 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\26dc37c7f9f0ebfb2903bd8879ca481a\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d941a681c8fa84b38ae46b2642f909a4\Sims 3 University Life.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d941a681c8fa84b38ae46b2642f909a4\Sims 3 University Life.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\da33443fee1f30329be7140ecc324f86\Frozen 2013.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\da33443fee1f30329be7140ecc324f86\Frozen 2013.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\da33443fee1f30329be7140ecc324f86\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\df835d2d05edf41abe8c0f9afd136fbd\Download Accelerator Plus.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\df835d2d05edf41abe8c0f9afd136fbd\Download Accelerator Plus.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e0e0c9bee355be9eda84fbf88e0c5d10\The Martian 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e0e0c9bee355be9eda84fbf88e0c5d10\The Martian 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e0e0c9bee355be9eda84fbf88e0c5d10\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e4f0d8e365dd54a24f2a193f4af5cba4\Nero 9 Free.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e4f0d8e365dd54a24f2a193f4af5cba4\Nero 9 Free.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e5281907d882753fb73efbba28e9bcc4\Nero Burning Rom.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e5281907d882753fb73efbba28e9bcc4\Nero Burning Rom.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e54cc60f183c6644f19408bfb1e1a048\Advanced Archive Password Recovery Professional.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e54cc60f183c6644f19408bfb1e1a048\Advanced Archive Password Recovery Professional.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e55ba722b18b2dcaf632b468610d8847\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e55ba722b18b2dcaf632b468610d8847\State of Decay Year One Survival Edition.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e55ba722b18b2dcaf632b468610d8847\State of Decay Year One Survival Edition.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e588558a9bce41d0f0679386a2db94d9\MOV to AVI MPEG WMV Converter.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e588558a9bce41d0f0679386a2db94d9\MOV to AVI MPEG WMV Converter.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e7812b8ad81c27be1406412d7d43d1bf\Foxit PDF Creator.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e7812b8ad81c27be1406412d7d43d1bf\Foxit PDF Creator.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e8285b29efaaa1e778de43d5ac6b803e\The Guest 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e8285b29efaaa1e778de43d5ac6b803e\The Guest 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e8285b29efaaa1e778de43d5ac6b803e\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5d758f3fe20ade8a6663e38ef2fd6a98\MilkShape 3D.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5d758f3fe20ade8a6663e38ef2fd6a98\MilkShape 3D.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5d8a4b0e12ff2d27de7394dc8ae3ff41\Tomorrowland 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5d8a4b0e12ff2d27de7394dc8ae3ff41\Tomorrowland 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5d8a4b0e12ff2d27de7394dc8ae3ff41\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5daddc40c627a8acb7fd759f59c016f6\Pianoteq.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5daddc40c627a8acb7fd759f59c016f6\Pianoteq.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\609128b9cc1391f3c1739874ad10f6f9\Everest 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\609128b9cc1391f3c1739874ad10f6f9\Everest 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\609128b9cc1391f3c1739874ad10f6f9\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\612e146104cce1a830f5c52d9718b757\Tracers 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\612e146104cce1a830f5c52d9718b757\Tracers 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\612e146104cce1a830f5c52d9718b757\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\626e4903afbaa849e7db6d18e48dba5a\It Follows 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\626e4903afbaa849e7db6d18e48dba5a\It Follows 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\626e4903afbaa849e7db6d18e48dba5a\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\638739735a894dfca72f6af04be20a5f\Mad Max Fury Road 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\638739735a894dfca72f6af04be20a5f\Mad Max Fury Road 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\638739735a894dfca72f6af04be20a5f\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\686a1c8afdb350181f71475dbac0fb40\Adobe Photoshop.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\686a1c8afdb350181f71475dbac0fb40\Adobe Photoshop.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\686a1c8afdb350181f71475dbac0fb40\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6ac8c4b0d5bf73f44f80c429abd273b1\Nero 8.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6ac8c4b0d5bf73f44f80c429abd273b1\Nero 8.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6ac8c4b0d5bf73f44f80c429abd273b1\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6d6c015679720ddf12f30204bc57a265\Trainwreck 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6d6c015679720ddf12f30204bc57a265\Trainwreck 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6d6c015679720ddf12f30204bc57a265\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6d8c98ae43dbec1c8f87be42f91607db\The Equalizer 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6d8c98ae43dbec1c8f87be42f91607db\The Equalizer 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6d8c98ae43dbec1c8f87be42f91607db\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6e6db68cc6305703f9b068271486984a\The Overnight 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6e6db68cc6305703f9b068271486984a\The Overnight 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6e6db68cc6305703f9b068271486984a\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\79299836d7f344cd86048ddf85b48162\Insidious Chapter 3 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\79299836d7f344cd86048ddf85b48162\Insidious Chapter 3 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\79299836d7f344cd86048ddf85b48162\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\795b5387a96ea834cb9eed7cde956086\Interstellar 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\795b5387a96ea834cb9eed7cde956086\Interstellar 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\795b5387a96ea834cb9eed7cde956086\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e88d2c20decd547f91b442ca024fb2d8\Selma 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e88d2c20decd547f91b442ca024fb2d8\Selma 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e88d2c20decd547f91b442ca024fb2d8\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c1a16897364200f8d01f27f0dcb18c18\The Diary of a Teenage Girl 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c1a16897364200f8d01f27f0dcb18c18\The Diary of a Teenage Girl 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c1a16897364200f8d01f27f0dcb18c18\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c5967f085030011ac2c8e347c02407f0\acrobat.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c5967f085030011ac2c8e347c02407f0\acrobat.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c5967f085030011ac2c8e347c02407f0\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c71901f8450ff12e9bfd7075563eb77d\Core FTP Pro.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c71901f8450ff12e9bfd7075563eb77d\Core FTP Pro.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c7a9333ed154e380d16b340784a355be\Max 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c7a9333ed154e380d16b340784a355be\Max 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c7a9333ed154e380d16b340784a355be\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c8a9977d80d876e39f22e7c2bb5f75c6\Extinction 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c8a9977d80d876e39f22e7c2bb5f75c6\Extinction 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c8a9977d80d876e39f22e7c2bb5f75c6\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cb7402adb514d7e2604903af9435ac25\Little Boy 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cb7402adb514d7e2604903af9435ac25\Little Boy 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cb7402adb514d7e2604903af9435ac25\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cbec29ebcc8e5ce417567bf9c0ac3727\The Stanford Prison Experiment 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cbec29ebcc8e5ce417567bf9c0ac3727\The Stanford Prison Experiment 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cbec29ebcc8e5ce417567bf9c0ac3727\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4\Home 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4\Home 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cd8e8e7e7cbb8e7e8800b84853c8f955\WIDI Recognition System Professional.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cd8e8e7e7cbb8e7e8800b84853c8f955\WIDI Recognition System Professional.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cf4544a97e9e252324c56fd5169d7184\Focus 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cf4544a97e9e252324c56fd5169d7184\Focus 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cf4544a97e9e252324c56fd5169d7184\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d06e30cc0745d8efcc1f417fffb5c6a2\Beasts of No Nation 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d06e30cc0745d8efcc1f417fffb5c6a2\Beasts of No Nation 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d06e30cc0745d8efcc1f417fffb5c6a2\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d260d668d4afcb8d06eb90eede59a2e8\The Hunger Games Mockingjay - Part 1 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d260d668d4afcb8d06eb90eede59a2e8\The Hunger Games Mockingjay - Part 1 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d260d668d4afcb8d06eb90eede59a2e8\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d9139e70581e099622e31d8bf406244a\The Hunger Games Mockingjay - Part 2 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d9139e70581e099622e31d8bf406244a\The Hunger Games Mockingjay - Part 2 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d9139e70581e099622e31d8bf406244a\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e984c6ffa63cf93a94f739d043f9212f\Farming Simulator 2013 Titanium Edition.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e984c6ffa63cf93a94f739d043f9212f\Farming Simulator 2013 Titanium Edition.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e984c6ffa63cf93a94f739d043f9212f\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea1da9e315aaa2956a156f1470eaadbf\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea1da9e315aaa2956a156f1470eaadbf\Sonic Hedgehog™ 4 Episode 1.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea1da9e315aaa2956a156f1470eaadbf\Sonic Hedgehog™ 4 Episode 1.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ee1de651f21f1bbe73420a71394f4aa6\99 Homes 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ee1de651f21f1bbe73420a71394f4aa6\99 Homes 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ee1de651f21f1bbe73420a71394f4aa6\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ee6e4ca3a4935b9328fb456a4c4c471e\Balsamiq Mockups.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ee6e4ca3a4935b9328fb456a4c4c471e\Balsamiq Mockups.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ee7c5d952d5eba70e39e168b858e2add\AIDA64 Extreme Edition (EVEREST).exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ee7c5d952d5eba70e39e168b858e2add\AIDA64 Extreme Edition (EVEREST).nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ef73e19f15518094fe59d61ba6b887da\EASEUS Partition Master Professional.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ef73e19f15518094fe59d61ba6b887da\EASEUS Partition Master Professional.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f2079eb13e4aaba0946d17eb3cc8d285\Steve Jobs 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f2079eb13e4aaba0946d17eb3cc8d285\Steve Jobs 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f2079eb13e4aaba0946d17eb3cc8d285\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f32c95a4ee5654440896cc8da44562d6\MorphVOX Pro.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f32c95a4ee5654440896cc8da44562d6\MorphVOX Pro.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f69728df35bdcb2657cbc4219525999b\Prism Video File Converter Plus.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f69728df35bdcb2657cbc4219525999b\Prism Video File Converter Plus.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f69728df35bdcb2657cbc4219525999b\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f867067392b6105701bb504105e19385\Banner Maker Pro.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f867067392b6105701bb504105e19385\Banner Maker Pro.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f8eb4f44cd57abf5f35f3f070dc6c45d\Pan 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f8eb4f44cd57abf5f35f3f070dc6c45d\Pan 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f8eb4f44cd57abf5f35f3f070dc6c45d\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f9159d211c0118fdd4e7279948f2f603\Chef 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f9159d211c0118fdd4e7279948f2f603\Chef 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f9159d211c0118fdd4e7279948f2f603\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7da9d9fa99e16e0378d4e86f01eb5df9\The Longest Ride 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7da9d9fa99e16e0378d4e86f01eb5df9\The Longest Ride 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\7da9d9fa99e16e0378d4e86f01eb5df9\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8019c06006bcf08481748e959ea40edf\CrossFont.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8019c06006bcf08481748e959ea40edf\CrossFont.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8145df44d930242611a43e298cc17005\One Direction Where We Are - The Concert Film 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8145df44d930242611a43e298cc17005\One Direction Where We Are - The Concert Film 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8145df44d930242611a43e298cc17005\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\816e94a9e5d65dcae1afc8304dd280af\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\816e94a9e5d65dcae1afc8304dd280af\Wild 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\816e94a9e5d65dcae1afc8304dd280af\Wild 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\81d6973b2dadb7fcbdf65b58fcc24cac\Boulevard 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\81d6973b2dadb7fcbdf65b58fcc24cac\Boulevard 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\81d6973b2dadb7fcbdf65b58fcc24cac\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\83eaa1e99f6d7de26e100feb07377dbd\ShadowProtect Desktop Edition.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\83eaa1e99f6d7de26e100feb07377dbd\ShadowProtect Desktop Edition.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\87604f529f6113fd89a10845292816f6\FormatFactory.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\87604f529f6113fd89a10845292816f6\FormatFactory.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8ae927a69db34a8598885f2a716196b8\Dumb and Dumber To 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8ae927a69db34a8598885f2a716196b8\Dumb and Dumber To 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8ae927a69db34a8598885f2a716196b8\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8e42d8b582df13f339057b432f8b0ebc\Adobe After Effects.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8e42d8b582df13f339057b432f8b0ebc\Adobe After Effects.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8e42d8b582df13f339057b432f8b0ebc\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8eb6f902c5dbe213e186f607def430c6\The Hunger Games Catching Fire 2013.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8eb6f902c5dbe213e186f607def430c6\The Hunger Games Catching Fire 2013.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8eb6f902c5dbe213e186f607def430c6\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9132434153c23c86ef25b9ec32bf1710\Acoustica MP3 Audio Mixer.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9132434153c23c86ef25b9ec32bf1710\Acoustica MP3 Audio Mixer.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\93fe7eff65e8674be1a7b838204e4ab4\Noah 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\93fe7eff65e8674be1a7b838204e4ab4\Noah 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\93fe7eff65e8674be1a7b838204e4ab4\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\94a6672ebcd80bc5521760948301705c\Rayman® Origins.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\94a6672ebcd80bc5521760948301705c\Rayman® Origins.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\94a6672ebcd80bc5521760948301705c\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a803f5b497f6c9ac613a8c7a1b16de8e\Cool Edit Pro.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a803f5b497f6c9ac613a8c7a1b16de8e\Cool Edit Pro.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a82966a0a72914d02dd94b7b3abbf7c1\Wavelab.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a82966a0a72914d02dd94b7b3abbf7c1\Wavelab.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a9e2147956e03c0b064f5ee2c940ac04\photoshop.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a9e2147956e03c0b064f5ee2c940ac04\photoshop.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a9e2147956e03c0b064f5ee2c940ac04\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\aafcf498edbe66fdf36a8c5b44c6169c\illustrator.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\aafcf498edbe66fdf36a8c5b44c6169c\illustrator.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\aafcf498edbe66fdf36a8c5b44c6169c\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\aef49a3314a99fa8a553fc6d2bcab846\Southpaw 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\aef49a3314a99fa8a553fc6d2bcab846\Southpaw 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\aef49a3314a99fa8a553fc6d2bcab846\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\afe289d03767e3a7de1943b7eada2d60\Xilisoft DVD Ripper Platinum.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\afe289d03767e3a7de1943b7eada2d60\Xilisoft DVD Ripper Platinum.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b78e77122cc160db5e1aa726d491e84b\Paragon HFS+.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b78e77122cc160db5e1aa726d491e84b\Paragon HFS+.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b80eaf894cdcee32f4f8a7da0e5a7bd2\Serena 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b80eaf894cdcee32f4f8a7da0e5a7bd2\Serena 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b80eaf894cdcee32f4f8a7da0e5a7bd2\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b84fc5145a27f1b9e3e33d503870f423\Easy Karaoke Player.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b84fc5145a27f1b9e3e33d503870f423\Easy Karaoke Player.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b9abaccb2b34a1d8d4e20e35844dc774\The End of the Tour 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b9abaccb2b34a1d8d4e20e35844dc774\The End of the Tour 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b9abaccb2b34a1d8d4e20e35844dc774\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed559b9109df490cb81896be60e83\Adobe Acrobat Pro.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed559b9109df490cb81896be60e83\Adobe Acrobat Pro.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed559b9109df490cb81896be60e83\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bd2c2d8fe2003b7d0bbfdec54c83e5e9\Batman Arkham Knight.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bd2c2d8fe2003b7d0bbfdec54c83e5e9\Batman Arkham Knight.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bde52e0b309f6f7fad74b42a7f09e8db\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bde52e0b309f6f7fad74b42a7f09e8db\Ship Simulator Extremes.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bde52e0b309f6f7fad74b42a7f09e8db\Ship Simulator Extremes.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c06c39b1137b9e70a268f0fe5c34d322\The Water Diviner 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c06c39b1137b9e70a268f0fe5c34d322\The Water Diviner 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c06c39b1137b9e70a268f0fe5c34d322\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c0e79e3931fd58773ed8a2d23efbea26\The Visit 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c0e79e3931fd58773ed8a2d23efbea26\The Visit 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c0e79e3931fd58773ed8a2d23efbea26\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2c0c549d8f0feddffa2f67161b681804\Elder Scrolls Online Tamriel Unlimited.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2c0c549d8f0feddffa2f67161b681804\Elder Scrolls Online Tamriel Unlimited.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2cac0aab1ec0102a66db4a7e60541c21\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2cac0aab1ec0102a66db4a7e60541c21\Youth 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2cac0aab1ec0102a66db4a7e60541c21\Youth 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2cfb55ff4d2c88409d30b72e0fb88ecd\John Wick 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2cfb55ff4d2c88409d30b72e0fb88ecd\John Wick 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2cfb55ff4d2c88409d30b72e0fb88ecd\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2d0ef40ca9e4d12e528b1a094368dc03\The Amazing Spider-Man 2 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2d0ef40ca9e4d12e528b1a094368dc03\The Amazing Spider-Man 2 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2d0ef40ca9e4d12e528b1a094368dc03\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2dab6f356b357afea276f2894d11330d\Sinister 2 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2dab6f356b357afea276f2894d11330d\Sinister 2 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2dab6f356b357afea276f2894d11330d\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2ffb5fa1392bef57dc133037343a8ef5\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2ffb5fa1392bef57dc133037343a8ef5\X-Men Days of Future Past 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\2ffb5fa1392bef57dc133037343a8ef5\X-Men Days of Future Past 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3025c981b9efcc93a66422e15210c7ba\American Sniper 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3025c981b9efcc93a66422e15210c7ba\American Sniper 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3025c981b9efcc93a66422e15210c7ba\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\32b520ac9668eec7542964e152a2d4da\Entourage 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\32b520ac9668eec7542964e152a2d4da\Entourage 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\32b520ac9668eec7542964e152a2d4da\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\332646bb309848318b0a11b271c7c842\Avira Free Antivirus.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\332646bb309848318b0a11b271c7c842\Avira Free Antivirus.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3466e98db0daabce34c4fbad35fe8ded\Man Up 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3466e98db0daabce34c4fbad35fe8ded\Man Up 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3466e98db0daabce34c4fbad35fe8ded\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\368a62932eb52ff04d56c1fee56e2ada\Total 3D Home And Landscape Design Suite.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\368a62932eb52ff04d56c1fee56e2ada\Total 3D Home And Landscape Design Suite.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\36a04745b4623945cbc3d20a11d5ec62\Remove Logo Now!.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\36a04745b4623945cbc3d20a11d5ec62\Remove Logo Now!.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\36cc412c55250551d6138009c9ffe080\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\36cc412c55250551d6138009c9ffe080\Sonar Producer Edition.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\36cc412c55250551d6138009c9ffe080\Sonar Producer Edition.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\38a4374d9c9075eb809902482f865df6\Microsoft Office.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\38a4374d9c9075eb809902482f865df6\Microsoft Office.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\38a4374d9c9075eb809902482f865df6\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\38c8165f0a4a62e79fa682a220f23ff0\Stellar Phoenix Windows Data Recovery.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\38c8165f0a4a62e79fa682a220f23ff0\Stellar Phoenix Windows Data Recovery.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4ebde897a8d494df423abc80519066c2\EasyRecovery DataRecovery.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\4ebde897a8d494df423abc80519066c2\EasyRecovery DataRecovery.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\51202174c7dd39d602eec0c13e1c988f\Advanced ZIP Password Recovery.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\51202174c7dd39d602eec0c13e1c988f\Advanced ZIP Password Recovery.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52bae071bc50b2c007c25bd1ce79de1a\Partition Magic.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52bae071bc50b2c007c25bd1ce79de1a\Partition Magic.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52df4551d317af6885dd5cd810dd2060\Adobe Flash Professional.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52df4551d317af6885dd5cd810dd2060\Adobe Flash Professional.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52df4551d317af6885dd5cd810dd2060\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52e5ab64e95dce0b9c1aca9a54dd6c09\Me and Earl and the Dying Girl 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52e5ab64e95dce0b9c1aca9a54dd6c09\Me and Earl and the Dying Girl 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\52e5ab64e95dce0b9c1aca9a54dd6c09\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5527f6b60e0f3bd4f62d738cd9cfae87\Pixels 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5527f6b60e0f3bd4f62d738cd9cfae87\Pixels 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5527f6b60e0f3bd4f62d738cd9cfae87\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\552aa1647230201cfd8083cdef3bf956\The Little Death 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\552aa1647230201cfd8083cdef3bf956\The Little Death 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\552aa1647230201cfd8083cdef3bf956\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5696bd27d7c7131835122cecc5f1c29e\Jupiter Ascending 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5696bd27d7c7131835122cecc5f1c29e\Jupiter Ascending 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5696bd27d7c7131835122cecc5f1c29e\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5708f3a20050b84ee7e653e6c20665c5\LEGO Harry Potter Years 5-7.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5708f3a20050b84ee7e653e6c20665c5\LEGO Harry Potter Years 5-7.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749\Whiplash 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749\Whiplash 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\59f668fe85505b96368346742183e98d\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\59f668fe85505b96368346742183e98d\Shadowrun Chronicles Boston Lockdown.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\59f668fe85505b96368346742183e98d\Shadowrun Chronicles Boston Lockdown.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5b4ef91419134667fa6b1522087dfb2b\Kindle PC Converter.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5b4ef91419134667fa6b1522087dfb2b\Kindle PC Converter.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9cc0659947f708481b03a7ba6609023c\Big Game 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9cc0659947f708481b03a7ba6609023c\Big Game 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9cc0659947f708481b03a7ba6609023c\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9d31e0127c9b5d84b1af9267189d4435\CD Key Generator.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9d31e0127c9b5d84b1af9267189d4435\CD Key Generator.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9d31e0127c9b5d84b1af9267189d4435\Setup.dat, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9da106550deb464e078e614e7b91b84a\No Escape 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9da106550deb464e078e614e7b91b84a\No Escape 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\9da106550deb464e078e614e7b91b84a\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a0dd251db2672fee82d0c9cd38a3f3ce\Alcohol 120%.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a0dd251db2672fee82d0c9cd38a3f3ce\Alcohol 120%.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a0e6c6374dad577a79ba5a863bc67d5c\Into the Woods 2014.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a0e6c6374dad577a79ba5a863bc67d5c\Into the Woods 2014.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a0e6c6374dad577a79ba5a863bc67d5c\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a120b0f88223841f4d2bc7be81f5fa45\The 33 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a120b0f88223841f4d2bc7be81f5fa45\The 33 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a120b0f88223841f4d2bc7be81f5fa45\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a1a94ba86be4aa05592dd9732da8af95\Cinderella 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a1a94ba86be4aa05592dd9732da8af95\Cinderella 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a1a94ba86be4aa05592dd9732da8af95\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e\The Good Dinosaur 2015.avi, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e\The Good Dinosaur 2015.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e\Ultra XVid Codec Pack.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a7666beb357b3d5ec76afb40b9ab7ba3\Internet TV And Radio Player.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a7666beb357b3d5ec76afb40b9ab7ba3\Internet TV And Radio Player.nfo, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp9DBA.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp1306.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp15BF.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp16A9.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp1A8.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp201.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp225E.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp2338.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp2FC7.exe, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp2FC7.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp37EC.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp3E87.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp651C.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp785A.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp856.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp876B.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp8A32.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp9E2E.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpA5AF.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpA901.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpA9FF.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpAFE1.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpB119.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpB121.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpB564.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpBC9B.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpBD0A.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpBD11.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpC78D.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpCD7C.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpD296.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpDE62.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpEDCA.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpF36F.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpF9A7.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpFA18.tmp, Quarantined, [8f0a030bcebd88aef65c32c13ec448b8], 
PUP.Optional.FastPlayer, C:\Users\User\AppData\Local\com\FastPlayer.exe_Url_ypw5ldaz5xtubzl3ykl5vaw3nmhswq1q\1.0.0.3\user.config, Quarantined, [2376c24c74179b9b3f6fbf477390cd33], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#12
Essexboy
Posted 30 August 2015 - 12:23 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK they were all files in one folder :)

Any problems at all before I tidy up ?
  • 0

#13
MissHYip
Posted 30 August 2015 - 12:31 PM

MissHYip

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

not that i can see!

Thanks a lot for you help :)


  • 0

#14
Essexboy
Posted 30 August 2015 - 12:52 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#15
Essexboy
Posted 31 August 2015 - 08:03 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP