TechSpot

"Name not available" in volume mixer, and some other strange behavior

By rudanshi
Aug 22, 2016
  1. Hello. Today I noticed that I have an entry named "Name not available" in my volume mixer. I tried Windows defender, Malwarebytes, AdwCleaner and Junkware removal tool scans but the entry did not go away.

    As far as I noticed, there are no strange sounds or ads playing in the background.

    I also can't open the Windows notification center, despite the icon showing that there are apparently several messages. Clicking on the sound or connections icons does nothing too, though I can still right click and use the context menu.

    I attempted to download and install Farbar Recovery tool, as instucted in the stickied thread, but the installer just doesn't work. Nothing happens when I activate it. I checked with a few installers that I had for other software and they work as usual.

    I am using Windows 10.

    I hope that someone here can help me out with this problem.
     
  2. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
     
  3. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    Hi. I looked at that thread before posting and tried to do as instructed.

    I have an antivirus installed, it is Windows Defender.

    I can't get FRST to work. Nothing happens after I doubleclick the exe. I have a 64-bit system, but tried to use the 32-bit version of FRST too, just to see if it will at least give an error message, but nothing again. Running in administrator mode didn't help.
     
  4. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    NOTE 1. Use another working computer to download Farbar Recovery Scan Tool and save it to USB flash drive.
    NOTE 2. Install Panda USB Vaccine, or BitDefender’s USB Immunizer on GOOD computer to protect it from any infected USB device.

    For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
    For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    If you are using Windows 10 If you're having problems accessing System Recovery Options create Windows 10 USB or DVD as described here: http://betanews.com/2015/07/29/how-...your-own-installation-usb-flash-drive-or-dvd/ and boot from it.

    If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt. To access Advanced Boot Options start and shut down computer TWICE. On third start you should see Advanced Boot Options.

    If you are using Vista or Windows 7 enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.

    To enter System Recovery Options by using Windows installation disc:
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.

    On the System Recovery Options menu you will get the following options:

    • Startup Repair
    • System Restore
    • Windows Complete PC Restore
    • Windows Memory Diagnostic Tool
    • Command Prompt
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
      Note:
      Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
     
  5. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    I don't have any immediate access to a working PC, but I'll see what I can do about that. I'll post the logs as soon as I can.
     
  6. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    OK.
     
  7. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Possibly you can use this computer just to download FRST and then continue with the rest of instructions.
     
  8. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    Hello, I still don't have an opportunity to use another PC, but some of the issues went away. The sound icon works now, same for the others, and I can start FRST.

    I'm not sure what exactly happened. A relative told me that they took a look at my PC while I was away, apparently they wanted to see if a system restore would help. They say that the restore didn't start and that they just got an error message. I should've told everyone to leave the PC alone :(

    Should I post the FRST logs that I have now or should I still do the USB thing?
     
  9. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    If FRST runs normally go ahead and post logs.
     
  10. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    Sorry for taking so long.

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-08-2016
    Ran by Dmitriy (administrator) on MAINPC (30-08-2016 15:44:41)
    Running from C:\Users\Dmitriy\Desktop
    Loaded Profiles: Dmitriy (Available Profiles: Dmitriy)
    Platform: Windows 8 Pro (X64) Language: Русский (Россия)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
    (Scarlet.Crush Productions) C:\ScpToolkit\ScpService.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
    (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Valve Corporation) E:\Program Files (x86)\Steam\Steam.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (Scarlet.Crush Productions) C:\ScpToolkit\ScpTrayApp.exe
    (Autodesk Inc) E:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (GOG.com) E:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
    (Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (GOG.com) E:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
    (GOG.com) E:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
    (GOG.com) E:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Dominik Reichl) E:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
    HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15818872 2016-04-29] (Logitech Inc.)
    HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
    HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
    HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
    HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
    HKLM-x32\...\Run: [KeePass 2 PreLoad] => E:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2770944 2016-05-07] (Dominik Reichl)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23889496 2016-08-24] (Dropbox, Inc.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26416768 2016-06-29] (Skype Technologies S.A.)
    HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\Run: [f.lux] => C:\Users\Dmitriy\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
    HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
    HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\Run: [GalaxyClient] => E:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [4101184 2016-08-29] (GOG.com)
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-05-31]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2016-05-21]
    ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SketchBook Snapshot.lnk [2016-05-23]
    ShortcutTarget: SketchBook Snapshot.lnk -> E:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe (Autodesk Inc)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{22fe056c-2a13-4b0c-92ce-03484555349f}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{22fe056c-2a13-4b0c-92ce-03484555349f}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{89D5CA96-73DB-4F63-B01B-982699CBDD0E}: [NameServer] 208.67.222.222 208.67.220.220
    ManualProxies:

    Internet Explorer:
    ==================
    BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Dmitriy\AppData\Roaming\Mozilla\Firefox\Profiles\j5d26der.default
    FF Session Restore: -> is enabled.
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
    FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
    FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
    FF Extension: (XKit) - C:\Users\Dmitriy\AppData\Roaming\Mozilla\Firefox\Profiles\j5d26der.default\extensions\xkit@studioxenix.com.xpi [2016-07-29] [not signed]
    FF Extension: (Session Manager) - C:\Users\Dmitriy\AppData\Roaming\Mozilla\Firefox\Profiles\j5d26der.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-07-26]
    FF Extension: (Adblock Plus) - C:\Users\Dmitriy\AppData\Roaming\Mozilla\Firefox\Profiles\j5d26der.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-18]
    StartMenuInternet: FIREFOX.EXE - E:\Program Files\Mozilla Firefox\firefox.exe

    Chrome:
    =======
    CHR Session Restore: Default -> is enabled.
    CHR Profile: C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Презентации) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-19]
    CHR Extension: (Документы Google) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-19]
    CHR Extension: (Диск Google) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-19]
    CHR Extension: (YouTube) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-19]
    CHR Extension: (Adblock Plus) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-24]
    CHR Extension: (Google Таблицы) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-19]
    CHR Extension: (Google Документы офлайн) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-19]
    CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-19]
    CHR Extension: (Gmail) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-19]
    CHR Extension: (Chrome Media Router) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-30]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-20] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-20] (Dropbox, Inc.)
    R2 Ds3Service; C:\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed]
    S3 GalaxyClientService; E:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [277056 2016-08-29] (GOG.com)
    S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6514752 2016-08-25] (GOG.com)
    R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-29] (Logitech Inc.)
    S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
    R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2015-12-21] (Wacom Technology, Corp.)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-05-19] (Disc Soft Ltd)
    S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-05-19] (Disc Soft Ltd)
    R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
    R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
    R3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47200 2016-08-22] (hxxp://libusb-win32.sourceforge.net)
    S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
    R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
    R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
    S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [18768 2016-08-18] () [File not signed]
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-08-22] ()
    U5 UnlockerDriver5; D:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
    S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
    R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
    R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
    U4 aspnet_state; no ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
  11. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-08-30 16:08 - 2016-08-30 16:08 - 00024240 _____ C:\Users\Dmitriy\Desktop\FRST.txt
    2016-08-27 22:09 - 2016-08-27 22:09 - 01184595 _____ C:\Users\Dmitriy\Downloads\Game-MRGA-1005HF2.rar
    2016-08-26 12:28 - 2016-08-30 15:44 - 00000000 ____D C:\FRST
    2016-08-26 12:28 - 2016-08-30 15:44 - 02397696 _____ (Farbar) C:\Users\Dmitriy\Desktop\FRST64.exe
    2016-08-24 20:57 - 2016-08-24 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2016-08-24 20:28 - 2016-08-24 20:28 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\Futuremark
    2016-08-24 11:25 - 2016-08-06 07:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
    2016-08-24 11:25 - 2016-08-06 07:32 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2016-08-24 11:25 - 2016-08-06 07:32 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2016-08-24 11:25 - 2016-08-06 07:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
    2016-08-24 11:25 - 2016-08-06 07:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
    2016-08-24 11:25 - 2016-08-06 07:30 - 07814496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-08-24 11:25 - 2016-08-06 07:30 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2016-08-24 11:25 - 2016-08-06 07:30 - 01349128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2016-08-24 11:25 - 2016-08-06 07:30 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2016-08-24 11:25 - 2016-08-06 07:29 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
    2016-08-24 11:25 - 2016-08-06 07:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2016-08-24 11:25 - 2016-08-06 07:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2016-08-24 11:25 - 2016-08-06 07:26 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2016-08-24 11:25 - 2016-08-06 07:24 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2016-08-24 11:25 - 2016-08-06 07:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2016-08-24 11:25 - 2016-08-06 07:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2016-08-24 11:25 - 2016-08-06 07:18 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2016-08-24 11:25 - 2016-08-06 07:18 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2016-08-24 11:25 - 2016-08-06 07:18 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2016-08-24 11:25 - 2016-08-06 07:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
    2016-08-24 11:25 - 2016-08-06 07:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2016-08-24 11:25 - 2016-08-06 07:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-08-24 11:25 - 2016-08-06 07:17 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2016-08-24 11:25 - 2016-08-06 07:17 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2016-08-24 11:25 - 2016-08-06 07:16 - 01099104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2016-08-24 11:25 - 2016-08-06 07:16 - 00987488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2016-08-24 11:25 - 2016-08-06 07:16 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
    2016-08-24 11:25 - 2016-08-06 07:16 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
    2016-08-24 11:25 - 2016-08-06 07:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2016-08-24 11:25 - 2016-08-06 07:16 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2016-08-24 11:25 - 2016-08-06 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2016-08-24 11:25 - 2016-08-06 07:16 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
    2016-08-24 11:25 - 2016-08-06 07:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
    2016-08-24 11:25 - 2016-08-06 07:13 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2016-08-24 11:25 - 2016-08-06 07:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
    2016-08-24 11:25 - 2016-08-06 07:13 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2016-08-24 11:25 - 2016-08-06 07:13 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2016-08-24 11:25 - 2016-08-06 07:13 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
    2016-08-24 11:25 - 2016-08-06 07:13 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-08-24 11:25 - 2016-08-06 07:13 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2016-08-24 11:25 - 2016-08-06 07:13 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2016-08-24 11:25 - 2016-08-06 07:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
    2016-08-24 11:25 - 2016-08-06 07:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-08-24 11:25 - 2016-08-06 07:08 - 02537816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2016-08-24 11:25 - 2016-08-06 07:08 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2016-08-24 11:25 - 2016-08-06 07:08 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-08-24 11:25 - 2016-08-06 07:08 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2016-08-24 11:25 - 2016-08-06 07:08 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2016-08-24 11:25 - 2016-08-06 07:08 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2016-08-24 11:25 - 2016-08-06 07:08 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2016-08-24 11:25 - 2016-08-06 07:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
    2016-08-24 11:25 - 2016-08-06 07:08 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-08-24 11:25 - 2016-08-06 07:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
    2016-08-24 11:25 - 2016-08-06 07:03 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2016-08-24 11:25 - 2016-08-06 07:03 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
    2016-08-24 11:25 - 2016-08-06 07:03 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
    2016-08-24 11:25 - 2016-08-06 07:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
    2016-08-24 11:25 - 2016-08-06 07:03 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
    2016-08-24 11:25 - 2016-08-06 07:03 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2016-08-24 11:25 - 2016-08-06 07:03 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
    2016-08-24 11:25 - 2016-08-06 07:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
    2016-08-24 11:25 - 2016-08-06 07:02 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
    2016-08-24 11:25 - 2016-08-06 06:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
    2016-08-24 11:25 - 2016-08-06 06:49 - 22570496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
    2016-08-24 11:25 - 2016-08-06 06:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
    2016-08-24 11:25 - 2016-08-06 06:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
    2016-08-24 11:25 - 2016-08-06 06:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
    2016-08-24 11:25 - 2016-08-06 06:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
    2016-08-24 11:25 - 2016-08-06 06:47 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
    2016-08-24 11:25 - 2016-08-06 06:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
    2016-08-24 11:25 - 2016-08-06 06:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
    2016-08-24 11:25 - 2016-08-06 06:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
    2016-08-24 11:25 - 2016-08-06 06:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
    2016-08-24 11:25 - 2016-08-06 06:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
    2016-08-24 11:25 - 2016-08-06 06:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
    2016-08-24 11:25 - 2016-08-06 06:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
    2016-08-24 11:25 - 2016-08-06 06:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
    2016-08-24 11:25 - 2016-08-06 06:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
    2016-08-24 11:25 - 2016-08-06 06:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
    2016-08-24 11:25 - 2016-08-06 06:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
    2016-08-24 11:25 - 2016-08-06 06:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
    2016-08-24 11:25 - 2016-08-06 06:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
    2016-08-24 11:25 - 2016-08-06 06:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
    2016-08-24 11:25 - 2016-08-06 06:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
    2016-08-24 11:25 - 2016-08-06 06:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
    2016-08-24 11:25 - 2016-08-06 06:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
    2016-08-24 11:25 - 2016-08-06 06:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
    2016-08-24 11:25 - 2016-08-06 06:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
    2016-08-24 11:25 - 2016-08-06 06:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
    2016-08-24 11:25 - 2016-08-06 06:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
    2016-08-24 11:25 - 2016-08-06 06:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
    2016-08-24 11:25 - 2016-08-06 06:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
    2016-08-24 11:25 - 2016-08-06 06:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2016-08-24 11:25 - 2016-08-06 06:43 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
    2016-08-24 11:25 - 2016-08-06 06:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
    2016-08-24 11:25 - 2016-08-06 06:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
    2016-08-24 11:25 - 2016-08-06 06:42 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2016-08-24 11:25 - 2016-08-06 06:42 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2016-08-24 11:25 - 2016-08-06 06:42 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
    2016-08-24 11:25 - 2016-08-06 06:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
    2016-08-24 11:25 - 2016-08-06 06:40 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
    2016-08-24 11:25 - 2016-08-06 06:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2016-08-24 11:25 - 2016-08-06 06:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
    2016-08-24 11:25 - 2016-08-06 06:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
    2016-08-24 11:25 - 2016-08-06 06:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
    2016-08-24 11:25 - 2016-08-06 06:40 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
    2016-08-24 11:25 - 2016-08-06 06:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
    2016-08-24 11:25 - 2016-08-06 06:39 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
    2016-08-24 11:25 - 2016-08-06 06:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
    2016-08-24 11:25 - 2016-08-06 06:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
    2016-08-24 11:25 - 2016-08-06 06:39 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
    2016-08-24 11:25 - 2016-08-06 06:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
    2016-08-24 11:25 - 2016-08-06 06:38 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2016-08-24 11:25 - 2016-08-06 06:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2016-08-24 11:25 - 2016-08-06 06:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-08-24 11:25 - 2016-08-06 06:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2016-08-24 11:25 - 2016-08-06 06:37 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2016-08-24 11:25 - 2016-08-06 06:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-08-24 11:25 - 2016-08-06 06:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
    2016-08-24 11:25 - 2016-08-06 06:36 - 19422720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2016-08-24 11:25 - 2016-08-06 06:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
    2016-08-24 11:25 - 2016-08-06 06:35 - 09127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-08-24 11:25 - 2016-08-06 06:35 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2016-08-24 11:25 - 2016-08-06 06:35 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
    2016-08-24 11:25 - 2016-08-06 06:34 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2016-08-24 11:25 - 2016-08-06 06:34 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
    2016-08-24 11:25 - 2016-08-06 06:34 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
    2016-08-24 11:25 - 2016-08-06 06:34 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
    2016-08-24 11:25 - 2016-08-06 06:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
    2016-08-24 11:25 - 2016-08-06 06:33 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-08-24 11:25 - 2016-08-06 06:33 - 01304576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
    2016-08-24 11:25 - 2016-08-06 06:33 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
    2016-08-24 11:25 - 2016-08-06 06:33 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2016-08-24 11:25 - 2016-08-06 06:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2016-08-24 11:25 - 2016-08-06 06:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
    2016-08-24 11:25 - 2016-08-06 06:32 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
    2016-08-24 11:25 - 2016-08-06 06:31 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-08-24 11:25 - 2016-08-06 06:31 - 03244032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
    2016-08-24 11:25 - 2016-08-06 06:31 - 02710528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
    2016-08-24 11:25 - 2016-08-06 06:31 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2016-08-24 11:25 - 2016-08-06 06:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
    2016-08-24 11:25 - 2016-08-06 06:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2016-08-24 11:25 - 2016-08-06 06:31 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
    2016-08-24 11:25 - 2016-08-06 06:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
    2016-08-24 11:25 - 2016-08-06 06:30 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-08-24 11:25 - 2016-08-06 06:30 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2016-08-24 11:25 - 2016-08-06 06:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2016-08-24 11:25 - 2016-08-06 06:30 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
    2016-08-24 11:25 - 2016-08-06 06:29 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2016-08-24 11:25 - 2016-08-06 06:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2016-08-24 11:25 - 2016-08-06 06:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
    2016-08-24 11:25 - 2016-08-06 06:29 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
    2016-08-24 11:25 - 2016-08-06 06:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
    2016-08-24 11:25 - 2016-08-06 06:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
    2016-08-24 11:25 - 2016-08-06 06:28 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
    2016-08-24 11:25 - 2016-08-06 06:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
    2016-08-24 11:25 - 2016-08-06 06:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
    2016-08-24 11:25 - 2016-08-06 06:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
    2016-08-24 11:25 - 2016-08-06 06:27 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2016-08-24 11:25 - 2016-08-06 06:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
    2016-08-24 11:25 - 2016-08-06 06:26 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
    2016-08-24 11:25 - 2016-08-06 06:26 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-08-24 11:25 - 2016-08-06 06:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2016-08-24 11:25 - 2016-08-06 06:25 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
    2016-08-24 11:25 - 2016-08-06 06:25 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-08-24 11:25 - 2016-08-06 06:24 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2016-08-24 11:25 - 2016-08-06 06:24 - 02314752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2016-08-24 11:25 - 2016-08-06 06:24 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2016-08-24 11:25 - 2016-08-06 06:24 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2016-08-24 11:25 - 2016-08-06 06:24 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2016-08-24 11:25 - 2016-08-06 06:23 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2016-08-24 11:25 - 2016-08-06 06:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
    2016-08-24 11:25 - 2016-08-06 06:19 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
    2016-08-24 11:25 - 2016-08-06 06:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
    2016-08-24 11:25 - 2016-08-05 12:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
    2016-08-24 11:25 - 2016-08-05 12:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2016-08-24 11:25 - 2016-08-05 12:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
    2016-08-24 11:25 - 2016-08-05 12:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
    2016-08-24 11:25 - 2016-08-05 11:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
    2016-08-24 11:25 - 2016-08-05 11:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
    2016-08-24 11:25 - 2016-08-05 11:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
    2016-08-24 11:25 - 2016-08-05 11:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
    2016-08-24 11:25 - 2016-08-05 11:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
    2016-08-24 11:25 - 2016-08-05 11:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
    2016-08-24 11:25 - 2016-08-05 11:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
    2016-08-24 11:25 - 2016-08-05 11:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
    2016-08-24 11:25 - 2016-08-05 11:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
    2016-08-24 11:25 - 2016-08-05 11:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
    2016-08-24 11:25 - 2016-08-05 11:07 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2016-08-24 11:25 - 2016-08-05 11:07 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2016-08-23 23:19 - 2016-08-23 23:19 - 01889496 _____ C:\Users\Dmitriy\Downloads\cruciblelt.zip
    2016-08-23 20:53 - 2016-08-23 20:54 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\paint.net
    2016-08-23 20:53 - 2016-08-23 20:53 - 00001138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
    2016-08-23 20:53 - 2016-08-23 20:53 - 00000000 ____D C:\Program Files\paint.net
    2016-08-23 20:52 - 2016-08-23 20:52 - 07019951 _____ C:\Users\Dmitriy\Downloads\paint.net.4.0.10.install.zip
    2016-08-22 20:04 - 2016-08-22 20:04 - 03784256 _____ C:\Users\Dmitriy\Downloads\AdwCleaner.exe
    2016-08-22 20:00 - 2016-08-22 20:01 - 01610560 _____ (Malwarebytes) C:\Users\Dmitriy\Downloads\JRT (1).exe
    2016-08-22 19:49 - 2016-08-22 19:49 - 00000000 ____D C:\WINDOWS\ERDNT
    2016-08-22 19:47 - 2016-08-22 19:48 - 00791393 _____ (Lars Hederer ) C:\Users\Dmitriy\Downloads\erunt-setup.exe
    2016-08-22 19:02 - 2016-07-16 14:42 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2016-08-22 19:02 - 2015-10-30 11:17 - 00904704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss2.dll.bad
    2016-08-22 18:54 - 2016-08-22 18:54 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
    2016-08-22 15:37 - 2016-08-22 19:04 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
    2016-08-22 15:33 - 2016-08-22 15:33 - 03784256 _____ C:\Users\Dmitriy\Downloads\adwcleaner_6.000 (3).exe
    2016-08-22 15:29 - 2016-08-22 15:29 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\CrashDumps
    2016-08-22 15:28 - 2016-08-22 15:28 - 03784256 _____ C:\Users\Dmitriy\Downloads\adwcleaner_6.000 (2).exe
    2016-08-22 15:23 - 2016-08-22 20:05 - 00000000 ____D C:\AdwCleaner
    2016-08-22 15:22 - 2016-08-22 15:28 - 01610560 _____ (Malwarebytes) C:\Users\Dmitriy\Downloads\JRT.exe
    2016-08-22 15:22 - 2016-08-22 15:22 - 03784256 _____ C:\Users\Dmitriy\Downloads\adwcleaner_6.000 (1).exe
    2016-08-22 14:25 - 2016-08-22 15:44 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
    2016-08-22 14:23 - 2016-08-22 14:23 - 31918048 _____ (Adlice Software ) C:\Users\Dmitriy\Downloads\setup.exe
    2016-08-22 14:23 - 2016-08-22 14:23 - 00000000 ____D C:\ProgramData\RogueKiller
    2016-08-22 14:08 - 2016-08-22 14:08 - 03784256 _____ C:\Users\Dmitriy\Downloads\adwcleaner_6.000.exe
    2016-08-22 03:10 - 2016-08-22 03:10 - 00004959 _____ C:\Users\Dmitriy\Downloads\HLD_AutoDash.jar
    2016-08-22 00:24 - 2016-08-22 00:24 - 07194312 _____ (Microsoft Corporation) C:\Users\Dmitriy\Downloads\vcredist_x64.exe
    2016-08-22 00:23 - 2016-08-22 00:23 - 00889416 _____ (Microsoft Corporation) C:\Users\Dmitriy\Downloads\dotNetFx40_Full_setup.exe
    2016-08-22 00:11 - 2016-08-22 00:37 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\HyperLightDrifter
    2016-08-19 12:13 - 2016-08-19 12:13 - 00000000 ____D C:\Users\Dmitriy\AppData\LocalLow\devolver
    2016-08-19 00:15 - 2016-08-19 00:15 - 00000000 ____D C:\Tunngle
    2016-08-18 23:54 - 2016-08-19 00:35 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Tunngle
    2016-08-18 23:54 - 2016-08-18 23:54 - 00000000 ____D C:\Users\Dmitriy\Documents\Tunngle
    2016-08-18 23:54 - 2016-04-26 16:10 - 00048824 _____ (Tunngle.net GmbH) C:\WINDOWS\system32\Drivers\tap0901t.sys
    2016-08-18 23:45 - 2016-08-18 23:45 - 04832624 _____ (Tunngle.net GmbH ) C:\Users\Dmitriy\Downloads\Tunngle_Setup_v5.8.7.exe
    2016-08-18 23:15 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2016-08-18 23:15 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2016-08-18 23:15 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2016-08-18 23:15 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2016-08-18 23:15 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2016-08-18 23:15 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2016-08-18 23:14 - 2016-08-18 23:18 - 00000666 _____ C:\Users\Public\Desktop\Yuri's Revenge CnCNet.lnk
    2016-08-18 23:14 - 2016-08-18 23:14 - 03682739 _____ (cncnet.org ) C:\Users\Dmitriy\Downloads\CnCNet5_YR_Installer (1).exe
    2016-08-18 23:10 - 2016-08-18 23:10 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Westwood
    2016-08-18 22:49 - 2016-08-18 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood
    2016-08-18 22:40 - 2016-08-18 23:18 - 03682739 _____ (cncnet.org ) C:\Users\Dmitriy\Downloads\CnCNet5_YR_Installer.exe
    2016-08-18 22:33 - 2016-08-18 22:33 - 06587919 _____ C:\Users\Dmitriy\Downloads\Red_Alert_2-Windows_8_and_10_Fix.zip
    2016-08-18 22:29 - 2016-08-18 22:29 - 00003220 _____ C:\WINDOWS\System32\Tasks\{A80B0612-F9B0-4986-B1E5-F0376508309C}
    2016-08-18 22:28 - 2016-08-18 22:50 - 00018768 _____ C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS
    2016-08-18 21:56 - 2016-08-18 21:57 - 00692072 _____ (Disc Soft Ltd.) C:\Users\Dmitriy\Downloads\DTLiteInstaller.exe
    2016-08-18 21:36 - 2016-08-18 21:36 - 00001719 _____ C:\Users\Dmitriy\AppData\Local\recently-used.xbel
    2016-08-18 20:10 - 2016-08-18 21:28 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\TS3Client
    2016-08-18 20:09 - 2016-08-18 20:09 - 00001118 _____ C:\Users\Dmitriy\Desktop\TeamSpeak 3 Client.lnk
    2016-08-18 20:09 - 2016-08-18 20:09 - 00001068 _____ C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
    2016-08-18 20:05 - 2016-08-18 20:08 - 32019840 _____ (TeamSpeak Systems GmbH) C:\Users\Dmitriy\Downloads\TeamSpeak3-Client-win64-3.0.19.4(1).exe
    2016-08-16 18:51 - 2016-08-16 18:51 - 28144914 _____ (KLCP ) C:\Users\Dmitriy\Downloads\K-Lite_Codec_Pack_1235_Standard.exe
    2016-08-15 15:36 - 2016-08-15 15:36 - 00001653 _____ C:\Users\Public\Desktop\Path of Exile.lnk
    2016-08-15 15:36 - 2016-08-15 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
    2016-08-15 15:32 - 2016-08-15 15:32 - 09658720 _____ (Grinding Gear Games) C:\Users\Dmitriy\Downloads\PathOfExileInstaller.exe
    2016-08-15 02:32 - 2016-08-29 02:51 - 00000000 ____D C:\Users\Dmitriy\Desktop\Robin
    2016-08-13 13:56 - 2016-08-13 13:56 - 00000000 ____D C:\Users\Dmitriy\AppData\LocalLow\aheartfulofgames
    2016-08-11 07:13 - 2016-08-02 11:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
    2016-08-11 07:13 - 2016-08-02 11:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2016-08-11 07:13 - 2016-08-02 10:55 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-08-11 07:13 - 2016-08-02 07:25 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
    2016-08-11 07:12 - 2016-08-02 11:48 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
    2016-08-11 07:12 - 2016-08-02 11:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
    2016-08-11 07:12 - 2016-08-02 11:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
    2016-08-11 07:12 - 2016-08-02 11:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
    2016-08-11 07:12 - 2016-08-02 11:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
    2016-08-11 07:12 - 2016-08-02 11:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2016-08-11 07:12 - 2016-08-02 11:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
    2016-08-11 07:12 - 2016-08-02 11:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
    2016-08-11 07:12 - 2016-08-02 11:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
    2016-08-11 07:12 - 2016-08-02 11:00 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
    2016-08-11 07:12 - 2016-08-02 10:59 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-08-11 07:12 - 2016-08-02 10:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2016-08-11 07:12 - 2016-08-02 10:56 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
    2016-08-11 07:12 - 2016-08-02 10:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2016-08-11 07:12 - 2016-08-02 07:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
    2016-08-11 07:12 - 2016-08-02 07:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
    2016-08-11 07:12 - 2016-08-02 07:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
    2016-08-11 07:12 - 2016-08-02 07:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
    2016-08-11 07:12 - 2016-08-02 07:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2016-08-11 07:12 - 2016-08-02 07:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2016-08-11 07:12 - 2016-08-02 07:23 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
    2016-08-11 07:12 - 2016-08-02 07:16 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2016-08-11 07:12 - 2016-08-02 07:13 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
    2016-08-11 07:12 - 2016-08-02 07:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2016-08-11 05:15 - 2016-08-11 05:15 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\FastStone
    2016-08-11 05:15 - 2016-08-11 05:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
    2016-08-11 05:14 - 2016-08-11 05:14 - 06386757 _____ (FastStone Soft) C:\Users\Dmitriy\Downloads\FSViewerSetup57.exe
    2016-08-11 05:08 - 2016-08-11 05:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
    2016-08-11 05:08 - 2016-08-11 05:08 - 00000000 ____D C:\Program Files\Classic Shell
    2016-08-11 05:07 - 2016-08-11 05:07 - 07220496 _____ (IvoSoft) C:\Users\Dmitriy\Downloads\ClassicShellSetup_4_3_0.exe
    2016-08-11 05:06 - 2016-08-11 05:06 - 00000000 ____D C:\Users\Все пользователи\Microsoft OneDrive
    2016-08-11 05:06 - 2016-08-11 05:06 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
    2016-08-11 05:04 - 2016-08-11 05:23 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\ConnectedDevicesPlatform
    2016-08-11 05:04 - 2016-08-11 05:04 - 00000020 ___SH C:\Users\Dmitriy\ntuser.ini
    2016-08-11 05:04 - 2016-08-11 05:04 - 00000000 ____D C:\Users\Все пользователи\USOShared
    2016-08-11 05:04 - 2016-08-11 05:04 - 00000000 ____D C:\ProgramData\USOShared
    2016-08-11 05:03 - 2016-08-11 05:03 - 00011433 _____ C:\WINDOWS\diagwrn.xml
    2016-08-11 05:03 - 2016-08-11 05:03 - 00011433 _____ C:\WINDOWS\diagerr.xml
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\Шаблоны
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\Мои документы
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\главное меню
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\Documents\Моя музыка
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\Documents\мои рисунки
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\Documents\Мои видеозаписи
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default User\Documents\Моя музыка
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default User\Documents\мои рисунки
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default User\Documents\Мои видеозаписи
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
    2016-08-11 05:02 - 2016-08-28 12:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-08-11 05:02 - 2016-08-11 05:02 - 00003630 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
    2016-08-11 05:02 - 2016-08-11 05:02 - 00003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-08-11 05:02 - 2016-08-11 05:02 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2016-08-11 05:02 - 2016-08-11 05:02 - 00003406 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
    2016-08-11 05:02 - 2016-08-11 05:02 - 00003278 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-08-11 05:02 - 2016-08-11 05:02 - 00003156 _____ C:\WINDOWS\System32\Tasks\klcp_update
    2016-08-11 05:02 - 2016-08-11 05:02 - 00003154 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2016-08-11 05:02 - 2016-08-11 05:02 - 00002912 _____ C:\WINDOWS\System32\Tasks\updater
    2016-08-11 05:02 - 2016-08-11 05:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
    2016-08-11 05:02 - 2016-08-11 05:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
    2016-08-11 05:00 - 2016-08-11 05:00 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2016-08-11 05:00 - 2016-08-11 05:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
    2016-08-11 05:00 - 2016-08-11 05:00 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
    2016-08-11 05:00 - 2016-08-11 05:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
    2016-08-11 05:00 - 2016-08-11 05:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
    2016-08-11 04:59 - 2016-08-11 04:59 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
    2016-08-11 04:59 - 2016-07-16 14:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2016-08-11 04:58 - 2016-08-30 12:04 - 00000000 ____D C:\Users\Dmitriy
    2016-08-11 04:58 - 2016-08-11 05:01 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
    2016-08-11 04:58 - 2016-08-11 05:01 - 00000000 ____D C:\Users\DefaultAppPool
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\Шаблоны
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\Мои документы
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\главное меню
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\Documents\Моя музыка
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\Documents\мои рисунки
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\Documents\Мои видеозаписи
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Шаблоны
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Мои документы
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\главное меню
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Моя музыка
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\мои рисунки
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Мои видеозаписи
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
    2016-08-11 04:57 - 2016-08-11 04:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2016-08-11 04:57 - 2016-08-11 04:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____D C:\Users\Все пользователи\NVIDIA Corporation
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____D C:\Users\Все пользователи\NVIDIA
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____D C:\ProgramData\NVIDIA
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____D C:\Program Files\Realtek
    2016-08-11 04:57 - 2015-11-05 18:08 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
    2016-08-11 04:57 - 2015-11-05 18:08 - 02983216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
    2016-08-11 04:57 - 2015-11-05 18:08 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
    2016-08-11 04:57 - 2015-11-05 18:08 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
    2016-08-11 04:57 - 2015-11-05 18:08 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
    2016-08-11 04:57 - 2015-11-05 18:08 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
    2016-08-11 04:57 - 2015-10-28 16:49 - 06027430 _____ C:\WINDOWS\system32\nvcoproc.bin
    2016-08-11 04:56 - 2016-08-29 21:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2016-08-11 04:56 - 2016-08-22 00:17 - 00220896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-08-11 04:56 - 2016-08-11 05:03 - 00000000 ___DC C:\WINDOWS\Panther
    2016-08-11 04:56 - 2016-08-11 04:56 - 00000000 ____D C:\WINDOWS\ServiceProfiles
    2016-08-11 04:54 - 2016-08-11 04:54 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2016-08-11 04:54 - 2016-08-11 04:54 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2016-08-11 04:54 - 2016-08-11 04:54 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2016-08-11 04:54 - 2016-08-11 04:54 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
    2016-08-11 04:54 - 2016-08-11 04:54 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
    2016-08-09 08:49 - 2016-08-09 08:49 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Civitas2
    2016-08-08 19:26 - 2016-08-08 19:26 - 00032832 _____ C:\Users\Dmitriy\Downloads\check_08082016_192628.pdf
    2016-08-08 11:30 - 2016-08-08 11:30 - 00032823 _____ C:\Users\Dmitriy\Downloads\check_08082016_113030.pdf
    2016-08-03 19:59 - 2016-08-03 20:03 - 32019840 _____ (TeamSpeak Systems GmbH) C:\Users\Dmitriy\Downloads\TeamSpeak3-Client-win64-3.0.19.4.exe
    2016-07-31 23:07 - 2016-07-31 23:07 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Return2Games_WIP21
     
  12. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-08-30 15:22 - 2016-05-18 15:52 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Skype
    2016-08-30 11:26 - 2016-07-16 14:47 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-08-30 11:26 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-08-30 03:25 - 2016-05-20 23:29 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\ClassicShell
    2016-08-28 12:36 - 2016-07-17 02:17 - 00707180 _____ C:\WINDOWS\system32\perfh019.dat
    2016-08-28 12:36 - 2016-07-17 02:17 - 00162212 _____ C:\WINDOWS\system32\perfc019.dat
    2016-08-28 12:36 - 2016-05-20 00:33 - 01956896 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-08-28 12:33 - 2016-07-16 09:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
    2016-08-28 08:36 - 2016-07-23 19:32 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\ElevatedDiagnostics
    2016-08-28 01:03 - 2016-05-18 23:39 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\KeePass
    2016-08-27 21:24 - 2016-06-13 16:16 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\Battle.net
    2016-08-27 13:12 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\rescache
    2016-08-25 21:37 - 2016-05-18 17:18 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\tixati
    2016-08-25 10:21 - 2016-07-16 14:45 - 00000000 ____D C:\WINDOWS\INF
    2016-08-25 10:15 - 2016-02-13 20:53 - 00000000 __RHD C:\Users\Public\AccountPictures
    2016-08-25 02:46 - 2016-07-16 14:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
    2016-08-25 02:46 - 2016-07-16 14:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2016-08-25 02:46 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2016-08-25 02:46 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
    2016-08-24 20:57 - 2016-05-20 00:51 - 00000000 ____D C:\Program Files (x86)\Dropbox
    2016-08-24 14:51 - 2016-07-16 14:36 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-08-24 14:51 - 2016-05-19 20:39 - 00000000 ____D C:\Users\Все пользователи\Microsoft Help
    2016-08-23 20:53 - 2016-07-08 09:37 - 07046480 _____ C:\Users\Dmitriy\Desktop\paint.net.4.0.10.install.exe
    2016-08-23 09:26 - 2016-05-18 15:47 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\MyComGames
    2016-08-23 09:16 - 2016-06-19 13:48 - 00001189 _____ C:\Users\Dmitriy\Desktop\AIM.lnk
    2016-08-23 09:16 - 2016-06-08 13:11 - 00001518 _____ C:\Users\Dmitriy\Desktop\Skype.exe - Ярлык.lnk
    2016-08-23 09:16 - 2016-05-31 17:13 - 00001458 _____ C:\Users\Public\Desktop\Центр решений HP.lnk
    2016-08-23 09:16 - 2016-05-21 13:22 - 00002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
    2016-08-23 09:16 - 2016-05-20 00:54 - 00001299 _____ C:\Users\Dmitriy\Desktop\Dropbox.lnk
    2016-08-22 19:55 - 2016-05-21 00:05 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2016-08-22 19:55 - 2016-05-21 00:05 - 00000822 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2016-08-22 00:31 - 2016-05-21 13:36 - 00098400 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusbK.dll
    2016-08-22 00:31 - 2016-05-21 13:36 - 00083552 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusbK.dll
    2016-08-22 00:31 - 2016-05-21 13:36 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusb0.dll
    2016-08-22 00:31 - 2016-05-21 13:36 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusb0.dll
    2016-08-22 00:31 - 2016-05-21 13:36 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\Drivers\libusbK.sys
    2016-08-22 00:31 - 2016-05-21 13:36 - 00000258 __RSH C:\Users\Все пользователи\ntuser.pol
    2016-08-22 00:31 - 2016-05-21 13:36 - 00000258 __RSH C:\ProgramData\ntuser.pol
    2016-08-22 00:31 - 2016-05-21 13:36 - 00000000 ____D C:\ScpToolkit
    2016-08-19 22:15 - 2016-05-20 21:34 - 00000000 ____D C:\Users\Dmitriy\Documents\My Games
    2016-08-15 15:36 - 2016-05-18 15:20 - 00000000 ____D C:\Users\Все пользователи\Package Cache
    2016-08-15 15:36 - 2016-05-18 15:20 - 00000000 ____D C:\ProgramData\Package Cache
    2016-08-12 17:37 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
    2016-08-12 17:37 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
    2016-08-12 17:37 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
    2016-08-12 17:37 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
    2016-08-12 17:37 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
    2016-08-12 14:04 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\appcompat
    2016-08-11 05:31 - 2016-05-20 00:44 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\Packages
    2016-08-11 05:07 - 2016-05-20 00:46 - 00002453 _____ C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-08-11 05:07 - 2016-05-20 00:46 - 00000000 ___RD C:\Users\Dmitriy\OneDrive
    2016-08-11 05:04 - 2016-07-16 14:47 - 00000000 ____D C:\Users\Все пользователи\USOPrivate
    2016-08-11 05:04 - 2016-07-16 14:47 - 00000000 ____D C:\ProgramData\USOPrivate
    2016-08-11 05:03 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2016-08-11 05:03 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\Registration
    2016-08-11 05:03 - 2016-07-16 14:47 - 00000000 ____D C:\Program Files\Windows NT
    2016-08-11 05:03 - 2016-07-16 09:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
    2016-08-11 05:03 - 2015-10-30 10:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
    2016-08-11 05:02 - 2016-07-16 14:47 - 00000000 __RSD C:\WINDOWS\Media
    2016-08-11 05:02 - 2016-07-16 14:47 - 00000000 __RHD C:\Users\Public\Libraries
    2016-08-11 05:02 - 2016-05-20 00:35 - 00023848 _____ C:\WINDOWS\system32\emptyregdb.dat
    2016-08-11 05:01 - 2016-07-17 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarTopia [GOG.com]
    2016-08-11 05:01 - 2016-07-16 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
    2016-08-11 05:01 - 2016-06-18 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Hospital [GOG.com]
    2016-08-11 05:01 - 2016-06-13 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
    2016-08-11 05:01 - 2016-06-13 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
    2016-08-11 05:01 - 2016-06-10 02:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evil Islands - Curse of the Lost Soul [GOG.com]
    2016-08-11 05:01 - 2016-06-03 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
    2016-08-11 05:01 - 2016-05-31 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    2016-08-11 05:01 - 2016-05-24 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
    2016-08-11 05:01 - 2016-05-23 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO
    2016-08-11 05:01 - 2016-05-21 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit
    2016-08-11 05:01 - 2016-05-21 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    2016-08-11 05:01 - 2016-05-21 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
    2016-08-11 05:01 - 2016-05-21 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-08-11 05:01 - 2016-05-20 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2016-08-11 05:01 - 2016-05-19 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
    2016-08-11 05:01 - 2016-05-19 11:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Планшет Wacom
    2016-08-11 05:01 - 2016-05-19 00:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
    2016-08-11 05:01 - 2016-05-19 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2016-08-11 05:01 - 2016-05-18 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
    2016-08-11 05:01 - 2016-05-18 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
    2016-08-11 05:01 - 2016-05-18 16:52 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
    2016-08-11 05:01 - 2016-05-18 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2016-08-11 05:01 - 2016-02-13 20:40 - 00000000 ____D C:\WINDOWS\ShellNew
    2016-08-11 05:00 - 2016-07-16 14:47 - 00000000 ____D C:\Users\Все пользователи\regid.1991-06.com.microsoft
    2016-08-11 05:00 - 2016-07-16 14:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2016-08-11 05:00 - 2015-10-30 09:28 - 00000000 ____D C:\Users\Default.migrated
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\spool
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\NDF
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\MUI
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\IME
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\schemas
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2016-08-11 04:59 - 2016-06-10 02:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
    2016-08-11 04:59 - 2016-05-23 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\WINDOWS\system32\BestPractices
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\Program Files\Reference Assemblies
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\Program Files\MSBuild
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2016-08-11 04:59 - 2016-05-18 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2016-08-11 04:59 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files\Microsoft Games
    2016-08-11 04:58 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
    2016-08-11 04:58 - 2016-07-06 17:17 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIM for Windows
    2016-08-11 04:58 - 2016-05-26 18:07 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
    2016-08-11 04:58 - 2009-07-14 06:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
    2016-08-11 04:57 - 2016-07-16 14:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
    2016-08-11 04:57 - 2016-07-16 14:47 - 00000000 ___RD C:\WINDOWS\MiracastView
    2016-08-11 04:57 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\Help
    2016-08-11 04:56 - 2016-07-16 14:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2016-08-11 04:44 - 2016-05-19 19:12 - 00000896 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-08-11 04:37 - 2016-05-19 11:18 - 00000990 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-08-11 03:56 - 2016-05-20 00:51 - 00001116 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2016-08-11 03:37 - 2016-05-19 11:18 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-08-11 00:56 - 2016-05-20 00:51 - 00001112 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2016-08-10 19:31 - 2016-05-18 13:09 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-08-10 19:31 - 2016-05-18 13:09 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-08-09 12:55 - 2016-05-26 18:07 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\Warframe
    2016-08-09 00:38 - 2016-05-19 11:18 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-08-05 02:44 - 2016-05-21 13:22 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

    ==================== Files in the root of some directories =======

    2016-08-18 21:36 - 2016-08-18 21:36 - 0001719 _____ () C:\Users\Dmitriy\AppData\Local\recently-used.xbel
    2016-05-31 17:12 - 2016-05-31 17:31 - 0002393 _____ () C:\ProgramData\hpzinstall.log

    Some files in TEMP:
    ====================
    C:\Users\Dmitriy\AppData\Local\Temp\Uninst.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-08-21 10:56

    ==================== End of FRST.txt ============================
     
  13. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-08-2016
    Ran by Dmitriy (30-08-2016 15:48:22)
    Running from C:\Users\Dmitriy\Desktop
    Windows 8 Pro (X64) (2016-08-11 02:03:52)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    DefaultAccount (S-1-5-21-1121295449-3713914657-817976498-503 - Limited - Disabled)
    Dmitriy (S-1-5-21-1121295449-3713914657-817976498-1000 - Administrator - Enabled) => C:\Users\Dmitriy
    HomeGroupUser$ (S-1-5-21-1121295449-3713914657-817976498-1002 - Limited - Enabled)
    Администратор (S-1-5-21-1121295449-3713914657-817976498-500 - Administrator - Disabled)
    Гость (S-1-5-21-1121295449-3713914657-817976498-501 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
    Adobe Acrobat Reader DC - Russian (HKLM-x32\...\{AC76BA86-7AD7-1049-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
    Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
    AIM for Windows (HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\AIM) (Version: - AOL Inc.)
    Autodesk SketchBook Pro 6 (HKLM-x32\...\{C7C8BE4E-428D-4AA9-B7D4-EA4313BDB90E}) (Version: 6.00.0000 - Autodesk)
    AutoHotkey 1.1.24.00 (HKLM\...\AutoHotkey) (Version: 1.1.24.00 - Lexikos)
    Bastard Bonds (HKLM\...\Steam App 486720) (Version: - Bigfingers)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Blacksea Odyssey (HKLM\...\Steam App 369550) (Version: - Blacksea Odyssey)
    BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    Choice of the Pirate Demo (HKLM\...\Steam App 476500) (Version: - Choice of Games)
    Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
    CLIP STUDIO PAINT (HKLM-x32\...\{E4F184C1-E62E-44F0-B142-AB6197490834}) (Version: 1.4.1 - CELSYS)
    CLIP STUDIO PAINT 1.5.4 (HKLM-x32\...\{88B5A062-DDA1-4F62-A4DD-95D0C4F19979}) (Version: 1.5.4 - CELSYS)
    Command & Conquer Red Alert 2 (HKLM-x32\...\Red Alert 2) (Version: - )
    Command && Conquer Red Alert 2 - Yuri's Revenge (HKLM-x32\...\Yuri's Revenge) (Version: - )
    Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
    DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
    Dropbox (HKLM-x32\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
    Dropbox Update Helper (x32 Version: 1.3.41.1 - Dropbox, Inc.) Hidden
    EARTH DEFENSE FORCE 4.1 The Shadow of New Despair (HKLM\...\Steam App 410320) (Version: - SANDLOT)
    Evil Islands - Curse of the Lost Soul (HKLM-x32\...\1457950224_is1) (Version: 2.0.0.5 - GOG.com)
    f.lux (HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\Flux) (Version: - )
    F2400 (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
    FastStone Image Viewer 5.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.7 - FastStone Soft)
    FORCED SHOWDOWN (HKLM\...\Steam App 265000) (Version: - BetaDwarf)
    GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
    GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
    Grim Dawn (HKLM\...\Steam App 219990) (Version: - Crate Entertainment)
    Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
    HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{BCDD692B-172D-440A-9A1B-501C71D72CC8}) (Version: 14.0 - HP)
    HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
    HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
    HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Hyper Light Drifter (HKLM\...\Steam App 257850) (Version: - Heart Machine)
    Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
    KeePass Password Safe 2.33 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.33 - Dominik Reichl)
    K-Lite Codec Pack 12.1.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.1.0 - KLCP)
    Logitech Gaming Software 8.83 (HKLM\...\Logitech Gaming Software) (Version: 8.83.85 - Logitech Inc.)
    Malwarebytes Anti-Malware, версия 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Microsoft Office стандартный 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Mozilla Firefox 47.0 (x86 ru) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 ru)) (Version: 47.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
    NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
    NVIDIA Графический драйвер 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.19 - NVIDIA Corporation)
    Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
    paint.net (HKLM\...\{DD393E4D-76FA-4CCD-84F3-CD9D75C14862}) (Version: 4.0.10 - dotPDN LLC)
    Path of Exile (HKLM-x32\...\{a8f39eb5-b96a-46db-a9a3-835e8197fb99}) (Version: 2.3.4.61272 - Grinding Gear Games)
    Path of Exile (x32 Version: 2.3.4.61272 - Grinding Gear Games) Hidden
    Princess Remedy in a World of Hurt (HKLM\...\Steam App 407900) (Version: - Ludosity)
    QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
    Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
    ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
    Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
    SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
    Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
    StarTopia (HKLM-x32\...\1207659100_is1) (Version: 2.1.0.20 - GOG.com)
    Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    TeamSpeak 3 Client (HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
    Theme Hospital (HKLM-x32\...\1207659026_is1) (Version: 2.1.0.8 - GOG.com)
    Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
    TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Unstoppable Gorg (HKLM\...\Steam App 18120) (Version: - Futuremark)
    VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
    Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
    Warframe (HKLM\...\Steam App 230410) (Version: - Digital Extremes)
    Warframe (HKLM-x32\...\{CCD65E0D-9DDC-4F0A-98E3-1F3BC5EF8BE1}) (Version: 1.0.0 - Digital Extremes)
    WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
    WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
    WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
    Yuri's Revenge compatfix (HKLM\...\{47f53419-ecf8-40ce-8601-83ceab919da9}.sdb) (Version: - )
    Панель управления NVIDIA 358.91 (Version: 358.91 - NVIDIA Corporation) Hidden
    Планшет Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-2 - Wacom Technology Corp.)
    Языковой пакет Microsoft Visual Studio 2010 Tools для среды выполнения Office (x64) - RUS (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - RUS) (Version: 10.0.50903 - Microsoft Corporation)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {048E6151-0AEB-4480-9013-D417F2825730} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {081AA704-9A18-4D97-BF60-532D9B4784FD} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-20] (Dropbox, Inc.)
    Task: {08BAFF35-1008-4017-BA53-14AA2E7AF8C0} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
    Task: {0B7D0C31-FF01-4E74-ABAB-A039F7A2F780} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-20] (Dropbox, Inc.)
    Task: {0BEB9124-6416-4812-A846-EC81D8921DA2} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
    Task: {141E4A0F-E5A8-49AC-9297-C56322221A2F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
    Task: {15020EB3-EAB3-4118-A620-C3260D75F0CF} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
    Task: {163D454E-C593-4DC0-8492-BA93F06F7921} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
    Task: {17EEB01C-0A05-4529-A69D-1AE67B5396D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
    Task: {18ED69E5-0491-443A-AF80-2ACE2CB1B114} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {1B7E6FB5-242A-4100-B82D-E5B6F8F62E13} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
    Task: {1BB7D1B7-4CE9-47D7-9919-992D7E83FC1E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
    Task: {24AC5C09-36D3-42FB-B1A1-C47FFBAEABEB} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
    Task: {2E2A296C-B380-4665-8842-BB1931470228} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
    Task: {3F99FE50-DAAA-4781-9173-41F1CC726C1E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
    Task: {49D540D1-B1BB-4530-9C24-CFEEA16E7C10} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
    Task: {4F8CC1B2-8C0A-4365-94B8-2742D9ED1B53} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {564C4043-8180-4ECE-9989-B6C6F6512BBC} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {61C5C9CA-C706-45B1-8F07-5CB490B86B8E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {62670BE5-77F9-43D4-89AD-F25B17010B4D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
    Task: {6817430A-CA51-4237-AEDB-12EDFF68F35C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {6D0F3EE5-7117-433D-A140-8AA554BC9867} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
    Task: {80710178-1B19-4CC2-8976-BE0B0B0BF40B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {82F9901D-579A-44D7-86A6-4D62D3EF6C96} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
    Task: {8944C195-1AAA-4189-85E1-1B6F74CC9119} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
    Task: {91929247-403D-4795-BC94-004C2656D928} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
    Task: {940E1291-FEF6-4A15-BEAB-8DC91E3CCA0E} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-04-18] ()
    Task: {9698DC3C-2C13-491D-9C6E-08CE0747D0F6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
    Task: {9F46D578-7E6F-454D-8B7A-263270ECF2E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-19] (Google Inc.)
    Task: {A5896B90-CFC6-4360-8652-6F641CD07F94} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
    Task: {B28EF9B9-6D72-492B-983D-C010262B2466} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {B7AB484E-DA84-4560-8DAA-2225A9C5CAE6} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
    Task: {B8E66B9D-F6BD-4887-8A09-CBF46B478BA3} - System32\Tasks\{A80B0612-F9B0-4986-B1E5-F0376508309C} => pcalua.exe -a E:\Games\RA2\Ra2.exe -d E:\Games\RA2\
    Task: {BF045A5C-81BF-4B62-A45B-24FE5100EAF0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {C2486239-0761-49A6-8C58-2C8E32949F9A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
    Task: {C2640574-4A7D-4710-89A2-258E12C40C4D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
    Task: {C2A5B7DE-2E09-4A80-A2A5-E8BBB4D8FDBA} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
    Task: {C5B4D267-0920-4F23-8AF8-E97B0F515D84} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
    Task: {CDA19268-C2EE-46F6-BF71-056E02C7782C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {D25291CB-C6E6-429E-8253-9D071E8925E8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
    Task: {D4E2F67D-7718-4296-AEE5-D51244F90FA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-19] (Google Inc.)
    Task: {DBC4D856-6D68-4FE2-8A84-FE3E667ADC3C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {E72984C1-AF0A-40F0-B30D-348DDA07A650} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {E9C02B95-BFDB-4919-B21D-192D59927EBA} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
    Task: {F2D9E054-D1B6-4E5F-BBB3-B48958AF627E} - System32\Tasks\updater => C:\ScpToolkit\ScpUpdater.exe [2016-01-10] (Nefarius Software Solutions)
    Task: {FD87747B-4182-4AA8-A603-1F536380E614} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {FE89F7A7-58BF-48D4-BDA6-EF766BA1B6C3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2016-08-13 05:32 - 2016-08-13 05:32 - 00309760 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ReactiveSockets\ced6a6793b1806f6dbe2e73d73a91244\ReactiveSockets.ni.dll
    2014-05-02 11:52 - 2014-05-02 11:52 - 00599040 _____ () C:\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll
    2014-05-02 06:55 - 2014-05-02 06:55 - 00185344 _____ () C:\ScpToolkit\irrKlang\amd64\ikpflac.dll
    2014-05-02 06:05 - 2014-05-02 06:05 - 00173056 _____ () C:\ScpToolkit\irrKlang\amd64\ikpmp3.dll
    2016-07-16 14:42 - 2016-07-16 14:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2016-07-16 14:42 - 2016-07-16 14:42 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2016-08-11 04:57 - 2015-11-05 18:08 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2016-07-16 14:42 - 2016-07-16 14:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2016-07-16 14:42 - 2016-07-16 14:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
    2010-07-15 07:44 - 2010-07-15 07:44 - 00020032 _____ () D:\Program Files\Unlocker\UnlockerCOM.dll
    2016-07-16 14:42 - 2016-07-16 14:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
    2016-05-18 01:42 - 2016-05-18 01:42 - 00230064 _____ () D:\Program Files (x86)\Notepad++\NppShell_06.dll
    2016-07-16 14:42 - 2016-07-16 14:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
    2016-08-24 11:25 - 2016-08-06 06:43 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
    2016-08-24 11:25 - 2016-08-06 06:28 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2016-08-24 11:25 - 2016-08-06 06:21 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2016-08-24 11:25 - 2016-08-06 06:21 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2016-05-19 11:42 - 2015-12-21 21:02 - 01349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
    2015-03-07 03:07 - 2015-03-07 03:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
    2016-04-29 01:49 - 2016-04-29 01:49 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
    2015-03-07 03:07 - 2015-03-07 03:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
    2016-04-29 01:49 - 2016-04-29 01:49 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
    2016-08-30 11:26 - 2016-08-30 11:26 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    2016-08-30 11:26 - 2016-08-30 11:26 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
    2016-08-30 11:26 - 2016-08-30 11:26 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
    2016-05-19 00:27 - 2016-08-09 02:27 - 00785920 _____ () E:\Program Files (x86)\Steam\SDL2.dll
    2016-05-19 00:27 - 2015-07-02 01:06 - 04962816 _____ () E:\Program Files (x86)\Steam\v8.dll
    2016-05-19 00:27 - 2016-08-23 22:33 - 02321184 _____ () E:\Program Files (x86)\Steam\video.dll
    2016-05-19 00:27 - 2016-01-27 10:49 - 02549760 _____ () E:\Program Files (x86)\Steam\libavcodec-56.dll
    2016-05-19 00:27 - 2016-01-27 10:49 - 00491008 _____ () E:\Program Files (x86)\Steam\libavformat-56.dll
    2016-05-19 00:27 - 2016-01-27 10:49 - 00332800 _____ () E:\Program Files (x86)\Steam\libavresample-2.dll
    2016-05-19 00:27 - 2016-01-27 10:49 - 00442880 _____ () E:\Program Files (x86)\Steam\libavutil-54.dll
    2016-05-19 00:27 - 2016-01-27 10:49 - 00485888 _____ () E:\Program Files (x86)\Steam\libswscale-3.dll
    2016-05-19 00:27 - 2015-07-02 01:06 - 01556992 _____ () E:\Program Files (x86)\Steam\icui18n.dll
    2016-05-19 00:27 - 2015-07-02 01:06 - 01187840 _____ () E:\Program Files (x86)\Steam\icuuc.dll
    2016-05-19 00:27 - 2016-08-23 22:33 - 00835360 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL
    2016-05-19 00:27 - 2016-07-05 01:17 - 00266560 _____ () E:\Program Files (x86)\Steam\openvr_api.dll
    2016-05-20 00:53 - 2016-07-12 05:07 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
    2016-08-24 20:57 - 2016-07-12 05:07 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
    2016-08-24 20:57 - 2016-07-12 05:07 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
    2016-08-24 20:57 - 2016-07-12 05:07 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
    2016-05-20 00:53 - 2016-07-12 05:07 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
    2016-05-20 00:53 - 2016-07-12 05:07 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
    2016-05-20 00:53 - 2016-08-24 02:17 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
    2016-05-20 00:53 - 2016-07-12 05:07 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
    2016-05-20 00:53 - 2016-07-12 05:07 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
    2016-08-05 22:40 - 2016-08-24 02:17 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
    2016-08-05 22:40 - 2016-08-24 02:17 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
    2016-08-24 20:57 - 2016-07-12 05:07 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
    2016-08-24 20:57 - 2016-07-12 05:09 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
    2016-05-20 00:53 - 2016-08-24 02:17 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
    2016-05-20 00:53 - 2016-08-24 02:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
    2016-05-20 00:53 - 2016-08-24 02:17 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
    2016-05-20 00:53 - 2016-08-24 02:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
    2016-05-20 00:53 - 2016-07-12 05:07 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
    2016-08-05 22:40 - 2016-07-12 05:08 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
    2016-05-20 00:53 - 2016-08-24 02:17 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
    2016-05-20 00:53 - 2016-08-24 02:17 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
    2016-08-24 20:57 - 2016-07-12 05:09 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
    2016-08-24 20:57 - 2016-08-24 02:17 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
    2016-08-24 20:57 - 2016-08-24 02:02 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
    2016-08-24 20:57 - 2016-08-24 02:17 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
    2016-08-24 20:57 - 2016-08-24 02:17 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
    2016-05-20 00:53 - 2016-07-12 05:07 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 03929392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 01972016 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
    2016-08-05 22:40 - 2016-08-24 02:17 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
    2016-05-20 00:53 - 2016-07-12 05:09 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
    2016-05-20 00:53 - 2016-08-24 02:17 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
    2016-08-05 22:40 - 2016-08-24 02:17 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00168248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
    2016-08-24 20:57 - 2016-08-24 02:17 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
    2016-06-10 02:38 - 2016-08-25 10:16 - 48936448 _____ () E:\Program Files (x86)\GalaxyClient\libcef.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00500736 _____ () E:\Program Files (x86)\GalaxyClient\PocoUtil.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 01069568 _____ () E:\Program Files (x86)\GalaxyClient\PocoNet.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 01847296 _____ () E:\Program Files (x86)\GalaxyClient\PocoData.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00386048 _____ () E:\Program Files (x86)\GalaxyClient\PocoDataSQLite.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 01582080 _____ () E:\Program Files (x86)\GalaxyClient\PocoFoundation.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00300544 _____ () E:\Program Files (x86)\GalaxyClient\PocoNetSSL.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00323584 _____ () E:\Program Files (x86)\GalaxyClient\PocoJSON.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00096768 _____ () E:\Program Files (x86)\GalaxyClient\zlib.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00513536 _____ () E:\Program Files (x86)\GalaxyClient\PocoXML.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00265216 _____ () E:\Program Files (x86)\GalaxyClient\PocoZip.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00672768 _____ () E:\Program Files (x86)\GalaxyClient\sqlite.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00418304 _____ () E:\Program Files (x86)\GalaxyClient\pcre.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00150528 _____ () E:\Program Files (x86)\GalaxyClient\PocoCrypto.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00144896 _____ () E:\Program Files (x86)\GalaxyClient\expat.dll
    2016-05-19 00:27 - 2016-08-04 23:56 - 49825056 _____ () E:\Program Files (x86)\Steam\bin\libcef.dll
    2016-06-10 02:38 - 2016-08-25 10:16 - 01665024 _____ () E:\Program Files (x86)\GalaxyClient\libglesv2.dll
    2016-06-10 02:38 - 2016-08-25 10:16 - 00075264 _____ () E:\Program Files (x86)\GalaxyClient\libegl.dll
    2016-08-09 00:38 - 2016-08-03 03:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
    2016-08-09 00:38 - 2016-08-03 03:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
    2016-08-09 00:38 - 2016-08-03 02:54 - 17602240 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\PepperFlash\pepflashplayer.dll
     
  14. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Double click on downloaded setup.exe file to install the program.
    • Click on Start Scan button.
    • Click on another Start Scan button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    [​IMG] Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
    NOTE. If you already have MBAM 2.0 installed scroll down.
    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    If you already have MBAM 2.0 installed:
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    How to get logs:
    (Export log to save as txt)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • Attach that saved log to your next reply.
    (Copy to clipboard for pasting into forum replies or tickets)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.
    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
  15. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    RogueKiller V12.5.2.0 (x64) [Aug 29 2016] (Free) by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/download/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 10 (10.0.14393) 64 bits version
    Started in : Normal mode
    User : Dmitriy [Administrator]
    Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
    Mode : Delete -- Date : 09/02/2016 14:02:30 (Duration : 00:13:05)

    ¤¤¤ Processes : 0 ¤¤¤

    ¤¤¤ Registry : 1 ¤¤¤
    [Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\UnlockerDriver5 (\??\D:\Program Files\Unlocker\UnlockerDriver5.sys) -> Deleted

    ¤¤¤ Tasks : 0 ¤¤¤

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: INTEL SSDSC2CT120A3 +++++
    --- User ---
    [MBR] 0500e65b6aef86bc0b5529732bc03be2
    [BSP] 580d2107121a421a07f1134fa7847455 : Windows Vista/7/8|VT.Unknown MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 113921 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 233517056 | Size: 450 MB
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: WDC WD1002FAEX-00Z3A0 +++++
    --- User ---
    [MBR] 7ca1a126b19fd591be30221476676d61
    [BSP] bcb72717ffeac92e1b226cdb8ea988e7 : Windows Vista/7/8|VT.Unknown MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive2: Hitachi HDP725050GLA360 +++++
    --- User ---
    [MBR] d9325fcc17a13a3665611aa50d363c96
    [BSP] 859496daeb6d32161d5f53ebd8666dbd : Windows Vista/7/8|VT.Unknown MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive3: BUFFALO HD-PCTU3 USB Device +++++
    --- User ---
    [MBR] 022a8a9adc3c1956f8aef034bdbffb56
    [BSP] a0bf5af22dbc4e8e00b6dab272f93d70 : Empty|VT.Unknown MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 64 | Size: 476939 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    Error reading LL2 MBR! ([32] ????? ?????? ?? ??????????????. )
     
  16. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 02.09.2016
    Scan Time: 14:23
    Logfile:
    Administrator: Yes

    Version: 2.2.1.1043
    Malware Database: v2016.09.03.04
    Rootkit Database: v2016.08.15.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 10
    CPU: x64
    File System: NTFS
    User: Dmitriy

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 391443
    Time Elapsed: 4 min, 44 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
  17. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    # AdwCleaner v6.010 - Logfile created 02/09/2016 at 15:35:56
    # Updated on 12/08/2016 by ToolsLib
    # Database : 2016-09-01.2 [Server]
    # Operating System : Windows 10 Home (X64)
    # Username : Dmitriy - MAINPC
    # Running from : C:\Users\Dmitriy\Desktop\adwcleaner_6.010.exe
    # Mode: Scan
    # Support : https://toolslib.net/forum



    ***** [ Services ] *****

    No malicious services found.


    ***** [ Folders ] *****

    No malicious folders found.


    ***** [ Files ] *****

    No malicious files found.


    ***** [ DLL ] *****

    No malicious DLLs found.


    ***** [ WMI ] *****

    No malicious keys found.


    ***** [ Shortcuts ] *****

    No infected shortcut found.


    ***** [ Scheduled Tasks ] *****

    No malicious task found.


    ***** [ Registry ] *****

    No malicious registry entries found.


    ***** [ Web browsers ] *****

    No malicious Firefox based browser items found.
    No malicious Chromium based browser items found.

    *************************

    C:\AdwCleaner\AdwCleaner[S1].txt - [1489 Bytes] - [02/09/2016 15:37:28]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1489 Bytes] ##########
     
  18. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.7 (07.03.2016)
    Operating System: Windows 10 Home x64
    Ran by Dmitriy (Administrator) on 02.09.2016 at 15:57:20,01
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 0




    Registry: 0





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 02.09.2016 at 15:58:23,53
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  19. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

    • Double click to run it.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
     
  20. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    Im sorry I have very little time lately

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
    Ran by Dmitriy (administrator) on MAINPC (08-09-2016 23:17:49)
    Running from C:\Users\Dmitriy\Desktop
    Loaded Profiles: Dmitriy (Available Profiles: Dmitriy)
    Platform: Windows 8 Pro (X64) Language: Русский (Россия)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Scarlet.Crush Productions) C:\ScpToolkit\ScpService.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
    (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (Valve Corporation) E:\Program Files (x86)\Steam\Steam.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (Scarlet.Crush Productions) C:\ScpToolkit\ScpTrayApp.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Autodesk Inc) E:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (GOG.com) E:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
    (GOG.com) E:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
    (GOG.com) E:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
    (GOG.com) E:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Mozilla Corporation) E:\Program Files\Mozilla Firefox\firefox.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
    HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15818872 2016-04-29] (Logitech Inc.)
    HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
    HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
    HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
    HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
    HKLM-x32\...\Run: [KeePass 2 PreLoad] => E:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2770944 2016-05-07] (Dominik Reichl)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25197248 2016-08-31] (Dropbox, Inc.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29486720 2016-07-13] (Skype Technologies S.A.)
    HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\Run: [f.lux] => C:\Users\Dmitriy\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
    HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
    HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\Run: [GalaxyClient] => E:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [4102720 2016-09-08] (GOG.com)
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-31] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-05-31]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2016-05-21]
    ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SketchBook Snapshot.lnk [2016-05-23]
    ShortcutTarget: SketchBook Snapshot.lnk -> E:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe (Autodesk Inc)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{22fe056c-2a13-4b0c-92ce-03484555349f}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{22fe056c-2a13-4b0c-92ce-03484555349f}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{89D5CA96-73DB-4F63-B01B-982699CBDD0E}: [NameServer] 208.67.222.222 208.67.220.220
    ManualProxies:

    Internet Explorer:
    ==================
    BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Dmitriy\AppData\Roaming\Mozilla\Firefox\Profiles\j5d26der.default
    FF Session Restore: -> is enabled.
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
    FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
    FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
    FF Extension: (XKit) - C:\Users\Dmitriy\AppData\Roaming\Mozilla\Firefox\Profiles\j5d26der.default\extensions\xkit@studioxenix.com.xpi [2016-07-29] [not signed]
    FF Extension: (Session Manager) - C:\Users\Dmitriy\AppData\Roaming\Mozilla\Firefox\Profiles\j5d26der.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-07-26]
    FF Extension: (Adblock Plus) - C:\Users\Dmitriy\AppData\Roaming\Mozilla\Firefox\Profiles\j5d26der.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-18]
    StartMenuInternet: FIREFOX.EXE - E:\Program Files\Mozilla Firefox\firefox.exe

    Chrome:
    =======
    CHR Session Restore: Default -> is enabled.
    CHR Profile: C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Презентации) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-19]
    CHR Extension: (Документы Google) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-19]
    CHR Extension: (Диск Google) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-19]
    CHR Extension: (YouTube) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-19]
    CHR Extension: (Adblock Plus) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-24]
    CHR Extension: (Google Таблицы) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-19]
    CHR Extension: (Google Документы офлайн) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-19]
    CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-19]
    CHR Extension: (Gmail) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-19]
    CHR Extension: (Chrome Media Router) - C:\Users\Dmitriy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-30]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-20] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-20] (Dropbox, Inc.)
    R2 Ds3Service; C:\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed]
    S3 GalaxyClientService; E:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [277056 2016-09-08] (GOG.com)
    S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6514752 2016-08-25] (GOG.com)
    R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-29] (Logitech Inc.)
    S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
    R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2015-12-21] (Wacom Technology, Corp.)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-05-19] (Disc Soft Ltd)
    S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-05-19] (Disc Soft Ltd)
    R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
    R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
    R3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47200 2016-08-22] (hxxp://libusb-win32.sourceforge.net)
    S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
    R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
    R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
    S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [18768 2016-08-18] () [File not signed]
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-09-02] ()
    S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
    R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
    R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
    U4 aspnet_state; no ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
  21. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-09-06 08:22 - 2016-09-06 08:23 - 68700469 _____ C:\Users\Dmitriy\Downloads\mttfanzine_digital.pdf
    2016-09-03 07:14 - 2016-09-03 07:14 - 00000000 ____D C:\Users\Dmitriy\Documents\Renowned Explorers International Society
    2016-09-02 23:54 - 2016-09-02 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2016-09-02 16:12 - 2016-09-02 16:12 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\Wacom
    2016-09-02 15:58 - 2016-09-02 15:58 - 00000549 _____ C:\Users\Dmitriy\Desktop\JRT.txt
    2016-09-02 15:54 - 2016-09-02 15:57 - 01610560 _____ (Malwarebytes) C:\Users\Dmitriy\Desktop\JRT (3).exe
    2016-09-02 15:52 - 2016-09-02 15:52 - 03826240 _____ C:\Users\Dmitriy\Downloads\adwcleaner_6.010 (1).exe
    2016-09-02 15:52 - 2016-09-02 15:52 - 01610560 _____ (Malwarebytes) C:\Users\Dmitriy\Downloads\JRT (2).exe
    2016-09-02 15:36 - 2016-09-02 15:36 - 03826240 _____ C:\Users\Dmitriy\Downloads\adwcleaner_6.010.exe
    2016-09-02 15:36 - 2016-09-02 15:36 - 00001883 _____ C:\Users\Dmitriy\Desktop\AdwCleaner[S1].txt
    2016-09-02 14:31 - 2016-09-02 15:35 - 03826240 _____ C:\Users\Dmitriy\Desktop\adwcleaner_6.010.exe
    2016-09-02 14:29 - 2016-09-03 15:59 - 00001031 _____ C:\Users\Dmitriy\Desktop\MBAM log.txt
    2016-09-02 14:19 - 2016-09-02 14:19 - 00005240 _____ C:\Users\Dmitriy\Desktop\rk_BBA5.tmp.txt
    2016-09-02 14:01 - 2016-09-02 14:01 - 00000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
    2016-09-02 14:01 - 2016-09-02 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2016-09-02 14:01 - 2016-09-02 14:01 - 00000000 ____D C:\Program Files\RogueKiller
    2016-09-02 14:00 - 2016-09-02 14:01 - 31930936 _____ (Adlice Software ) C:\Users\Dmitriy\Desktop\setup (1).exe
    2016-09-01 19:13 - 2016-09-01 19:13 - 00007981 _____ C:\Users\Dmitriy\Downloads\[pornolab.net].t2152407.torrent
    2016-09-01 19:02 - 2016-09-01 19:02 - 00018105 _____ C:\Users\Dmitriy\Downloads\[pornolab.net].t2222389.torrent
    2016-09-01 18:02 - 2016-09-01 18:03 - 41247872 _____ (Skype Technologies S.A.) C:\Users\Dmitriy\Downloads\SkypeSetupFull.exe
    2016-09-01 13:07 - 2016-08-27 15:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
    2016-09-01 13:07 - 2016-08-27 08:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2016-09-01 13:07 - 2016-08-27 08:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2016-09-01 13:07 - 2016-08-27 07:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2016-09-01 13:07 - 2016-08-27 07:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2016-09-01 13:07 - 2016-08-27 07:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
    2016-09-01 13:07 - 2016-08-27 07:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
    2016-09-01 13:07 - 2016-08-27 07:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
    2016-09-01 13:07 - 2016-08-27 07:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
    2016-09-01 13:07 - 2016-08-27 07:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
    2016-09-01 13:07 - 2016-08-20 09:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2016-09-01 13:07 - 2016-08-20 09:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2016-09-01 13:07 - 2016-08-20 09:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2016-09-01 13:07 - 2016-08-20 09:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2016-09-01 13:07 - 2016-08-20 09:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
    2016-09-01 13:07 - 2016-08-20 09:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-09-01 13:07 - 2016-08-20 09:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2016-09-01 13:07 - 2016-08-20 09:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2016-09-01 13:07 - 2016-08-20 09:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2016-09-01 13:07 - 2016-08-20 09:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2016-09-01 13:07 - 2016-08-20 08:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2016-09-01 13:07 - 2016-08-20 08:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2016-09-01 13:07 - 2016-08-20 08:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2016-09-01 13:07 - 2016-08-20 08:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2016-09-01 13:07 - 2016-08-20 08:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2016-09-01 13:07 - 2016-08-20 08:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2016-09-01 13:07 - 2016-08-20 08:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2016-09-01 13:07 - 2016-08-20 08:52 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
    2016-09-01 13:07 - 2016-08-20 08:51 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
    2016-09-01 13:07 - 2016-08-20 08:50 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2016-09-01 13:07 - 2016-08-20 08:50 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2016-09-01 13:07 - 2016-08-20 08:50 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2016-09-01 13:07 - 2016-08-20 08:50 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2016-09-01 13:07 - 2016-08-20 08:50 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
    2016-09-01 13:07 - 2016-08-20 08:50 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
    2016-09-01 13:07 - 2016-08-20 08:50 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2016-09-01 13:07 - 2016-08-20 08:50 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2016-09-01 13:07 - 2016-08-20 08:50 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
    2016-09-01 13:07 - 2016-08-20 08:47 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2016-09-01 13:07 - 2016-08-20 08:47 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2016-09-01 13:07 - 2016-08-20 08:47 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
    2016-09-01 13:07 - 2016-08-20 08:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2016-09-01 13:07 - 2016-08-20 08:43 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2016-09-01 13:07 - 2016-08-20 08:42 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2016-09-01 13:07 - 2016-08-20 08:34 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2016-09-01 13:07 - 2016-08-20 08:34 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2016-09-01 13:07 - 2016-08-20 08:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
    2016-09-01 13:07 - 2016-08-20 08:33 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2016-09-01 13:07 - 2016-08-20 08:33 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2016-09-01 13:07 - 2016-08-20 08:32 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2016-09-01 13:07 - 2016-08-20 08:32 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
    2016-09-01 13:07 - 2016-08-20 08:29 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2016-09-01 13:07 - 2016-08-20 08:29 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
    2016-09-01 13:07 - 2016-08-20 08:29 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
    2016-09-01 13:07 - 2016-08-20 08:25 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2016-09-01 13:07 - 2016-08-20 08:22 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-09-01 13:07 - 2016-08-20 08:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
    2016-09-01 13:07 - 2016-08-20 08:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
    2016-09-01 13:07 - 2016-08-20 08:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
    2016-09-01 13:07 - 2016-08-20 08:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
    2016-09-01 13:07 - 2016-08-20 08:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
    2016-09-01 13:07 - 2016-08-20 08:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
    2016-09-01 13:07 - 2016-08-20 08:21 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2016-09-01 13:07 - 2016-08-20 08:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
    2016-09-01 13:07 - 2016-08-20 08:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
    2016-09-01 13:07 - 2016-08-20 08:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
    2016-09-01 13:07 - 2016-08-20 08:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
    2016-09-01 13:07 - 2016-08-20 08:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
    2016-09-01 13:07 - 2016-08-20 08:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
    2016-09-01 13:07 - 2016-08-20 08:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
    2016-09-01 13:07 - 2016-08-20 08:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
    2016-09-01 13:07 - 2016-08-20 08:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2016-09-01 13:07 - 2016-08-20 08:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2016-09-01 13:07 - 2016-08-20 08:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
    2016-09-01 13:07 - 2016-08-20 08:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
    2016-09-01 13:07 - 2016-08-20 08:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2016-09-01 13:07 - 2016-08-20 08:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
    2016-09-01 13:07 - 2016-08-20 08:16 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
    2016-09-01 13:07 - 2016-08-20 08:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
    2016-09-01 13:07 - 2016-08-20 08:16 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
    2016-09-01 13:07 - 2016-08-20 08:15 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2016-09-01 13:07 - 2016-08-20 08:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2016-09-01 13:07 - 2016-08-20 08:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
    2016-09-01 13:07 - 2016-08-20 08:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2016-09-01 13:07 - 2016-08-20 08:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
    2016-09-01 13:07 - 2016-08-20 08:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
    2016-09-01 13:07 - 2016-08-20 08:14 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
    2016-09-01 13:07 - 2016-08-20 08:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
    2016-09-01 13:07 - 2016-08-20 08:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
    2016-09-01 13:07 - 2016-08-20 08:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
    2016-09-01 13:07 - 2016-08-20 08:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2016-09-01 13:07 - 2016-08-20 08:13 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2016-09-01 13:07 - 2016-08-20 08:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
    2016-09-01 13:07 - 2016-08-20 08:13 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
    2016-09-01 13:07 - 2016-08-20 08:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
    2016-09-01 13:07 - 2016-08-20 08:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2016-09-01 13:07 - 2016-08-20 08:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2016-09-01 13:07 - 2016-08-20 08:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2016-09-01 13:07 - 2016-08-20 08:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
    2016-09-01 13:07 - 2016-08-20 08:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
    2016-09-01 13:07 - 2016-08-20 08:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
    2016-09-01 13:07 - 2016-08-20 08:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
    2016-09-01 13:07 - 2016-08-20 08:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-09-01 13:07 - 2016-08-20 08:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2016-09-01 13:07 - 2016-08-20 08:10 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2016-09-01 13:07 - 2016-08-20 08:10 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2016-09-01 13:07 - 2016-08-20 08:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2016-09-01 13:07 - 2016-08-20 08:09 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-09-01 13:07 - 2016-08-20 08:09 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2016-09-01 13:07 - 2016-08-20 08:09 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
    2016-09-01 13:07 - 2016-08-20 08:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
    2016-09-01 13:07 - 2016-08-20 08:08 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
    2016-09-01 13:07 - 2016-08-20 08:08 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
    2016-09-01 13:07 - 2016-08-20 08:08 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
    2016-09-01 13:07 - 2016-08-20 08:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
    2016-09-01 13:07 - 2016-08-20 08:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
    2016-09-01 13:07 - 2016-08-20 08:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
    2016-09-01 13:07 - 2016-08-20 08:07 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
    2016-09-01 13:07 - 2016-08-20 08:07 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2016-09-01 13:07 - 2016-08-20 08:07 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
    2016-09-01 13:07 - 2016-08-20 08:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
    2016-09-01 13:07 - 2016-08-20 08:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2016-09-01 13:07 - 2016-08-20 08:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
    2016-09-01 13:07 - 2016-08-20 08:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
    2016-09-01 13:07 - 2016-08-20 08:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2016-09-01 13:07 - 2016-08-20 08:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
    2016-09-01 13:07 - 2016-08-20 08:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
    2016-09-01 13:07 - 2016-08-20 08:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
    2016-09-01 13:07 - 2016-08-20 08:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
    2016-09-01 13:07 - 2016-08-20 08:04 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-09-01 13:07 - 2016-08-20 08:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
    2016-09-01 13:07 - 2016-08-20 08:04 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-09-01 13:07 - 2016-08-20 08:04 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
    2016-09-01 13:07 - 2016-08-20 08:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
    2016-09-01 13:07 - 2016-08-20 08:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
    2016-09-01 13:07 - 2016-08-20 08:03 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
    2016-09-01 13:07 - 2016-08-20 08:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2016-09-01 13:07 - 2016-08-20 08:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
    2016-09-01 13:07 - 2016-08-20 08:03 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2016-09-01 13:07 - 2016-08-20 08:02 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
    2016-09-01 13:07 - 2016-08-20 08:01 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2016-09-01 13:07 - 2016-08-20 08:01 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
    2016-09-01 13:07 - 2016-08-20 08:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
    2016-09-01 13:07 - 2016-08-20 08:00 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2016-09-01 13:07 - 2016-08-20 08:00 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-09-01 13:07 - 2016-08-20 08:00 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
    2016-09-01 13:07 - 2016-08-20 08:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
    2016-09-01 13:07 - 2016-08-20 07:59 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2016-09-01 13:07 - 2016-08-20 07:59 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
    2016-09-01 13:07 - 2016-08-20 07:59 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2016-09-01 13:07 - 2016-08-20 07:59 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2016-09-01 13:07 - 2016-08-20 07:59 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
    2016-09-01 13:07 - 2016-08-20 07:59 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
    2016-09-01 13:07 - 2016-08-20 07:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
    2016-09-01 13:07 - 2016-08-20 07:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2016-09-01 13:07 - 2016-08-20 07:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
    2016-09-01 13:07 - 2016-08-20 07:57 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2016-09-01 13:07 - 2016-08-20 07:57 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2016-09-01 13:07 - 2016-08-20 07:57 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2016-09-01 13:07 - 2016-08-20 07:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
    2016-09-01 13:07 - 2016-08-20 07:56 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2016-09-01 13:07 - 2016-08-20 07:56 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2016-09-01 13:07 - 2016-08-20 07:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
    2016-09-01 13:07 - 2016-08-20 07:56 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
    2016-09-01 13:07 - 2016-08-20 07:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2016-09-01 13:07 - 2016-08-20 07:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
    2016-09-01 13:07 - 2016-08-20 07:55 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2016-09-01 13:07 - 2016-08-20 07:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2016-09-01 13:07 - 2016-08-20 07:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
    2016-09-01 13:07 - 2016-08-20 07:53 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-09-01 13:07 - 2016-08-20 07:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
    2016-09-01 13:07 - 2016-08-20 07:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
    2016-09-01 13:07 - 2016-08-20 07:51 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2016-09-01 13:07 - 2016-08-20 07:51 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2016-09-01 13:07 - 2016-08-20 07:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2016-09-01 13:07 - 2016-08-20 07:50 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2016-09-01 13:07 - 2016-08-20 07:49 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2016-09-01 13:07 - 2016-08-19 04:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
    2016-09-01 13:06 - 2016-08-27 12:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
    2016-09-01 13:06 - 2016-08-27 07:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
    2016-09-01 13:06 - 2016-08-27 07:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
    2016-09-01 13:06 - 2016-08-20 09:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2016-09-01 13:06 - 2016-08-20 08:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
    2016-09-01 13:06 - 2016-08-20 08:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
    2016-09-01 13:06 - 2016-08-20 08:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
    2016-09-01 13:06 - 2016-08-20 07:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
    2016-09-01 13:06 - 2016-08-20 07:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2016-09-01 13:06 - 2016-08-20 07:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
    2016-09-01 13:06 - 2016-08-20 07:46 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
    2016-08-30 16:11 - 2016-08-30 16:07 - 00067786 _____ C:\Users\Dmitriy\Desktop\Addition.txt
    2016-08-30 16:08 - 2016-09-08 23:18 - 00024543 _____ C:\Users\Dmitriy\Desktop\FRST.txt
    2016-08-27 22:09 - 2016-08-27 22:09 - 01184595 _____ C:\Users\Dmitriy\Downloads\Game-MRGA-1005HF2.rar
    2016-08-27 21:34 - 2016-09-08 23:17 - 00000000 ____D C:\Users\Dmitriy\Desktop\FRST-OlderVersion
    2016-08-26 12:28 - 2016-09-08 23:17 - 02397696 _____ (Farbar) C:\Users\Dmitriy\Desktop\FRST64.exe
    2016-08-26 12:28 - 2016-09-08 23:17 - 00000000 ____D C:\FRST
    2016-08-24 20:28 - 2016-08-24 20:28 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\Futuremark
    2016-08-24 11:25 - 2016-08-06 07:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
    2016-08-24 11:25 - 2016-08-06 07:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
    2016-08-24 11:25 - 2016-08-06 07:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
    2016-08-24 11:25 - 2016-08-06 07:29 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
    2016-08-24 11:25 - 2016-08-06 07:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2016-08-24 11:25 - 2016-08-06 07:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2016-08-24 11:25 - 2016-08-06 07:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2016-08-24 11:25 - 2016-08-06 07:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2016-08-24 11:25 - 2016-08-06 07:18 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2016-08-24 11:25 - 2016-08-06 07:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
    2016-08-24 11:25 - 2016-08-06 07:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2016-08-24 11:25 - 2016-08-06 07:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-08-24 11:25 - 2016-08-06 07:17 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2016-08-24 11:25 - 2016-08-06 07:17 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2016-08-24 11:25 - 2016-08-06 07:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2016-08-24 11:25 - 2016-08-06 07:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
    2016-08-24 11:25 - 2016-08-06 07:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
    2016-08-24 11:25 - 2016-08-06 07:13 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2016-08-24 11:25 - 2016-08-06 07:13 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-08-24 11:25 - 2016-08-06 07:13 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2016-08-24 11:25 - 2016-08-06 07:13 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2016-08-24 11:25 - 2016-08-06 07:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
    2016-08-24 11:25 - 2016-08-06 07:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-08-24 11:25 - 2016-08-06 07:08 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2016-08-24 11:25 - 2016-08-06 07:08 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-08-24 11:25 - 2016-08-06 07:08 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2016-08-24 11:25 - 2016-08-06 07:08 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2016-08-24 11:25 - 2016-08-06 07:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
    2016-08-24 11:25 - 2016-08-06 07:08 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-08-24 11:25 - 2016-08-06 07:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
    2016-08-24 11:25 - 2016-08-06 07:03 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
    2016-08-24 11:25 - 2016-08-06 07:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
    2016-08-24 11:25 - 2016-08-06 07:03 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2016-08-24 11:25 - 2016-08-06 07:03 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
    2016-08-24 11:25 - 2016-08-06 07:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
    2016-08-24 11:25 - 2016-08-06 07:02 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
    2016-08-24 11:25 - 2016-08-06 06:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
    2016-08-24 11:25 - 2016-08-06 06:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
    2016-08-24 11:25 - 2016-08-06 06:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
    2016-08-24 11:25 - 2016-08-06 06:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
    2016-08-24 11:25 - 2016-08-06 06:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
    2016-08-24 11:25 - 2016-08-06 06:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
    2016-08-24 11:25 - 2016-08-06 06:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
    2016-08-24 11:25 - 2016-08-06 06:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
    2016-08-24 11:25 - 2016-08-06 06:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
    2016-08-24 11:25 - 2016-08-06 06:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
    2016-08-24 11:25 - 2016-08-06 06:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
    2016-08-24 11:25 - 2016-08-06 06:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
    2016-08-24 11:25 - 2016-08-06 06:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
    2016-08-24 11:25 - 2016-08-06 06:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
    2016-08-24 11:25 - 2016-08-06 06:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
    2016-08-24 11:25 - 2016-08-06 06:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
    2016-08-24 11:25 - 2016-08-06 06:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
    2016-08-24 11:25 - 2016-08-06 06:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
    2016-08-24 11:25 - 2016-08-06 06:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
    2016-08-24 11:25 - 2016-08-06 06:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
    2016-08-24 11:25 - 2016-08-06 06:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
    2016-08-24 11:25 - 2016-08-06 06:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
    2016-08-24 11:25 - 2016-08-06 06:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
    2016-08-24 11:25 - 2016-08-06 06:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
    2016-08-24 11:25 - 2016-08-06 06:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
    2016-08-24 11:25 - 2016-08-06 06:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
    2016-08-24 11:25 - 2016-08-06 06:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
    2016-08-24 11:25 - 2016-08-06 06:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2016-08-24 11:25 - 2016-08-06 06:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
    2016-08-24 11:25 - 2016-08-06 06:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
    2016-08-24 11:25 - 2016-08-06 06:42 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2016-08-24 11:25 - 2016-08-06 06:41 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
    2016-08-24 11:25 - 2016-08-06 06:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
    2016-08-24 11:25 - 2016-08-06 06:40 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
    2016-08-24 11:25 - 2016-08-06 06:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2016-08-24 11:25 - 2016-08-06 06:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
    2016-08-24 11:25 - 2016-08-06 06:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
    2016-08-24 11:25 - 2016-08-06 06:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
    2016-08-24 11:25 - 2016-08-06 06:39 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
    2016-08-24 11:25 - 2016-08-06 06:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
    2016-08-24 11:25 - 2016-08-06 06:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
    2016-08-24 11:25 - 2016-08-06 06:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
    2016-08-24 11:25 - 2016-08-06 06:38 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2016-08-24 11:25 - 2016-08-06 06:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2016-08-24 11:25 - 2016-08-06 06:37 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2016-08-24 11:25 - 2016-08-06 06:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
    2016-08-24 11:25 - 2016-08-06 06:33 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2016-08-24 11:25 - 2016-08-06 06:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2016-08-24 11:25 - 2016-08-06 06:31 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-08-24 11:25 - 2016-08-06 06:31 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2016-08-24 11:25 - 2016-08-06 06:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
    2016-08-24 11:25 - 2016-08-06 06:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2016-08-24 11:25 - 2016-08-06 06:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
    2016-08-24 11:25 - 2016-08-06 06:30 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-08-24 11:25 - 2016-08-06 06:30 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2016-08-24 11:25 - 2016-08-06 06:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2016-08-24 11:25 - 2016-08-06 06:29 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2016-08-24 11:25 - 2016-08-06 06:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
    2016-08-24 11:25 - 2016-08-06 06:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
    2016-08-24 11:25 - 2016-08-06 06:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
    2016-08-24 11:25 - 2016-08-06 06:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
    2016-08-24 11:25 - 2016-08-06 06:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
    2016-08-24 11:25 - 2016-08-06 06:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
    2016-08-24 11:25 - 2016-08-06 06:26 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
    2016-08-24 11:25 - 2016-08-06 06:26 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-08-24 11:25 - 2016-08-06 06:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2016-08-24 11:25 - 2016-08-06 06:25 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
    2016-08-24 11:25 - 2016-08-06 06:25 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-08-24 11:25 - 2016-08-06 06:24 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2016-08-24 11:25 - 2016-08-06 06:24 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2016-08-24 11:25 - 2016-08-06 06:23 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2016-08-24 11:25 - 2016-08-06 06:23 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2016-08-24 11:25 - 2016-08-06 06:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
    2016-08-24 11:25 - 2016-08-06 06:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
    2016-08-24 11:25 - 2016-08-06 06:19 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
    2016-08-24 11:25 - 2016-08-06 06:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
    2016-08-24 11:25 - 2016-08-05 12:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
    2016-08-24 11:25 - 2016-08-05 12:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2016-08-24 11:25 - 2016-08-05 12:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
    2016-08-24 11:25 - 2016-08-05 12:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
    2016-08-24 11:25 - 2016-08-05 11:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
    2016-08-24 11:25 - 2016-08-05 11:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
    2016-08-24 11:25 - 2016-08-05 11:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
    2016-08-24 11:25 - 2016-08-05 11:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
    2016-08-24 11:25 - 2016-08-05 11:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
    2016-08-24 11:25 - 2016-08-05 11:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
    2016-08-24 11:25 - 2016-08-05 11:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
    2016-08-24 11:25 - 2016-08-05 11:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
    2016-08-23 23:19 - 2016-08-23 23:19 - 01889496 _____ C:\Users\Dmitriy\Downloads\cruciblelt.zip
    2016-08-23 20:53 - 2016-08-23 20:54 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\paint.net
    2016-08-23 20:53 - 2016-08-23 20:53 - 00001138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
    2016-08-23 20:53 - 2016-08-23 20:53 - 00000000 ____D C:\Program Files\paint.net
    2016-08-23 20:52 - 2016-08-23 20:52 - 07019951 _____ C:\Users\Dmitriy\Downloads\paint.net.4.0.10.install.zip
    2016-08-22 20:04 - 2016-08-22 20:04 - 03784256 _____ C:\Users\Dmitriy\Downloads\AdwCleaner.exe
    2016-08-22 20:00 - 2016-08-22 20:01 - 01610560 _____ (Malwarebytes) C:\Users\Dmitriy\Downloads\JRT (1).exe
    2016-08-22 19:49 - 2016-08-22 19:49 - 00000000 ____D C:\WINDOWS\ERDNT
    2016-08-22 19:47 - 2016-08-22 19:48 - 00791393 _____ (Lars Hederer ) C:\Users\Dmitriy\Downloads\erunt-setup.exe
    2016-08-22 19:02 - 2016-07-16 14:42 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2016-08-22 19:02 - 2015-10-30 11:17 - 00904704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss2.dll.bad
    2016-08-22 18:54 - 2016-08-22 18:54 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
    2016-08-22 15:37 - 2016-08-22 19:04 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
    2016-08-22 15:33 - 2016-08-22 15:33 - 03784256 _____ C:\Users\Dmitriy\Downloads\adwcleaner_6.000 (3).exe
    2016-08-22 15:29 - 2016-09-08 00:04 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\CrashDumps
    2016-08-22 15:28 - 2016-08-22 15:28 - 03784256 _____ C:\Users\Dmitriy\Downloads\adwcleaner_6.000 (2).exe
    2016-08-22 15:23 - 2016-09-03 16:01 - 00000000 ____D C:\AdwCleaner
    2016-08-22 15:22 - 2016-08-22 15:28 - 01610560 _____ (Malwarebytes) C:\Users\Dmitriy\Downloads\JRT.exe
    2016-08-22 15:22 - 2016-08-22 15:22 - 03784256 _____ C:\Users\Dmitriy\Downloads\adwcleaner_6.000 (1).exe
    2016-08-22 14:25 - 2016-09-02 14:02 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
    2016-08-22 14:23 - 2016-08-22 14:23 - 31918048 _____ (Adlice Software ) C:\Users\Dmitriy\Downloads\setup.exe
    2016-08-22 14:23 - 2016-08-22 14:23 - 00000000 ____D C:\Users\Все пользователи\RogueKiller
    2016-08-22 14:23 - 2016-08-22 14:23 - 00000000 ____D C:\ProgramData\RogueKiller
    2016-08-22 14:08 - 2016-08-22 14:08 - 03784256 _____ C:\Users\Dmitriy\Downloads\adwcleaner_6.000.exe
    2016-08-22 14:07 - 2016-08-22 14:08 - 20813896 _____ C:\Users\Dmitriy\Downloads\RogueKiller.exe
    2016-08-22 03:10 - 2016-08-22 03:10 - 00004959 _____ C:\Users\Dmitriy\Downloads\HLD_AutoDash.jar
    2016-08-22 00:24 - 2016-08-22 00:24 - 07194312 _____ (Microsoft Corporation) C:\Users\Dmitriy\Downloads\vcredist_x64.exe
    2016-08-22 00:23 - 2016-08-22 00:23 - 00889416 _____ (Microsoft Corporation) C:\Users\Dmitriy\Downloads\dotNetFx40_Full_setup.exe
    2016-08-22 00:11 - 2016-08-22 00:37 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\HyperLightDrifter
    2016-08-19 12:13 - 2016-08-19 12:13 - 00000000 ____D C:\Users\Dmitriy\AppData\LocalLow\devolver
    2016-08-19 00:15 - 2016-08-19 00:15 - 00000000 ____D C:\Tunngle
    2016-08-18 23:54 - 2016-08-19 00:35 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Tunngle
    2016-08-18 23:54 - 2016-08-18 23:54 - 00000000 ____D C:\Users\Dmitriy\Documents\Tunngle
    2016-08-18 23:54 - 2016-04-26 16:10 - 00048824 _____ (Tunngle.net GmbH) C:\WINDOWS\system32\Drivers\tap0901t.sys
    2016-08-18 23:45 - 2016-08-18 23:45 - 04832624 _____ (Tunngle.net GmbH ) C:\Users\Dmitriy\Downloads\Tunngle_Setup_v5.8.7.exe
    2016-08-18 23:15 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2016-08-18 23:15 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2016-08-18 23:15 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2016-08-18 23:15 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2016-08-18 23:15 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2016-08-18 23:15 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2016-08-18 23:14 - 2016-08-18 23:18 - 00000666 _____ C:\Users\Public\Desktop\Yuri's Revenge CnCNet.lnk
    2016-08-18 23:14 - 2016-08-18 23:14 - 03682739 _____ (cncnet.org ) C:\Users\Dmitriy\Downloads\CnCNet5_YR_Installer (1).exe
    2016-08-18 23:10 - 2016-08-18 23:10 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Westwood
    2016-08-18 22:49 - 2016-08-18 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood
    2016-08-18 22:40 - 2016-08-18 23:18 - 03682739 _____ (cncnet.org ) C:\Users\Dmitriy\Downloads\CnCNet5_YR_Installer.exe
    2016-08-18 22:33 - 2016-08-18 22:33 - 06587919 _____ C:\Users\Dmitriy\Downloads\Red_Alert_2-Windows_8_and_10_Fix.zip
    2016-08-18 22:29 - 2016-08-18 22:29 - 00003220 _____ C:\WINDOWS\System32\Tasks\{A80B0612-F9B0-4986-B1E5-F0376508309C}
    2016-08-18 22:28 - 2016-08-18 22:50 - 00018768 _____ C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS
    2016-08-18 21:56 - 2016-08-18 21:57 - 00692072 _____ (Disc Soft Ltd.) C:\Users\Dmitriy\Downloads\DTLiteInstaller.exe
    2016-08-18 21:36 - 2016-08-18 21:36 - 00001719 _____ C:\Users\Dmitriy\AppData\Local\recently-used.xbel
    2016-08-18 20:10 - 2016-08-18 21:28 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\TS3Client
    2016-08-18 20:09 - 2016-08-18 20:09 - 00001118 _____ C:\Users\Dmitriy\Desktop\TeamSpeak 3 Client.lnk
    2016-08-18 20:09 - 2016-08-18 20:09 - 00001068 _____ C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
    2016-08-18 20:05 - 2016-08-18 20:08 - 32019840 _____ (TeamSpeak Systems GmbH) C:\Users\Dmitriy\Downloads\TeamSpeak3-Client-win64-3.0.19.4(1).exe
    2016-08-16 18:51 - 2016-08-16 18:51 - 28144914 _____ (KLCP ) C:\Users\Dmitriy\Downloads\K-Lite_Codec_Pack_1235_Standard.exe
    2016-08-15 15:36 - 2016-08-15 15:36 - 00001653 _____ C:\Users\Public\Desktop\Path of Exile.lnk
    2016-08-15 15:36 - 2016-08-15 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
    2016-08-15 15:32 - 2016-08-15 15:32 - 09658720 _____ (Grinding Gear Games) C:\Users\Dmitriy\Downloads\PathOfExileInstaller.exe
    2016-08-15 02:32 - 2016-08-29 02:51 - 00000000 ____D C:\Users\Dmitriy\Desktop\Robin
    2016-08-14 19:07 - 2016-08-14 19:07 - 08240358 _____ C:\Users\Dmitriy\Documents\Facebook--Mozilla-Firefox-1.mp4
    2016-08-13 13:56 - 2016-08-13 13:56 - 00000000 ____D C:\Users\Dmitriy\AppData\LocalLow\aheartfulofgames
    2016-08-11 07:12 - 2016-08-02 11:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
    2016-08-11 07:12 - 2016-08-02 11:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
    2016-08-11 07:12 - 2016-08-02 10:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2016-08-11 07:12 - 2016-08-02 07:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2016-08-11 05:15 - 2016-08-11 05:15 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\FastStone
    2016-08-11 05:15 - 2016-08-11 05:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
    2016-08-11 05:14 - 2016-08-11 05:14 - 06386757 _____ (FastStone Soft) C:\Users\Dmitriy\Downloads\FSViewerSetup57.exe
    2016-08-11 05:08 - 2016-08-11 05:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
    2016-08-11 05:08 - 2016-08-11 05:08 - 00000000 ____D C:\Program Files\Classic Shell
    2016-08-11 05:07 - 2016-08-11 05:07 - 07220496 _____ (IvoSoft) C:\Users\Dmitriy\Downloads\ClassicShellSetup_4_3_0.exe
    2016-08-11 05:06 - 2016-08-11 05:06 - 00000000 ____D C:\Users\Все пользователи\Microsoft OneDrive
    2016-08-11 05:06 - 2016-08-11 05:06 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
    2016-08-11 05:04 - 2016-08-11 05:23 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\ConnectedDevicesPlatform
    2016-08-11 05:04 - 2016-08-11 05:04 - 00000020 ___SH C:\Users\Dmitriy\ntuser.ini
    2016-08-11 05:04 - 2016-08-11 05:04 - 00000000 ____D C:\Users\Все пользователи\USOShared
    2016-08-11 05:04 - 2016-08-11 05:04 - 00000000 ____D C:\ProgramData\USOShared
    2016-08-11 05:03 - 2016-08-11 05:03 - 00011433 _____ C:\WINDOWS\diagwrn.xml
    2016-08-11 05:03 - 2016-08-11 05:03 - 00011433 _____ C:\WINDOWS\diagerr.xml
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\Шаблоны
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\Мои документы
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\главное меню
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\Documents\Моя музыка
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\Documents\мои рисунки
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\Documents\Мои видеозаписи
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default User\Documents\Моя музыка
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default User\Documents\мои рисунки
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default User\Documents\Мои видеозаписи
    2016-08-11 05:03 - 2016-08-11 05:03 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
    2016-08-11 05:02 - 2016-09-04 11:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
     
  22. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    2016-08-11 05:02 - 2016-08-11 05:02 - 00003630 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
    2016-08-11 05:02 - 2016-08-11 05:02 - 00003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-08-11 05:02 - 2016-08-11 05:02 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2016-08-11 05:02 - 2016-08-11 05:02 - 00003406 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
    2016-08-11 05:02 - 2016-08-11 05:02 - 00003278 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-08-11 05:02 - 2016-08-11 05:02 - 00003156 _____ C:\WINDOWS\System32\Tasks\klcp_update
    2016-08-11 05:02 - 2016-08-11 05:02 - 00003154 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2016-08-11 05:02 - 2016-08-11 05:02 - 00002912 _____ C:\WINDOWS\System32\Tasks\updater
    2016-08-11 05:02 - 2016-08-11 05:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
    2016-08-11 05:02 - 2016-08-11 05:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
    2016-08-11 05:00 - 2016-08-11 05:00 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2016-08-11 05:00 - 2016-08-11 05:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
    2016-08-11 05:00 - 2016-08-11 05:00 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
    2016-08-11 05:00 - 2016-08-11 05:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
    2016-08-11 05:00 - 2016-08-11 05:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
    2016-08-11 04:59 - 2016-08-11 04:59 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
    2016-08-11 04:59 - 2016-07-16 14:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2016-08-11 04:58 - 2016-09-08 11:57 - 00000000 ____D C:\Users\Dmitriy
    2016-08-11 04:58 - 2016-08-11 05:01 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
    2016-08-11 04:58 - 2016-08-11 05:01 - 00000000 ____D C:\Users\DefaultAppPool
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\Шаблоны
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\Мои документы
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\главное меню
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\Documents\Моя музыка
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\Documents\мои рисунки
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\Documents\Мои видеозаписи
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Шаблоны
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Мои документы
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\главное меню
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Моя музыка
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\мои рисунки
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Мои видеозаписи
    2016-08-11 04:58 - 2016-08-11 04:58 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
    2016-08-11 04:57 - 2016-08-11 04:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2016-08-11 04:57 - 2016-08-11 04:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____D C:\Users\Все пользователи\NVIDIA Corporation
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____D C:\Users\Все пользователи\NVIDIA
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____D C:\ProgramData\NVIDIA
    2016-08-11 04:57 - 2016-08-11 04:57 - 00000000 ____D C:\Program Files\Realtek
    2016-08-11 04:57 - 2015-11-05 18:08 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
    2016-08-11 04:57 - 2015-11-05 18:08 - 02983216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
    2016-08-11 04:57 - 2015-11-05 18:08 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
    2016-08-11 04:57 - 2015-11-05 18:08 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
    2016-08-11 04:57 - 2015-11-05 18:08 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
    2016-08-11 04:57 - 2015-11-05 18:08 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
    2016-08-11 04:57 - 2015-10-28 16:49 - 06027430 _____ C:\WINDOWS\system32\nvcoproc.bin
    2016-08-11 04:56 - 2016-09-08 23:09 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2016-08-11 04:56 - 2016-09-02 13:51 - 00220896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-08-11 04:56 - 2016-08-11 05:03 - 00000000 ___DC C:\WINDOWS\Panther
    2016-08-11 04:56 - 2016-08-11 04:56 - 00000000 ____D C:\WINDOWS\ServiceProfiles
    2016-08-11 04:54 - 2016-08-11 04:54 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
    2016-08-11 04:54 - 2016-08-11 04:54 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
    2016-08-11 04:54 - 2016-08-11 04:54 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
    2016-08-09 08:49 - 2016-08-09 08:49 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Civitas2

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-09-08 23:09 - 2016-05-18 15:52 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Skype
    2016-09-08 15:19 - 2016-05-20 23:29 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\ClassicShell
    2016-09-08 15:06 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-09-07 09:25 - 2016-07-16 14:47 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-09-07 01:16 - 2016-05-18 23:39 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\KeePass
    2016-09-05 11:32 - 2016-05-23 16:46 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\RenPy
    2016-09-04 11:56 - 2016-07-17 02:17 - 00792080 _____ C:\WINDOWS\system32\perfh019.dat
    2016-09-04 11:56 - 2016-07-17 02:17 - 00189188 _____ C:\WINDOWS\system32\perfc019.dat
    2016-09-04 11:56 - 2016-05-20 00:33 - 02122676 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-09-04 11:47 - 2016-07-16 09:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
    2016-09-03 15:49 - 2016-05-21 00:05 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2016-09-03 05:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\rescache
    2016-09-03 04:06 - 2016-06-13 16:16 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\Battle.net
    2016-09-02 23:54 - 2016-05-20 00:51 - 00000000 ____D C:\Program Files (x86)\Dropbox
    2016-09-02 16:12 - 2016-05-20 00:44 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\WTablet
    2016-09-02 15:49 - 2016-07-16 14:36 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-09-02 13:54 - 2016-07-16 14:45 - 00000000 ____D C:\WINDOWS\INF
    2016-09-02 13:51 - 2016-02-13 20:53 - 00000000 __RHD C:\Users\Public\AccountPictures
    2016-09-02 03:32 - 2016-07-16 14:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
    2016-09-02 03:32 - 2016-07-16 14:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2016-09-02 03:32 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2016-09-02 03:32 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
    2016-09-02 03:32 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
    2016-09-02 03:32 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
    2016-09-02 03:32 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
    2016-09-02 03:32 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
    2016-09-02 03:32 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
    2016-09-02 03:32 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\Provisioning
    2016-09-01 13:01 - 2016-07-16 14:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
    2016-09-01 13:01 - 2016-07-16 14:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
    2016-09-01 13:01 - 2016-07-16 14:43 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
    2016-09-01 13:01 - 2016-07-16 14:43 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
    2016-09-01 13:01 - 2016-07-16 14:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
    2016-09-01 13:01 - 2016-07-16 14:42 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
    2016-09-01 13:01 - 2016-07-16 14:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
    2016-09-01 13:01 - 2016-07-16 14:42 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2016-09-01 13:01 - 2016-07-16 14:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
    2016-09-01 13:01 - 2016-07-16 14:42 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
    2016-09-01 13:01 - 2016-07-16 14:42 - 00079544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
    2016-09-01 13:01 - 2016-07-16 14:42 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
    2016-09-01 13:01 - 2016-07-16 14:42 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
    2016-09-01 13:01 - 2016-07-16 14:42 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
    2016-08-30 19:49 - 2016-05-18 15:52 - 00000000 ___RD C:\Program Files (x86)\Skype
    2016-08-30 19:49 - 2016-05-18 15:52 - 00000000 ____D C:\Users\Все пользователи\Skype
    2016-08-30 19:49 - 2016-05-18 15:52 - 00000000 ____D C:\ProgramData\Skype
    2016-08-28 08:36 - 2016-07-23 19:32 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\ElevatedDiagnostics
    2016-08-26 08:43 - 2016-07-16 14:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2016-08-26 08:43 - 2016-07-16 14:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2016-08-25 02:46 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2016-08-24 14:51 - 2016-05-19 20:39 - 00000000 ____D C:\Users\Все пользователи\Microsoft Help
    2016-08-24 11:20 - 2016-07-16 14:43 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2016-08-23 20:53 - 2016-07-08 09:37 - 07046480 _____ C:\Users\Dmitriy\Desktop\paint.net.4.0.10.install.exe
    2016-08-23 09:26 - 2016-05-18 15:47 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\MyComGames
    2016-08-23 09:16 - 2016-06-19 13:48 - 00001189 _____ C:\Users\Dmitriy\Desktop\AIM.lnk
    2016-08-23 09:16 - 2016-06-08 13:11 - 00001518 _____ C:\Users\Dmitriy\Desktop\Skype.exe - Ярлык.lnk
    2016-08-23 09:16 - 2016-05-31 17:13 - 00001458 _____ C:\Users\Public\Desktop\Центр решений HP.lnk
    2016-08-23 09:16 - 2016-05-21 13:22 - 00002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
    2016-08-23 09:16 - 2016-05-20 00:54 - 00001299 _____ C:\Users\Dmitriy\Desktop\Dropbox.lnk
    2016-08-22 19:55 - 2016-05-21 00:05 - 00000822 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2016-08-22 00:31 - 2016-05-21 13:36 - 00098400 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusbK.dll
    2016-08-22 00:31 - 2016-05-21 13:36 - 00083552 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusbK.dll
    2016-08-22 00:31 - 2016-05-21 13:36 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusb0.dll
    2016-08-22 00:31 - 2016-05-21 13:36 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusb0.dll
    2016-08-22 00:31 - 2016-05-21 13:36 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\Drivers\libusbK.sys
    2016-08-22 00:31 - 2016-05-21 13:36 - 00000258 __RSH C:\Users\Все пользователи\ntuser.pol
    2016-08-22 00:31 - 2016-05-21 13:36 - 00000258 __RSH C:\ProgramData\ntuser.pol
    2016-08-22 00:31 - 2016-05-21 13:36 - 00000000 ____D C:\ScpToolkit
    2016-08-19 22:15 - 2016-05-20 21:34 - 00000000 ____D C:\Users\Dmitriy\Documents\My Games
    2016-08-15 15:36 - 2016-05-18 15:20 - 00000000 ____D C:\Users\Все пользователи\Package Cache
    2016-08-15 15:36 - 2016-05-18 15:20 - 00000000 ____D C:\ProgramData\Package Cache
    2016-08-12 14:04 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\appcompat
    2016-08-11 05:31 - 2016-05-20 00:44 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\Packages
    2016-08-11 05:07 - 2016-05-20 00:46 - 00002453 _____ C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-08-11 05:07 - 2016-05-20 00:46 - 00000000 ___RD C:\Users\Dmitriy\OneDrive
    2016-08-11 05:04 - 2016-07-16 14:47 - 00000000 ____D C:\Users\Все пользователи\USOPrivate
    2016-08-11 05:04 - 2016-07-16 14:47 - 00000000 ____D C:\ProgramData\USOPrivate
    2016-08-11 05:03 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2016-08-11 05:03 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\Registration
    2016-08-11 05:03 - 2016-07-16 14:47 - 00000000 ____D C:\Program Files\Windows NT
    2016-08-11 05:03 - 2016-07-16 09:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
    2016-08-11 05:03 - 2015-10-30 10:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
    2016-08-11 05:02 - 2016-07-16 14:47 - 00000000 __RSD C:\WINDOWS\Media
    2016-08-11 05:02 - 2016-07-16 14:47 - 00000000 __RHD C:\Users\Public\Libraries
    2016-08-11 05:02 - 2016-05-20 00:35 - 00023848 _____ C:\WINDOWS\system32\emptyregdb.dat
    2016-08-11 05:01 - 2016-07-17 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarTopia [GOG.com]
    2016-08-11 05:01 - 2016-07-16 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
    2016-08-11 05:01 - 2016-06-18 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Hospital [GOG.com]
    2016-08-11 05:01 - 2016-06-13 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
    2016-08-11 05:01 - 2016-06-13 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
    2016-08-11 05:01 - 2016-06-10 02:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evil Islands - Curse of the Lost Soul [GOG.com]
    2016-08-11 05:01 - 2016-06-03 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
    2016-08-11 05:01 - 2016-05-31 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    2016-08-11 05:01 - 2016-05-24 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
    2016-08-11 05:01 - 2016-05-23 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO
    2016-08-11 05:01 - 2016-05-21 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit
    2016-08-11 05:01 - 2016-05-21 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    2016-08-11 05:01 - 2016-05-21 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
    2016-08-11 05:01 - 2016-05-21 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-08-11 05:01 - 2016-05-20 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2016-08-11 05:01 - 2016-05-19 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
    2016-08-11 05:01 - 2016-05-19 11:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Планшет Wacom
    2016-08-11 05:01 - 2016-05-19 00:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
    2016-08-11 05:01 - 2016-05-19 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2016-08-11 05:01 - 2016-05-18 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
    2016-08-11 05:01 - 2016-05-18 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
    2016-08-11 05:01 - 2016-05-18 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
    2016-08-11 05:01 - 2016-05-18 16:52 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
    2016-08-11 05:01 - 2016-05-18 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2016-08-11 05:01 - 2016-02-13 20:40 - 00000000 ____D C:\WINDOWS\ShellNew
    2016-08-11 05:00 - 2016-07-16 14:47 - 00000000 ____D C:\Users\Все пользователи\regid.1991-06.com.microsoft
    2016-08-11 05:00 - 2016-07-16 14:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2016-08-11 05:00 - 2015-10-30 09:28 - 00000000 ____D C:\Users\Default.migrated
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\spool
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\NDF
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\MUI
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\IME
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\schemas
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2016-08-11 04:59 - 2016-07-16 14:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2016-08-11 04:59 - 2016-06-10 02:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
    2016-08-11 04:59 - 2016-05-23 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\WINDOWS\system32\BestPractices
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\Program Files\Reference Assemblies
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\Program Files\MSBuild
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
    2016-08-11 04:59 - 2016-05-20 00:25 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2016-08-11 04:59 - 2016-05-18 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2016-08-11 04:59 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files\Microsoft Games
    2016-08-11 04:58 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
    2016-08-11 04:58 - 2016-07-06 17:17 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIM for Windows
    2016-08-11 04:58 - 2016-05-26 18:07 - 00000000 ____D C:\Users\Dmitriy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe
    2016-08-11 04:58 - 2009-07-14 06:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
    2016-08-11 04:57 - 2016-07-16 14:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
    2016-08-11 04:57 - 2016-07-16 14:47 - 00000000 ___RD C:\WINDOWS\MiracastView
    2016-08-11 04:57 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\Help
    2016-08-11 04:56 - 2016-07-16 14:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2016-08-11 04:44 - 2016-05-19 19:12 - 00000896 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-08-11 04:37 - 2016-05-19 11:18 - 00000990 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-08-11 03:56 - 2016-05-20 00:51 - 00001116 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2016-08-11 03:37 - 2016-05-19 11:18 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-08-11 00:56 - 2016-05-20 00:51 - 00001112 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2016-08-10 19:31 - 2016-05-18 13:09 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-08-10 19:31 - 2016-05-18 13:09 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-08-09 12:55 - 2016-05-26 18:07 - 00000000 ____D C:\Users\Dmitriy\AppData\Local\Warframe
    2016-08-09 00:38 - 2016-05-19 11:18 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

    ==================== Files in the root of some directories =======

    2016-08-18 21:36 - 2016-08-18 21:36 - 0001719 _____ () C:\Users\Dmitriy\AppData\Local\recently-used.xbel
    2016-05-31 17:12 - 2016-05-31 17:31 - 0002393 _____ () C:\ProgramData\hpzinstall.log

    Some files in TEMP:
    ====================
    C:\Users\Dmitriy\AppData\Local\Temp\dllnt_dump.dll
    C:\Users\Dmitriy\AppData\Local\Temp\Uninst.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-08-31 11:21

    ==================== End of FRST.txt ============================
     
  23. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
    Ran by Dmitriy (08-09-2016 23:21:43)
    Running from C:\Users\Dmitriy\Desktop
    Windows 8 Pro (X64) (2016-08-11 02:03:52)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    DefaultAccount (S-1-5-21-1121295449-3713914657-817976498-503 - Limited - Disabled)
    Dmitriy (S-1-5-21-1121295449-3713914657-817976498-1000 - Administrator - Enabled) => C:\Users\Dmitriy
    HomeGroupUser$ (S-1-5-21-1121295449-3713914657-817976498-1002 - Limited - Enabled)
    Администратор (S-1-5-21-1121295449-3713914657-817976498-500 - Administrator - Disabled)
    Гость (S-1-5-21-1121295449-3713914657-817976498-501 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
    Adobe Acrobat Reader DC - Russian (HKLM-x32\...\{AC76BA86-7AD7-1049-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
    Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
    AIM for Windows (HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\AIM) (Version: - AOL Inc.)
    Autodesk SketchBook Pro 6 (HKLM-x32\...\{C7C8BE4E-428D-4AA9-B7D4-EA4313BDB90E}) (Version: 6.00.0000 - Autodesk)
    AutoHotkey 1.1.24.00 (HKLM\...\AutoHotkey) (Version: 1.1.24.00 - Lexikos)
    Bastard Bonds (HKLM\...\Steam App 486720) (Version: - Bigfingers)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Blacksea Odyssey (HKLM\...\Steam App 369550) (Version: - Blacksea Odyssey)
    BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    Choice of the Pirate Demo (HKLM\...\Steam App 476500) (Version: - Choice of Games)
    Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
    CLIP STUDIO PAINT (HKLM-x32\...\{E4F184C1-E62E-44F0-B142-AB6197490834}) (Version: 1.4.1 - CELSYS)
    CLIP STUDIO PAINT 1.5.4 (HKLM-x32\...\{88B5A062-DDA1-4F62-A4DD-95D0C4F19979}) (Version: 1.5.4 - CELSYS)
    Command & Conquer Red Alert 2 (HKLM-x32\...\Red Alert 2) (Version: - )
    Command && Conquer Red Alert 2 - Yuri's Revenge (HKLM-x32\...\Yuri's Revenge) (Version: - )
    Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
    DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
    Dropbox (HKLM-x32\...\Dropbox) (Version: 9.4.49 - Dropbox, Inc.)
    Dropbox Update Helper (x32 Version: 1.3.41.1 - Dropbox, Inc.) Hidden
    EARTH DEFENSE FORCE 4.1 The Shadow of New Despair (HKLM\...\Steam App 410320) (Version: - SANDLOT)
    Evil Islands - Curse of the Lost Soul (HKLM-x32\...\1457950224_is1) (Version: 2.0.0.5 - GOG.com)
    f.lux (HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\Flux) (Version: - )
    F2400 (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
    FastStone Image Viewer 5.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.7 - FastStone Soft)
    FORCED SHOWDOWN (HKLM\...\Steam App 265000) (Version: - BetaDwarf)
    GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
    GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
    Grim Dawn (HKLM\...\Steam App 219990) (Version: - Crate Entertainment)
    Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
    HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{BCDD692B-172D-440A-9A1B-501C71D72CC8}) (Version: 14.0 - HP)
    HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
    HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
    HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
    KeePass Password Safe 2.33 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.33 - Dominik Reichl)
    K-Lite Codec Pack 12.1.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.1.0 - KLCP)
    Logitech Gaming Software 8.83 (HKLM\...\Logitech Gaming Software) (Version: 8.83.85 - Logitech Inc.)
    Malwarebytes Anti-Malware, версия 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Microsoft Office стандартный 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Mozilla Firefox 47.0 (x86 ru) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 ru)) (Version: 47.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
    NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
    NVIDIA Графический драйвер 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.19 - NVIDIA Corporation)
    Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
    paint.net (HKLM\...\{DD393E4D-76FA-4CCD-84F3-CD9D75C14862}) (Version: 4.0.10 - dotPDN LLC)
    Path of Exile (HKLM-x32\...\{a8f39eb5-b96a-46db-a9a3-835e8197fb99}) (Version: 2.3.4.61272 - Grinding Gear Games)
    Path of Exile (x32 Version: 2.3.4.61272 - Grinding Gear Games) Hidden
    Princess Remedy in a World of Hurt (HKLM\...\Steam App 407900) (Version: - Ludosity)
    QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
    Renowned Explorers: International Society (HKLM\...\Steam App 296970) (Version: - Abbey Games)
    RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
    Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
    ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
    Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
    SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
    Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
    StarTopia (HKLM-x32\...\1207659100_is1) (Version: 2.1.0.20 - GOG.com)
    Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    TeamSpeak 3 Client (HKU\S-1-5-21-1121295449-3713914657-817976498-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
    Theme Hospital (HKLM-x32\...\1207659026_is1) (Version: 2.1.0.8 - GOG.com)
    Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
    TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
    Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
    Warframe (HKLM\...\Steam App 230410) (Version: - Digital Extremes)
    Warframe (HKLM-x32\...\{CCD65E0D-9DDC-4F0A-98E3-1F3BC5EF8BE1}) (Version: 1.0.0 - Digital Extremes)
    WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
    WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
    WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
    Yuri's Revenge compatfix (HKLM\...\{47f53419-ecf8-40ce-8601-83ceab919da9}.sdb) (Version: - )
    Панель управления NVIDIA 358.91 (Version: 358.91 - NVIDIA Corporation) Hidden
    Планшет Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-2 - Wacom Technology Corp.)
    Языковой пакет Microsoft Visual Studio 2010 Tools для среды выполнения Office (x64) - RUS (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - RUS) (Version: 10.0.50903 - Microsoft Corporation)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
  24. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {048E6151-0AEB-4480-9013-D417F2825730} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {081AA704-9A18-4D97-BF60-532D9B4784FD} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-20] (Dropbox, Inc.)
    Task: {08BAFF35-1008-4017-BA53-14AA2E7AF8C0} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
    Task: {0B7D0C31-FF01-4E74-ABAB-A039F7A2F780} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-20] (Dropbox, Inc.)
    Task: {0BEB9124-6416-4812-A846-EC81D8921DA2} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
    Task: {141E4A0F-E5A8-49AC-9297-C56322221A2F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
    Task: {15020EB3-EAB3-4118-A620-C3260D75F0CF} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
    Task: {163D454E-C593-4DC0-8492-BA93F06F7921} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
    Task: {17EEB01C-0A05-4529-A69D-1AE67B5396D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
    Task: {18ED69E5-0491-443A-AF80-2ACE2CB1B114} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {1B7E6FB5-242A-4100-B82D-E5B6F8F62E13} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
    Task: {1BB7D1B7-4CE9-47D7-9919-992D7E83FC1E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
    Task: {24AC5C09-36D3-42FB-B1A1-C47FFBAEABEB} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
    Task: {2E2A296C-B380-4665-8842-BB1931470228} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
    Task: {3F99FE50-DAAA-4781-9173-41F1CC726C1E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
    Task: {49D540D1-B1BB-4530-9C24-CFEEA16E7C10} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
    Task: {4F8CC1B2-8C0A-4365-94B8-2742D9ED1B53} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {564C4043-8180-4ECE-9989-B6C6F6512BBC} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {61C5C9CA-C706-45B1-8F07-5CB490B86B8E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {62670BE5-77F9-43D4-89AD-F25B17010B4D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
    Task: {6817430A-CA51-4237-AEDB-12EDFF68F35C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {6D0F3EE5-7117-433D-A140-8AA554BC9867} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
    Task: {80710178-1B19-4CC2-8976-BE0B0B0BF40B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {82F9901D-579A-44D7-86A6-4D62D3EF6C96} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
    Task: {8944C195-1AAA-4189-85E1-1B6F74CC9119} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
    Task: {91929247-403D-4795-BC94-004C2656D928} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
    Task: {940E1291-FEF6-4A15-BEAB-8DC91E3CCA0E} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-04-18] ()
    Task: {9698DC3C-2C13-491D-9C6E-08CE0747D0F6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
    Task: {9F46D578-7E6F-454D-8B7A-263270ECF2E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-19] (Google Inc.)
    Task: {A5896B90-CFC6-4360-8652-6F641CD07F94} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
    Task: {B28EF9B9-6D72-492B-983D-C010262B2466} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {B7AB484E-DA84-4560-8DAA-2225A9C5CAE6} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
    Task: {B8E66B9D-F6BD-4887-8A09-CBF46B478BA3} - System32\Tasks\{A80B0612-F9B0-4986-B1E5-F0376508309C} => pcalua.exe -a E:\Games\RA2\Ra2.exe -d E:\Games\RA2\
    Task: {BF045A5C-81BF-4B62-A45B-24FE5100EAF0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {C2486239-0761-49A6-8C58-2C8E32949F9A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
    Task: {C2640574-4A7D-4710-89A2-258E12C40C4D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
    Task: {C2A5B7DE-2E09-4A80-A2A5-E8BBB4D8FDBA} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
    Task: {C5B4D267-0920-4F23-8AF8-E97B0F515D84} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
    Task: {CDA19268-C2EE-46F6-BF71-056E02C7782C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {D25291CB-C6E6-429E-8253-9D071E8925E8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
    Task: {D4E2F67D-7718-4296-AEE5-D51244F90FA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-19] (Google Inc.)
    Task: {DBC4D856-6D68-4FE2-8A84-FE3E667ADC3C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {E72984C1-AF0A-40F0-B30D-348DDA07A650} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {E9C02B95-BFDB-4919-B21D-192D59927EBA} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
    Task: {F2D9E054-D1B6-4E5F-BBB3-B48958AF627E} - System32\Tasks\updater => C:\ScpToolkit\ScpUpdater.exe [2016-01-10] (Nefarius Software Solutions)
    Task: {FD87747B-4182-4AA8-A603-1F536380E614} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {FE89F7A7-58BF-48D4-BDA6-EF766BA1B6C3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2016-08-13 05:32 - 2016-08-13 05:32 - 00309760 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ReactiveSockets\ced6a6793b1806f6dbe2e73d73a91244\ReactiveSockets.ni.dll
    2014-05-02 11:52 - 2014-05-02 11:52 - 00599040 _____ () C:\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll
    2014-05-02 06:55 - 2014-05-02 06:55 - 00185344 _____ () C:\ScpToolkit\irrKlang\amd64\ikpflac.dll
    2014-05-02 06:05 - 2014-05-02 06:05 - 00173056 _____ () C:\ScpToolkit\irrKlang\amd64\ikpmp3.dll
    2016-07-16 14:42 - 2016-07-16 14:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2016-07-16 14:42 - 2016-07-16 14:42 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2016-08-11 04:57 - 2015-11-05 18:08 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2016-07-16 14:42 - 2016-07-16 14:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2016-07-16 14:42 - 2016-07-16 14:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
    2010-07-15 07:44 - 2010-07-15 07:44 - 00020032 _____ () D:\Program Files\Unlocker\UnlockerCOM.dll
    2016-07-16 14:42 - 2016-07-16 14:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
    2016-07-16 14:42 - 2016-07-16 14:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
    2016-07-16 14:43 - 2016-08-24 11:20 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
    2016-07-16 14:43 - 2016-09-01 13:01 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2016-09-01 13:07 - 2016-08-20 07:54 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2016-07-16 14:43 - 2016-09-01 13:01 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
    2016-09-01 13:06 - 2016-08-20 07:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2016-09-01 13:07 - 2016-08-20 07:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2016-05-19 11:42 - 2015-12-21 21:02 - 01349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
    2015-03-07 03:07 - 2015-03-07 03:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
    2016-04-29 01:49 - 2016-04-29 01:49 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
    2015-03-07 03:07 - 2015-03-07 03:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
    2016-04-29 01:49 - 2016-04-29 01:49 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
    2016-08-30 11:26 - 2016-08-30 11:26 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    2016-08-30 11:26 - 2016-08-30 11:26 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
    2016-08-30 11:26 - 2016-08-30 11:26 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
    2016-05-19 00:27 - 2016-08-09 02:27 - 00785920 _____ () E:\Program Files (x86)\Steam\SDL2.dll
    2016-05-19 00:27 - 2015-07-02 01:06 - 04962816 _____ () E:\Program Files (x86)\Steam\v8.dll
    2016-05-19 00:27 - 2016-08-23 22:33 - 02321184 _____ () E:\Program Files (x86)\Steam\video.dll
    2016-05-19 00:27 - 2016-01-27 10:49 - 02549760 _____ () E:\Program Files (x86)\Steam\libavcodec-56.dll
    2016-05-19 00:27 - 2016-01-27 10:49 - 00491008 _____ () E:\Program Files (x86)\Steam\libavformat-56.dll
    2016-05-19 00:27 - 2016-01-27 10:49 - 00332800 _____ () E:\Program Files (x86)\Steam\libavresample-2.dll
    2016-05-19 00:27 - 2016-01-27 10:49 - 00442880 _____ () E:\Program Files (x86)\Steam\libavutil-54.dll
    2016-05-19 00:27 - 2016-01-27 10:49 - 00485888 _____ () E:\Program Files (x86)\Steam\libswscale-3.dll
    2016-05-19 00:27 - 2015-07-02 01:06 - 01556992 _____ () E:\Program Files (x86)\Steam\icui18n.dll
    2016-05-19 00:27 - 2015-07-02 01:06 - 01187840 _____ () E:\Program Files (x86)\Steam\icuuc.dll
    2016-05-19 00:27 - 2016-08-23 22:33 - 00835360 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL
    2016-05-19 00:27 - 2016-07-05 01:17 - 00266560 _____ () E:\Program Files (x86)\Steam\openvr_api.dll
    2016-05-20 00:53 - 2016-08-06 06:21 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
    2016-09-02 23:54 - 2016-08-06 06:21 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
    2016-09-02 23:54 - 2016-08-06 06:22 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
    2016-09-02 23:54 - 2016-08-06 06:21 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
    2016-05-20 00:53 - 2016-08-06 06:21 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
    2016-05-20 00:53 - 2016-08-06 06:21 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
    2016-05-20 00:53 - 2016-08-31 00:38 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
    2016-05-20 00:53 - 2016-08-06 06:21 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
    2016-05-20 00:53 - 2016-08-06 06:22 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
    2016-05-20 00:53 - 2016-08-06 06:24 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
    2016-08-05 22:40 - 2016-08-31 00:38 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
    2016-09-02 23:54 - 2016-08-06 06:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
    2016-09-02 23:54 - 2016-08-06 06:24 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
    2016-05-20 00:53 - 2016-08-06 06:24 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
    2016-05-20 00:53 - 2016-08-06 06:24 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
    2016-05-20 00:53 - 2016-08-31 00:38 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
    2016-05-20 00:53 - 2016-08-06 06:24 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
    2016-08-05 22:40 - 2016-08-31 00:38 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
    2016-05-20 00:53 - 2016-08-06 06:24 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
    2016-05-20 00:53 - 2016-08-06 06:24 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
    2016-05-20 00:53 - 2016-08-06 06:24 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
    2016-05-20 00:53 - 2016-08-06 06:24 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
    2016-05-20 00:53 - 2016-08-06 06:24 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
    2016-05-20 00:53 - 2016-08-06 06:24 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
    2016-05-20 00:53 - 2016-08-06 06:24 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
    2016-05-20 00:53 - 2016-08-06 06:25 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
    2016-05-20 00:53 - 2016-08-06 06:21 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
    2016-08-05 22:40 - 2016-08-06 06:22 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
    2016-05-20 00:53 - 2016-08-31 00:38 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
    2016-05-20 00:53 - 2016-08-31 00:38 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
    2016-05-20 00:53 - 2016-08-31 00:38 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
    2016-05-20 00:53 - 2016-08-31 00:38 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
    2016-05-20 00:53 - 2016-08-06 06:25 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
    2016-05-20 00:53 - 2016-08-31 00:38 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
    2016-09-02 23:54 - 2016-08-06 06:18 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
    2016-09-02 23:54 - 2016-08-31 00:38 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
    2016-09-02 23:54 - 2016-08-31 00:13 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
    2016-09-02 23:54 - 2016-08-31 00:38 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
    2016-09-02 23:54 - 2016-08-31 00:38 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
    2016-05-20 00:53 - 2016-08-06 06:22 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
    2016-08-05 22:40 - 2016-08-31 00:38 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
    2016-05-20 00:53 - 2016-08-06 06:24 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
    2016-05-20 00:53 - 2016-08-31 00:38 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
    2016-08-05 22:40 - 2016-08-31 00:38 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
    2016-09-02 23:54 - 2016-08-31 00:38 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
    2016-05-19 00:27 - 2016-08-04 23:56 - 49825056 _____ () E:\Program Files (x86)\Steam\bin\libcef.dll
    2016-06-10 02:38 - 2016-08-25 10:16 - 48936448 _____ () E:\Program Files (x86)\GalaxyClient\libcef.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00500736 _____ () E:\Program Files (x86)\GalaxyClient\PocoUtil.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 01069568 _____ () E:\Program Files (x86)\GalaxyClient\PocoNet.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 01847296 _____ () E:\Program Files (x86)\GalaxyClient\PocoData.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00386048 _____ () E:\Program Files (x86)\GalaxyClient\PocoDataSQLite.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 01582080 _____ () E:\Program Files (x86)\GalaxyClient\PocoFoundation.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00300544 _____ () E:\Program Files (x86)\GalaxyClient\PocoNetSSL.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00323584 _____ () E:\Program Files (x86)\GalaxyClient\PocoJSON.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00096768 _____ () E:\Program Files (x86)\GalaxyClient\zlib.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00513536 _____ () E:\Program Files (x86)\GalaxyClient\PocoXML.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00265216 _____ () E:\Program Files (x86)\GalaxyClient\PocoZip.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00672768 _____ () E:\Program Files (x86)\GalaxyClient\sqlite.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00150528 _____ () E:\Program Files (x86)\GalaxyClient\PocoCrypto.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00418304 _____ () E:\Program Files (x86)\GalaxyClient\pcre.dll
    2016-06-10 02:38 - 2016-06-08 17:11 - 00144896 _____ () E:\Program Files (x86)\GalaxyClient\expat.dll
    2016-06-10 02:38 - 2016-08-25 10:16 - 01665024 _____ () E:\Program Files (x86)\GalaxyClient\libglesv2.dll
    2016-06-10 02:38 - 2016-08-25 10:16 - 00075264 _____ () E:\Program Files (x86)\GalaxyClient\libegl.dll
    2016-08-11 05:06 - 2016-08-11 05:06 - 00679624 _____ () C:\Users\Dmitriy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll
    2016-08-09 00:38 - 2016-08-03 03:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
    2016-08-09 00:38 - 2016-08-03 03:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
    2016-05-19 00:27 - 2015-09-25 02:52 - 00119208 _____ () E:\Program Files (x86)\Steam\winh264.dll
    2016-08-09 00:38 - 2016-08-03 02:54 - 17602240 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\PepperFlash\pepflashplayer.dll
     
  25. rudanshi

    rudanshi TS Rookie Topic Starter Posts: 21

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\Dmitriy\Desktop\Invincible_vol01.pdf:com.dropbox.attributes [168]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 05:34 - 2016-07-19 19:03 - 00000962 ____A C:\WINDOWS\system32\Drivers\etc\hosts

    104.31.73.179 sinnergate.com
    66.6.43.21 johndoe-art.tumblr.com

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1121295449-3713914657-817976498-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dmitriy\AppData\Roaming\Mozilla\Firefox\Фон рабочего стола.bmp
    DNS Servers: 8.8.8.8 - 8.8.4.4
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{307CC402-E261-42EE-B433-A2127804BC63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{BF92C6DE-924D-4999-B962-EBB68C8D9732}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
    FirewallRules: [{51586CA8-0C23-497B-86E7-AE049EEBFF15}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
    FirewallRules: [{3DA39720-2F7D-463B-8775-613135009780}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Earth Defense Force 4.1\EDF41.exe
    FirewallRules: [{1AFFB95D-26DB-478A-BC44-FAC6EE4666D4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Earth Defense Force 4.1\EDF41.exe
    FirewallRules: [{484A9DCC-4C4C-47A7-AB9F-39D7D5B06999}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BlackseaOdyssey\BlackseaOdyssey.exe
    FirewallRules: [{F41D0D09-7FE7-4FFC-848D-7998392A547A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BlackseaOdyssey\BlackseaOdyssey.exe
    FirewallRules: [{80FB6EC2-D069-47AE-B4A5-21496F69F5FA}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{F3CF9440-B666-49AA-A75D-C0F8ED03E6DD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{CCE6FD90-8E10-46F6-88DD-2EDC939A131D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm5.exe
    FirewallRules: [{7DC8C722-2911-4988-9A64-4BF0DCF3FF86}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm5.exe
    FirewallRules: [{14E0E228-25B3-42F2-A6A0-E1B333AA9A50}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm7.exe
    FirewallRules: [{0CF20C8F-08D2-4B29-858B-52796011CB95}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm7.exe
    FirewallRules: [{95A7176F-BB2A-4CB5-86A0-B45325C93C6A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Bastard Bonds\BB.exe
    FirewallRules: [{28E63C40-4802-4A9B-B4BF-2B3278A0FB20}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Bastard Bonds\BB.exe
    FirewallRules: [{8AADD731-957C-461F-AB80-3852104FF2A4}] => (Block) E:\games\overwatch\overwatch.exe
    FirewallRules: [{B7E45982-514F-4F4D-8A92-BB1F028B7B3E}] => (Block) E:\games\overwatch\overwatch.exe
    FirewallRules: [UDP Query User{B0595A23-049D-4569-85FD-FFD641240D0D}E:\games\overwatch\overwatch.exe] => (Allow) E:\games\overwatch\overwatch.exe
    FirewallRules: [TCP Query User{EE746244-E3D1-4EA2-8D52-EFA5F0148811}E:\games\overwatch\overwatch.exe] => (Allow) E:\games\overwatch\overwatch.exe
    FirewallRules: [{40E29D69-A3BB-43F5-BE73-857292F97E6D}] => (Block) E:\program files (x86)\steam\steamapps\common\atlas reactor\games\atlas reactor\live\win32\atlasreactor.exe
    FirewallRules: [{B6F7E2DC-C47B-4639-85FF-6D7F9BAE26D9}] => (Block) E:\program files (x86)\steam\steamapps\common\atlas reactor\games\atlas reactor\live\win32\atlasreactor.exe
    FirewallRules: [UDP Query User{69CC65A8-26C0-407D-9277-61A665A7CA3E}E:\program files (x86)\steam\steamapps\common\atlas reactor\games\atlas reactor\live\win32\atlasreactor.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\atlas reactor\games\atlas reactor\live\win32\atlasreactor.exe
    FirewallRules: [TCP Query User{C3B3D594-BF77-41F0-B76C-96E855FC67DF}E:\program files (x86)\steam\steamapps\common\atlas reactor\games\atlas reactor\live\win32\atlasreactor.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\atlas reactor\games\atlas reactor\live\win32\atlasreactor.exe
    FirewallRules: [UDP Query User{D5297975-B331-4511-9C11-FC71C7E649A9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [TCP Query User{899C82CD-F7D0-4307-90E2-947104A6CFF1}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [{ADB2D8A5-73BF-4023-89AC-BFBBE5D94ABE}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
    FirewallRules: [{68F23189-7BB8-48D6-9E45-44D7AC195E8E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
    FirewallRules: [{807C58C5-64B9-408B-B15D-64D756C1673C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
    FirewallRules: [{ADF18800-AD42-4AFD-AB7E-D3E58B960119}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    FirewallRules: [{EF2828C7-6541-4E9B-B85C-635505E06116}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
    FirewallRules: [{0276FA7D-26BE-49AD-81DB-4437C58F6292}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
    FirewallRules: [{89407AC0-93AB-4519-AC9B-26EE672081F1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
    FirewallRules: [{564742E3-F286-44F6-9844-487E17E0FE2D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
    FirewallRules: [{929AE30E-B3D0-4351-950C-F508DCE98098}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
    FirewallRules: [{6F6D732E-0397-44C1-B48F-1EC5BE3AEB4A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
    FirewallRules: [{42D539E7-7FA0-4F41-B5E7-57662476BC71}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
    FirewallRules: [{14F7B7D2-24C1-4407-89C8-7DDC45591DE7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    FirewallRules: [{582CD9FD-ACDC-48B8-A0F9-208E9851843F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    FirewallRules: [{79037D9A-EE7C-46C1-A25F-9ADACA27423E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Choice of the Pirate Demo\Pirate.exe
    FirewallRules: [{A5ACBA91-D485-4AF1-AA29-4AF8AB964D16}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Choice of the Pirate Demo\Pirate.exe
    FirewallRules: [{FEB0CB8A-A14D-4F4E-B863-B1A58739E11E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [{E46F056D-4FF5-442A-94CB-6209022B55AC}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{27E1D724-A2C5-4CDD-A683-13646E1B71FA}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{9C4365C0-8B95-45C6-9ACA-0B495FB41D70}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{50B42B6B-C366-4668-AD81-26780734FD63}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{797CDF62-05FA-4175-8172-BDA3FBCECC2D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{C75EB49E-ED72-410D-A36D-F7581E20E663}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [{33792FA5-3CF4-4C9D-B490-658412CE8394}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{1F51B6F6-F07D-46BE-A8CB-3DE98A4A9019}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{34977D38-DDEF-4C9E-8B1A-418AB81EC7C8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{E58CF6DE-0FBA-4797-ADFD-CF0DA9323CCF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{FA1BD79B-EB52-4B76-9898-41511C11DB00}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{DDD40B2A-D9A8-40C3-8BD4-1A54DC561387}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{103D31EA-6BF3-43FD-BDBF-3C10DF0A13E3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [UDP Query User{B380C406-EE58-43CD-A48A-17314CEB4ABB}E:\games\allods online en\bin\gamecenterlight\gamecenter@mail.ru.exe] => (Allow) E:\games\allods online en\bin\gamecenterlight\gamecenter@mail.ru.exe
    FirewallRules: [TCP Query User{A50E90D5-27DB-4EE2-BD57-5680659D8A42}E:\games\allods online en\bin\gamecenterlight\gamecenter@mail.ru.exe] => (Allow) E:\games\allods online en\bin\gamecenterlight\gamecenter@mail.ru.exe
    FirewallRules: [UDP Query User{08124689-E497-4A37-AAF2-BBFE12AE2DE3}E:\program files (x86)\steam\steamapps\common\forced showdown\bugtracker\forcedshowdownbugtracker.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\forced showdown\bugtracker\forcedshowdownbugtracker.exe
    FirewallRules: [TCP Query User{34D46524-8B52-42B8-8A88-0903DF464C01}E:\program files (x86)\steam\steamapps\common\forced showdown\bugtracker\forcedshowdownbugtracker.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\forced showdown\bugtracker\forcedshowdownbugtracker.exe
    FirewallRules: [{B82B5DF6-0841-4DB1-9292-0F81E9D22F55}] => (Allow) E:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{E29E7EB3-FD9D-498A-9441-D0F18C72B24C}] => (Allow) E:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{33A9B3F5-9573-402A-A09A-8EE506C26346}] => (Allow) C:\Users\Dmitriy\AppData\Local\MyComGames\MyComGames.exe
    FirewallRules: [{8B0BB19E-D1F7-488B-95C9-D08B2D7A348D}] => (Allow) C:\Users\Dmitriy\AppData\Local\MyComGames\MyComGames.exe
    FirewallRules: [{1E7275AD-1B4B-4CFA-A3F3-D14F4F669B00}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [TCP Query User{4710E43A-8AC2-44A9-9EC3-15287C405803}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [UDP Query User{159D4EFE-87B4-4CD7-AB5E-F1B90B64B5E3}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [{5C517FF6-C7F2-49F8-A0A6-594635FB0860}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{067BB850-4671-4284-A604-726B1D8C728C}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{430B2030-DD96-41E6-9B6F-CEFE61885115}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{C2D883B8-B0AA-43EC-881A-1483762C9F9F}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{1893868B-F020-4F74-ACA2-28DD5BDBB854}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
    FirewallRules: [{666A03AC-3887-4A1F-9F18-2E9104D4CDBD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
    FirewallRules: [{A7AC916C-6E22-4804-9B67-4BEAB1E3F404}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{94580575-B5B9-43D8-B139-DA8D45AD55C0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{F45D8355-D147-41F0-9F31-B588EE3E4FBF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\FORCED SHOWDOWN\forced_showdown.exe
    FirewallRules: [{E2670064-107E-4F8F-8649-EBE2B41485EE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\FORCED SHOWDOWN\forced_showdown.exe
    FirewallRules: [{7D5A986E-A784-4652-86CA-D7BC4ED0C9BD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AURION_GAME\AURION_GAME\Aurion.exe
    FirewallRules: [{2BF0AC97-CA8A-45DD-BE3D-CC28BCC58BFF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AURION_GAME\AURION_GAME\Aurion.exe
    FirewallRules: [{E12D611F-D5AD-4D75-A61A-339080D7E9D9}] => (Allow) E:\Program Files (x86)\Tunngle\TnglCtrl.exe
    FirewallRules: [{7FEC4349-C8CE-4AD0-9EB2-76CCBFA6267D}] => (Allow) E:\Program Files (x86)\Tunngle\TnglCtrl.exe
    FirewallRules: [{8C33AC43-98C0-4277-B48E-838C7DD9EADF}] => (Allow) E:\Program Files (x86)\Tunngle\Tunngle.exe
    FirewallRules: [{6849BEE1-D11F-403E-ADA1-1858307897E9}] => (Allow) E:\Program Files (x86)\Tunngle\Tunngle.exe
    FirewallRules: [TCP Query User{7B2F750B-72E5-401A-AE8D-2E58A279C15B}E:\games\ra2\gamemd.exe] => (Allow) E:\games\ra2\gamemd.exe
    FirewallRules: [UDP Query User{D6DA6C8A-FBE7-4204-BFBD-6D58515B1834}E:\games\ra2\gamemd.exe] => (Allow) E:\games\ra2\gamemd.exe
    FirewallRules: [{188E35BD-BC15-41D9-AB5C-AEE88226F924}] => (Allow) E:\Games\RA2\YURI.exe
    FirewallRules: [{0C8D30EB-EE83-4F4E-99F9-C02E7CC9041E}] => (Allow) E:\Games\RA2\YURI.exe
    FirewallRules: [{935F48E2-DE89-4191-A60A-2E9B630E9319}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe
    FirewallRules: [{496F7AEA-5BE0-42F5-8148-501E2C1956E8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe
    FirewallRules: [{BA7D1EB5-7A1A-4112-BCC2-0ED3F9236928}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
    FirewallRules: [{25A67340-4087-42A9-B455-1B3C9B6A9E14}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
    FirewallRules: [{2BC4E8D2-892B-4D08-A266-62D027F08F0D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

    ==================== Restore Points =========================

    ATTENTION: System Restore is disabled
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...