Solved Windows10 Malware Detected

studentoo · Dec 27, 2015

Hi
I have downloaded some trojan / malware.

When I realized what I have done I scaned my laptop wit several programs (I thought it was clean) and then upgraded from Win7 to Win10.

Unfortunetly there are still some malwares. I have tried several programs, I'm worried that it will spread truogh the lan to other computers.

Could you please help me with this:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-12-2015
Ran by 23 (2015-12-27 23:39:49)
Running from C:\Users\23\Desktop
Windows 10 Pro (X64) (2015-12-27 02:02:59)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

23 (S-1-5-21-2662073481-3153093023-2327895656-1000 - Administrator - Enabled) => C:\Users\23
Administrator (S-1-5-21-2662073481-3153093023-2327895656-500 - Administrator - Disabled)
Gość (S-1-5-21-2662073481-3153093023-2327895656-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2662073481-3153093023-2327895656-1002 - Limited - Enabled)
Konto domyślne (S-1-5-21-2662073481-3153093023-2327895656-503 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft)
ALLMediaServer (HKLM-x32\...\{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1) (Version: 0.95 - ALLCinema Ltd.)
ATI Catalyst Install Manager (HKLM\...\{0B759873-FB73-4F8B-DF06-D3ECC76341E6}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
Avast Premier (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Broadcom 2070 Bluetooth 2.1 + EDR (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl)
Eraser 6.2.0.2970 (HKLM\...\{58F37E51-2A83-49F3-9117-6005C63CF399}) (Version: 6.2.2970 - The Eraser Project)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{C5203A0C-91C4-40C4-9FEC-CCBDC1B76977}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{12407B47-A01F-4E7E-B00F-07B90BBB3EF4}) (Version: 4.0.18.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B11B6E26-63A4-4BB6-AA39-0AF758B26092}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50012.1 - Sonix)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.3 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
Kodi (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Kodi) (Version: - XBMC-Foundation)
LG One Click Root (HKLM-x32\...\{5085AFF1-777B-4052-85D1-59140D26DB28}) (Version: 1.3.0.0 - avicohh software)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
LGFlashTool 1.8.1.1023 (HKLM-x32\...\LGFlashTool) (Version: 1.8.1.1023 - LGE)
Livebrush Mini (HKLM-x32\...\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1) (Version: 1.5 - MoreMeYou)
Livebrush Mini (x32 Version: 1.5 - MoreMeYou) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.25.4.3 - Marvell)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MOBZync (HKLM\...\{417FF61C-66A9-4A76-8AF7-0E3994AC8C31}) (Version: 0.9.2 - MOBZystems)
Mozilla Firefox 43.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 pl)) (Version: 43.0.2 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.7 - Notepad++ Team)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Popcorn Time (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Popcorn Time) (Version: - Popcorn Official)
Remotr version 1.1.1193 (HKLM-x32\...\Remotr_is1) (Version: 1.1.1193 - RemoteMyApp sp. z o.o.)
RICOH Media Driver (HKLM-x32\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.14.00.05 - RICOH)
SafeZone Stable 1.46.1990.139 (x32 Version: 1.46.1990.139 - Avast Software) Hidden
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Spotify (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.10 - StepMania)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
The Neverhood (HKLM-x32\...\DreamWorks Interactive: Neverhood) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vhd Resizer (HKLM-x32\...\{8FAA57C5-7BD1-4285-B4B1-36D7337D7BE5}) (Version: 1.0.42 - Xcarab)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WhereIsIt? 2014 (HKLM-x32\...\whereisit-wii_is1) (Version: 2014 - Robert Galle)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\7E38E30BB92ED94B21CF062A7386554CBA991FEB) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WizMouse v1.7.0.3 (HKLM-x32\...\WizMouse_is1) (Version: - Antibody Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2662073481-3153093023-2327895656-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-2662073481-3153093023-2327895656-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\23\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {043A8CDB-EB29-4258-BA0A-716AA4CE905E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {14AF0024-1904-4BC1-9618-B008BAFBE17A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {21129813-41A9-48DB-A9B9-B95C05C208CF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2599B8CF-2FAB-44E5-A753-E154D8FC9465} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {2FEF91EB-FF8E-4130-A9B6-26D515B1BB29} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {303B5590-0A8F-4842-A644-05F37CA2A35D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {315A3CF3-8770-4553-A69A-CA050A17D870} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {348393A3-AE90-4892-A74E-8D9858DECC1E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {35DB8F60-F718-42BF-B82F-A06AD3D554AF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {361E75C5-235D-4B15-BDC1-FDFC6DDD26C1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {3754170A-A0EE-4487-A91C-A4A21091F00C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-26] (AVAST Software)
Task: {37D62E5A-FC68-43D9-9F61-F80772C62260} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3AB6AAD0-E163-432D-90E2-D0D663D0C667} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {495F9580-648D-4F63-9E3D-642B5E890F33} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {4A5E042C-85C4-4FC5-AE63-D8D1878ECDFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {4C372658-AA9A-4CFC-ABD3-1EE8DEDEBE8F} - System32\Tasks\{65D2175E-5627-4599-AAAB-37B6B9C9AD0E} => pcalua.exe -a "C:\Users\23\Desktop\hp 6450b\x64\sp48629.exe" -d "C:\Users\23\Desktop\hp 6450b\x64"
Task: {4DF8ACEB-D8CF-4714-A64A-6F01148AA39A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {52677D9B-2D1A-49B5-B3DF-2683E257A77D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {54700F58-157A-4EE4-AF8D-147FF02C6F4D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {54F9E58E-3C03-431C-84E7-361DDF928F83} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {590F9432-6279-47C0-98D8-B78732520FA6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {5A874523-BC55-4BCA-8795-F68BD388C76A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {608361FB-3B25-4AE8-A9C7-1A72D06B12F3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {61F797FD-1C9D-4390-A002-45E48C02B081} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {65D38ACC-7B6E-4E5A-AA59-BB62ED5524AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {68D32361-6378-4378-8DA3-3D90A5C22028} - System32\Tasks\SafeZone scheduled Autoupdate 1451159433 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2015-12-01] (Avast Software)
Task: {69833916-CB17-421F-BF7B-0F4EF39D1A18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {6AA4E7E0-E9CC-494C-9FA4-5D247EF4823B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6CAB0F94-8DB7-4F37-B57F-87C461B3615C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {6D11591E-BC53-412E-805B-F88CAE90DE6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {6D3CDC83-1097-47CE-9AB5-27F1BF65162F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {738E7C0E-FAC2-4E7F-8DDA-507FC8A8E1EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7726AA0A-623A-43A6-9A20-B0366A872663} - System32\Tasks\WizMouse => C:\Program Files (x86)\WizMouse\WizMouseLaunch.exe [2013-09-22] ()
Task: {791EA26C-0569-4B5E-8559-5B53B14CF946} - System32\Tasks\{726D87C0-5922-49AB-93A0-F8E8FB98E173} => pcalua.exe -a "E:\hp 6450b\siec\sp49604.exe" -d "E:\hp 6450b\siec"
Task: {87DA5593-C75A-4558-9B70-9A2E23357599} - System32\Tasks\{5E013C0A-B422-4470-ABB6-88BB24CD5FBA} => pcalua.exe -a E:\Windows\setup.exe -d E:\
Task: {99E2CE6B-6C87-47AD-A978-FDDAE7176CEE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9B8DFF25-C945-4831-A49D-BDECA9D6586B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {A6681B35-C88A-42D1-849A-08CC39AFC5FA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {B0C1C514-887C-4A5D-A7DC-C3FEF46C240F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {B4880015-92C2-41D2-B2F3-29BF33270597} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {BB03729A-79D1-4134-8C1C-4207596D190A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C5C3855F-AD07-46F6-B123-1EEBD3F3B886} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C8A46762-5058-4000-AB5C-3B60737F52BC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {CF89BB85-3FBB-4D4E-843A-2B9F664A8B97} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {D493B7D6-E81E-4E4D-8205-A70E3621FD70} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DF67D783-7750-4640-A822-F713E86B4688} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-11] (Adobe Systems Incorporated)
Task: {E2E969E0-8C9A-4EA0-B7E0-36457DA04F74} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {E66B45FD-9B01-4B98-BF84-D35A5B7311B4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {EACA238C-BC7D-4A8B-817B-65DD2981431A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {EC0A8CD7-A65B-41DF-99BB-1EF987319E45} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {F2BDEC53-A1F1-4CB4-AD51-614C04A518A7} - System32\Tasks\{32264559-94A2-4573-9582-AE9879343630} => E:\SETUP.EXE
Task: {F5A9D4AD-72AC-4AA7-973C-E6FC7D24910C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {FB61947F-4637-41B9-BF7A-CFEE44F7338D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {FBC6E54C-6DCB-45FB-8102-9FEF30EE6C7B} - System32\Tasks\HPCeeScheduleFor23 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFor23.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-09-10 06:11 - 2015-09-10 06:11 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 06:12 - 2015-09-10 06:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-05-11 08:12 - 2015-05-11 08:12 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-24 20:41 - 2013-09-22 09:27 - 00119000 _____ () C:\Program Files (x86)\WizMouse\wizmouse.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-16 10:39 - 2012-10-16 10:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2015-12-27 13:36 - 2015-12-27 13:37 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-12-27 13:36 - 2015-12-27 13:37 - 11542016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-12-27 13:34 - 2015-12-27 13:34 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-26 20:49 - 2015-12-26 20:49 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122601\algo.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-18 16:51 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-05-01 15:15 - 2014-05-01 15:15 - 00463360 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2015-06-08 20:06 - 2015-06-08 20:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\08780756.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\08780756.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-08-31 21:27 - 00001132 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 62.179.1.63 - 62.179.1.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{2695EDC8-83CE-4B9D-9206-5CF0F596159D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4F1DE0F4-9F7C-43F2-B857-5756E8A7BC42}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [UDP Query User{34C8AC1F-B90A-404F-95CA-50ADADC9DA4E}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{248439DD-96A2-48BA-B7A1-419804CC9837}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{745C39D6-0975-4A6F-B077-B78CA3DAD67B}C:\games\stepmania 5\program\stepmania.exe] => (Allow) C:\games\stepmania 5\program\stepmania.exe
FirewallRules: [TCP Query User{EF8F3AD4-3B97-4B18-8269-D76D61DEFA42}C:\games\stepmania 5\program\stepmania.exe] => (Allow) C:\games\stepmania 5\program\stepmania.exe
FirewallRules: [{9BE691F5-4755-4AA2-A9CE-815ECB8F811C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{1CDFEA42-C01E-4EDD-AFFE-1C4735523E5A}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2110E87F-0C6C-4C8D-818F-8028E383AA81}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{60DC2009-51BB-4FB4-AEE1-B2F1B17C2E83}C:\program files (x86)\allmediaserver\mediaserver.exe] => (Allow) C:\program files (x86)\allmediaserver\mediaserver.exe
FirewallRules: [TCP Query User{B80E71B4-56AA-421B-917E-0ECB957A3B84}C:\program files (x86)\allmediaserver\mediaserver.exe] => (Allow) C:\program files (x86)\allmediaserver\mediaserver.exe
FirewallRules: [UDP Query User{D2BBA839-80DF-4204-8399-AC5DAA217BBC}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{BD990FAE-1B23-497C-99EB-BB3535A0E770}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{55A0B510-7580-4942-94F6-9C4AEC0C27A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3EC1A5A-1872-4CB8-B604-241C8C39936B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{07E476E9-CFE3-45CD-AFB0-1E6B2923201B}C:\users\23\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\23\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{D179683E-ECF0-44BC-9E25-9083BDDD414F}C:\users\23\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\23\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{E19BE58E-8635-4997-9997-17EF44C8FFEC}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{01ABBF5E-0D3F-4592-998F-90F45E78576F}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{A5109255-B936-4E62-9716-8502362800A5}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{D9FC9CAC-95CA-4FC7-A1E1-CD510969CDC6}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{D8347BE4-211D-45A6-9E99-66AE2EF78F45}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{73754E23-DFF9-4466-B809-B458F1E50D38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2977CF66-02D3-4B87-BA86-11237763A91C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1E31CB89-BCDC-40FF-80AD-2D6E870FFE41}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4BC88EA-67B9-4EEC-8B9B-7150E1387429}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{66114C3E-E80A-4155-9867-CCBF6818F85E}] => (Allow) C:\Users\23\AppData\Local\Temp\nspA25.tmp\Installer-76060148.exe
FirewallRules: [{19C9CDB7-1B7D-4CB5-937F-D78E4BEBCA96}] => (Allow) C:\Users\23\AppData\Local\Temp\nspA25.tmp\Installer-76060148.exe
FirewallRules: [{0E3F70DA-F447-4FCA-AE0C-62AF79557A8F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{07B5B969-A07C-4E0C-ACEE-FD61733F7D85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5BB547C4-89C0-4DDB-A5F6-A48D3820CF01}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4B545A52-8C65-4921-97E2-205B40CFE508}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A4265CF3-2585-44E8-AD08-2C0CE2C78140}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8B1742AA-2474-444D-B94E-612126B76709}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4404E19C-EFB4-48ED-AECD-3427ECA97568}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{34D5CD25-0796-4CE4-A314-54375C5AADA2}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/27/2015 02:45:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0xbc0
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5

Error: (12/27/2015 02:45:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0xbec
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5

Error: (12/27/2015 02:45:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 23-Komputer)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (12/27/2015 02:45:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x6c8
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5

Error: (12/27/2015 02:44:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x94c
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5

Error: (12/27/2015 02:44:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x784
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5

Error: (12/27/2015 02:44:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 23-Komputer)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (12/27/2015 02:44:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x450
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5

Error: (12/27/2015 02:44:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x258
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5

Error: (12/27/2015 02:44:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 23-Komputer)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

System errors:
=============
Error: (12/27/2015 11:22:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Adapter odbiornika Net.Tcp zależy od usługi Usługa udostępniania portów Net.Tcp, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (12/27/2015 11:22:22 PM) (Source: DCOM) (EventID: 10010) (User: 23-Komputer)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (12/27/2015 11:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dostęp do danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/27/2015 11:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Magazyn danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/27/2015 11:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dane kontaktowe_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/27/2015 11:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Synchronizuj hosta_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/27/2015 02:45:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Adapter odbiornika Net.Tcp zależy od usługi Usługa udostępniania portów Net.Tcp, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (12/27/2015 02:45:20 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT)
Description: 1084dpsNiedostępny{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (12/27/2015 02:45:07 PM) (Source: DCOM) (EventID: 10005) (User: 23-Komputer)
Description: 1084ShellHWDetectionNiedostępny{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (12/27/2015 02:45:04 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT)
Description: 1084dpsNiedostępny{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU M 640 @ 2.80GHz
Percentage of memory in use: 62%
Total physical RAM: 3887.43 MB
Available physical RAM: 1450.46 MB
Total Virtual: 7855.43 MB
Available Virtual: 5229.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.85 GB) (Free:142.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: DC3E8E25)
Partition 1: (Active) - (Size=283 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

studentoo · Dec 27, 2015

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-12-2015
Ran by 23 (administrator) on 23-KOMPUTER (27-12-2015 23:39:12)
Running from C:\Users\23\Desktop
Loaded Profiles: 23 (Available Profiles: 23 & DefaultAppPool)
Platform: Windows 10 Pro (X64) Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(RemoteMyApp sp. z o.o.) C:\Program Files (x86)\Remotr\RemotrService.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files (x86)\WizMouse\WizMouse.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Spotify Ltd) C:\Users\23\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15731.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Users\23\Downloads\aswmbr.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\23\Desktop\EnglishFRST64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2015-12-27] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [489472 2015-12-27] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074088 2015-09-03] (The Eraser Project)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111488 2012-10-25] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-26] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Run: [Spotify Web Helper] => C:\Users\23\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-18] (Spotify Ltd)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-26] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62
Tcpip\..\Interfaces\{58298876-790e-4a3a-a79c-5932a9fe9347}: [DhcpNameServer] 62.179.1.63 62.179.1.62
Tcpip\..\Interfaces\{c81e9160-154d-44f4-ab75-883bc2b20657}: [DhcpNameServer] 62.179.1.63 62.179.1.62

Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-26] (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-26] (AVAST Software)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)

FireFox:
========
FF ProfilePath: C:\Users\23\AppData\Roaming\Mozilla\Firefox\Profiles\j6u10kzu.default-1451172253476
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-11] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2662073481-3153093023-2327895656-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Extension: Adblock Plus - C:\Users\23\AppData\Roaming\Mozilla\Firefox\Profiles\j6u10kzu.default-1451172253476\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-27]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-09-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-26]

Chrome:
=======
CHR Profile: C:\Users\23\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-31]
CHR Extension: (Dysk Google) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Google Search) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-05]
CHR Extension: (Avast Online Security) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-27]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-31]
CHR Extension: (Gmail) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-31]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-26]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-26] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109520 2015-12-26] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5561368 2015-12-26] (Avast Software)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-13] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Remotr Service; C:\Program Files (x86)\Remotr\RemotrService.exe [181328 2015-12-11] (RemoteMyApp sp. z o.o.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-12-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-26] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [466400 2015-12-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-26] (AVAST Software)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [147088 2015-12-26] (AVAST Software)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [310904 2015-12-26] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 aswMBR; C:\Users\23\AppData\Local\Temp\aswMBR.sys [62728 2015-12-27] () [File not signed]
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

studentoo · Dec 27, 2015

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-27 23:39 - 2015-12-27 23:39 - 00017779 _____ C:\Users\23\Desktop\FRST.txt
2015-12-27 23:34 - 2015-12-27 23:34 - 00002008 _____ C:\Users\23\Desktop\aswMBR.txt
2015-12-27 23:34 - 2015-12-27 23:34 - 00000512 _____ C:\Users\23\Desktop\MBR.dat
2015-12-27 23:32 - 2015-12-27 23:32 - 05200384 _____ (AVAST Software) C:\Users\23\Downloads\aswmbr.exe
2015-12-27 23:29 - 2015-12-27 23:29 - 00016148 _____ C:\WINDOWS\system32\23-KOMPUTER_23_HistoryPrediction.bin
2015-12-27 23:22 - 2015-12-27 23:30 - 01963470 _____ C:\TDSSKiller.3.1.0.9_27.12.2015_23.22.54_log.txt
2015-12-27 23:16 - 2015-12-27 23:17 - 64118784 _____ C:\Users\23\Downloads\Synology Cloud Station-3.2-3497.msi
2015-12-27 22:48 - 2015-12-27 22:48 - 00000000 ____D C:\Users\23\AppData\Local\PeerDistRepub
2015-12-27 22:44 - 2015-12-27 22:44 - 02738112 _____ (Sunrise Software ) C:\Users\23\Downloads\Sunrise_Seven_1.2.build.61.signed.exe
2015-12-27 22:23 - 2015-12-27 23:39 - 00000000 ____D C:\FRST
2015-12-27 22:22 - 2015-12-27 22:23 - 02370560 _____ (Farbar) C:\Users\23\Desktop\EnglishFRST64.exe
2015-12-27 20:48 - 2015-12-27 20:48 - 95364424 _____ (Kaspersky Lab ZAO) C:\Users\23\Downloads\KVRT.exe
2015-12-27 20:28 - 2015-12-27 20:28 - 217812536 _____ (COMODO) C:\Users\23\Downloads\cmd_fw_installer_6113_c7.exe.part
2015-12-27 20:26 - 2015-12-27 23:22 - 00004298 _____ C:\TDSSKiller.3.1.0.9_27.12.2015_20.26.22_log.txt
2015-12-27 19:55 - 2015-12-27 19:55 - 08883992 _____ (PortableApps.com) C:\Users\23\Downloads\ClamWinPortable_0.98.7_English.paf.exe
2015-12-27 19:55 - 2015-12-27 19:55 - 00000000 ____D C:\Users\23\Downloads\ClamWinPortable
2015-12-27 19:39 - 2015-12-27 19:39 - 00000541 _____ C:\Users\23\Documents\Dysk lokalny (C) — skrót.lnk
2015-12-27 14:47 - 2015-12-27 14:47 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Ustawienia lokalne
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Szablony
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Moje dokumenty
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Menu Start
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moje wideo
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moje obrazy
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moja muzyka
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Dane aplikacji
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Historia
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Dane aplikacji
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 ____D C:\Users\DefaultAppPool
2015-12-27 14:47 - 2015-12-27 02:44 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2015-12-27 14:47 - 2015-12-27 02:44 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2015-12-27 14:47 - 2015-12-27 02:44 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2015-12-27 13:59 - 2015-12-27 13:59 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-12-27 13:58 - 2015-12-27 13:58 - 00000000 ____D C:\WINDOWS\pss
2015-12-27 03:05 - 2015-12-27 03:06 - 00002443 _____ C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-27 03:05 - 2015-12-27 03:06 - 00000000 ___RD C:\Users\23\OneDrive
2015-12-27 03:05 - 2015-12-27 03:05 - 00000000 ____D C:\Users\23\AppData\Local\Comms
2015-12-27 03:03 - 2015-12-27 14:56 - 00000000 ____D C:\Users\23\AppData\Local\Packages
2015-12-27 03:03 - 2015-12-27 03:03 - 00000020 ___SH C:\Users\23\ntuser.ini
2015-12-27 03:03 - 2015-12-27 03:03 - 00000000 ____D C:\Users\23\AppData\Local\TileDataLayer
2015-12-27 03:03 - 2015-12-27 03:03 - 00000000 ____D C:\Users\23\AppData\Local\Publishers
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Ustawienia lokalne
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Szablony
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Moje dokumenty
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Menu Start
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Documents\Moje wideo
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Documents\Moje obrazy
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Documents\Moja muzyka
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Dane aplikacji
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historia
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dane aplikacji
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\Documents\Moje wideo
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\Documents\Moje obrazy
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\Documents\Moja muzyka
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historia
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dane aplikacji
2015-12-27 02:47 - 2015-12-27 02:47 - 00023044 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-27 02:44 - 2015-12-27 02:44 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-12-27 02:43 - 2015-12-27 02:43 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-12-27 02:42 - 2015-12-27 23:27 - 02119218 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-27 02:42 - 2015-12-27 03:05 - 00000000 ____D C:\Users\23
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Ustawienia lokalne
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Szablony
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Moje dokumenty
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Menu Start
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Documents\Moje wideo
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Documents\Moje obrazy
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Documents\Moja muzyka
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Dane aplikacji
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\AppData\Local\Historia
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\AppData\Local\Dane aplikacji
2015-12-27 02:41 - 2015-12-27 02:45 - 00000000 ____D C:\Program Files\IDT
2015-12-27 02:41 - 2015-12-27 02:41 - 02023640 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-12-27 02:41 - 2015-12-27 02:41 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2015-12-27 02:41 - 2015-12-27 02:41 - 00001722 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDT HD Audio.lnk
2015-12-27 02:41 - 2015-12-27 02:41 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-12-27 02:41 - 2015-12-27 02:41 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-12-27 02:41 - 2015-12-27 02:41 - 00000000 ____D C:\Program Files\Synaptics
2015-12-27 02:41 - 2015-12-27 02:41 - 00000000 ____D C:\Program Files\LSI SoftModem
2015-12-27 02:41 - 2015-12-27 01:29 - 12861952 _____ (IDT, Inc.) C:\WINDOWS\system32\idtcpl64.cpl
2015-12-27 02:41 - 2015-12-27 01:29 - 01952256 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2015-12-27 02:41 - 2015-12-27 01:29 - 00489472 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2015-12-27 02:41 - 2015-12-27 01:29 - 00442368 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTEC64.dll
2015-12-27 02:41 - 2015-12-27 01:29 - 00162816 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAC64.dll
2015-12-27 02:41 - 2015-12-27 01:29 - 00090624 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTCo64.dll
2015-12-27 02:41 - 2015-12-27 01:29 - 00068608 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAR64.dll
2015-12-27 02:39 - 2015-12-27 03:02 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-27 02:36 - 2015-12-27 02:36 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-12-27 02:36 - 2015-12-27 02:36 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-12-27 02:36 - 2015-12-27 02:36 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-12-27 02:36 - 2015-12-27 02:36 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-27 02:36 - 2015-12-27 02:36 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-27 02:36 - 2015-12-27 02:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-27 02:36 - 2015-12-27 02:36 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-12-27 02:36 - 2015-12-27 02:36 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-27 02:33 - 2015-12-27 02:33 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-27 02:31 - 2015-12-27 02:45 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\Program Files\MSBuild
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\inetpub

studentoo · Dec 27, 2015

2015-12-27 02:31 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-27 02:31 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-27 02:31 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-27 02:31 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-27 02:31 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-27 02:31 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-27 01:52 - 2015-12-27 02:47 - 00003274 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFor23
2015-12-27 01:52 - 2015-12-27 02:47 - 00000320 _____ C:\WINDOWS\Tasks\HPCeeScheduleFor23.job
2015-12-27 01:51 - 2015-12-27 01:51 - 08507392 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\NETwNs64.sys
2015-12-27 01:49 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
2015-12-27 01:49 - 2015-12-27 01:49 - 00000000 ____D C:\ProgramData\ytd video downloader
2015-12-27 01:49 - 2015-12-27 01:49 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2015-12-27 01:46 - 2015-12-27 20:20 - 00000000 ____D C:\Users\23\Desktop\Inbox
2015-12-27 01:37 - 2015-12-27 01:37 - 01379376 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-12-27 01:37 - 2015-12-27 01:37 - 00400168 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00270632 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCtrl.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00215336 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00214312 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCtrl.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00173352 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCOM.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00147752 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo4.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00107816 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynTPCOM.dll
2015-12-27 01:35 - 2015-12-27 01:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_AMPPAL_01009.Wdf
2015-12-27 01:35 - 2015-12-27 01:35 - 00000000 ____D C:\Program Files\Intel
2015-12-27 01:34 - 2015-12-27 01:33 - 03381008 _____ (Intel Corporation) C:\WINDOWS\system32\Netwrw00.dll
2015-12-27 01:34 - 2015-12-27 01:33 - 00885520 _____ (Intel Corporation) C:\WINDOWS\system32\Netwcw00.dll
2015-12-27 01:31 - 2015-12-27 13:59 - 00000000 ____D C:\AdwCleaner
2015-12-27 01:31 - 2011-05-04 17:20 - 00340656 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e1k62x64.sys
2015-12-27 01:31 - 2011-04-08 01:27 - 00094912 _____ (Intel Corporation) C:\WINDOWS\system32\NicInstK.dll
2015-12-27 01:31 - 2011-04-08 01:14 - 00068264 _____ (Intel Corporation) C:\WINDOWS\system32\e1kmsg.dll
2015-12-27 01:31 - 2009-10-09 11:43 - 00003143 _____ C:\WINDOWS\system32\e1k62x64.din
2015-12-27 01:31 - 2009-05-26 10:05 - 00036472 _____ (Intel Corporation) C:\WINDOWS\system32\NicCo36.dll
2015-12-27 01:30 - 2015-12-27 13:59 - 01743360 _____ C:\Users\23\Desktop\AdwCleaner.exe
2015-12-27 01:29 - 2015-12-27 01:29 - 01484288 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2015-12-27 01:29 - 2015-12-27 01:29 - 00651264 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2015-12-27 01:29 - 2015-12-27 01:29 - 00515584 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2015-12-27 01:29 - 2015-12-27 01:29 - 00431616 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll
2015-12-27 01:29 - 2015-12-27 01:29 - 00219648 _____ (IDT, Inc.) C:\WINDOWS\system32\staco64.dll
2015-12-27 01:23 - 2015-12-27 01:52 - 00000000 ____D C:\Users\23\AppData\Local\Hewlett-Packard
2015-12-27 01:22 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-12-27 01:21 - 2015-12-27 01:48 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-12-27 01:20 - 2015-12-27 01:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-12-27 00:21 - 2015-12-27 00:21 - 19733696 _____ (Microsoft Corporation) C:\Users\23\Downloads\MediaCreationToolx64.exe
2015-12-27 00:21 - 2015-12-27 00:21 - 00000000 ___HD C:\$Windows.~WS
2015-12-27 00:00 - 2015-12-27 00:00 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urządzenia interfejsu Bluetooth
2015-12-26 22:39 - 2015-12-27 14:01 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-26 22:39 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-26 22:39 - 2015-12-26 22:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-26 22:39 - 2015-12-26 22:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-26 22:39 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-26 22:39 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-26 22:39 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-26 22:36 - 2015-12-26 23:55 - 00882346 _____ C:\WINDOWS\ntbtlog.txt
2015-12-26 21:49 - 2015-12-27 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-12-26 21:49 - 2015-12-27 14:47 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-12-26 21:13 - 2015-12-27 02:43 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-12-26 20:50 - 2015-12-27 02:47 - 00003216 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1451159433
2015-12-26 20:50 - 2015-12-26 20:50 - 00001037 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2015-12-26 20:50 - 2015-12-26 20:50 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2015-12-26 20:49 - 2015-12-26 20:49 - 00147088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
2015-12-26 20:49 - 2015-12-26 20:49 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-12-26 20:49 - 2015-12-26 20:46 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-26 20:47 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-26 20:47 - 2015-12-26 20:47 - 00000000 ____D C:\Users\23\AppData\Roaming\AVAST Software
2015-12-26 20:46 - 2015-12-27 03:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2015-12-26 20:46 - 2015-12-27 02:47 - 00004292 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-26 20:46 - 2015-12-26 20:46 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-26 20:46 - 2015-12-26 20:45 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-26 20:45 - 2015-12-26 20:45 - 00466400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-12-26 20:45 - 2015-12-26 20:45 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-12-26 20:44 - 2015-12-26 20:49 - 00000000 ____D C:\Program Files\AVAST Software
2015-12-26 20:43 - 2015-12-26 20:49 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-26 20:43 - 2015-12-26 20:43 - 05037264 _____ (AVAST Software) C:\Users\23\Downloads\avast_premier_antivirus_setup_online.exe
2015-12-26 20:38 - 2015-12-26 20:39 - 00398376 _____ C:\Users\23\Downloads\chaggington-veselie-parovoziki--chuggington-s01-04-01-118-iz-118-2008-2014-dvdrip-bdrip--litcenziya.exe
2015-12-26 20:34 - 2015-12-26 20:34 - 00398376 _____ C:\Users\23\Downloads\krot--krtek--62-serii-zhdanek-miler--zdenek-miler-1957-g.exe
2015-12-24 14:09 - 2015-12-26 21:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-23 14:54 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Where Is It
2015-12-23 14:54 - 2015-12-23 15:21 - 00000000 ____D C:\Users\23\Documents\WhereIsIt Catalogs
2015-12-23 14:54 - 2015-12-23 14:54 - 00000000 ____D C:\ProgramData\WhereIsIt
2015-12-23 14:54 - 2015-12-23 14:54 - 00000000 ____D C:\Program Files (x86)\WhereIsIt
2015-12-23 14:53 - 2015-12-23 14:53 - 08417936 _____ (WhereIsIt Soft ) C:\Users\23\Downloads\WhereIsIt-2014-Setup.exe
2015-12-23 13:05 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pathsync
2015-12-23 13:05 - 2015-12-23 13:05 - 00155403 _____ C:\Users\23\Downloads\pathsync04BETA-install.exe
2015-12-23 13:05 - 2015-12-23 13:05 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pathsync
2015-12-23 13:05 - 2015-12-23 13:05 - 00000000 ____D C:\Program Files (x86)\PathSync
2015-12-23 13:01 - 2015-12-23 13:01 - 00002683 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBZync.lnk
2015-12-23 13:01 - 2015-12-23 13:01 - 00000000 ____D C:\Program Files\MOBZystems
2015-12-23 13:00 - 2015-12-23 13:00 - 00483328 _____ C:\Users\23\Downloads\MOBZyncSetup 0.9.2 (64-bit).msi
2015-12-21 10:49 - 2015-12-21 10:52 - 323598164 _____ C:\Users\23\Downloads\Strawberry Steps.zip
2015-12-21 10:45 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania 5.0.10
2015-12-21 10:45 - 2015-12-21 10:45 - 00000000 ____D C:\Users\23\AppData\Roaming\StepMania 5
2015-12-21 10:45 - 2015-12-21 10:45 - 00000000 ____D C:\Games
2015-12-21 10:44 - 2015-12-21 10:44 - 56616889 _____ C:\Users\23\Downloads\STEPMANIA sierpień 2012.zip
2015-12-21 10:42 - 2015-12-21 10:42 - 51592682 _____ C:\Users\23\Downloads\StepMania-5.0.10-win32.exe
2015-12-17 23:03 - 2015-12-17 23:03 - 00012592 _____ C:\Users\23\Downloads\[KinoGB.net]torrent_252261.torrent
2015-12-11 21:22 - 2015-12-11 21:22 - 00011890 _____ C:\Users\23\Downloads\[kat.cr]peppa.pig.series.4.eps.1.13.torrent
2015-12-11 21:13 - 2015-12-11 21:13 - 00000000 ____D C:\22e07cf1319afcec20f070
2015-12-08 22:31 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-12-08 22:30 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2015-12-08 22:30 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-12-08 22:30 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-12-05 21:06 - 2015-12-05 21:06 - 293988966 _____ C:\Users\23\Downloads\20151115_184837.mp4
2015-12-04 00:18 - 2015-12-04 00:18 - 00000218 _____ C:\Users\23\AppData\Local\recently-used.xbel
2015-12-04 00:17 - 2015-12-04 00:17 - 00000000 ____D C:\Users\23\AppData\Roaming\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1
2015-12-04 00:17 - 2015-12-04 00:17 - 00000000 ____D C:\Users\23\AppData\Roaming\com.livebrush
2015-12-04 00:08 - 2015-12-04 00:08 - 00000034 _____ C:\Users\23\AppData\Roaming\AdobeWLCMCache.dat
2015-12-03 23:57 - 2015-12-03 23:57 - 00000000 ____D C:\Users\23\AppData\Local\fontconfig
2015-12-03 23:56 - 2015-12-03 23:56 - 00000000 ____D C:\Users\23\AppData\Roaming\inkscape
2015-12-03 23:49 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.91
2015-12-03 23:49 - 2015-12-03 23:49 - 00000000 ____D C:\Users\23\AppData\Roaming\wacomid-desktop-launcher
2015-12-03 23:49 - 2015-12-03 23:49 - 00000000 ____D C:\Program Files\Inkscape
2015-12-03 23:48 - 2015-12-03 23:48 - 97868152 _____ C:\Users\23\Downloads\inkscape-0.91-x64.msi
2015-12-03 23:16 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____D C:\Users\23\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____D C:\Users\23\AppData\Roaming\Wacom
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____D C:\ProgramData\Wacom
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-03 23:15 - 2015-12-27 02:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2015-12-03 23:15 - 2015-12-03 23:16 - 00000000 ____D C:\Program Files (x86)\Bamboo Dock
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\Users\23\AppData\Roaming\WTablet
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\Program Files\TabletPlugins
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\Program Files\Tablet
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2015-12-03 23:15 - 2014-01-13 07:24 - 01913624 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Tablet.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01906968 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Touch_Tablet.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01780504 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\WacomMT.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01778968 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wintab32.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01551640 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Tablet.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01544472 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Touch_Tablet.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01432344 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\WacomMT.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01428248 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wintab32.dll
2015-11-29 23:17 - 2015-11-29 23:17 - 03420244 _____ (OpenSubtitles.org ) C:\Users\23\Downloads\OSDownloader.exe
2015-11-29 15:29 - 2015-11-29 15:32 - 00000765 _____ C:\Users\23\Desktop\keymap.xml
2015-11-29 15:26 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-11-29 15:26 - 2015-11-29 15:27 - 00000000 ____D C:\Users\23\AppData\Roaming\Notepad++
2015-11-29 15:26 - 2015-11-29 15:26 - 04119231 _____ C:\Users\23\Downloads\npp.6.8.7.Installer.exe
2015-11-29 15:26 - 2015-11-29 15:26 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-11-29 15:26 - 2015-11-29 15:26 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-11-29 15:24 - 2015-11-29 15:24 - 06539752 _____ (Tim Kosse) C:\Users\23\Downloads\FileZilla_3.14.1_win64-setup.exe
2015-11-29 14:37 - 2015-11-29 14:37 - 01756942 _____ C:\Users\23\Downloads\TS - Etap_I(1).pdf
2015-11-28 09:40 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-11-28 09:40 - 2015-11-28 09:45 - 00000000 ____D C:\Users\23\AppData\Roaming\Foxit Software
2015-11-28 09:40 - 2015-11-28 09:40 - 00000000 ____D C:\Users\Public\Foxit Software
2015-11-28 09:40 - 2015-11-28 09:40 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2015-11-28 09:39 - 2015-11-28 09:39 - 00000056 _____ C:\Users\Public\Documents\pre_fileassoc.tmp
2015-11-28 09:37 - 2015-11-28 09:38 - 39170360 _____ (Foxit Software Inc. ) C:\Users\23\Downloads\FoxitReader728.1124_prom_enu_Setup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-27 23:32 - 2014-08-14 12:09 - 00001048 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-27 23:27 - 2015-09-10 06:09 - 00918262 _____ C:\WINDOWS\system32\perfh015.dat
2015-12-27 23:27 - 2015-09-10 06:09 - 00202138 _____ C:\WINDOWS\system32\perfc015.dat
2015-12-27 23:27 - 2015-07-30 23:40 - 00000000 ____D C:\WINDOWS\INF
2015-12-27 23:23 - 2015-08-24 20:42 - 00002754 _____ C:\WINDOWS\System32\Tasks\WizMouse
2015-12-27 23:22 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-27 23:22 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-12-27 23:22 - 2014-08-14 12:09 - 00001044 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-27 23:20 - 2014-08-14 12:01 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-27 22:24 - 2015-07-10 10:47 - 00000000 ____D C:\Windows
2015-12-27 20:40 - 2015-08-25 20:14 - 00000000 ____D C:\Download
2015-12-27 19:43 - 2015-09-09 20:01 - 00000000 ____D C:\_Private
2015-12-27 15:45 - 2015-07-30 23:42 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-27 15:01 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-27 14:56 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-27 13:56 - 2015-07-30 22:49 - 05011968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-27 13:32 - 2015-08-30 13:06 - 00000000 ____D C:\Users\23\AppData\Roaming\vlc
2015-12-27 03:22 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-27 03:03 - 2015-09-10 06:57 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-27 02:49 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-12-27 02:48 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Windows NT
2015-12-27 02:47 - 2015-09-16 00:10 - 00003200 _____ C:\WINDOWS\System32\Tasks\{5E013C0A-B422-4470-ABB6-88BB24CD5FBA}
2015-12-27 02:47 - 2015-09-06 09:44 - 00003042 _____ C:\WINDOWS\System32\Tasks\{32264559-94A2-4573-9582-AE9879343630}
2015-12-27 02:47 - 2015-08-24 21:24 - 00010449 _____ C:\WINDOWS\diagerr.xml
2015-12-27 02:47 - 2015-08-24 21:24 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-12-27 02:47 - 2015-07-30 23:42 - 00000000 __RSD C:\WINDOWS\Media
2015-12-27 02:47 - 2015-07-30 23:42 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-27 02:47 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Registration
2015-12-27 02:47 - 2014-08-14 12:09 - 00004154 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-27 02:47 - 2014-08-14 12:09 - 00003902 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-27 02:47 - 2014-08-14 12:01 - 00003978 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-27 02:47 - 2013-12-19 09:45 - 00003250 _____ C:\WINDOWS\System32\Tasks\{726D87C0-5922-49AB-93A0-F8E8FB98E173}
2015-12-27 02:47 - 2013-12-18 16:53 - 00003314 _____ C:\WINDOWS\System32\Tasks\{65D2175E-5627-4599-AAAB-37B6B9C9AD0E}
2015-12-27 02:45 - 2015-11-23 01:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLMediaServer
2015-12-27 02:45 - 2015-11-22 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-12-27 02:45 - 2015-11-11 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
2015-12-27 02:45 - 2015-10-28 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGFlashTool
2015-12-27 02:45 - 2015-10-20 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG One Click Root
2015-12-27 02:45 - 2015-10-19 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2015-12-27 02:45 - 2015-10-14 00:06 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-12-27 02:45 - 2015-09-26 17:24 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-12-27 02:45 - 2015-09-26 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl
2015-12-27 02:45 - 2015-09-22 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter
2015-12-27 02:45 - 2015-09-22 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2015-12-27 02:45 - 2015-09-21 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2015-12-27 02:45 - 2015-09-15 23:54 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vmToolkit
2015-12-27 02:45 - 2015-09-15 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remotr
2015-12-27 02:45 - 2015-09-11 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2015-12-27 02:45 - 2015-09-10 06:29 - 00000000 ____D C:\WINDOWS\ShellNew
2015-12-27 02:45 - 2015-09-08 00:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-27 02:45 - 2015-09-06 09:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DreamWorks
2015-12-27 02:45 - 2015-08-30 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-27 02:45 - 2015-08-30 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-27 02:45 - 2015-08-24 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WizMouse
2015-12-27 02:45 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-27 02:45 - 2014-08-14 12:44 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-27 02:45 - 2014-08-14 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-27 02:45 - 2014-08-14 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-27 02:45 - 2013-12-18 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-12-27 02:45 - 2013-12-18 16:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-27 02:44 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2015-12-27 02:43 - 2015-09-23 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-12-27 02:43 - 2015-08-24 20:42 - 00000000 ____D C:\Program Files\WIDCOMM
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\IME
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\schemas
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-27 02:43 - 2014-08-14 11:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-27 02:43 - 2011-04-12 14:32 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-12-27 02:43 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-12-27 02:41 - 2015-07-10 10:47 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-27 02:39 - 2015-07-30 23:42 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-12-27 02:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-27 02:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-27 02:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-27 02:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-27 02:31 - 2015-07-10 06:13 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-12-27 02:31 - 2015-07-10 06:02 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-12-27 02:31 - 2015-07-10 04:36 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-12-27 02:31 - 2015-07-10 04:36 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-12-27 02:31 - 2015-07-10 04:36 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-12-27 02:31 - 2015-07-10 04:36 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-12-27 02:31 - 2015-07-10 04:36 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-12-27 02:31 - 2015-07-10 04:36 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-12-27 02:31 - 2015-07-10 04:26 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-12-27 02:31 - 2015-07-10 04:25 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-12-27 02:31 - 2015-07-10 04:25 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-12-27 02:31 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-12-27 02:31 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-12-27 02:31 - 2015-07-10 04:25 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-12-27 02:31 - 2015-07-10 04:25 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-12-27 02:31 - 2015-07-10 04:25 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-12-27 02:31 - 2015-07-10 04:25 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-12-27 02:31 - 2015-07-10 04:20 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-12-27 02:04 - 2009-07-14 05:45 - 00021904 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-27 02:04 - 2009-07-14 05:45 - 00021904 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-27 01:53 - 2013-12-18 16:38 - 00000000 ____D C:\swsetup
2015-12-27 01:42 - 2015-11-26 22:52 - 00000000 ____D C:\Users\23\AppData\Local\Spotify
2015-12-27 01:42 - 2015-11-26 22:51 - 00000000 ____D C:\Users\23\AppData\Roaming\Spotify
2015-12-27 01:41 - 2015-09-26 16:53 - 00000000 ____D C:\Users\23\AppData\Local\ChomikBox
2015-12-27 01:40 - 2015-09-26 16:53 - 00000000 ____D C:\Users\23\.gstreamer-0.10
2015-12-27 01:22 - 2013-12-18 16:52 - 00000000 ____D C:\Users\23\AppData\Roaming\Hewlett-Packard
2015-12-27 01:22 - 2013-12-18 16:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-27 01:21 - 2013-12-18 16:52 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-12-27 01:21 - 2013-12-18 16:41 - 00110424 _____ C:\Users\23\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-27 01:20 - 2013-12-18 16:51 - 00000000 ____D C:\Users\23\AppData\Roaming\hpqLog
2015-12-27 01:13 - 2015-08-25 20:13 - 00000000 ____D C:\Users\23\AppData\Roaming\uTorrent
2015-12-26 23:00 - 2015-09-13 13:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-26 21:14 - 2015-08-25 20:36 - 00000000 ____D C:\Users\23\AppData\Local\Adobe
2015-12-26 20:51 - 2014-08-14 12:06 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-26 20:45 - 2014-08-14 12:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-23 21:19 - 2015-11-11 20:46 - 00000000 ____D C:\_Mega_synchronizacja
2015-12-23 14:51 - 2013-12-18 16:26 - 00000000 ____D C:\Users\23\AppData\Local\VirtualStore
2015-12-19 23:01 - 2015-11-11 20:45 - 00000000 ____D C:\Users\23\Documents\MEGAsync
2015-12-17 21:31 - 2015-11-11 20:44 - 00000000 ____D C:\ProgramData\MEGAsync
2015-12-12 03:18 - 2015-09-08 00:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-12 03:18 - 2015-09-08 00:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-12 03:02 - 2015-08-30 21:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-11 21:15 - 2015-09-15 23:17 - 00000000 ____D C:\Program Files (x86)\Remotr
2015-12-11 21:13 - 2014-08-14 11:47 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-09 04:39 - 2010-11-21 04:27 - 00301728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-03 23:16 - 2015-08-25 20:37 - 00000000 ____D C:\ProgramData\Adobe
2015-12-03 23:15 - 2014-08-14 12:05 - 00000000 ____D C:\Users\23\AppData\Roaming\Adobe
2015-12-01 01:32 - 2015-07-30 23:43 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-29 17:44 - 2015-09-22 17:39 - 00000000 ____D C:\Users\23\AppData\Roaming\FileZilla
2015-11-29 16:01 - 2015-09-22 17:50 - 00000600 _____ C:\Users\23\AppData\Local\PUTTY.RND

==================== Files in the root of some directories =======

2015-12-04 00:08 - 2015-12-04 00:08 - 0000034 _____ () C:\Users\23\AppData\Roaming\AdobeWLCMCache.dat
2015-09-22 18:07 - 2015-09-22 18:07 - 0000600 _____ () C:\Users\23\AppData\Roaming\PUTTY.RND
2015-09-26 18:19 - 2015-11-21 02:46 - 0003584 _____ () C:\Users\23\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-22 17:50 - 2015-11-29 16:01 - 0000600 _____ () C:\Users\23\AppData\Local\PUTTY.RND
2015-12-04 00:18 - 2015-12-04 00:18 - 0000218 _____ () C:\Users\23\AppData\Local\recently-used.xbel

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-12-27 02:39

==================== End of FRST.txt ============================

Broni · Dec 27, 2015

Welcome aboard
Dobry Wieczór

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

================================================

FRST reports:

ATTENTION: System Restore is disabled

Did you disable system restore for whatever reason?

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
Otherwise just double-click on RogueKiller.exe
Pre-scan will start. Let it finish.
Click on SCAN button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.
If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

If you already have MBAM 2.0 installed:

On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Export'.
Click 'Text file (*.txt)'
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named 'File Saved' should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Scan button.
When the scan has finished click on Clean button.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

studentoo · Dec 27, 2015

Hi Broni

Thank you for quick response:
Your Polish is very good

----------------------------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------------------------
1.
>Did you disable system restore for whatever reason?

I disabled this in August 2015. There was no special reason for that (I was making drive image) and I forget to enable this option

----------------------------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------------------------
2.

RogueKiller V11.0.4.0 [Dec 20 2015] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.10240) 64 bits version
Started in : Normal mode
User : 23 [Administrator]
Started from : C:\Users\23\Downloads\RogueKiller.exe
Mode : Delete -- Date : 12/28/2015 01:55:10

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 15 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Partner -> Nie wybrano
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} (C:\ProgramData\MEGAsync\ShellExtX64.dll) -> Nie wybrano
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} (C:\ProgramData\MEGAsync\ShellExtX64.dll) -> Nie wybrano
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} (C:\ProgramData\MEGAsync\ShellExtX64.dll) -> Nie wybrano
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} (C:\ProgramData\MEGAsync\ShellExtX64.dll) -> Nie wybrano
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} (C:\ProgramData\MEGAsync\ShellExtX64.dll) -> Nie wybrano
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} (C:\ProgramData\MEGAsync\ShellExtX64.dll) -> Nie wybrano
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 62.179.1.63 62.179.1.62 ([X][X]) -> Nie wybrano
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 62.179.1.63 62.179.1.62 ([X][X]) -> Nie wybrano
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{58298876-790e-4a3a-a79c-5932a9fe9347} | DhcpNameServer : 62.179.1.63 62.179.1.62 ([X][X]) -> Nie wybrano
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c81e9160-154d-44f4-ab75-883bc2b20657} | DhcpNameServer : 62.179.1.63 62.179.1.62 ([X][X]) -> Nie wybrano
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{58298876-790e-4a3a-a79c-5932a9fe9347} | DhcpNameServer : 62.179.1.63 62.179.1.62 ([X][X]) -> Nie wybrano
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{c81e9160-154d-44f4-ab75-883bc2b20657} | DhcpNameServer : 62.179.1.63 62.179.1.62 ([X][X]) -> Nie wybrano
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2662073481-3153093023-2327895656-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nie wybrano
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2662073481-3153093023-2327895656-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nie wybrano

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path] \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe (Scan -ScheduleJob -RestrictPrivileges) -> Nie wybrano

¤¤¤ Files : 1 ¤¤¤
[PUP][Folder] C:\Program Files (x86)\GreenTree Applications -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\AppAdxControl.dll -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.Apachev2 -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.LGPLv2 -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.LGPLv3 -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\FFMPEG.EXE -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1025.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1026.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1029.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1030.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1031.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1032.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1033.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1034.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1035.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1036.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1038.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1040.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1043.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1044.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1045.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1048.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1049.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1050.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1051.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1052.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1053.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1055.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1059.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1060.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1061.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2052.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2070.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2074.ini -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res9999.ini -> Usunięto
[PUP][Folder] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\librtmp.dll -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlc.dll -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlccore.dll -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\LICENSE -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\manual.bat -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\libfilesystem_plugin.dll -> Usunięto
[PUP][Folder] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libaudio_format_plugin.dll -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libugly_resampler_plugin.dll -> Usunięto
[PUP][Folder] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libfloat_mixer_plugin.dll -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libinteger_mixer_plugin.dll -> Usunięto
[PUP][Folder] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\libdirectsound_plugin.dll -> Usunięto
[PUP][Folder] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\libavcodec_plugin.dll -> Usunięto
[PUP][Folder] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\plugins.dat -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\libswscale_plugin.dll -> Usunięto
[PUP][Folder] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdirect3d_plugin.dll -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdrawable_plugin.dll -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libvmem_plugin.dll -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libwingdi_plugin.dll -> Usunięto
[PUP][Folder] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output -> Usunięto
[PUP][Folder] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\scripts.yds -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Uninstall.exe -> Usunięto
[PUP][File] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe -> Usunięto
[PUP][Folder] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader -> Usunięto

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SanDisk SDSSDHII240G +++++
--- User ---
[MBR] 68e9cb67e2c3d81174e614db85597e5e
[BSP] f3a5892886d238fa87d6bfa7118f9701 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 283 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 581632 | Size: 228201 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 467937280 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

----------------------------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------------------------
3.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2015-12-28
Scan Time: 02:01
Logfile: anti_malware.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.12.27.05
Rootkit Database: v2015.12.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: 23

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 411549
Time Elapsed: 11 min, 12 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.APNToolBar, C:\ProgramData\ytd video downloader\ytd_installer.exe, Quarantined, [759c8822addee84e4276ed40f1100bf5],

Physical Sectors: 0
(No malicious items detected)

(end)

----------------------------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------------------------
4.

# AdwCleaner v5.026 - Utworzono raport 28/12/2015 o 02:36:23
# Ostatnia aktualizacja 21/12/2015 przez Xplode
# Baza danych : 2015-12-23.1 [Serwer]
# System operacyjny : Windows 10 Pro (x64)
# Nazwa użytkownika : 23 - 23-KOMPUTER
# Lokalizacja programu : C:\Users\23\Desktop\AdwCleaner.exe
# Działanie : Usuń
# Wsparcie : http://toolslib.net/forum

***** [ Usługi ] *****

***** [ Foldery ] *****

[-] Folder usunięto : C:\ProgramData\ytd video downloader
[-] Folder usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader

***** [ Pliki ] *****

***** [ DLLs ] *****

***** [ Skróty ] *****

***** [ Zaplanowane zadania ] *****

***** [ Rejestr ] *****

***** [ Przeglądarki internetowe ] *****

*************************

:: "Tracing" klucze usunięta
:: Zresetowano ustawienia Winsock

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [925 bajty] ##########

----------------------------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------------------------
5.
One more thing (I don't know if this is relevant), but earlier yesterday (befoure I wrote on this forum) I did removed "Windows.old" (Windows 7) catalog - because there were trojans there.

Belowe is part of log from ClamWinPortable http://www.clamwin.com/content/view/118/89/

log:
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-mediaplayer-autoplay_31bf3856ad364e35_6.1.7601.17514_none_7920b60d569a4a1e\wmlaunch.exe: Win.Trojan.Win64-178 FOUND
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.1.7601.17514_none_698fc88e65b943d6\wmpshare.exe: Win.Trojan.Win64-184 FOUND
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-s..inboxgames-shanghai_31bf3856ad364e35_6.1.7600.16385_none_1c98ed5d08db04ce\Mahjong.exe: Win.Trojan.Win64-179 FOUND
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-s..oxgames-purbleplace_31bf3856ad364e35_6.1.7600.16385_none_622070221822eb39\PurblePlace.exe: Win.Trojan.Win64-168 FOUND
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.16385_none_9e59e11166b683d3\PDIALOG.exe: Win.Trojan.Win64-194 FOUND
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.1.7601.17514_none_75d78dc0bb37c026\Journal.exe: Win.Trojan.Win64-174 FOUND
C:\Windows.old\Windows\winsxs\x86_microsoft-windows-certutil_31bf3856ad364e35_6.1.7600.16385_none_b55b5e1094b0283d\certutil.exe: Win.Trojan.Virtob-1653 FOUND

Broni · Dec 27, 2015

Urodziłem się w Krakowie I mieszkałem tam przez 32 lata

Make sure you re-enable system restore.

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

Double click to run it.
Make sure you checkmark Addition.txt box.
Press Scan button.
Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

studentoo · Dec 28, 2015

No tak przez 32 lata można nauczyć się języka

1. I just re-enabled system restore.

While doing so I experienced weird behaviour of computer, it was closing window were this function is accessible (it happened twice; at first I thought it was my mistake - it was late night while I was doing this; but second time - I was sure it wasn't)

I reminded me of other weird behaviour, which at the time wile they appeared, I thought was just "bug" in new Windows10. Now I'm pretty sure that someone (or something) has hijcak my laptop.

This weird behaviour:

1). Automatic opening of "My documents" catalogue while I was trying to open downloaded torrent catalogue in uTorrent app. It occurred twice
2.) De- muting of sound (while it was muted) it happened 3 times during ~15 minutes.

I thinking about giving up cleaning my laptop, and use my old disc image with Win7. I'm seriously worried about my other laptop, NAS disc, and my passwords to gmail and other accounts. What do you recommend? Should I use this old disc image and start update proces to Win10 from scratch?

2. Below are the logs which you asked:

studentoo · Dec 28, 2015

Am Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-26] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Run: [Spotify Web Helper] => C:\Users\23\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-18] (Spotify Ltd)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-26] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62
Tcpip\..\Interfaces\{58298876-790e-4a3a-a79c-5932a9fe9347}: [DhcpNameServer] 62.179.1.63 62.179.1.62
Tcpip\..\Interfaces\{c81e9160-154d-44f4-ab75-883bc2b20657}: [DhcpNameServer] 62.179.1.63 62.179.1.62

Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-26] (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-26] (AVAST Software)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)

studentoo · Dec 28, 2015

FireFox:
========
FF ProfilePath: C:\Users\23\AppData\Roaming\Mozilla\Firefox\Profiles\j6u10kzu.default-1451172253476
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-11] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2662073481-3153093023-2327895656-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Extension: Adblock Plus - C:\Users\23\AppData\Roaming\Mozilla\Firefox\Profiles\j6u10kzu.default-1451172253476\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-27]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-09-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-26]

Chrome:
=======
CHR Profile: C:\Users\23\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-31]
CHR Extension: (Dysk Google) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Google Search) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-05]
CHR Extension: (Avast Online Security) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-27]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-31]
CHR Extension: (Gmail) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-31]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-26]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-26] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109520 2015-12-26] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5561368 2015-12-26] (Avast Software)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-13] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Remotr Service; C:\Program Files (x86)\Remotr\RemotrService.exe [181328 2015-12-11] (RemoteMyApp sp. z o.o.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-12-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-26] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [466400 2015-12-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-26] (AVAST Software)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [147088 2015-12-26] (AVAST Software)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [310904 2015-12-26] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 aswMBR; C:\Users\23\AppData\Local\Temp\aswMBR.sys [62728 2015-12-27] () [File not signed]
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

studentoo · Dec 28, 2015

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-27 23:39 - 2015-12-27 23:39 - 00017779 _____ C:\Users\23\Desktop\FRST.txt
2015-12-27 23:34 - 2015-12-27 23:34 - 00002008 _____ C:\Users\23\Desktop\aswMBR.txt
2015-12-27 23:34 - 2015-12-27 23:34 - 00000512 _____ C:\Users\23\Desktop\MBR.dat
2015-12-27 23:32 - 2015-12-27 23:32 - 05200384 _____ (AVAST Software) C:\Users\23\Downloads\aswmbr.exe
2015-12-27 23:29 - 2015-12-27 23:29 - 00016148 _____ C:\WINDOWS\system32\23-KOMPUTER_23_HistoryPrediction.bin
2015-12-27 23:22 - 2015-12-27 23:30 - 01963470 _____ C:\TDSSKiller.3.1.0.9_27.12.2015_23.22.54_log.txt
2015-12-27 23:16 - 2015-12-27 23:17 - 64118784 _____ C:\Users\23\Downloads\Synology Cloud Station-3.2-3497.msi
2015-12-27 22:48 - 2015-12-27 22:48 - 00000000 ____D C:\Users\23\AppData\Local\PeerDistRepub
2015-12-27 22:44 - 2015-12-27 22:44 - 02738112 _____ (Sunrise Software ) C:\Users\23\Downloads\Sunrise_Seven_1.2.build.61.signed.exe
2015-12-27 22:23 - 2015-12-27 23:39 - 00000000 ____D C:\FRST
2015-12-27 22:22 - 2015-12-27 22:23 - 02370560 _____ (Farbar) C:\Users\23\Desktop\EnglishFRST64.exe
2015-12-27 20:48 - 2015-12-27 20:48 - 95364424 _____ (Kaspersky Lab ZAO) C:\Users\23\Downloads\KVRT.exe
2015-12-27 20:28 - 2015-12-27 20:28 - 217812536 _____ (COMODO) C:\Users\23\Downloads\cmd_fw_installer_6113_c7.exe.part
2015-12-27 20:26 - 2015-12-27 23:22 - 00004298 _____ C:\TDSSKiller.3.1.0.9_27.12.2015_20.26.22_log.txt
2015-12-27 19:55 - 2015-12-27 19:55 - 08883992 _____ (PortableApps.com) C:\Users\23\Downloads\ClamWinPortable_0.98.7_English.paf.exe
2015-12-27 19:55 - 2015-12-27 19:55 - 00000000 ____D C:\Users\23\Downloads\ClamWinPortable
2015-12-27 19:39 - 2015-12-27 19:39 - 00000541 _____ C:\Users\23\Documents\Dysk lokalny (C) — skrót.lnk
2015-12-27 14:47 - 2015-12-27 14:47 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Ustawienia lokalne
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Szablony
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Moje dokumenty
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Menu Start
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moje wideo
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moje obrazy
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moja muzyka
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Dane aplikacji
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Historia
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Dane aplikacji
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 ____D C:\Users\DefaultAppPool
2015-12-27 14:47 - 2015-12-27 02:44 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2015-12-27 14:47 - 2015-12-27 02:44 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2015-12-27 14:47 - 2015-12-27 02:44 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2015-12-27 13:59 - 2015-12-27 13:59 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-12-27 13:58 - 2015-12-27 13:58 - 00000000 ____D C:\WINDOWS\pss
2015-12-27 03:05 - 2015-12-27 03:06 - 00002443 _____ C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-27 03:05 - 2015-12-27 03:06 - 00000000 ___RD C:\Users\23\OneDrive
2015-12-27 03:05 - 2015-12-27 03:05 - 00000000 ____D C:\Users\23\AppData\Local\Comms
2015-12-27 03:03 - 2015-12-27 14:56 - 00000000 ____D C:\Users\23\AppData\Local\Packages
2015-12-27 03:03 - 2015-12-27 03:03 - 00000020 ___SH C:\Users\23\ntuser.ini
2015-12-27 03:03 - 2015-12-27 03:03 - 00000000 ____D C:\Users\23\AppData\Local\TileDataLayer
2015-12-27 03:03 - 2015-12-27 03:03 - 00000000 ____D C:\Users\23\AppData\Local\Publishers
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Ustawienia lokalne
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Szablony
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Moje dokumenty
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Menu Start
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Documents\Moje wideo
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Documents\Moje obrazy
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Documents\Moja muzyka
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Dane aplikacji
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historia
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dane aplikacji
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\Documents\Moje wideo
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\Documents\Moje obrazy
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\Documents\Moja muzyka
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historia
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dane aplikacji
2015-12-27 02:47 - 2015-12-27 02:47 - 00023044 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-27 02:44 - 2015-12-27 02:44 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-12-27 02:43 - 2015-12-27 02:43 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-12-27 02:42 - 2015-12-27 23:27 - 02119218 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-27 02:42 - 2015-12-27 03:05 - 00000000 ____D C:\Users\23
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Ustawienia lokalne
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Szablony
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Moje dokumenty
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Menu Start
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Documents\Moje wideo
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Documents\Moje obrazy
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Documents\Moja muzyka
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Dane aplikacji
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\AppData\Local\Historia
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\AppData\Local\Dane aplikacji
2015-12-27 02:41 - 2015-12-27 02:45 - 00000000 ____D C:\Program Files\IDT
2015-12-27 02:41 - 2015-12-27 02:41 - 02023640 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-12-27 02:41 - 2015-12-27 02:41 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2015-12-27 02:41 - 2015-12-27 02:41 - 00001722 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDT HD Audio.lnk
2015-12-27 02:41 - 2015-12-27 02:41 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-12-27 02:41 - 2015-12-27 02:41 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-12-27 02:41 - 2015-12-27 02:41 - 00000000 ____D C:\Program Files\Synaptics
2015-12-27 02:41 - 2015-12-27 02:41 - 00000000 ____D C:\Program Files\LSI SoftModem
2015-12-27 02:41 - 2015-12-27 01:29 - 12861952 _____ (IDT, Inc.) C:\WINDOWS\system32\idtcpl64.cpl
2015-12-27 02:41 - 2015-12-27 01:29 - 01952256 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2015-12-27 02:41 - 2015-12-27 01:29 - 00489472 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2015-12-27 02:41 - 2015-12-27 01:29 - 00442368 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTEC64.dll
2015-12-27 02:41 - 2015-12-27 01:29 - 00162816 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAC64.dll
2015-12-27 02:41 - 2015-12-27 01:29 - 00090624 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTCo64.dll
2015-12-27 02:41 - 2015-12-27 01:29 - 00068608 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAR64.dll
2015-12-27 02:39 - 2015-12-27 03:02 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-27 02:36 - 2015-12-27 02:36 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-12-27 02:36 - 2015-12-27 02:36 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-12-27 02:36 - 2015-12-27 02:36 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-12-27 02:36 - 2015-12-27 02:36 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-27 02:36 - 2015-12-27 02:36 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-27 02:36 - 2015-12-27 02:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-27 02:36 - 2015-12-27 02:36 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-12-27 02:36 - 2015-12-27 02:36 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-27 02:33 - 2015-12-27 02:33 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-27 02:31 - 2015-12-27 02:45 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\Program Files\MSBuild
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\inetpub
2015-12-27 02:31 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-27 02:31 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-27 02:31 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-27 02:31 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-27 02:31 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-27 02:31 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

studentoo · Dec 28, 2015

2015-12-27 01:52 - 2015-12-27 02:47 - 00003274 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFor23
2015-12-27 01:52 - 2015-12-27 02:47 - 00000320 _____ C:\WINDOWS\Tasks\HPCeeScheduleFor23.job
2015-12-27 01:51 - 2015-12-27 01:51 - 08507392 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\NETwNs64.sys
2015-12-27 01:49 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
2015-12-27 01:49 - 2015-12-27 01:49 - 00000000 ____D C:\ProgramData\ytd video downloader
2015-12-27 01:49 - 2015-12-27 01:49 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2015-12-27 01:46 - 2015-12-27 20:20 - 00000000 ____D C:\Users\23\Desktop\Inbox
2015-12-27 01:37 - 2015-12-27 01:37 - 01379376 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-12-27 01:37 - 2015-12-27 01:37 - 00400168 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00270632 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCtrl.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00215336 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00214312 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCtrl.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00173352 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCOM.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00147752 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo4.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00107816 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynTPCOM.dll
2015-12-27 01:35 - 2015-12-27 01:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_AMPPAL_01009.Wdf
2015-12-27 01:35 - 2015-12-27 01:35 - 00000000 ____D C:\Program Files\Intel
2015-12-27 01:34 - 2015-12-27 01:33 - 03381008 _____ (Intel Corporation) C:\WINDOWS\system32\Netwrw00.dll
2015-12-27 01:34 - 2015-12-27 01:33 - 00885520 _____ (Intel Corporation) C:\WINDOWS\system32\Netwcw00.dll
2015-12-27 01:31 - 2015-12-27 13:59 - 00000000 ____D C:\AdwCleaner
2015-12-27 01:31 - 2011-05-04 17:20 - 00340656 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e1k62x64.sys
2015-12-27 01:31 - 2011-04-08 01:27 - 00094912 _____ (Intel Corporation) C:\WINDOWS\system32\NicInstK.dll
2015-12-27 01:31 - 2011-04-08 01:14 - 00068264 _____ (Intel Corporation) C:\WINDOWS\system32\e1kmsg.dll
2015-12-27 01:31 - 2009-10-09 11:43 - 00003143 _____ C:\WINDOWS\system32\e1k62x64.din
2015-12-27 01:31 - 2009-05-26 10:05 - 00036472 _____ (Intel Corporation) C:\WINDOWS\system32\NicCo36.dll
2015-12-27 01:30 - 2015-12-27 13:59 - 01743360 _____ C:\Users\23\Desktop\AdwCleaner.exe
2015-12-27 01:29 - 2015-12-27 01:29 - 01484288 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2015-12-27 01:29 - 2015-12-27 01:29 - 00651264 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2015-12-27 01:29 - 2015-12-27 01:29 - 00515584 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2015-12-27 01:29 - 2015-12-27 01:29 - 00431616 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll
2015-12-27 01:29 - 2015-12-27 01:29 - 00219648 _____ (IDT, Inc.) C:\WINDOWS\system32\staco64.dll
2015-12-27 01:23 - 2015-12-27 01:52 - 00000000 ____D C:\Users\23\AppData\Local\Hewlett-Packard
2015-12-27 01:22 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-12-27 01:21 - 2015-12-27 01:48 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-12-27 01:20 - 2015-12-27 01:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-12-27 00:21 - 2015-12-27 00:21 - 19733696 _____ (Microsoft Corporation) C:\Users\23\Downloads\MediaCreationToolx64.exe
2015-12-27 00:21 - 2015-12-27 00:21 - 00000000 ___HD C:\$Windows.~WS
2015-12-27 00:00 - 2015-12-27 00:00 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urządzenia interfejsu Bluetooth
2015-12-26 22:39 - 2015-12-27 14:01 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-26 22:39 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-26 22:39 - 2015-12-26 22:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-26 22:39 - 2015-12-26 22:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-26 22:39 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-26 22:39 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-26 22:39 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-26 22:36 - 2015-12-26 23:55 - 00882346 _____ C:\WINDOWS\ntbtlog.txt
2015-12-26 21:49 - 2015-12-27 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-12-26 21:49 - 2015-12-27 14:47 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-12-26 21:13 - 2015-12-27 02:43 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-12-26 20:50 - 2015-12-27 02:47 - 00003216 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1451159433
2015-12-26 20:50 - 2015-12-26 20:50 - 00001037 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2015-12-26 20:50 - 2015-12-26 20:50 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2015-12-26 20:49 - 2015-12-26 20:49 - 00147088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
2015-12-26 20:49 - 2015-12-26 20:49 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-12-26 20:49 - 2015-12-26 20:46 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-26 20:47 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-26 20:47 - 2015-12-26 20:47 - 00000000 ____D C:\Users\23\AppData\Roaming\AVAST Software
2015-12-26 20:46 - 2015-12-27 03:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2015-12-26 20:46 - 2015-12-27 02:47 - 00004292 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-26 20:46 - 2015-12-26 20:46 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-26 20:46 - 2015-12-26 20:45 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-26 20:45 - 2015-12-26 20:45 - 00466400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-12-26 20:45 - 2015-12-26 20:45 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-12-26 20:44 - 2015-12-26 20:49 - 00000000 ____D C:\Program Files\AVAST Software
2015-12-26 20:43 - 2015-12-26 20:49 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-26 20:43 - 2015-12-26 20:43 - 05037264 _____ (AVAST Software) C:\Users\23\Downloads\avast_premier_antivirus_setup_online.exe
2015-12-26 20:38 - 2015-12-26 20:39 - 00398376 _____ C:\Users\23\Downloads\chaggington-veselie-parovoziki--chuggington-s01-04-01-118-iz-118-2008-2014-dvdrip-bdrip--litcenziya.exe
2015-12-26 20:34 - 2015-12-26 20:34 - 00398376 _____ C:\Users\23\Downloads\krot--krtek--62-serii-zhdanek-miler--zdenek-miler-1957-g.exe
2015-12-24 14:09 - 2015-12-26 21:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-23 14:54 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Where Is It
2015-12-23 14:54 - 2015-12-23 15:21 - 00000000 ____D C:\Users\23\Documents\WhereIsIt Catalogs
2015-12-23 14:54 - 2015-12-23 14:54 - 00000000 ____D C:\ProgramData\WhereIsIt
2015-12-23 14:54 - 2015-12-23 14:54 - 00000000 ____D C:\Program Files (x86)\WhereIsIt
2015-12-23 14:53 - 2015-12-23 14:53 - 08417936 _____ (WhereIsIt Soft ) C:\Users\23\Downloads\WhereIsIt-2014-Setup.exe
2015-12-23 13:05 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pathsync
2015-12-23 13:05 - 2015-12-23 13:05 - 00155403 _____ C:\Users\23\Downloads\pathsync04BETA-install.exe
2015-12-23 13:05 - 2015-12-23 13:05 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pathsync
2015-12-23 13:05 - 2015-12-23 13:05 - 00000000 ____D C:\Program Files (x86)\PathSync
2015-12-23 13:01 - 2015-12-23 13:01 - 00002683 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBZync.lnk
2015-12-23 13:01 - 2015-12-23 13:01 - 00000000 ____D C:\Program Files\MOBZystems
2015-12-23 13:00 - 2015-12-23 13:00 - 00483328 _____ C:\Users\23\Downloads\MOBZyncSetup 0.9.2 (64-bit).msi
2015-12-21 10:49 - 2015-12-21 10:52 - 323598164 _____ C:\Users\23\Downloads\Strawberry Steps.zip
2015-12-21 10:45 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania 5.0.10
2015-12-21 10:45 - 2015-12-21 10:45 - 00000000 ____D C:\Users\23\AppData\Roaming\StepMania 5
2015-12-21 10:45 - 2015-12-21 10:45 - 00000000 ____D C:\Games
2015-12-21 10:44 - 2015-12-21 10:44 - 56616889 _____ C:\Users\23\Downloads\STEPMANIA sierpień 2012.zip
2015-12-21 10:42 - 2015-12-21 10:42 - 51592682 _____ C:\Users\23\Downloads\StepMania-5.0.10-win32.exe
2015-12-17 23:03 - 2015-12-17 23:03 - 00012592 _____ C:\Users\23\Downloads\[KinoGB.net]torrent_252261.torrent
2015-12-11 21:22 - 2015-12-11 21:22 - 00011890 _____ C:\Users\23\Downloads\[kat.cr]peppa.pig.series.4.eps.1.13.torrent
2015-12-11 21:13 - 2015-12-11 21:13 - 00000000 ____D C:\22e07cf1319afcec20f070
2015-12-08 22:31 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-12-08 22:30 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2015-12-08 22:30 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-12-08 22:30 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-12-05 21:06 - 2015-12-05 21:06 - 293988966 _____ C:\Users\23\Downloads\20151115_184837.mp4
2015-12-04 00:18 - 2015-12-04 00:18 - 00000218 _____ C:\Users\23\AppData\Local\recently-used.xbel
2015-12-04 00:17 - 2015-12-04 00:17 - 00000000 ____D C:\Users\23\AppData\Roaming\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1
2015-12-04 00:17 - 2015-12-04 00:17 - 00000000 ____D C:\Users\23\AppData\Roaming\com.livebrush
2015-12-04 00:08 - 2015-12-04 00:08 - 00000034 _____ C:\Users\23\AppData\Roaming\AdobeWLCMCache.dat
2015-12-03 23:57 - 2015-12-03 23:57 - 00000000 ____D C:\Users\23\AppData\Local\fontconfig
2015-12-03 23:56 - 2015-12-03 23:56 - 00000000 ____D C:\Users\23\AppData\Roaming\inkscape
2015-12-03 23:49 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.91
2015-12-03 23:49 - 2015-12-03 23:49 - 00000000 ____D C:\Users\23\AppData\Roaming\wacomid-desktop-launcher
2015-12-03 23:49 - 2015-12-03 23:49 - 00000000 ____D C:\Program Files\Inkscape
2015-12-03 23:48 - 2015-12-03 23:48 - 97868152 _____ C:\Users\23\Downloads\inkscape-0.91-x64.msi
2015-12-03 23:16 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____D C:\Users\23\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____D C:\Users\23\AppData\Roaming\Wacom
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____D C:\ProgramData\Wacom
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-03 23:15 - 2015-12-27 02:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2015-12-03 23:15 - 2015-12-03 23:16 - 00000000 ____D C:\Program Files (x86)\Bamboo Dock
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\Users\23\AppData\Roaming\WTablet
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\Program Files\TabletPlugins
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\Program Files\Tablet
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2015-12-03 23:15 - 2014-01-13 07:24 - 01913624 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Tablet.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01906968 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Touch_Tablet.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01780504 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\WacomMT.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01778968 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wintab32.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01551640 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Tablet.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01544472 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Touch_Tablet.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01432344 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\WacomMT.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01428248 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wintab32.dll
2015-11-29 23:17 - 2015-11-29 23:17 - 03420244 _____ (OpenSubtitles.org ) C:\Users\23\Downloads\OSDownloader.exe
2015-11-29 15:29 - 2015-11-29 15:32 - 00000765 _____ C:\Users\23\Desktop\keymap.xml
2015-11-29 15:26 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-11-29 15:26 - 2015-11-29 15:27 - 00000000 ____D C:\Users\23\AppData\Roaming\Notepad++
2015-11-29 15:26 - 2015-11-29 15:26 - 04119231 _____ C:\Users\23\Downloads\npp.6.8.7.Installer.exe
2015-11-29 15:26 - 2015-11-29 15:26 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-11-29 15:26 - 2015-11-29 15:26 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-11-29 15:24 - 2015-11-29 15:24 - 06539752 _____ (Tim Kosse) C:\Users\23\Downloads\FileZilla_3.14.1_win64-setup.exe
2015-11-29 14:37 - 2015-11-29 14:37 - 01756942 _____ C:\Users\23\Downloads\TS - Etap_I(1).pdf
2015-11-28 09:40 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-11-28 09:40 - 2015-11-28 09:45 - 00000000 ____D C:\Users\23\AppData\Roaming\Foxit Software
2015-11-28 09:40 - 2015-11-28 09:40 - 00000000 ____D C:\Users\Public\Foxit Software
2015-11-28 09:40 - 2015-11-28 09:40 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2015-11-28 09:39 - 2015-11-28 09:39 - 00000056 _____ C:\Users\Public\Documents\pre_fileassoc.tmp
2015-11-28 09:37 - 2015-11-28 09:38 - 39170360 _____ (Foxit Software Inc. ) C:\Users\23\Downloads\FoxitReader728.1124_prom_enu_Setup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-27 23:32 - 2014-08-14 12:09 - 00001048 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-27 23:27 - 2015-09-10 06:09 - 00918262 _____ C:\WINDOWS\system32\perfh015.dat
2015-12-27 23:27 - 2015-09-10 06:09 - 00202138 _____ C:\WINDOWS\system32\perfc015.dat
2015-12-27 23:27 - 2015-07-30 23:40 - 00000000 ____D C:\WINDOWS\INF
2015-12-27 23:23 - 2015-08-24 20:42 - 00002754 _____ C:\WINDOWS\System32\Tasks\WizMouse
2015-12-27 23:22 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-27 23:22 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-12-27 23:22 - 2014-08-14 12:09 - 00001044 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-27 23:20 - 2014-08-14 12:01 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-27 22:24 - 2015-07-10 10:47 - 00000000 ____D C:\Windows
2015-12-27 20:40 - 2015-08-25 20:14 - 00000000 ____D C:\Download
2015-12-27 19:43 - 2015-09-09 20:01 - 00000000 ____D C:\_Private
2015-12-27 15:45 - 2015-07-30 23:42 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-27 15:01 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-27 14:56 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-27 13:56 - 2015-07-30 22:49 - 05011968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-27 13:32 - 2015-08-30 13:06 - 00000000 ____D C:\Users\23\AppData\Roaming\vlc
2015-12-27 03:22 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-27 03:03 - 2015-09-10 06:57 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-27 02:49 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-12-27 02:48 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Windows NT
2015-12-27 02:47 - 2015-09-16 00:10 - 00003200 _____ C:\WINDOWS\System32\Tasks\{5E013C0A-B422-4470-ABB6-88BB24CD5FBA}
2015-12-27 02:47 - 2015-09-06 09:44 - 00003042 _____ C:\WINDOWS\System32\Tasks\{32264559-94A2-4573-9582-AE9879343630}
2015-12-27 02:47 - 2015-08-24 21:24 - 00010449 _____ C:\WINDOWS\diagerr.xml
2015-12-27 02:47 - 2015-08-24 21:24 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-12-27 02:47 - 2015-07-30 23:42 - 00000000 __RSD C:\WINDOWS\Media
2015-12-27 02:47 - 2015-07-30 23:42 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-27 02:47 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Registration
2015-12-27 02:47 - 2014-08-14 12:09 - 00004154 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-27 02:47 - 2014-08-14 12:09 - 00003902 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-27 02:47 - 2014-08-14 12:01 - 00003978 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-27 02:47 - 2013-12-19 09:45 - 00003250 _____ C:\WINDOWS\System32\Tasks\{726D87C0-5922-49AB-93A0-F8E8FB98E173}
2015-12-27 02:47 - 2013-12-18 16:53 - 00003314 _____ C:\WINDOWS\System32\Tasks\{65D2175E-5627-4599-AAAB-37B6B9C9AD0E}
2015-12-27 02:45 - 2015-11-23 01:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLMediaServer
2015-12-27 02:45 - 2015-11-22 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-12-27 02:45 - 2015-11-11 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
2015-12-27 02:45 - 2015-10-28 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGFlashTool
2015-12-27 02:45 - 2015-10-20 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG One Click Root
2015-12-27 02:45 - 2015-10-19 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2015-12-27 02:45 - 2015-10-14 00:06 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-12-27 02:45 - 2015-09-26 17:24 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-12-27 02:45 - 2015-09-26 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl
2015-12-27 02:45 - 2015-09-22 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter
2015-12-27 02:45 - 2015-09-22 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2015-12-27 02:45 - 2015-09-21 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2015-12-27 02:45 - 2015-09-15 23:54 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vmToolkit
2015-12-27 02:45 - 2015-09-15 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remotr
2015-12-27 02:45 - 2015-09-11 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2015-12-27 02:45 - 2015-09-10 06:29 - 00000000 ____D C:\WINDOWS\ShellNew
2015-12-27 02:45 - 2015-09-08 00:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-27 02:45 - 2015-09-06 09:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DreamWorks
2015-12-27 02:45 - 2015-08-30 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-27 02:45 - 2015-08-30 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-27 02:45 - 2015-08-24 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WizMouse
2015-12-27 02:45 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-27 02:45 - 2014-08-14 12:44 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-27 02:45 - 2014-08-14 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-27 02:45 - 2014-08-14 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-27 02:45 - 2013-12-18 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-12-27 02:45 - 2013-12-18 16:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-27 02:44 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2015-12-27 02:43 - 2015-09-23 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-12-27 02:43 - 2015-08-24 20:42 - 00000000 ____D C:\Program Files\WIDCOMM
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\IME
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\schemas
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-27 02:43 - 2014-08-14 11:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-27 02:43 - 2011-04-12 14:32 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-12-27 02:43 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-12-27 02:41 - 2015-07-10 10:47 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-27 02:39 - 2015-07-30 23:42 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-12-27 02:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-27 02:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-27 02:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-27 02:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-27 02:31 - 2015-07-10 06:13 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-12-27 02:31 - 2015-07-10 06:02 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-12-27 02:31 - 2015-07-10 04:36 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-12-27 02:31 - 2015-07-10 04:36 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-12-27 02:31 - 2015-07-10 04:36 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-12-27 02:31 - 2015-07-10 04:36 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-12-27 02:31 - 2015-07-10 04:36 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-12-27 02:31 - 2015-07-10 04:36 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-12-27 02:31 - 2015-07-10 04:26 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-12-27 02:31 - 2015-07-10 04:25 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-12-27 02:31 - 2015-07-10 04:25 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-12-27 02:31 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-12-27 02:31 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-12-27 02:31 - 2015-07-10 04:25 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-12-27 02:31 - 2015-07-10 04:25 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-12-27 02:31 - 2015-07-10 04:25 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-12-27 02:31 - 2015-07-10 04:25 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-12-27 02:31 - 2015-07-10 04:20 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-12-27 02:04 - 2009-07-14 05:45 - 00021904 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-27 02:04 - 2009-07-14 05:45 - 00021904 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-27 01:53 - 2013-12-18 16:38 - 00000000 ____D C:\swsetup
2015-12-27 01:42 - 2015-11-26 22:52 - 00000000 ____D C:\Users\23\AppData\Local\Spotify
2015-12-27 01:42 - 2015-11-26 22:51 - 00000000 ____D C:\Users\23\AppData\Roaming\Spotify
2015-12-27 01:41 - 2015-09-26 16:53 - 00000000 ____D C:\Users\23\AppData\Local\ChomikBox
2015-12-27 01:40 - 2015-09-26 16:53 - 00000000 ____D C:\Users\23\.gstreamer-0.10
2015-12-27 01:22 - 2013-12-18 16:52 - 00000000 ____D C:\Users\23\AppData\Roaming\Hewlett-Packard
2015-12-27 01:22 - 2013-12-18 16:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-27 01:21 - 2013-12-18 16:52 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-12-27 01:21 - 2013-12-18 16:41 - 00110424 _____ C:\Users\23\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-27 01:20 - 2013-12-18 16:51 - 00000000 ____D C:\Users\23\AppData\Roaming\hpqLog
2015-12-27 01:13 - 2015-08-25 20:13 - 00000000 ____D C:\Users\23\AppData\Roaming\uTorrent
2015-12-26 23:00 - 2015-09-13 13:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-26 21:14 - 2015-08-25 20:36 - 00000000 ____D C:\Users\23\AppData\Local\Adobe
2015-12-26 20:51 - 2014-08-14 12:06 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-26 20:45 - 2014-08-14 12:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-23 21:19 - 2015-11-11 20:46 - 00000000 ____D C:\_Mega_synchronizacja
2015-12-23 14:51 - 2013-12-18 16:26 - 00000000 ____D C:\Users\23\AppData\Local\VirtualStore
2015-12-19 23:01 - 2015-11-11 20:45 - 00000000 ____D C:\Users\23\Documents\MEGAsync
2015-12-17 21:31 - 2015-11-11 20:44 - 00000000 ____D C:\ProgramData\MEGAsync
2015-12-12 03:18 - 2015-09-08 00:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-12 03:18 - 2015-09-08 00:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-12 03:02 - 2015-08-30 21:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-11 21:15 - 2015-09-15 23:17 - 00000000 ____D C:\Program Files (x86)\Remotr
2015-12-11 21:13 - 2014-08-14 11:47 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-09 04:39 - 2010-11-21 04:27 - 00301728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-03 23:16 - 2015-08-25 20:37 - 00000000 ____D C:\ProgramData\Adobe
2015-12-03 23:15 - 2014-08-14 12:05 - 00000000 ____D C:\Users\23\AppData\Roaming\Adobe
2015-12-01 01:32 - 2015-07-30 23:43 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-29 17:44 - 2015-09-22 17:39 - 00000000 ____D C:\Users\23\AppData\Roaming\FileZilla
2015-11-29 16:01 - 2015-09-22 17:50 - 00000600 _____ C:\Users\23\AppData\Local\PUTTY.RND

==================== Files in the root of some directories =======

2015-12-04 00:08 - 2015-12-04 00:08 - 0000034 _____ () C:\Users\23\AppData\Roaming\AdobeWLCMCache.dat
2015-09-22 18:07 - 2015-09-22 18:07 - 0000600 _____ () C:\Users\23\AppData\Roaming\PUTTY.RND
2015-09-26 18:19 - 2015-11-21 02:46 - 0003584 _____ () C:\Users\23\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-22 17:50 - 2015-11-29 16:01 - 0000600 _____ () C:\Users\23\AppData\Local\PUTTY.RND
2015-12-04 00:18 - 2015-12-04 00:18 - 0000218 _____ () C:\Users\23\AppData\Local\recently-used.xbel

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-12-27 02:39

==================== End of FRST.txt ============================

studentoo · Dec 28, 2015

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-12-2015
Ran by 23 (2015-12-28 11:46:17)
Running from C:\Users\23\Desktop\FRST
Windows 10 Pro (X64) (2015-12-27 02:02:59)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

23 (S-1-5-21-2662073481-3153093023-2327895656-1000 - Administrator - Enabled) => C:\Users\23
Administrator (S-1-5-21-2662073481-3153093023-2327895656-500 - Administrator - Disabled)
Gość (S-1-5-21-2662073481-3153093023-2327895656-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2662073481-3153093023-2327895656-1002 - Limited - Enabled)
Konto domyślne (S-1-5-21-2662073481-3153093023-2327895656-503 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft)
ALLMediaServer (HKLM-x32\...\{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1) (Version: 0.95 - ALLCinema Ltd.)
ATI Catalyst Install Manager (HKLM\...\{0B759873-FB73-4F8B-DF06-D3ECC76341E6}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
Avast Premier (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Broadcom 2070 Bluetooth 2.1 + EDR (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl)
Eraser 6.2.0.2970 (HKLM\...\{58F37E51-2A83-49F3-9117-6005C63CF399}) (Version: 6.2.2970 - The Eraser Project)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{C5203A0C-91C4-40C4-9FEC-CCBDC1B76977}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{12407B47-A01F-4E7E-B00F-07B90BBB3EF4}) (Version: 4.0.18.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B11B6E26-63A4-4BB6-AA39-0AF758B26092}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50012.1 - Sonix)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.3 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
Kodi (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Kodi) (Version: - XBMC-Foundation)
LG One Click Root (HKLM-x32\...\{5085AFF1-777B-4052-85D1-59140D26DB28}) (Version: 1.3.0.0 - avicohh software)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
LGFlashTool 1.8.1.1023 (HKLM-x32\...\LGFlashTool) (Version: 1.8.1.1023 - LGE)
Livebrush Mini (HKLM-x32\...\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1) (Version: 1.5 - MoreMeYou)
Livebrush Mini (x32 Version: 1.5 - MoreMeYou) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.25.4.3 - Marvell)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MOBZync (HKLM\...\{417FF61C-66A9-4A76-8AF7-0E3994AC8C31}) (Version: 0.9.2 - MOBZystems)
Mozilla Firefox 43.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 pl)) (Version: 43.0.2 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.7 - Notepad++ Team)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Popcorn Time (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Popcorn Time) (Version: - Popcorn Official)
Remotr version 1.1.1193 (HKLM-x32\...\Remotr_is1) (Version: 1.1.1193 - RemoteMyApp sp. z o.o.)
RICOH Media Driver (HKLM-x32\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.14.00.05 - RICOH)
SafeZone Stable 1.46.1990.139 (x32 Version: 1.46.1990.139 - Avast Software) Hidden
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Spotify (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.10 - StepMania)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
The Neverhood (HKLM-x32\...\DreamWorks Interactive: Neverhood) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vhd Resizer (HKLM-x32\...\{8FAA57C5-7BD1-4285-B4B1-36D7337D7BE5}) (Version: 1.0.42 - Xcarab)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WhereIsIt? 2014 (HKLM-x32\...\whereisit-wii_is1) (Version: 2014 - Robert Galle)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\7E38E30BB92ED94B21CF062A7386554CBA991FEB) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WizMouse v1.7.0.3 (HKLM-x32\...\WizMouse_is1) (Version: - Antibody Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2662073481-3153093023-2327895656-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-2662073481-3153093023-2327895656-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\23\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {043A8CDB-EB29-4258-BA0A-716AA4CE905E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {14AF0024-1904-4BC1-9618-B008BAFBE17A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {21129813-41A9-48DB-A9B9-B95C05C208CF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2599B8CF-2FAB-44E5-A753-E154D8FC9465} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {2FEF91EB-FF8E-4130-A9B6-26D515B1BB29} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {303B5590-0A8F-4842-A644-05F37CA2A35D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {315A3CF3-8770-4553-A69A-CA050A17D870} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {348393A3-AE90-4892-A74E-8D9858DECC1E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {35DB8F60-F718-42BF-B82F-A06AD3D554AF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {361E75C5-235D-4B15-BDC1-FDFC6DDD26C1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {3754170A-A0EE-4487-A91C-A4A21091F00C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-26] (AVAST Software)
Task: {37D62E5A-FC68-43D9-9F61-F80772C62260} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3AB6AAD0-E163-432D-90E2-D0D663D0C667} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {495F9580-648D-4F63-9E3D-642B5E890F33} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {4A5E042C-85C4-4FC5-AE63-D8D1878ECDFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {4C372658-AA9A-4CFC-ABD3-1EE8DEDEBE8F} - System32\Tasks\{65D2175E-5627-4599-AAAB-37B6B9C9AD0E} => pcalua.exe -a "C:\Users\23\Desktop\hp 6450b\x64\sp48629.exe" -d "C:\Users\23\Desktop\hp 6450b\x64"
Task: {4DF8ACEB-D8CF-4714-A64A-6F01148AA39A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {52677D9B-2D1A-49B5-B3DF-2683E257A77D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {54700F58-157A-4EE4-AF8D-147FF02C6F4D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {54F9E58E-3C03-431C-84E7-361DDF928F83} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {590F9432-6279-47C0-98D8-B78732520FA6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {5A874523-BC55-4BCA-8795-F68BD388C76A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {608361FB-3B25-4AE8-A9C7-1A72D06B12F3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {61F797FD-1C9D-4390-A002-45E48C02B081} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {65D38ACC-7B6E-4E5A-AA59-BB62ED5524AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {68D32361-6378-4378-8DA3-3D90A5C22028} - System32\Tasks\SafeZone scheduled Autoupdate 1451159433 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2015-12-01] (Avast Software)
Task: {69833916-CB17-421F-BF7B-0F4EF39D1A18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {6AA4E7E0-E9CC-494C-9FA4-5D247EF4823B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6CAB0F94-8DB7-4F37-B57F-87C461B3615C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {6D11591E-BC53-412E-805B-F88CAE90DE6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {6D3CDC83-1097-47CE-9AB5-27F1BF65162F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {738E7C0E-FAC2-4E7F-8DDA-507FC8A8E1EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7726AA0A-623A-43A6-9A20-B0366A872663} - System32\Tasks\WizMouse => C:\Program Files (x86)\WizMouse\WizMouseLaunch.exe [2013-09-22] ()
Task: {791EA26C-0569-4B5E-8559-5B53B14CF946} - System32\Tasks\{726D87C0-5922-49AB-93A0-F8E8FB98E173} => pcalua.exe -a "E:\hp 6450b\siec\sp49604.exe" -d "E:\hp 6450b\siec"
Task: {87DA5593-C75A-4558-9B70-9A2E23357599} - System32\Tasks\{5E013C0A-B422-4470-ABB6-88BB24CD5FBA} => pcalua.exe -a E:\Windows\setup.exe -d E:\
Task: {99E2CE6B-6C87-47AD-A978-FDDAE7176CEE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9B8DFF25-C945-4831-A49D-BDECA9D6586B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {A6681B35-C88A-42D1-849A-08CC39AFC5FA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {B0C1C514-887C-4A5D-A7DC-C3FEF46C240F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {B4880015-92C2-41D2-B2F3-29BF33270597} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {BB03729A-79D1-4134-8C1C-4207596D190A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C5C3855F-AD07-46F6-B123-1EEBD3F3B886} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C8A46762-5058-4000-AB5C-3B60737F52BC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {CF89BB85-3FBB-4D4E-843A-2B9F664A8B97} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {D493B7D6-E81E-4E4D-8205-A70E3621FD70} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DF67D783-7750-4640-A822-F713E86B4688} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-11] (Adobe Systems Incorporated)
Task: {E2E969E0-8C9A-4EA0-B7E0-36457DA04F74} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {E66B45FD-9B01-4B98-BF84-D35A5B7311B4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {EACA238C-BC7D-4A8B-817B-65DD2981431A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {EC0A8CD7-A65B-41DF-99BB-1EF987319E45} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {F2BDEC53-A1F1-4CB4-AD51-614C04A518A7} - System32\Tasks\{32264559-94A2-4573-9582-AE9879343630} => E:\SETUP.EXE
Task: {F5A9D4AD-72AC-4AA7-973C-E6FC7D24910C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {FB61947F-4637-41B9-BF7A-CFEE44F7338D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {FBC6E54C-6DCB-45FB-8102-9FEF30EE6C7B} - System32\Tasks\HPCeeScheduleFor23 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFor23.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-09-10 06:11 - 2015-09-10 06:11 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 06:12 - 2015-09-10 06:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-05-11 08:12 - 2015-05-11 08:12 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 04:13 - 2015-07-10 04:13 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 04:13 - 2015-09-10 06:11 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-08-24 20:41 - 2013-09-22 09:27 - 00119000 _____ () C:\Program Files (x86)\WizMouse\wizmouse.exe
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-16 10:39 - 2012-10-16 10:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2015-12-26 20:45 - 2015-12-26 20:45 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-28 01:23 - 2015-12-28 01:23 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122706\algo.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2013-12-18 16:51 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\08780756.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\08780756.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-08-31 21:27 - 00001132 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 62.179.1.63 - 62.179.1.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{2695EDC8-83CE-4B9D-9206-5CF0F596159D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4F1DE0F4-9F7C-43F2-B857-5756E8A7BC42}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [UDP Query User{34C8AC1F-B90A-404F-95CA-50ADADC9DA4E}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{248439DD-96A2-48BA-B7A1-419804CC9837}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{745C39D6-0975-4A6F-B077-B78CA3DAD67B}C:\games\stepmania 5\program\stepmania.exe] => (Allow) C:\games\stepmania 5\program\stepmania.exe
FirewallRules: [TCP Query User{EF8F3AD4-3B97-4B18-8269-D76D61DEFA42}C:\games\stepmania 5\program\stepmania.exe] => (Allow) C:\games\stepmania 5\program\stepmania.exe
FirewallRules: [{9BE691F5-4755-4AA2-A9CE-815ECB8F811C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{1CDFEA42-C01E-4EDD-AFFE-1C4735523E5A}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2110E87F-0C6C-4C8D-818F-8028E383AA81}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{60DC2009-51BB-4FB4-AEE1-B2F1B17C2E83}C:\program files (x86)\allmediaserver\mediaserver.exe] => (Allow) C:\program files (x86)\allmediaserver\mediaserver.exe
FirewallRules: [TCP Query User{B80E71B4-56AA-421B-917E-0ECB957A3B84}C:\program files (x86)\allmediaserver\mediaserver.exe] => (Allow) C:\program files (x86)\allmediaserver\mediaserver.exe
FirewallRules: [UDP Query User{D2BBA839-80DF-4204-8399-AC5DAA217BBC}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{BD990FAE-1B23-497C-99EB-BB3535A0E770}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{55A0B510-7580-4942-94F6-9C4AEC0C27A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3EC1A5A-1872-4CB8-B604-241C8C39936B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{07E476E9-CFE3-45CD-AFB0-1E6B2923201B}C:\users\23\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\23\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{D179683E-ECF0-44BC-9E25-9083BDDD414F}C:\users\23\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\23\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{E19BE58E-8635-4997-9997-17EF44C8FFEC}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{01ABBF5E-0D3F-4592-998F-90F45E78576F}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{A5109255-B936-4E62-9716-8502362800A5}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{D9FC9CAC-95CA-4FC7-A1E1-CD510969CDC6}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{D8347BE4-211D-45A6-9E99-66AE2EF78F45}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{73754E23-DFF9-4466-B809-B458F1E50D38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2977CF66-02D3-4B87-BA86-11237763A91C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1E31CB89-BCDC-40FF-80AD-2D6E870FFE41}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4BC88EA-67B9-4EEC-8B9B-7150E1387429}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{66114C3E-E80A-4155-9867-CCBF6818F85E}] => (Allow) C:\Users\23\AppData\Local\Temp\nspA25.tmp\Installer-76060148.exe
FirewallRules: [{19C9CDB7-1B7D-4CB5-937F-D78E4BEBCA96}] => (Allow) C:\Users\23\AppData\Local\Temp\nspA25.tmp\Installer-76060148.exe
FirewallRules: [{0E3F70DA-F447-4FCA-AE0C-62AF79557A8F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{07B5B969-A07C-4E0C-ACEE-FD61733F7D85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5BB547C4-89C0-4DDB-A5F6-A48D3820CF01}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4B545A52-8C65-4921-97E2-205B40CFE508}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A4265CF3-2585-44E8-AD08-2C0CE2C78140}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8B1742AA-2474-444D-B94E-612126B76709}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4404E19C-EFB4-48ED-AECD-3427ECA97568}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{34D5CD25-0796-4CE4-A314-54375C5AADA2}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe

==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/28/2015 03:40:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SystemSettings.exe, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f39ae
Nazwa modułu powodującego błąd: MusUpdateHandlers.dll, wersja: 10.0.10240.16590, sygnatura czasowa: 0x563ad6f2
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x000000000002a526
Identyfikator procesu powodującego błąd: 0x18b8
Godzina uruchomienia aplikacji powodującej błąd: 0xSystemSettings.exe0
Ścieżka aplikacji powodującej błąd: SystemSettings.exe1
Ścieżka modułu powodującego błąd: SystemSettings.exe2
Identyfikator raportu: SystemSettings.exe3
Pełna nazwa pakietu powodującego błąd: SystemSettings.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SystemSettings.exe5

Error: (12/28/2015 03:40:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SystemSettings.exe, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f39ae
Nazwa modułu powodującego błąd: MusUpdateHandlers.dll, wersja: 10.0.10240.16590, sygnatura czasowa: 0x563ad6f2
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x000000000002c841
Identyfikator procesu powodującego błąd: 0x1d24
Godzina uruchomienia aplikacji powodującej błąd: 0xSystemSettings.exe0
Ścieżka aplikacji powodującej błąd: SystemSettings.exe1
Ścieżka modułu powodującego błąd: SystemSettings.exe2
Identyfikator raportu: SystemSettings.exe3
Pełna nazwa pakietu powodującego błąd: SystemSettings.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SystemSettings.exe5

Error: (12/28/2015 02:36:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 43.0.2.5833, sygnatura czasowa: 0x5678a0b1
Nazwa modułu powodującego błąd: mozglue.dll, wersja: 43.0.2.5833, sygnatura czasowa: 0x567893a6
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000ed36
Identyfikator procesu powodującego błąd: 0x1d9c
Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0
Ścieżka aplikacji powodującej błąd: plugin-container.exe1
Ścieżka modułu powodującego błąd: plugin-container.exe2
Identyfikator raportu: plugin-container.exe3
Pełna nazwa pakietu powodującego błąd: plugin-container.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: plugin-container.exe5

Error: (12/28/2015 01:32:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: DllHost.exe, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f39e9
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655363f
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000000000035b6b
Identyfikator procesu powodującego błąd: 0x1958
Godzina uruchomienia aplikacji powodującej błąd: 0xDllHost.exe0
Ścieżka aplikacji powodującej błąd: DllHost.exe1
Ścieżka modułu powodującego błąd: DllHost.exe2
Identyfikator raportu: DllHost.exe3
Pełna nazwa pakietu powodującego błąd: DllHost.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: DllHost.exe5

Error: (12/27/2015 11:59:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: aswmbr.exe, wersja: 1.0.1.2290, sygnatura czasowa: 0x54b4df14
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.10240.16603, sygnatura czasowa: 0x565531ee
Kod wyjątku: 0xc0000374
Przesunięcie błędu: 0x000d5aac
Identyfikator procesu powodującego błąd: 0x1cac
Godzina uruchomienia aplikacji powodującej błąd: 0xaswmbr.exe0
Ścieżka aplikacji powodującej błąd: aswmbr.exe1
Ścieżka modułu powodującego błąd: aswmbr.exe2
Identyfikator raportu: aswmbr.exe3
Pełna nazwa pakietu powodującego błąd: aswmbr.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: aswmbr.exe5

Error: (12/27/2015 02:45:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0xbc0
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5

Error: (12/27/2015 02:45:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0xbec
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5

Error: (12/27/2015 02:45:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 23-Komputer)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (12/27/2015 02:45:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x6c8
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5

Error: (12/27/2015 02:44:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x94c
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5

System errors:
=============
Error: (12/28/2015 03:45:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dostęp do danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/28/2015 03:45:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Magazyn danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/28/2015 03:45:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dane kontaktowe_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/28/2015 03:45:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Synchronizuj hosta_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/28/2015 02:36:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Adapter odbiornika Net.Tcp zależy od usługi Usługa udostępniania portów Net.Tcp, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (12/28/2015 02:36:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dostęp do danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/28/2015 02:36:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Magazyn danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/28/2015 02:36:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dane kontaktowe_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/28/2015 02:36:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Synchronizuj hosta_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/28/2015 02:36:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Instalator Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU M 640 @ 2.80GHz
Percentage of memory in use: 51%
Total physical RAM: 3887.43 MB
Available physical RAM: 1874.8 MB
Total Virtual: 7855.43 MB
Available Virtual: 5609.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.85 GB) (Free:146.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: DC3E8E25)
Partition 1: (Active) - (Size=283 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

Broni · Dec 28, 2015

Let's finish cleaning process and we'll see how it goes.

FRST.txt log is incomplete. Upper part is missing.

studentoo · Dec 29, 2015

Sorry, both logs once more:

studentoo · Dec 29, 2015

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-12-2015
Ran by 23 (administrator) on 23-KOMPUTER (29-12-2015 09:13:28)
Running from C:\Users\23\Desktop\FRST
Loaded Profiles: 23 (Available Profiles: 23 & DefaultAppPool)
Platform: Windows 10 Pro (X64) Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(RemoteMyApp sp. z o.o.) C:\Program Files (x86)\Remotr\RemotrService.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files (x86)\WizMouse\WizMouse.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Spotify Ltd) C:\Users\23\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Farbar) C:\Users\23\Desktop\FRST\EnglishFRST64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2015-12-27] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [489472 2015-12-27] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074088 2015-09-03] (The Eraser Project)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111488 2012-10-25] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-26] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Run: [Spotify Web Helper] => C:\Users\23\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-18] (Spotify Ltd)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-26] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62
Tcpip\..\Interfaces\{58298876-790e-4a3a-a79c-5932a9fe9347}: [DhcpNameServer] 62.179.1.63 62.179.1.62
Tcpip\..\Interfaces\{c81e9160-154d-44f4-ab75-883bc2b20657}: [DhcpNameServer] 62.179.1.63 62.179.1.62

Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-26] (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-26] (AVAST Software)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)

FireFox:
========
FF ProfilePath: C:\Users\23\AppData\Roaming\Mozilla\Firefox\Profiles\j6u10kzu.default-1451172253476
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-11] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2662073481-3153093023-2327895656-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Extension: British English Dictionary (Forked by Marco Pinto) - C:\Users\23\AppData\Roaming\Mozilla\Firefox\Profiles\j6u10kzu.default-1451172253476\Extensions\marcoagpinto@mail.telepac.pt [2015-12-28]
FF Extension: Adblock Plus - C:\Users\23\AppData\Roaming\Mozilla\Firefox\Profiles\j6u10kzu.default-1451172253476\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-27]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-09-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-26]

Chrome:
=======
CHR Profile: C:\Users\23\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-31]
CHR Extension: (Dysk Google) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Google Search) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-05]
CHR Extension: (Avast Online Security) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-27]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-31]
CHR Extension: (Gmail) - C:\Users\23\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-31]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-26]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-26] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109520 2015-12-26] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5561368 2015-12-26] (Avast Software)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-13] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Remotr Service; C:\Program Files (x86)\Remotr\RemotrService.exe [181328 2015-12-11] (RemoteMyApp sp. z o.o.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-12-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-26] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [466400 2015-12-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-26] (AVAST Software)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [147088 2015-12-26] (AVAST Software)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30848 2015-12-28] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [310904 2015-12-26] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-29 09:11 - 2015-12-29 09:11 - 00016148 _____ C:\WINDOWS\system32\23-KOMPUTER_23_HistoryPrediction.bin
2015-12-28 12:52 - 2015-12-28 12:52 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-28 12:50 - 2015-12-28 12:52 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-28 02:38 - 2015-12-28 02:38 - 00000952 _____ C:\Users\23\Desktop\AdwCleaner[C2].txt
2015-12-28 02:36 - 2015-12-28 03:40 - 00000000 ____D C:\Users\23\AppData\Local\CrashDumps
2015-12-28 02:28 - 2015-12-28 02:32 - 00001142 _____ C:\Users\23\Desktop\anti_malware.txt
2015-12-28 01:58 - 2015-12-28 01:58 - 00024106 _____ C:\Users\23\Desktop\rk_6A6A.tmp.txt
2015-12-28 01:57 - 2015-12-28 01:57 - 00025202 _____ C:\Users\23\Documents\rk_6A6A.tmp.txt
2015-12-28 01:15 - 2015-12-28 01:43 - 00030848 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-12-28 01:15 - 2015-12-28 01:15 - 20834888 _____ C:\Users\23\Downloads\RogueKiller.exe
2015-12-28 01:15 - 2015-12-28 01:15 - 00000000 ____D C:\ProgramData\RogueKiller
2015-12-28 00:46 - 2015-12-29 09:13 - 00000000 ____D C:\Users\23\Desktop\FRST
2015-12-27 23:34 - 2015-12-27 23:34 - 00002008 _____ C:\Users\23\Desktop\aswMBR.txt
2015-12-27 23:34 - 2015-12-27 23:34 - 00000512 _____ C:\Users\23\Desktop\MBR.dat
2015-12-27 23:32 - 2015-12-27 23:32 - 05200384 _____ (AVAST Software) C:\Users\23\Downloads\aswmbr.exe
2015-12-27 23:22 - 2015-12-27 23:30 - 01963470 _____ C:\TDSSKiller.3.1.0.9_27.12.2015_23.22.54_log.txt
2015-12-27 23:16 - 2015-12-27 23:17 - 64118784 _____ C:\Users\23\Downloads\Synology Cloud Station-3.2-3497.msi
2015-12-27 22:48 - 2015-12-27 22:48 - 00000000 ____D C:\Users\23\AppData\Local\PeerDistRepub
2015-12-27 22:44 - 2015-12-27 22:44 - 02738112 _____ (Sunrise Software ) C:\Users\23\Downloads\Sunrise_Seven_1.2.build.61.signed.exe
2015-12-27 22:23 - 2015-12-29 09:13 - 00000000 ____D C:\FRST
2015-12-27 20:48 - 2015-12-27 20:48 - 95364424 _____ (Kaspersky Lab ZAO) C:\Users\23\Downloads\KVRT.exe
2015-12-27 20:28 - 2015-12-27 20:28 - 217812536 _____ (COMODO) C:\Users\23\Downloads\cmd_fw_installer_6113_c7.exe.part
2015-12-27 20:26 - 2015-12-27 23:22 - 00004298 _____ C:\TDSSKiller.3.1.0.9_27.12.2015_20.26.22_log.txt
2015-12-27 19:55 - 2015-12-27 19:55 - 08883992 _____ (PortableApps.com) C:\Users\23\Downloads\ClamWinPortable_0.98.7_English.paf.exe
2015-12-27 19:55 - 2015-12-27 19:55 - 00000000 ____D C:\Users\23\Downloads\ClamWinPortable
2015-12-27 19:39 - 2015-12-27 19:39 - 00000541 _____ C:\Users\23\Documents\Dysk lokalny (C) — skrót.lnk
2015-12-27 14:47 - 2015-12-27 14:47 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Ustawienia lokalne
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Szablony
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Moje dokumenty
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Menu Start
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moje wideo
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moje obrazy
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moja muzyka
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\Dane aplikacji
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Historia
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Dane aplikacji
2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 ____D C:\Users\DefaultAppPool
2015-12-27 14:47 - 2015-12-27 02:44 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2015-12-27 14:47 - 2015-12-27 02:44 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2015-12-27 14:47 - 2015-12-27 02:44 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2015-12-27 13:59 - 2015-12-27 13:59 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-12-27 13:58 - 2015-12-27 13:58 - 00000000 ____D C:\WINDOWS\pss
2015-12-27 03:05 - 2015-12-27 03:06 - 00002443 _____ C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-27 03:05 - 2015-12-27 03:06 - 00000000 ___RD C:\Users\23\OneDrive
2015-12-27 03:05 - 2015-12-27 03:05 - 00000000 ____D C:\Users\23\AppData\Local\Comms
2015-12-27 03:03 - 2015-12-27 14:56 - 00000000 ____D C:\Users\23\AppData\Local\Packages
2015-12-27 03:03 - 2015-12-27 03:03 - 00000020 ___SH C:\Users\23\ntuser.ini
2015-12-27 03:03 - 2015-12-27 03:03 - 00000000 ____D C:\Users\23\AppData\Local\TileDataLayer
2015-12-27 03:03 - 2015-12-27 03:03 - 00000000 ____D C:\Users\23\AppData\Local\Publishers
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Ustawienia lokalne
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Szablony
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Moje dokumenty
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Menu Start
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Documents\Moje wideo
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Documents\Moje obrazy
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Documents\Moja muzyka
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\Dane aplikacji
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historia
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dane aplikacji
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\Documents\Moje wideo
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\Documents\Moje obrazy
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\Documents\Moja muzyka
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historia
2015-12-27 02:48 - 2015-12-27 02:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dane aplikacji
2015-12-27 02:47 - 2015-12-27 02:47 - 00023044 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-27 02:44 - 2015-12-27 02:44 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-12-27 02:44 - 2015-12-27 02:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-12-27 02:43 - 2015-12-27 02:43 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-12-27 02:42 - 2015-12-28 02:43 - 02119218 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-27 02:42 - 2015-12-27 03:05 - 00000000 ____D C:\Users\23
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Ustawienia lokalne
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Szablony
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Moje dokumenty
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Menu Start
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Documents\Moje wideo
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Documents\Moje obrazy
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Documents\Moja muzyka
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\Dane aplikacji
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\AppData\Local\Historia
2015-12-27 02:42 - 2015-12-27 02:42 - 00000000 _SHDL C:\Users\23\AppData\Local\Dane aplikacji
2015-12-27 02:41 - 2015-12-27 02:45 - 00000000 ____D C:\Program Files\IDT
2015-12-27 02:41 - 2015-12-27 02:41 - 02023640 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-12-27 02:41 - 2015-12-27 02:41 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2015-12-27 02:41 - 2015-12-27 02:41 - 00001722 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDT HD Audio.lnk
2015-12-27 02:41 - 2015-12-27 02:41 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-12-27 02:41 - 2015-12-27 02:41 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-12-27 02:41 - 2015-12-27 02:41 - 00000000 ____D C:\Program Files\Synaptics
2015-12-27 02:41 - 2015-12-27 02:41 - 00000000 ____D C:\Program Files\LSI SoftModem
2015-12-27 02:41 - 2015-12-27 01:29 - 12861952 _____ (IDT, Inc.) C:\WINDOWS\system32\idtcpl64.cpl
2015-12-27 02:41 - 2015-12-27 01:29 - 01952256 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2015-12-27 02:41 - 2015-12-27 01:29 - 00489472 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2015-12-27 02:41 - 2015-12-27 01:29 - 00442368 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTEC64.dll
2015-12-27 02:41 - 2015-12-27 01:29 - 00162816 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAC64.dll
2015-12-27 02:41 - 2015-12-27 01:29 - 00090624 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTCo64.dll
2015-12-27 02:41 - 2015-12-27 01:29 - 00068608 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAR64.dll
2015-12-27 02:39 - 2015-12-28 12:54 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-27 02:36 - 2015-12-27 02:36 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-12-27 02:36 - 2015-12-27 02:36 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-12-27 02:36 - 2015-12-27 02:36 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-12-27 02:36 - 2015-12-27 02:36 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-27 02:36 - 2015-12-27 02:36 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-27 02:36 - 2015-12-27 02:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-27 02:36 - 2015-12-27 02:36 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll

studentoo · Dec 29, 2015

2015-12-27 02:36 - 2015-12-27 02:36 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-12-27 02:36 - 2015-12-27 02:36 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-27 02:36 - 2015-12-27 02:36 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-27 02:33 - 2015-12-27 02:33 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-27 02:31 - 2015-12-27 02:45 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\Program Files\MSBuild
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-27 02:31 - 2015-12-27 02:31 - 00000000 ____D C:\inetpub
2015-12-27 02:31 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-27 02:31 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-27 02:31 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-27 02:31 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-27 02:31 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-27 02:31 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-27 01:52 - 2015-12-28 23:17 - 00003224 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFor23
2015-12-27 01:52 - 2015-12-28 23:17 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleFor23.job
2015-12-27 01:51 - 2015-12-27 01:51 - 08507392 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\NETwNs64.sys
2015-12-27 01:46 - 2015-12-29 01:07 - 00000000 ____D C:\Users\23\Desktop\Inbox
2015-12-27 01:37 - 2015-12-27 01:37 - 01379376 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-12-27 01:37 - 2015-12-27 01:37 - 00400168 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00270632 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCtrl.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00215336 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00214312 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCtrl.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00173352 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCOM.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00147752 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo4.dll
2015-12-27 01:37 - 2015-12-27 01:37 - 00107816 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynTPCOM.dll
2015-12-27 01:35 - 2015-12-27 01:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_AMPPAL_01009.Wdf
2015-12-27 01:35 - 2015-12-27 01:35 - 00000000 ____D C:\Program Files\Intel
2015-12-27 01:34 - 2015-12-27 01:33 - 03381008 _____ (Intel Corporation) C:\WINDOWS\system32\Netwrw00.dll
2015-12-27 01:34 - 2015-12-27 01:33 - 00885520 _____ (Intel Corporation) C:\WINDOWS\system32\Netwcw00.dll
2015-12-27 01:31 - 2015-12-28 03:33 - 00000000 ____D C:\AdwCleaner
2015-12-27 01:31 - 2011-05-04 17:20 - 00340656 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e1k62x64.sys
2015-12-27 01:31 - 2011-04-08 01:27 - 00094912 _____ (Intel Corporation) C:\WINDOWS\system32\NicInstK.dll
2015-12-27 01:31 - 2011-04-08 01:14 - 00068264 _____ (Intel Corporation) C:\WINDOWS\system32\e1kmsg.dll
2015-12-27 01:31 - 2009-10-09 11:43 - 00003143 _____ C:\WINDOWS\system32\e1k62x64.din
2015-12-27 01:31 - 2009-05-26 10:05 - 00036472 _____ (Intel Corporation) C:\WINDOWS\system32\NicCo36.dll
2015-12-27 01:30 - 2015-12-27 13:59 - 01743360 _____ C:\Users\23\Desktop\AdwCleaner.exe
2015-12-27 01:29 - 2015-12-27 01:29 - 01484288 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2015-12-27 01:29 - 2015-12-27 01:29 - 00651264 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2015-12-27 01:29 - 2015-12-27 01:29 - 00515584 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2015-12-27 01:29 - 2015-12-27 01:29 - 00431616 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll
2015-12-27 01:29 - 2015-12-27 01:29 - 00219648 _____ (IDT, Inc.) C:\WINDOWS\system32\staco64.dll
2015-12-27 01:23 - 2015-12-27 01:52 - 00000000 ____D C:\Users\23\AppData\Local\Hewlett-Packard
2015-12-27 01:22 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-12-27 01:21 - 2015-12-27 01:48 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-12-27 01:20 - 2015-12-27 01:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-12-27 00:21 - 2015-12-27 00:21 - 19733696 _____ (Microsoft Corporation) C:\Users\23\Downloads\MediaCreationToolx64.exe
2015-12-27 00:21 - 2015-12-27 00:21 - 00000000 ___HD C:\$Windows.~WS
2015-12-27 00:00 - 2015-12-27 00:00 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urządzenia interfejsu Bluetooth
2015-12-26 22:39 - 2015-12-28 02:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-26 22:39 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-26 22:39 - 2015-12-26 22:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-26 22:39 - 2015-12-26 22:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-26 22:39 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-26 22:39 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-26 22:39 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-26 22:36 - 2015-12-26 23:55 - 00882346 _____ C:\WINDOWS\ntbtlog.txt
2015-12-26 21:49 - 2015-12-27 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-12-26 21:49 - 2015-12-27 14:47 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-12-26 21:13 - 2015-12-27 02:43 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-12-26 20:50 - 2015-12-27 02:47 - 00003216 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1451159433
2015-12-26 20:50 - 2015-12-26 20:50 - 00001037 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2015-12-26 20:50 - 2015-12-26 20:50 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2015-12-26 20:49 - 2015-12-26 20:49 - 00147088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
2015-12-26 20:49 - 2015-12-26 20:49 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-12-26 20:49 - 2015-12-26 20:46 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-26 20:47 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-26 20:47 - 2015-12-26 20:47 - 00000000 ____D C:\Users\23\AppData\Roaming\AVAST Software
2015-12-26 20:46 - 2015-12-27 03:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2015-12-26 20:46 - 2015-12-27 02:47 - 00004292 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-26 20:46 - 2015-12-26 20:46 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-26 20:46 - 2015-12-26 20:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-26 20:46 - 2015-12-26 20:45 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-26 20:45 - 2015-12-26 20:45 - 00466400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-12-26 20:45 - 2015-12-26 20:45 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-12-26 20:44 - 2015-12-26 20:49 - 00000000 ____D C:\Program Files\AVAST Software
2015-12-26 20:43 - 2015-12-26 20:49 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-26 20:43 - 2015-12-26 20:43 - 05037264 _____ (AVAST Software) C:\Users\23\Downloads\avast_premier_antivirus_setup_online.exe
2015-12-26 20:38 - 2015-12-26 20:39 - 00398376 _____ C:\Users\23\Downloads\chaggington-veselie-parovoziki--chuggington-s01-04-01-118-iz-118-2008-2014-dvdrip-bdrip--litcenziya.exe
2015-12-26 20:34 - 2015-12-26 20:34 - 00398376 _____ C:\Users\23\Downloads\krot--krtek--62-serii-zhdanek-miler--zdenek-miler-1957-g.exe
2015-12-24 14:09 - 2015-12-26 21:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-23 14:54 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Where Is It
2015-12-23 14:54 - 2015-12-23 15:21 - 00000000 ____D C:\Users\23\Documents\WhereIsIt Catalogs
2015-12-23 14:54 - 2015-12-23 14:54 - 00000000 ____D C:\ProgramData\WhereIsIt
2015-12-23 14:54 - 2015-12-23 14:54 - 00000000 ____D C:\Program Files (x86)\WhereIsIt
2015-12-23 14:53 - 2015-12-23 14:53 - 08417936 _____ (WhereIsIt Soft ) C:\Users\23\Downloads\WhereIsIt-2014-Setup.exe
2015-12-23 13:05 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pathsync
2015-12-23 13:05 - 2015-12-23 13:05 - 00155403 _____ C:\Users\23\Downloads\pathsync04BETA-install.exe
2015-12-23 13:05 - 2015-12-23 13:05 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pathsync
2015-12-23 13:05 - 2015-12-23 13:05 - 00000000 ____D C:\Program Files (x86)\PathSync
2015-12-23 13:01 - 2015-12-23 13:01 - 00002683 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBZync.lnk
2015-12-23 13:01 - 2015-12-23 13:01 - 00000000 ____D C:\Program Files\MOBZystems
2015-12-23 13:00 - 2015-12-23 13:00 - 00483328 _____ C:\Users\23\Downloads\MOBZyncSetup 0.9.2 (64-bit).msi
2015-12-21 10:49 - 2015-12-21 10:52 - 323598164 _____ C:\Users\23\Downloads\Strawberry Steps.zip
2015-12-21 10:45 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania 5.0.10
2015-12-21 10:45 - 2015-12-21 10:45 - 00000000 ____D C:\Users\23\AppData\Roaming\StepMania 5
2015-12-21 10:45 - 2015-12-21 10:45 - 00000000 ____D C:\Games
2015-12-21 10:44 - 2015-12-21 10:44 - 56616889 _____ C:\Users\23\Downloads\STEPMANIA sierpień 2012.zip
2015-12-21 10:42 - 2015-12-21 10:42 - 51592682 _____ C:\Users\23\Downloads\StepMania-5.0.10-win32.exe
2015-12-17 23:03 - 2015-12-17 23:03 - 00012592 _____ C:\Users\23\Downloads\[KinoGB.net]torrent_252261.torrent
2015-12-11 21:22 - 2015-12-11 21:22 - 00011890 _____ C:\Users\23\Downloads\[kat.cr]peppa.pig.series.4.eps.1.13.torrent
2015-12-11 21:13 - 2015-12-11 21:13 - 00000000 ____D C:\22e07cf1319afcec20f070
2015-12-08 22:31 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-12-08 22:30 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2015-12-08 22:30 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-12-08 22:30 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-12-05 21:06 - 2015-12-05 21:06 - 293988966 _____ C:\Users\23\Downloads\20151115_184837.mp4
2015-12-04 00:18 - 2015-12-04 00:18 - 00000218 _____ C:\Users\23\AppData\Local\recently-used.xbel
2015-12-04 00:17 - 2015-12-04 00:17 - 00000000 ____D C:\Users\23\AppData\Roaming\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1
2015-12-04 00:17 - 2015-12-04 00:17 - 00000000 ____D C:\Users\23\AppData\Roaming\com.livebrush
2015-12-04 00:08 - 2015-12-04 00:08 - 00000034 _____ C:\Users\23\AppData\Roaming\AdobeWLCMCache.dat
2015-12-03 23:57 - 2015-12-03 23:57 - 00000000 ____D C:\Users\23\AppData\Local\fontconfig
2015-12-03 23:56 - 2015-12-03 23:56 - 00000000 ____D C:\Users\23\AppData\Roaming\inkscape
2015-12-03 23:49 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.91
2015-12-03 23:49 - 2015-12-03 23:49 - 00000000 ____D C:\Users\23\AppData\Roaming\wacomid-desktop-launcher
2015-12-03 23:49 - 2015-12-03 23:49 - 00000000 ____D C:\Program Files\Inkscape
2015-12-03 23:48 - 2015-12-03 23:48 - 97868152 _____ C:\Users\23\Downloads\inkscape-0.91-x64.msi
2015-12-03 23:16 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____D C:\Users\23\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____D C:\Users\23\AppData\Roaming\Wacom
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____D C:\ProgramData\Wacom
2015-12-03 23:16 - 2015-12-03 23:16 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-03 23:15 - 2015-12-27 02:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2015-12-03 23:15 - 2015-12-03 23:16 - 00000000 ____D C:\Program Files (x86)\Bamboo Dock
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\Users\23\AppData\Roaming\WTablet
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\Program Files\TabletPlugins
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\Program Files\Tablet
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2015-12-03 23:15 - 2014-01-13 07:24 - 01913624 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Tablet.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01906968 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Touch_Tablet.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01780504 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\WacomMT.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01778968 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wintab32.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01551640 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Tablet.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01544472 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Touch_Tablet.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01432344 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\WacomMT.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01428248 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wintab32.dll
2015-11-29 23:17 - 2015-11-29 23:17 - 03420244 _____ (OpenSubtitles.org ) C:\Users\23\Downloads\OSDownloader.exe
2015-11-29 15:29 - 2015-11-29 15:32 - 00000765 _____ C:\Users\23\Desktop\keymap.xml
2015-11-29 15:26 - 2015-12-28 12:20 - 00000000 ____D C:\Users\23\AppData\Roaming\Notepad++
2015-11-29 15:26 - 2015-12-27 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-11-29 15:26 - 2015-11-29 15:26 - 04119231 _____ C:\Users\23\Downloads\npp.6.8.7.Installer.exe
2015-11-29 15:26 - 2015-11-29 15:26 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-11-29 15:26 - 2015-11-29 15:26 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-11-29 15:24 - 2015-11-29 15:24 - 06539752 _____ (Tim Kosse) C:\Users\23\Downloads\FileZilla_3.14.1_win64-setup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-29 09:12 - 2015-08-24 20:42 - 00002754 _____ C:\WINDOWS\System32\Tasks\WizMouse
2015-12-29 09:11 - 2014-08-14 12:09 - 00001044 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-29 00:32 - 2014-08-14 12:09 - 00001048 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-29 00:20 - 2014-08-14 12:01 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-28 23:16 - 2015-07-30 23:40 - 00000000 ____D C:\WINDOWS\INF
2015-12-28 14:29 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-28 11:46 - 2015-07-10 10:47 - 00000000 ____D C:\Windows
2015-12-28 11:33 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-28 02:43 - 2015-09-10 06:09 - 00918262 _____ C:\WINDOWS\system32\perfh015.dat
2015-12-28 02:43 - 2015-09-10 06:09 - 00202138 _____ C:\WINDOWS\system32\perfc015.dat
2015-12-28 02:36 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-28 02:36 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-12-28 02:26 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-12-27 20:40 - 2015-08-25 20:14 - 00000000 ____D C:\Download
2015-12-27 19:43 - 2015-09-09 20:01 - 00000000 ____D C:\_Private
2015-12-27 15:45 - 2015-07-30 23:42 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-27 14:56 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-27 13:56 - 2015-07-30 22:49 - 05011968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-27 13:32 - 2015-08-30 13:06 - 00000000 ____D C:\Users\23\AppData\Roaming\vlc
2015-12-27 03:22 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-27 03:03 - 2015-09-10 06:57 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-27 02:49 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-12-27 02:48 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Windows NT
2015-12-27 02:47 - 2015-09-16 00:10 - 00003200 _____ C:\WINDOWS\System32\Tasks\{5E013C0A-B422-4470-ABB6-88BB24CD5FBA}
2015-12-27 02:47 - 2015-09-06 09:44 - 00003042 _____ C:\WINDOWS\System32\Tasks\{32264559-94A2-4573-9582-AE9879343630}
2015-12-27 02:47 - 2015-08-24 21:24 - 00010449 _____ C:\WINDOWS\diagerr.xml
2015-12-27 02:47 - 2015-08-24 21:24 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-12-27 02:47 - 2015-07-30 23:42 - 00000000 __RSD C:\WINDOWS\Media
2015-12-27 02:47 - 2015-07-30 23:42 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-27 02:47 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Registration
2015-12-27 02:47 - 2014-08-14 12:09 - 00004154 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-27 02:47 - 2014-08-14 12:09 - 00003902 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-27 02:47 - 2014-08-14 12:01 - 00003978 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-27 02:47 - 2013-12-19 09:45 - 00003250 _____ C:\WINDOWS\System32\Tasks\{726D87C0-5922-49AB-93A0-F8E8FB98E173}
2015-12-27 02:47 - 2013-12-18 16:53 - 00003314 _____ C:\WINDOWS\System32\Tasks\{65D2175E-5627-4599-AAAB-37B6B9C9AD0E}
2015-12-27 02:45 - 2015-11-28 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-12-27 02:45 - 2015-11-23 01:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLMediaServer
2015-12-27 02:45 - 2015-11-22 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-12-27 02:45 - 2015-11-11 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
2015-12-27 02:45 - 2015-10-28 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGFlashTool
2015-12-27 02:45 - 2015-10-20 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG One Click Root
2015-12-27 02:45 - 2015-10-19 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2015-12-27 02:45 - 2015-10-14 00:06 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-12-27 02:45 - 2015-09-26 17:24 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-12-27 02:45 - 2015-09-26 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl
2015-12-27 02:45 - 2015-09-22 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter
2015-12-27 02:45 - 2015-09-22 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2015-12-27 02:45 - 2015-09-21 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2015-12-27 02:45 - 2015-09-15 23:54 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vmToolkit
2015-12-27 02:45 - 2015-09-15 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remotr
2015-12-27 02:45 - 2015-09-11 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2015-12-27 02:45 - 2015-09-10 06:29 - 00000000 ____D C:\WINDOWS\ShellNew
2015-12-27 02:45 - 2015-09-08 00:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-27 02:45 - 2015-09-06 09:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DreamWorks
2015-12-27 02:45 - 2015-08-30 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-27 02:45 - 2015-08-30 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-27 02:45 - 2015-08-24 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WizMouse
2015-12-27 02:45 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-27 02:45 - 2014-08-14 12:44 - 00000000 ____D C:\Users\23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-27 02:45 - 2014-08-14 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-27 02:45 - 2014-08-14 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-27 02:45 - 2013-12-18 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-12-27 02:45 - 2013-12-18 16:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-27 02:44 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2015-12-27 02:43 - 2015-09-23 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-12-27 02:43 - 2015-08-24 20:42 - 00000000 ____D C:\Program Files\WIDCOMM
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\IME
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\schemas
2015-12-27 02:43 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-27 02:43 - 2014-08-14 11:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-27 02:43 - 2011-04-12 14:32 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-12-27 02:43 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-12-27 02:41 - 2015-07-10 10:47 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-27 02:39 - 2015-07-30 23:42 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-27 02:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-12-27 02:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-27 02:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-27 02:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-27 02:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-27 02:31 - 2015-07-10 06:13 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-12-27 02:31 - 2015-07-10 06:02 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-12-27 02:31 - 2015-07-10 04:36 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-12-27 02:31 - 2015-07-10 04:36 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-12-27 02:31 - 2015-07-10 04:36 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-12-27 02:31 - 2015-07-10 04:36 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-12-27 02:31 - 2015-07-10 04:36 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-12-27 02:31 - 2015-07-10 04:36 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-12-27 02:31 - 2015-07-10 04:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-12-27 02:31 - 2015-07-10 04:26 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-12-27 02:31 - 2015-07-10 04:25 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-12-27 02:31 - 2015-07-10 04:25 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-12-27 02:31 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-12-27 02:31 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-12-27 02:31 - 2015-07-10 04:25 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-12-27 02:31 - 2015-07-10 04:25 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-12-27 02:31 - 2015-07-10 04:25 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-12-27 02:31 - 2015-07-10 04:25 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-12-27 02:31 - 2015-07-10 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-12-27 02:31 - 2015-07-10 04:20 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-12-27 02:04 - 2009-07-14 05:45 - 00021904 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-27 02:04 - 2009-07-14 05:45 - 00021904 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-27 01:53 - 2013-12-18 16:38 - 00000000 ____D C:\swsetup
2015-12-27 01:42 - 2015-11-26 22:52 - 00000000 ____D C:\Users\23\AppData\Local\Spotify
2015-12-27 01:42 - 2015-11-26 22:51 - 00000000 ____D C:\Users\23\AppData\Roaming\Spotify
2015-12-27 01:41 - 2015-09-26 16:53 - 00000000 ____D C:\Users\23\AppData\Local\ChomikBox
2015-12-27 01:40 - 2015-09-26 16:53 - 00000000 ____D C:\Users\23\.gstreamer-0.10
2015-12-27 01:22 - 2013-12-18 16:52 - 00000000 ____D C:\Users\23\AppData\Roaming\Hewlett-Packard
2015-12-27 01:22 - 2013-12-18 16:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-27 01:21 - 2013-12-18 16:52 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-12-27 01:21 - 2013-12-18 16:41 - 00110424 _____ C:\Users\23\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-27 01:20 - 2013-12-18 16:51 - 00000000 ____D C:\Users\23\AppData\Roaming\hpqLog
2015-12-27 01:13 - 2015-08-25 20:13 - 00000000 ____D C:\Users\23\AppData\Roaming\uTorrent
2015-12-26 23:00 - 2015-09-13 13:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-26 21:14 - 2015-08-25 20:36 - 00000000 ____D C:\Users\23\AppData\Local\Adobe
2015-12-26 20:51 - 2014-08-14 12:06 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-26 20:45 - 2014-08-14 12:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-23 21:19 - 2015-11-11 20:46 - 00000000 ____D C:\_Mega_synchronizacja
2015-12-23 14:51 - 2013-12-18 16:26 - 00000000 ____D C:\Users\23\AppData\Local\VirtualStore
2015-12-19 23:01 - 2015-11-11 20:45 - 00000000 ____D C:\Users\23\Documents\MEGAsync
2015-12-17 21:31 - 2015-11-11 20:44 - 00000000 ____D C:\ProgramData\MEGAsync
2015-12-12 03:18 - 2015-09-08 00:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-12 03:18 - 2015-09-08 00:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-12 03:02 - 2015-08-30 21:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-11 21:15 - 2015-09-15 23:17 - 00000000 ____D C:\Program Files (x86)\Remotr
2015-12-11 21:13 - 2014-08-14 11:47 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-09 04:39 - 2010-11-21 04:27 - 00301728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-03 23:16 - 2015-08-25 20:37 - 00000000 ____D C:\ProgramData\Adobe
2015-12-03 23:15 - 2014-08-14 12:05 - 00000000 ____D C:\Users\23\AppData\Roaming\Adobe
2015-12-01 01:32 - 2015-07-30 23:43 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-29 17:44 - 2015-09-22 17:39 - 00000000 ____D C:\Users\23\AppData\Roaming\FileZilla
2015-11-29 16:01 - 2015-09-22 17:50 - 00000600 _____ C:\Users\23\AppData\Local\PUTTY.RND

==================== Files in the root of some directories =======

2015-12-04 00:08 - 2015-12-04 00:08 - 0000034 _____ () C:\Users\23\AppData\Roaming\AdobeWLCMCache.dat
2015-09-22 18:07 - 2015-09-22 18:07 - 0000600 _____ () C:\Users\23\AppData\Roaming\PUTTY.RND
2015-09-26 18:19 - 2015-11-21 02:46 - 0003584 _____ () C:\Users\23\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-22 17:50 - 2015-11-29 16:01 - 0000600 _____ () C:\Users\23\AppData\Local\PUTTY.RND
2015-12-04 00:18 - 2015-12-04 00:18 - 0000218 _____ () C:\Users\23\AppData\Local\recently-used.xbel

studentoo · Dec 29, 2015

Some files in TEMP:
====================
C:\Users\23\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-12-27 02:39

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-12-2015
Ran by 23 (2015-12-29 09:13:59)
Running from C:\Users\23\Desktop\FRST
Windows 10 Pro (X64) (2015-12-27 02:02:59)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

23 (S-1-5-21-2662073481-3153093023-2327895656-1000 - Administrator - Enabled) => C:\Users\23
Administrator (S-1-5-21-2662073481-3153093023-2327895656-500 - Administrator - Disabled)
Gość (S-1-5-21-2662073481-3153093023-2327895656-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2662073481-3153093023-2327895656-1002 - Limited - Enabled)
Konto domyślne (S-1-5-21-2662073481-3153093023-2327895656-503 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft)
ALLMediaServer (HKLM-x32\...\{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1) (Version: 0.95 - ALLCinema Ltd.)
ATI Catalyst Install Manager (HKLM\...\{0B759873-FB73-4F8B-DF06-D3ECC76341E6}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
Avast Premier (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Broadcom 2070 Bluetooth 2.1 + EDR (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl)
Eraser 6.2.0.2970 (HKLM\...\{58F37E51-2A83-49F3-9117-6005C63CF399}) (Version: 6.2.2970 - The Eraser Project)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{C5203A0C-91C4-40C4-9FEC-CCBDC1B76977}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{12407B47-A01F-4E7E-B00F-07B90BBB3EF4}) (Version: 4.0.18.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B11B6E26-63A4-4BB6-AA39-0AF758B26092}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50012.1 - Sonix)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.3 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
Kodi (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Kodi) (Version: - XBMC-Foundation)
LG One Click Root (HKLM-x32\...\{5085AFF1-777B-4052-85D1-59140D26DB28}) (Version: 1.3.0.0 - avicohh software)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
LGFlashTool 1.8.1.1023 (HKLM-x32\...\LGFlashTool) (Version: 1.8.1.1023 - LGE)
Livebrush Mini (HKLM-x32\...\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1) (Version: 1.5 - MoreMeYou)
Livebrush Mini (x32 Version: 1.5 - MoreMeYou) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.25.4.3 - Marvell)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MOBZync (HKLM\...\{417FF61C-66A9-4A76-8AF7-0E3994AC8C31}) (Version: 0.9.2 - MOBZystems)
Mozilla Firefox 43.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 pl)) (Version: 43.0.2 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.7 - Notepad++ Team)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Popcorn Time (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Popcorn Time) (Version: - Popcorn Official)
Remotr version 1.1.1193 (HKLM-x32\...\Remotr_is1) (Version: 1.1.1193 - RemoteMyApp sp. z o.o.)
RICOH Media Driver (HKLM-x32\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.14.00.05 - RICOH)
SafeZone Stable 1.46.1990.139 (x32 Version: 1.46.1990.139 - Avast Software) Hidden
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Spotify (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.10 - StepMania)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
The Neverhood (HKLM-x32\...\DreamWorks Interactive: Neverhood) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vhd Resizer (HKLM-x32\...\{8FAA57C5-7BD1-4285-B4B1-36D7337D7BE5}) (Version: 1.0.42 - Xcarab)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WhereIsIt? 2014 (HKLM-x32\...\whereisit-wii_is1) (Version: 2014 - Robert Galle)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\7E38E30BB92ED94B21CF062A7386554CBA991FEB) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WizMouse v1.7.0.3 (HKLM-x32\...\WizMouse_is1) (Version: - Antibody Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2662073481-3153093023-2327895656-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-2662073481-3153093023-2327895656-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\23\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {043A8CDB-EB29-4258-BA0A-716AA4CE905E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {14AF0024-1904-4BC1-9618-B008BAFBE17A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {21129813-41A9-48DB-A9B9-B95C05C208CF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2599B8CF-2FAB-44E5-A753-E154D8FC9465} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {2FEF91EB-FF8E-4130-A9B6-26D515B1BB29} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {303B5590-0A8F-4842-A644-05F37CA2A35D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {315A3CF3-8770-4553-A69A-CA050A17D870} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {348393A3-AE90-4892-A74E-8D9858DECC1E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {35DB8F60-F718-42BF-B82F-A06AD3D554AF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {361E75C5-235D-4B15-BDC1-FDFC6DDD26C1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {3754170A-A0EE-4487-A91C-A4A21091F00C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-26] (AVAST Software)
Task: {37D62E5A-FC68-43D9-9F61-F80772C62260} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3AB6AAD0-E163-432D-90E2-D0D663D0C667} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {495F9580-648D-4F63-9E3D-642B5E890F33} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {4A5E042C-85C4-4FC5-AE63-D8D1878ECDFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {4C372658-AA9A-4CFC-ABD3-1EE8DEDEBE8F} - System32\Tasks\{65D2175E-5627-4599-AAAB-37B6B9C9AD0E} => pcalua.exe -a "C:\Users\23\Desktop\hp 6450b\x64\sp48629.exe" -d "C:\Users\23\Desktop\hp 6450b\x64"
Task: {4DF8ACEB-D8CF-4714-A64A-6F01148AA39A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {52677D9B-2D1A-49B5-B3DF-2683E257A77D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {54700F58-157A-4EE4-AF8D-147FF02C6F4D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {54F9E58E-3C03-431C-84E7-361DDF928F83} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {590F9432-6279-47C0-98D8-B78732520FA6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {5A874523-BC55-4BCA-8795-F68BD388C76A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {608361FB-3B25-4AE8-A9C7-1A72D06B12F3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {61F797FD-1C9D-4390-A002-45E48C02B081} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {65D38ACC-7B6E-4E5A-AA59-BB62ED5524AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {68D32361-6378-4378-8DA3-3D90A5C22028} - System32\Tasks\SafeZone scheduled Autoupdate 1451159433 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2015-12-01] (Avast Software)
Task: {69833916-CB17-421F-BF7B-0F4EF39D1A18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {6AA4E7E0-E9CC-494C-9FA4-5D247EF4823B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6CAB0F94-8DB7-4F37-B57F-87C461B3615C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {6D11591E-BC53-412E-805B-F88CAE90DE6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {6D3CDC83-1097-47CE-9AB5-27F1BF65162F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {738E7C0E-FAC2-4E7F-8DDA-507FC8A8E1EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7726AA0A-623A-43A6-9A20-B0366A872663} - System32\Tasks\WizMouse => C:\Program Files (x86)\WizMouse\WizMouseLaunch.exe [2013-09-22] ()
Task: {791EA26C-0569-4B5E-8559-5B53B14CF946} - System32\Tasks\{726D87C0-5922-49AB-93A0-F8E8FB98E173} => pcalua.exe -a "E:\hp 6450b\siec\sp49604.exe" -d "E:\hp 6450b\siec"
Task: {87DA5593-C75A-4558-9B70-9A2E23357599} - System32\Tasks\{5E013C0A-B422-4470-ABB6-88BB24CD5FBA} => pcalua.exe -a E:\Windows\setup.exe -d E:\
Task: {89BA72A3-8F52-4ECF-B94D-C23232B2A77B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {99E2CE6B-6C87-47AD-A978-FDDAE7176CEE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9B8DFF25-C945-4831-A49D-BDECA9D6586B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {A6681B35-C88A-42D1-849A-08CC39AFC5FA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {B0C1C514-887C-4A5D-A7DC-C3FEF46C240F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {B4880015-92C2-41D2-B2F3-29BF33270597} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {BB03729A-79D1-4134-8C1C-4207596D190A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C5C3855F-AD07-46F6-B123-1EEBD3F3B886} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C8A46762-5058-4000-AB5C-3B60737F52BC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {CF89BB85-3FBB-4D4E-843A-2B9F664A8B97} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {D493B7D6-E81E-4E4D-8205-A70E3621FD70} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DF67D783-7750-4640-A822-F713E86B4688} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-11] (Adobe Systems Incorporated)
Task: {E1D498FD-5DBE-4F2D-AB9D-06C68EAC9B33} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {E2E969E0-8C9A-4EA0-B7E0-36457DA04F74} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {E66B45FD-9B01-4B98-BF84-D35A5B7311B4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {EACA238C-BC7D-4A8B-817B-65DD2981431A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {EC0A8CD7-A65B-41DF-99BB-1EF987319E45} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {F2BDEC53-A1F1-4CB4-AD51-614C04A518A7} - System32\Tasks\{32264559-94A2-4573-9582-AE9879343630} => E:\SETUP.EXE
Task: {F5A9D4AD-72AC-4AA7-973C-E6FC7D24910C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {FD2E901B-94BA-43E6-8522-946121327C59} - System32\Tasks\HPCeeScheduleFor23 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFor23.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-09-10 06:11 - 2015-09-10 06:11 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-05-11 08:12 - 2015-05-11 08:12 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2015-09-10 06:12 - 2015-09-10 06:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-24 20:41 - 2013-09-22 09:27 - 00119000 _____ () C:\Program Files (x86)\WizMouse\wizmouse.exe
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-16 10:39 - 2012-10-16 10:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2015-12-26 20:45 - 2015-12-26 20:45 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-28 01:23 - 2015-12-28 01:23 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122706\algo.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-29 00:02 - 2015-12-29 00:02 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122802\algo.dll
2013-12-18 16:51 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\08780756.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\08780756.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-08-31 21:27 - 00001132 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{2695EDC8-83CE-4B9D-9206-5CF0F596159D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4F1DE0F4-9F7C-43F2-B857-5756E8A7BC42}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [UDP Query User{34C8AC1F-B90A-404F-95CA-50ADADC9DA4E}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{248439DD-96A2-48BA-B7A1-419804CC9837}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{745C39D6-0975-4A6F-B077-B78CA3DAD67B}C:\games\stepmania 5\program\stepmania.exe] => (Allow) C:\games\stepmania 5\program\stepmania.exe
FirewallRules: [TCP Query User{EF8F3AD4-3B97-4B18-8269-D76D61DEFA42}C:\games\stepmania 5\program\stepmania.exe] => (Allow) C:\games\stepmania 5\program\stepmania.exe
FirewallRules: [{9BE691F5-4755-4AA2-A9CE-815ECB8F811C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{1CDFEA42-C01E-4EDD-AFFE-1C4735523E5A}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2110E87F-0C6C-4C8D-818F-8028E383AA81}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{60DC2009-51BB-4FB4-AEE1-B2F1B17C2E83}C:\program files (x86)\allmediaserver\mediaserver.exe] => (Allow) C:\program files (x86)\allmediaserver\mediaserver.exe
FirewallRules: [TCP Query User{B80E71B4-56AA-421B-917E-0ECB957A3B84}C:\program files (x86)\allmediaserver\mediaserver.exe] => (Allow) C:\program files (x86)\allmediaserver\mediaserver.exe
FirewallRules: [UDP Query User{D2BBA839-80DF-4204-8399-AC5DAA217BBC}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{BD990FAE-1B23-497C-99EB-BB3535A0E770}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{55A0B510-7580-4942-94F6-9C4AEC0C27A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3EC1A5A-1872-4CB8-B604-241C8C39936B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{07E476E9-CFE3-45CD-AFB0-1E6B2923201B}C:\users\23\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\23\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{D179683E-ECF0-44BC-9E25-9083BDDD414F}C:\users\23\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\23\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{E19BE58E-8635-4997-9997-17EF44C8FFEC}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{01ABBF5E-0D3F-4592-998F-90F45E78576F}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{A5109255-B936-4E62-9716-8502362800A5}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{D9FC9CAC-95CA-4FC7-A1E1-CD510969CDC6}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{D8347BE4-211D-45A6-9E99-66AE2EF78F45}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{73754E23-DFF9-4466-B809-B458F1E50D38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2977CF66-02D3-4B87-BA86-11237763A91C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1E31CB89-BCDC-40FF-80AD-2D6E870FFE41}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4BC88EA-67B9-4EEC-8B9B-7150E1387429}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{66114C3E-E80A-4155-9867-CCBF6818F85E}] => (Allow) C:\Users\23\AppData\Local\Temp\nspA25.tmp\Installer-76060148.exe
FirewallRules: [{19C9CDB7-1B7D-4CB5-937F-D78E4BEBCA96}] => (Allow) C:\Users\23\AppData\Local\Temp\nspA25.tmp\Installer-76060148.exe
FirewallRules: [{0E3F70DA-F447-4FCA-AE0C-62AF79557A8F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{07B5B969-A07C-4E0C-ACEE-FD61733F7D85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5BB547C4-89C0-4DDB-A5F6-A48D3820CF01}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4B545A52-8C65-4921-97E2-205B40CFE508}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A4265CF3-2585-44E8-AD08-2C0CE2C78140}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8B1742AA-2474-444D-B94E-612126B76709}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4404E19C-EFB4-48ED-AECD-3427ECA97568}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{34D5CD25-0796-4CE4-A314-54375C5AADA2}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe

==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/29/2015 01:11:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 23-Komputer)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (12/28/2015 03:32:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 23-Komputer)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (12/28/2015 03:40:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SystemSettings.exe, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f39ae
Nazwa modułu powodującego błąd: MusUpdateHandlers.dll, wersja: 10.0.10240.16590, sygnatura czasowa: 0x563ad6f2
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x000000000002a526
Identyfikator procesu powodującego błąd: 0x18b8
Godzina uruchomienia aplikacji powodującej błąd: 0xSystemSettings.exe0
Ścieżka aplikacji powodującej błąd: SystemSettings.exe1
Ścieżka modułu powodującego błąd: SystemSettings.exe2
Identyfikator raportu: SystemSettings.exe3
Pełna nazwa pakietu powodującego błąd: SystemSettings.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SystemSettings.exe5

Error: (12/28/2015 03:40:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SystemSettings.exe, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f39ae
Nazwa modułu powodującego błąd: MusUpdateHandlers.dll, wersja: 10.0.10240.16590, sygnatura czasowa: 0x563ad6f2
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x000000000002c841
Identyfikator procesu powodującego błąd: 0x1d24
Godzina uruchomienia aplikacji powodującej błąd: 0xSystemSettings.exe0
Ścieżka aplikacji powodującej błąd: SystemSettings.exe1
Ścieżka modułu powodującego błąd: SystemSettings.exe2
Identyfikator raportu: SystemSettings.exe3
Pełna nazwa pakietu powodującego błąd: SystemSettings.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SystemSettings.exe5

Error: (12/28/2015 02:36:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 43.0.2.5833, sygnatura czasowa: 0x5678a0b1
Nazwa modułu powodującego błąd: mozglue.dll, wersja: 43.0.2.5833, sygnatura czasowa: 0x567893a6
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000ed36
Identyfikator procesu powodującego błąd: 0x1d9c
Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0
Ścieżka aplikacji powodującej błąd: plugin-container.exe1
Ścieżka modułu powodującego błąd: plugin-container.exe2
Identyfikator raportu: plugin-container.exe3
Pełna nazwa pakietu powodującego błąd: plugin-container.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: plugin-container.exe5

Error: (12/28/2015 01:32:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: DllHost.exe, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f39e9
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655363f
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000000000035b6b
Identyfikator procesu powodującego błąd: 0x1958
Godzina uruchomienia aplikacji powodującej błąd: 0xDllHost.exe0
Ścieżka aplikacji powodującej błąd: DllHost.exe1
Ścieżka modułu powodującego błąd: DllHost.exe2
Identyfikator raportu: DllHost.exe3
Pełna nazwa pakietu powodującego błąd: DllHost.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: DllHost.exe5

Error: (12/27/2015 11:59:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: aswmbr.exe, wersja: 1.0.1.2290, sygnatura czasowa: 0x54b4df14
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.10240.16603, sygnatura czasowa: 0x565531ee
Kod wyjątku: 0xc0000374
Przesunięcie błędu: 0x000d5aac
Identyfikator procesu powodującego błąd: 0x1cac
Godzina uruchomienia aplikacji powodującej błąd: 0xaswmbr.exe0
Ścieżka aplikacji powodującej błąd: aswmbr.exe1
Ścieżka modułu powodującego błąd: aswmbr.exe2
Identyfikator raportu: aswmbr.exe3
Pełna nazwa pakietu powodującego błąd: aswmbr.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: aswmbr.exe5

Error: (12/27/2015 02:45:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0xbc0
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5

Error: (12/27/2015 02:45:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0xbec
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5

Error: (12/27/2015 02:45:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 23-Komputer)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

System errors:
=============
Error: (12/29/2015 01:11:29 AM) (Source: DCOM) (EventID: 10010) (User: 23-Komputer)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (12/29/2015 01:11:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dostęp do danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/29/2015 01:11:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Magazyn danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/29/2015 01:11:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dane kontaktowe_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/29/2015 01:11:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Synchronizuj hosta_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/28/2015 03:32:59 PM) (Source: DCOM) (EventID: 10010) (User: 23-Komputer)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (12/28/2015 03:32:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dostęp do danych użytkownika_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/28/2015 03:32:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Magazyn danych użytkownika_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/28/2015 03:32:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dane kontaktowe_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (12/28/2015 03:32:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Synchronizuj hosta_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU M 640 @ 2.80GHz
Percentage of memory in use: 42%
Total physical RAM: 3887.43 MB
Available physical RAM: 2244.16 MB
Total Virtual: 7855.43 MB
Available Virtual: 6012.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.85 GB) (Free:142.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: DC3E8E25)
Partition 1: (Active) - (Size=283 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

Broni · Dec 29, 2015

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

studentoo · Dec 29, 2015

Fix result of Farbar Recovery Scan Tool (x64) Version:27-12-2015
Ran by 23 (2015-12-30 00:18:15) Run:1
Running from C:\Users\23\Desktop
Loaded Profiles: 23 (Available Profiles: 23 & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
2015-12-04 00:08 - 2015-12-04 00:08 - 0000034 _____ () C:\Users\23\AppData\Roaming\AdobeWLCMCache.dat
2015-09-22 18:07 - 2015-09-22 18:07 - 0000600 _____ () C:\Users\23\AppData\Roaming\PUTTY.RND
2015-09-26 18:19 - 2015-11-21 02:46 - 0003584 _____ () C:\Users\23\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-22 17:50 - 2015-11-29 16:01 - 0000600 _____ () C:\Users\23\AppData\Local\PUTTY.RND
2015-12-04 00:18 - 2015-12-04 00:18 - 0000218 _____ () C:\Users\23\AppData\Local\recently-used.xbel
C:\Users\23\AppData\Local\Temp\dllnt_dump.dll
Task: {21129813-41A9-48DB-A9B9-B95C05C208CF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2FEF91EB-FF8E-4130-A9B6-26D515B1BB29} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {303B5590-0A8F-4842-A644-05F37CA2A35D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {348393A3-AE90-4892-A74E-8D9858DECC1E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {37D62E5A-FC68-43D9-9F61-F80772C62260} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {590F9432-6279-47C0-98D8-B78732520FA6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {6D3CDC83-1097-47CE-9AB5-27F1BF65162F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {99E2CE6B-6C87-47AD-A978-FDDAE7176CEE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BB03729A-79D1-4134-8C1C-4207596D190A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C5C3855F-AD07-46F6-B123-1EEBD3F3B886} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D493B7D6-E81E-4E4D-8205-A70E3621FD70} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EACA238C-BC7D-4A8B-817B-65DD2981431A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

*****************

idsvc => service removed successfully
wfpcapture => service removed successfully
wpcsvc => service removed successfully
C:\Users\23\AppData\Roaming\AdobeWLCMCache.dat => moved successfully
C:\Users\23\AppData\Roaming\PUTTY.RND => moved successfully
C:\Users\23\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\23\AppData\Local\PUTTY.RND => moved successfully
C:\Users\23\AppData\Local\recently-used.xbel => moved successfully
C:\Users\23\AppData\Local\Temp\dllnt_dump.dll => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21129813-41A9-48DB-A9B9-B95C05C208CF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21129813-41A9-48DB-A9B9-B95C05C208CF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2FEF91EB-FF8E-4130-A9B6-26D515B1BB29}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FEF91EB-FF8E-4130-A9B6-26D515B1BB29}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{303B5590-0A8F-4842-A644-05F37CA2A35D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{303B5590-0A8F-4842-A644-05F37CA2A35D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{348393A3-AE90-4892-A74E-8D9858DECC1E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{348393A3-AE90-4892-A74E-8D9858DECC1E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37D62E5A-FC68-43D9-9F61-F80772C62260}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37D62E5A-FC68-43D9-9F61-F80772C62260}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{590F9432-6279-47C0-98D8-B78732520FA6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{590F9432-6279-47C0-98D8-B78732520FA6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D3CDC83-1097-47CE-9AB5-27F1BF65162F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D3CDC83-1097-47CE-9AB5-27F1BF65162F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99E2CE6B-6C87-47AD-A978-FDDAE7176CEE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99E2CE6B-6C87-47AD-A978-FDDAE7176CEE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB03729A-79D1-4134-8C1C-4207596D190A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB03729A-79D1-4134-8C1C-4207596D190A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5C3855F-AD07-46F6-B123-1EEBD3F3B886}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5C3855F-AD07-46F6-B123-1EEBD3F3B886}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D493B7D6-E81E-4E4D-8205-A70E3621FD70}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D493B7D6-E81E-4E4D-8205-A70E3621FD70}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EACA238C-BC7D-4A8B-817B-65DD2981431A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EACA238C-BC7D-4A8B-817B-65DD2981431A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully

==== End of Fixlog 00:18:16 ====

Broni · Dec 29, 2015

Last scans...

Download Security Check from here or here and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:

Internet Services
Windows Firewall
System Restore
Security Center
Windows Update
Windows Defender
Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

Download Sophos Free Virus Removal Tool and save it to your desktop.

Double click the icon and select Run
Click Next
Select I accept the terms in this license agreement, then click Next twice
Click Install
Click Finish to launch the program
Once the virus database has been updated click Start Scanning
If any threats are found click Details, then View log file... (bottom left hand corner)
Copy and paste the results in your reply
Close the Notepad document, close the Threat Details screen, then click Start cleanup
Click Exit to close the program

studentoo · Dec 29, 2015

Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 20.0.0.267
Mozilla Firefox (43.0.3)
Google Chrome (47.0.2526.106)
Google Chrome (47.0.2526.80)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast afwServ.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

Farbar Service Scanner Version: 10-06-2014
Ran by 23 (administrator) on 30-12-2015 at 00:47:22
Running from "C:\Users\23\Downloads"
Microsoft Windows 10 Pro (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

Next logs I will post soon.

studentoo · Dec 29, 2015

PS.

What should I do now?

What was the malware?

Should I check my other laptop / NAS disk / Pen-drives with antivirus app (what program you recommend to do so)?

Broni · Dec 29, 2015

There wasn't anything serious. Mostly some PUPs.
Items discovered by Clam are, most likely, false positives. They look like legit files and no other scan indicated them.

Scan any external drives with your AV program.
As for the other laptop you can create new topic and we'll check it out.

=================================================

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download

DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

Activate UAC (optional; some users prefer to keep it off)
Remove disinfection tools
Create registry backup
Purge System Restore
Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.

Broni · Jan 3, 2016

The issue seems to be resolved.

Solved Windows10 Malware Detected

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 56,041 +516

Attachments

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 19 +0

Posts: 56,041 +516

Posts: 56,041 +516

Similar threads