Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
- Ran by Admin (administrator) on LAPTOP (22-06-2016 14:14:05)
- Running from C:\Users\Admin\Desktop
- Loaded Profiles: Admin (Available Profiles: Admin)
- Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
- Internet Explorer Version 11 (Default browser: Chrome)
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
- (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
- (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
- (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
- (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
- (Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
- (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
- () C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 9.5\WVSScheduler.exe
- (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
- (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
- (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
- (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
- (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
- (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
- (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
- () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
- (Intel Corporation) C:\Windows\System32\igfxEM.exe
- (Intel Corporation) C:\Windows\System32\igfxHK.exe
- (Intel Corporation) C:\Windows\System32\igfxTray.exe
- (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
- (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
- () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
- (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
- (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
- (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
- (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
- ==================== Registry (Whitelisted) ===========================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8505088 2015-07-03] (Realtek Semiconductor)
- HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
- HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
- HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
- HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
- HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
- HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
- HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-24] (Synaptics Incorporated)
- HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.)
- HKLM-x32\...\Run: [Appandora device service] => C:\Program Files (x86)\Appandora\AppandoraDeviceService.exe [861184 2015-08-04] ()
- HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
- HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-27] (Adobe Systems Inc.)
- HKLM-x32\...\Run: [] => [X]
- HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
- HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
- HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
- HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\MountPoints2: {45e15032-8287-11e5-8277-3863bb9c0610} - "F:\setup.exe"
- ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
- ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
- ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
- ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
- ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
- ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
- Tcpip\Parameters: [DhcpNameServer] 173.44.120.32 173.44.120.33
- Tcpip\..\Interfaces\{1a4e3618-eb10-405f-80b6-6e634de833f3}: [DhcpNameServer] 209.18.47.61 209.18.47.62
- Tcpip\..\Interfaces\{a296226b-8317-47ae-a6ea-196696636e47}: [NameServer] 4.4.4.4,8.8.8.8
- Tcpip\..\Interfaces\{a296226b-8317-47ae-a6ea-196696636e47}: [DhcpNameServer] 173.44.120.32 173.44.120.33
- Tcpip\..\Interfaces\{e3bb1b63-e620-44af-b881-7858520e9379}: [DhcpNameServer] 172.20.10.1
- Internet Explorer:
- ==================
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-e7fd4b0a
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-e7fd4b0a
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://js.redirect.hp.com/jumpstation?bd=all&c=143&locale=ww_ww&pf=cnnb&s=ieHPtab&tp=iehome
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPNOT14/1
- SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-e7fd4b0a&q={searchTerms}
- SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-e7fd4b0a&q={searchTerms}
- SearchScopes: HKLM -> {87C15A4C-E1CC-4D79-A63B-03B31B1D2F76} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
- SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-afe6bb43&q={searchTerms}
- SearchScopes: HKLM-x32 -> {87C15A4C-E1CC-4D79-A63B-03B31B1D2F76} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
- SearchScopes: HKU\S-1-5-21-1238564941-3387910719-2561191832-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-21-1238564941-3387910719-2561191832-1001 -> {87C15A4C-E1CC-4D79-A63B-03B31B1D2F76} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
- SearchScopes: HKU\S-1-5-21-1238564941-3387910719-2561191832-1001 -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-afe6bb43&q={searchTerms}
- BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
- BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
- BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
- BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
- BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
- BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-24] (Oracle Corporation)
- BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
- BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-24] (Oracle Corporation)
- BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
- BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
- Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
- Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
- Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)
- StartMenuInternet: IEXPLORE.EXE - iexplore.exe
- FireFox:
- ========
- FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ed62ldbm.default
- FF NewTab: about:newtab
- FF DefaultSearchEngine: Search Provided by Bing
- FF DefaultSearchEngine.US: Bing®
- FF SelectedSearchEngine: Search Provided by Bing
- FF Homepage: hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-e7fd4b0a
- FF NetworkProxy: "autoconfig_url", "data:text/plain, function FindProxyForURL(url, host) {if(isInNet(host, '192.168.0.0', '255.255.0.0')) return 'DIRECT'; \nif(host == 'nl1-base.cd-n.net') return 'DIRECT'; \nif(host == 'us1-base.cd-n.net') return 'DIRECT'; \nif(host == 'ca1-base.cd-n.net') return 'DIRECT'; \nif(host == 'au1-base.cd-n.net') return 'DIRECT'; \nif(host == 'jp1-base.cd-n.net') return 'DIRECT'; \nif(host == 'de1-base.cd-n.net') return 'DIRECT'; \nif(host == 'fr1-base.cd-n.net') return 'DIRECT'; \nif(host == 'us2-base.cd-n.net') return 'DIRECT'; \nif(host == 'us3-base.cd-n.net') return 'DIRECT'; \nif(host == 'us4-base.cd-n.net') return 'DIRECT'; \nif(host == 'us5-base.cd-n.net') return 'DIRECT'; \nif(host == 'nl1-base.2po.info') return 'DIRECT'; \nif(host == 'us1-base.2po.info') return 'DIRECT'; \nif(host == 'ca1-base.2po.info') return 'DIRECT'; \nif(host == 'au1-base.2po.info') return 'DIRECT'; \nif(host == 'jp1-base.2po.info') return 'DIRECT'; \nif(host == 'de1-base.2po.info') return 'DIRECT'; \nif(host == 'fr1-base.2po.info') return 'DIRECT'; \nif(host == 'us2-base.2po.info') return 'DIRECT'; \nif(host == 'us3-base.2po.info') return 'DIRECT'; \nif(host == 'us4-base.2po.info') return 'DIRECT'; \nif(host == 'us5-base.2po.info') return 'DIRECT'; \nif(host == '127.0.0.1') return 'DIRECT'; \nif(host == 'localhost') return 'DIRECT'; \nif(host == 'de1-base.2po.info') return 'DIRECT'; \nreturn 'HTTPS ca3.cd-n.net:443';}"
- FF NetworkProxy: "type",
- FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
- FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
- FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
- FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
- FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
- FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
- FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-24] (Oracle Corporation)
- FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-24] (Oracle Corporation)
- FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-04] (Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
- FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
- FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
- FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
- FF Plugin HKU\S-1-5-21-1238564941-3387910719-2561191832-1001: pokki.com/PokkiDownloadHelper -> C:\Users\Admin\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll [2016-01-24] (Pokki)
- FF Plugin HKU\S-1-5-21-1238564941-3387910719-2561191832-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-01-23] ()
- FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ed62ldbm.default\searchplugins\bing-lavasoft.xml [2016-03-02]
- FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ed62ldbm.default\searchplugins\Search Provided by Bing.xml [2016-06-16]
- FF Extension: iMacros for Firefox - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ed62ldbm.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2016-05-09]
- FF Extension: User Agent Switcher - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ed62ldbm.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2016-05-10]
- FF Extension: Vagex FF Add-On - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ed62ldbm.default\extensions\ffaddon@vagex.com [2016-05-30]
- FF Extension: Enhance Views Add-on - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ed62ldbm.default\Extensions\@enhance_views_ffa.xpi [2016-05-31]
- FF Extension: Hoxx VPN Proxy - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ed62ldbm.default\Extensions\@hoxx-vpn.xpi [2016-06-07]
- FF Extension: Simple Popup Blocker - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ed62ldbm.default\Extensions\@simplepopupblocker.xpi [2016-02-07]
- FF Extension: SavvyConnect - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ed62ldbm.default\Extensions\savvyconnect@surveysavvy.com.xpi [2016-04-15]
- FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
- FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-26]
- FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi => not found
- StartMenuInternet: FIREFOX.EXE - firefox.exe
- Chrome:
- =======
- CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
- CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
- CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
- CHR Extension: (Heartbeat) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aailiojlhjbichheofhdpcongebcgcgm [2016-06-21]
- CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-09]
- CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-09]
- CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-09]
- CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-09]
- CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-09]
- CHR Extension: (Fair AdBlock App (by STANDS)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnofaichneijfbkdkghmhjjbepjmble [2016-05-22]
- CHR Extension: (Tampermonkey) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-06-14]
- CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-09]
- CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
- CHR Extension: (DotVPN — better than VPN.) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2016-05-17]
- CHR Extension: (Fair AdBlock (by STANDS)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2016-06-09]
- CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
- CHR Extension: (Simple EPUB Reader) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhbgcchcbdjdenibfmjofobklkkhofc [2016-02-17]
- CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-09]
- CHR HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
- ==================== Services (Whitelisted) ========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R2 AcuWVSSchedulerv9; C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 9.5\WVSScheduler.exe [1599008 2014-05-05] ()
- R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
- R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
- R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
- R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation)
- S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
- R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-27] (WildTangent)
- R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
- R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.)
- R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-11-01] (Intel Corporation)
- R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
- S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
- R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
- R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
- R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
- S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2105352 2016-01-29] (Electronic Arts)
- R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-07-03] (Realtek Semiconductor)
- S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
- R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2016-01-24] (Synaptics Incorporated)
- S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
- S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
- S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
- S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
- ===================== Drivers (Whitelisted) ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- S3 ampa; C:\WINDOWS\system32\ampa.sys [19568 2015-11-10] ()
- S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [19568 2015-11-10] ()
- R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
- S3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [57344 2015-10-30] (Microsoft Corp.)
- S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
- U5 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [644968 2013-08-16] (Intel Corporation)
- R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
- R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-22] (Malwarebytes)
- R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
- R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
- S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
- S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
- R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
- R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-09-17] (Realtek Semiconductor Corporation )
- R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
- S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated)
- R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42664 2016-01-24] (Synaptics Incorporated)
- S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
- S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42088 2015-06-03] (Anchorfree Inc.)
- R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
- S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-10-02] (Oracle Corporation)
- R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146584 2015-10-02] (Oracle Corporation)
- S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
- S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
- S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
- R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
- R2 WtfEngineDrv; C:\Windows\system32\DRIVERS\WtfEngineDrv.sys [37872 2016-04-07] (AAA Internet Publishing, Inc.)
- R3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
- S3 AppObserver; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\appobserver64.sys [X]
- ==================== NetSvcs (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== One Month Created files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2016-06-22 14:08 - 2016-06-22 14:08 - 00001890 _____ C:\Users\Admin\Desktop\Fixlog.txt
- 2016-06-22 10:46 - 2016-06-22 10:46 - 00001858 _____ C:\Users\Admin\Desktop\TD_LicensingManager.exe - Shortcut.lnk
- 2016-06-22 08:54 - 2016-06-22 08:59 - 00073878 _____ C:\Users\Admin\Desktop\Addition.txt
- 2016-06-22 08:51 - 2016-06-22 14:14 - 00028951 _____ C:\Users\Admin\Desktop\FRST.txt
- 2016-06-22 08:50 - 2016-06-22 14:14 - 00000000 ____D C:\FRST
- 2016-06-22 08:49 - 2016-06-22 08:50 - 02387456 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
- 2016-06-22 08:47 - 2016-06-22 08:48 - 01738240 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
- 2016-06-22 08:47 - 2016-06-22 08:47 - 01610816 _____ (Malwarebytes) C:\Users\Admin\Downloads\JRT.exe
- 2016-06-21 17:41 - 2016-06-21 17:41 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
- 2016-06-21 14:01 - 2016-06-22 11:13 - 00000000 ____D C:\Users\Admin\AppData\Local\TwtDominator
- 2016-06-21 14:01 - 2016-06-22 10:59 - 00000000 ____D C:\Users\Admin\Desktop\TwtDominator
- 2016-06-21 14:00 - 2016-06-21 14:00 - 05319474 _____ C:\Users\Admin\Desktop\Twt Dominator 4.0.2.rar
- 2016-06-21 14:00 - 2016-06-21 14:00 - 00000000 ____D C:\Users\Admin\Desktop\Twt Dominator 4.0.2
- 2016-06-21 13:15 - 2016-06-21 13:15 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aspire YouTube Viewer 1.1
- 2016-06-21 13:14 - 2016-06-21 13:15 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
- 2016-06-21 13:14 - 2016-06-21 13:14 - 00000000 ____D C:\Users\Admin\AppData\Local\Apps\2.0
- 2016-06-21 13:13 - 2016-06-21 13:13 - 00002212 _____ C:\Users\Admin\Desktop\Aspire YouTube Bot 1.1.lnk
- 2016-06-21 13:13 - 2016-06-21 13:13 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aspire YouTube Bot 1.1
- 2016-06-21 13:13 - 2016-06-21 13:13 - 00000000 ____D C:\Program Files (x86)\Aspire YouTube Bot 1.1
- 2016-06-21 13:12 - 2016-06-21 13:12 - 01943834 _____ () C:\Users\Admin\AppData\RoamingAspire YouTube Bot 1.1 SetUp.exe
- 2016-06-21 13:05 - 2016-06-21 13:16 - 00000000 ___HD C:\adobeTemp
- 2016-06-21 12:35 - 2016-06-21 12:35 - 00086016 _____ C:\Users\Admin\AppData\Roaming\VvKkIsaTynXg
- 2016-06-21 12:35 - 2016-06-21 12:35 - 00003584 _____ C:\Users\Admin\AppData\Roaming\FXvPQWnzcgrfBtxz
- 2016-06-21 12:35 - 2016-06-21 12:35 - 00000068 ___SH C:\Users\Admin\AppData\Roaming\.Identifier
- 2016-06-21 10:35 - 2016-06-21 10:35 - 00000000 ____D C:\Users\Admin\Desktop\Project Asylum Cracked
- 2016-06-21 10:33 - 2016-06-21 10:34 - 04848641 _____ C:\Users\Admin\Desktop\Project Asylum Cracked.zip
- 2016-06-21 10:10 - 2016-06-21 10:10 - 00000000 _____ C:\Users\Admin\Downloads\ProjectAsy.exe
- 2016-06-21 10:00 - 2016-06-21 10:10 - 00000976 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup%110%OhUEVIATEUUPJLfd.cmd.lnk
- 2016-06-21 10:00 - 2016-06-21 10:03 - 00000000 _____ C:\Users\Admin\Desktop\ProjectAsy.exe
- 2016-06-21 10:00 - 2016-06-21 10:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\win32
- 2016-06-21 10:00 - 2016-06-21 10:00 - 00000000 ____D C:\ProgramData\win32
- 2016-06-21 10:00 - 2016-06-20 13:29 - 00750320 ___SH (AutoIt Team) C:\Users\Admin\AppData\Roaming\PDRcIagNaUiFGWTVfQSeN.cmd
- 2016-06-21 10:00 - 2016-06-20 13:29 - 00463376 ___SH C:\Users\Admin\AppData\Roaming\OhUEVIATEUUP
- 2016-06-21 10:00 - 2016-06-20 13:29 - 00048549 ___SH C:\Users\Admin\AppData\Roaming\PDRcIagNaUiFGWTVfQS
- 2016-06-20 18:56 - 2016-06-20 18:58 - 00000000 ____D C:\Users\Admin\Desktop\Youtubers Life V0.7.11 Trainer +11 MrAntiFun
- 2016-06-20 18:51 - 2016-06-20 19:00 - 00000000 ____D C:\Users\Admin\Desktop\YoutubersLife
- 2016-06-20 16:36 - 2016-06-20 18:51 - 00000000 ____D C:\Users\Admin\Downloads\3DMGAME-Youtubers.Life.v0.7.11.Cracked-3DM
- 2016-06-20 16:32 - 2016-06-20 16:32 - 04625076 _____ C:\Users\Admin\Desktop\Youtubers Life V0.7.11 Trainer +11 MrAntiFun.zip
- 2016-06-20 10:41 - 2016-06-20 00:31 - 01978696 __RSH (PhotoFiltre) C:\Users\Admin\AppData\Roaming\updatevalid.exe
- 2016-06-20 10:35 - 2016-06-20 10:35 - 00003236 _____ C:\WINDOWS\System32\Tasks\Valid Update
- 2016-06-20 10:35 - 2016-06-20 10:35 - 00001587 __RSH C:\ProgramData\Valid Update
- 2016-06-20 10:35 - 2016-06-20 10:35 - 00000000 _RSHD C:\Users\Admin\AppData\Roaming\Valid
- 2016-06-20 10:35 - 2016-06-20 10:35 - 00000000 _RSHD C:\ProgramData\moomoo
- 2016-06-19 12:43 - 2016-06-19 12:45 - 00000000 ____D C:\Program Files\Angry Video Game Nerd II ASSimilation
- 2016-06-19 12:26 - 2016-06-19 12:31 - 00000000 ____D C:\Users\Admin\Documents\RPGTycoon
- 2016-06-19 12:26 - 2016-06-19 12:26 - 00000000 ____D C:\Users\Admin\AppData\Roaming\RPGTycoon
- 2016-06-19 12:25 - 2016-06-19 12:25 - 00000000 ____D C:\Program Files (x86)\RPG Tycoon
- 2016-06-19 12:12 - 2016-06-19 12:12 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\SiBear
- 2016-06-19 11:45 - 2016-06-19 12:07 - 00000000 ____D C:\Users\Admin\Downloads\One.Way.Flight-PLAZA
- 2016-06-19 11:45 - 2016-06-19 11:58 - 1544192000 ____R C:\Users\Admin\Desktop\plaza-one.way.flight.iso
- 2016-06-19 11:44 - 2016-06-19 11:44 - 00002654 _____ C:\Users\Admin\Downloads\[kat.cr]one.way.flight.plaza.torrent
- 2016-06-19 11:16 - 2016-06-19 11:16 - 00002233 _____ C:\Users\Admin\Downloads\file0.txt
- 2016-06-18 21:39 - 2016-06-18 21:39 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Reflect Studios
- 2016-06-18 21:39 - 2016-06-18 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome to the Game
- 2016-06-18 21:38 - 2016-06-18 21:38 - 00000000 ____D C:\Program Files (x86)\Welcome to the Game
- 2016-06-18 21:17 - 2016-06-18 21:37 - 339130394 _____ (Welcome to the Game ) C:\Users\Admin\Downloads\setup_Welcome to the Game.exe
- 2016-06-18 20:44 - 2016-06-18 20:44 - 00014931 _____ C:\Users\Admin\Desktop\CJB Item Spawner 1.5-93-1-5.zip
- 2016-06-16 13:08 - 2016-06-16 13:08 - 00007184 _____ C:\Users\Admin\Desktop\kohlsstub.pdf
- 2016-06-16 09:24 - 2016-06-16 09:27 - 00000000 ____D C:\Users\Admin\AppData\Local\Chromium
- 2016-06-16 09:24 - 2016-06-16 09:24 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium
- 2016-06-14 17:03 - 2016-05-28 02:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
- 2016-06-14 17:03 - 2016-05-28 02:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
- 2016-06-14 17:03 - 2016-05-28 00:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
- 2016-06-14 17:03 - 2016-05-28 00:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
- 2016-06-14 17:03 - 2016-05-28 00:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
- 2016-06-14 17:03 - 2016-05-28 00:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
- 2016-06-14 17:03 - 2016-05-28 00:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
- 2016-06-14 17:03 - 2016-05-28 00:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
- 2016-06-14 17:03 - 2016-05-28 00:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
- 2016-06-14 17:03 - 2016-05-28 00:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
- 2016-06-14 17:03 - 2016-05-28 00:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
- 2016-06-14 17:03 - 2016-05-28 00:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
- 2016-06-14 17:03 - 2016-05-28 00:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
- 2016-06-14 17:03 - 2016-05-28 00:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
- 2016-06-14 17:03 - 2016-05-28 00:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
- 2016-06-14 17:03 - 2016-05-28 00:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
- 2016-06-14 17:03 - 2016-05-28 00:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
- 2016-06-14 17:03 - 2016-05-28 00:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
- 2016-06-14 17:03 - 2016-05-28 00:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
- 2016-06-14 17:03 - 2016-05-28 00:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
- 2016-06-14 17:03 - 2016-05-28 00:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
- 2016-06-14 17:03 - 2016-05-28 00:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
- 2016-06-14 17:03 - 2016-05-28 00:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
- 2016-06-14 17:03 - 2016-05-28 00:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
- 2016-06-14 17:03 - 2016-05-28 00:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
- 2016-06-14 17:03 - 2016-05-28 00:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
- 2016-06-14 17:03 - 2016-05-28 00:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
- 2016-06-14 17:03 - 2016-05-28 00:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
- 2016-06-14 17:03 - 2016-05-28 00:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
- 2016-06-14 17:03 - 2016-05-28 00:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
- 2016-06-14 17:03 - 2016-05-28 00:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
- 2016-06-14 17:03 - 2016-05-28 00:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
- 2016-06-14 17:03 - 2016-05-28 00:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
- 2016-06-14 17:03 - 2016-05-28 00:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
- 2016-06-14 17:03 - 2016-05-28 00:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
- 2016-06-14 17:03 - 2016-05-28 00:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
- 2016-06-14 17:03 - 2016-05-28 00:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
- 2016-06-14 17:03 - 2016-05-27 23:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
- 2016-06-14 17:02 - 2016-05-28 02:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
- 2016-06-14 17:02 - 2016-05-28 02:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
- 2016-06-14 17:02 - 2016-05-28 01:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
- 2016-06-14 17:02 - 2016-05-28 01:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
- 2016-06-14 17:02 - 2016-05-28 01:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
- 2016-06-14 17:02 - 2016-05-28 01:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
- 2016-06-14 17:02 - 2016-05-28 01:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
- 2016-06-14 17:02 - 2016-05-28 01:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
- 2016-06-14 17:02 - 2016-05-28 01:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
- 2016-06-14 17:02 - 2016-05-28 01:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
- 2016-06-14 17:02 - 2016-05-28 01:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
- 2016-06-14 17:02 - 2016-05-28 01:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
- 2016-06-14 17:02 - 2016-05-28 01:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
- 2016-06-14 17:02 - 2016-05-28 01:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
- 2016-06-14 17:02 - 2016-05-28 01:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
- 2016-06-14 17:02 - 2016-05-28 01:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
- 2016-06-14 17:02 - 2016-05-28 01:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
- 2016-06-14 17:02 - 2016-05-28 01:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
- 2016-06-14 17:02 - 2016-05-28 01:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
- 2016-06-14 17:02 - 2016-05-28 01:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
- 2016-06-14 17:02 - 2016-05-28 01:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
- 2016-06-14 17:02 - 2016-05-28 01:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
- 2016-06-14 17:02 - 2016-05-28 00:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
- 2016-06-14 17:02 - 2016-05-28 00:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
- 2016-06-14 17:02 - 2016-05-28 00:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
- 2016-06-14 17:02 - 2016-05-28 00:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
- 2016-06-14 17:02 - 2016-05-28 00:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
- 2016-06-14 17:02 - 2016-05-28 00:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
- 2016-06-14 17:02 - 2016-05-28 00:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
- 2016-06-14 17:02 - 2016-05-28 00:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
- 2016-06-14 17:02 - 2016-05-28 00:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
- 2016-06-14 17:02 - 2016-05-28 00:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
- 2016-06-14 17:02 - 2016-05-28 00:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
- 2016-06-14 17:02 - 2016-05-28 00:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
- 2016-06-14 17:02 - 2016-05-28 00:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
- 2016-06-14 17:02 - 2016-05-28 00:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
- 2016-06-14 17:02 - 2016-05-28 00:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
- 2016-06-14 17:02 - 2016-05-28 00:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
- 2016-06-14 17:02 - 2016-05-28 00:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
- 2016-06-14 17:02 - 2016-05-28 00:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
- 2016-06-14 17:02 - 2016-05-28 00:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
- 2016-06-14 17:02 - 2016-05-28 00:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
- 2016-06-14 17:02 - 2016-05-28 00:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
- 2016-06-14 17:02 - 2016-05-28 00:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
- 2016-06-14 17:02 - 2016-05-28 00:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
- 2016-06-14 17:02 - 2016-05-28 00:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
- 2016-06-14 17:02 - 2016-05-28 00:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
- 2016-06-14 17:02 - 2016-05-28 00:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
- 2016-06-14 17:02 - 2016-05-28 00:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
- 2016-06-14 17:02 - 2016-05-28 00:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
- 2016-06-14 17:02 - 2016-05-28 00:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
- 2016-06-14 17:02 - 2016-05-28 00:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
- 2016-06-14 17:02 - 2016-05-28 00:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
- 2016-06-14 17:02 - 2016-05-28 00:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
- 2016-06-14 17:02 - 2016-05-28 00:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
- 2016-06-14 17:02 - 2016-05-28 00:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
- 2016-06-14 17:02 - 2016-05-28 00:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
- 2016-06-14 17:02 - 2016-05-28 00:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
- 2016-06-14 17:02 - 2016-05-28 00:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
- 2016-06-14 17:02 - 2016-05-28 00:14 - 03292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
- 2016-06-14 17:02 - 2016-05-28 00:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
- 2016-06-14 17:02 - 2016-05-28 00:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
- 2016-06-14 17:02 - 2016-05-28 00:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
- 2016-06-14 17:02 - 2016-05-28 00:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
- 2016-06-14 17:02 - 2016-05-28 00:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
- 2016-06-14 17:02 - 2016-05-28 00:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
- 2016-06-14 17:02 - 2016-05-28 00:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
- 2016-06-14 17:02 - 2016-05-28 00:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
- 2016-06-14 17:02 - 2016-05-28 00:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
- 2016-06-14 17:02 - 2016-05-28 00:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
- 2016-06-14 17:02 - 2016-05-28 00:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
- 2016-06-14 17:02 - 2016-05-28 00:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
- 2016-06-14 17:02 - 2016-05-28 00:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
- 2016-06-14 17:02 - 2016-05-28 00:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
- 2016-06-14 17:02 - 2016-05-28 00:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
- 2016-06-14 17:02 - 2016-05-28 00:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
- 2016-06-14 17:02 - 2016-05-28 00:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
- 2016-06-14 17:02 - 2016-05-28 00:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
- 2016-06-14 17:02 - 2016-05-28 00:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
- 2016-06-14 17:02 - 2016-05-28 00:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
- 2016-06-14 17:02 - 2016-05-28 00:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
- 2016-06-14 17:02 - 2016-05-28 00:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
- 2016-06-14 17:02 - 2016-05-28 00:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
- 2016-06-14 17:02 - 2016-05-28 00:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
- 2016-06-14 17:02 - 2016-05-28 00:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
- 2016-06-14 17:02 - 2016-05-28 00:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
- 2016-06-14 17:02 - 2016-05-28 00:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
- 2016-06-14 17:02 - 2016-05-28 00:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
- 2016-06-14 17:02 - 2016-05-28 00:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
- 2016-06-14 17:02 - 2016-05-28 00:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
- 2016-06-14 17:02 - 2016-05-28 00:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
- 2016-06-14 17:02 - 2016-05-28 00:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
- 2016-06-14 17:02 - 2016-05-28 00:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
- 2016-06-14 17:02 - 2016-05-28 00:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
- 2016-06-14 17:02 - 2016-05-28 00:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
- 2016-06-14 17:02 - 2016-05-27 23:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
- 2016-06-14 17:02 - 2016-05-27 23:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
- 2016-06-14 17:02 - 2016-05-27 23:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
- 2016-06-14 17:02 - 2016-05-27 23:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
- 2016-06-14 17:02 - 2016-05-27 23:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
- 2016-06-14 17:01 - 2016-05-28 02:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
- 2016-06-14 17:01 - 2016-05-28 02:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
- 2016-06-14 17:01 - 2016-05-28 01:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
- 2016-06-14 17:01 - 2016-05-28 01:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
- 2016-06-14 17:01 - 2016-05-28 01:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
- 2016-06-14 17:01 - 2016-05-28 01:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
- 2016-06-14 17:01 - 2016-05-28 01:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
- 2016-06-14 17:01 - 2016-05-28 01:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
- 2016-06-14 17:01 - 2016-05-28 01:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
- 2016-06-14 17:01 - 2016-05-28 01:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
- 2016-06-14 17:01 - 2016-05-28 01:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
- 2016-06-14 17:01 - 2016-05-28 01:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
- 2016-06-14 17:01 - 2016-05-28 01:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
- 2016-06-14 17:01 - 2016-05-28 01:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
- 2016-06-14 17:01 - 2016-05-28 01:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
- 2016-06-14 17:01 - 2016-05-28 01:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
- 2016-06-14 17:01 - 2016-05-28 01:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
- 2016-06-14 17:01 - 2016-05-28 01:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
- 2016-06-14 17:01 - 2016-05-28 01:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
- 2016-06-14 17:01 - 2016-05-28 00:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
- 2016-06-14 17:01 - 2016-05-28 00:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
- 2016-06-14 17:01 - 2016-05-28 00:29 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll
- 2016-06-14 17:01 - 2016-05-28 00:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
- 2016-06-14 17:01 - 2016-05-28 00:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
- 2016-06-14 17:01 - 2016-05-28 00:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
- 2016-06-14 17:01 - 2016-05-28 00:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
- 2016-06-14 17:01 - 2016-05-28 00:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
- 2016-06-14 17:01 - 2016-05-28 00:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
- 2016-06-14 17:01 - 2016-05-28 00:25 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll
- 2016-06-14 17:01 - 2016-05-28 00:25 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll
- 2016-06-14 17:01 - 2016-05-28 00:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
- 2016-06-14 17:01 - 2016-05-28 00:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
- 2016-06-14 17:01 - 2016-05-28 00:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
- 2016-06-14 17:01 - 2016-05-28 00:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
- 2016-06-14 17:01 - 2016-05-28 00:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
- 2016-06-14 17:01 - 2016-05-28 00:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
- 2016-06-14 17:01 - 2016-05-28 00:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
- 2016-06-14 17:01 - 2016-05-28 00:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
- 2016-06-14 17:01 - 2016-05-28 00:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
- 2016-06-14 17:01 - 2016-05-28 00:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
- 2016-06-14 17:01 - 2016-05-28 00:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
- 2016-06-14 17:01 - 2016-05-28 00:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
- 2016-06-14 17:01 - 2016-05-28 00:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
- 2016-06-14 17:01 - 2016-05-28 00:21 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll
- 2016-06-14 17:01 - 2016-05-28 00:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
- 2016-06-14 17:01 - 2016-05-28 00:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
- 2016-06-14 17:01 - 2016-05-28 00:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
- 2016-06-14 17:01 - 2016-05-28 00:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
- 2016-06-14 17:01 - 2016-05-28 00:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
- 2016-06-14 17:01 - 2016-05-28 00:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
- 2016-06-14 17:01 - 2016-05-28 00:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
- 2016-06-14 17:01 - 2016-05-28 00:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
- 2016-06-14 17:01 - 2016-05-28 00:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
- 2016-06-14 17:01 - 2016-05-28 00:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
- 2016-06-14 17:01 - 2016-05-28 00:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
- 2016-06-14 17:01 - 2016-05-28 00:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
- 2016-06-14 17:01 - 2016-05-28 00:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
- 2016-06-14 17:01 - 2016-05-28 00:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
- 2016-06-14 17:01 - 2016-05-28 00:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
- 2016-06-14 17:01 - 2016-05-28 00:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
- 2016-06-14 17:01 - 2016-05-28 00:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
- 2016-06-14 17:01 - 2016-05-28 00:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
- 2016-06-14 17:01 - 2016-05-28 00:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
- 2016-06-14 17:01 - 2016-05-28 00:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
- 2016-06-14 17:01 - 2016-05-28 00:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
- 2016-06-14 17:01 - 2016-05-28 00:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
- 2016-06-14 17:01 - 2016-05-28 00:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
- 2016-06-14 17:01 - 2016-05-28 00:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
- 2016-06-14 17:01 - 2016-05-28 00:11 - 02470912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll
- 2016-06-14 17:01 - 2016-05-28 00:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
- 2016-06-14 17:01 - 2016-05-28 00:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
- 2016-06-14 17:01 - 2016-05-28 00:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
- 2016-06-14 17:01 - 2016-05-28 00:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
- 2016-06-14 17:01 - 2016-05-28 00:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
- 2016-06-14 17:01 - 2016-05-28 00:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
- 2016-06-14 17:01 - 2016-05-28 00:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
- 2016-06-14 17:01 - 2016-05-28 00:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
- 2016-06-14 17:01 - 2016-05-28 00:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
- 2016-06-14 17:01 - 2016-05-28 00:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
- 2016-06-14 17:01 - 2016-05-28 00:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
- 2016-06-14 17:01 - 2016-05-27 23:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
- 2016-06-14 17:01 - 2016-05-27 23:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
- 2016-06-14 17:01 - 2016-05-27 23:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
- 2016-06-14 13:09 - 2016-06-14 13:09 - 01365785 _____ C:\Users\Admin\Downloads\Affiliate+Package.zip
- 2016-06-14 11:49 - 2016-06-14 12:10 - 00000000 ____D C:\Users\Admin\AppData\Local\8BitBoy
- 2016-06-14 08:44 - 2016-06-14 09:00 - 00000000 ____D C:\Users\Admin\Desktop\proxies
- 2016-06-13 17:07 - 2016-06-13 17:07 - 00001233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
- 2016-06-13 17:07 - 2016-06-13 17:07 - 00001221 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
- 2016-06-12 21:02 - 2016-06-12 21:53 - 00000000 ____D C:\Users\Admin\Desktop\YTBotv2
- 2016-06-12 21:02 - 2016-06-12 21:02 - 00712348 _____ C:\Users\Admin\Desktop\YTBotv2.zip
- 2016-06-12 20:00 - 2016-06-12 20:01 - 00000000 ____D C:\Users\Admin\Desktop\Monster Proxy
- 2016-06-12 19:13 - 2016-06-12 21:01 - 00000000 ____D C:\Users\Admin\Desktop\Accora-YTBOT
- 2016-06-12 14:20 - 2016-06-12 21:01 - 00000000 ____D C:\Users\Admin\Desktop\autoit
- 2016-06-12 14:19 - 2016-06-12 14:19 - 17519307 _____ C:\Users\Admin\Downloads\youtube-outros (1).zip
- 2016-06-11 22:11 - 2016-06-11 22:12 - 05347516 _____ (Jos van der Zande) C:\Users\Admin\Downloads\SciTE4AutoIt3.exe
- 2016-06-11 22:09 - 2016-06-11 22:19 - 00639133 _____ C:\Users\Admin\Desktop\ytbot-accora.au3
- 2016-06-11 20:57 - 2016-06-11 20:57 - 00000000 ____D C:\Program Files\Application Verifier
- 2016-06-11 20:57 - 2016-06-11 20:57 - 00000000 ____D C:\Program Files (x86)\Application Verifier
- 2016-06-11 20:56 - 2016-06-11 20:56 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
- 2016-06-11 20:50 - 2016-06-11 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
- 2016-06-11 20:29 - 2016-06-11 20:29 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
- 2016-06-11 16:46 - 2016-06-11 16:46 - 00000000 ____D C:\Users\Admin\Desktop\AutoItDecompiler
- 2016-06-11 16:45 - 2016-06-11 22:13 - 00000387 _____ C:\Users\Admin\SciTE.session
- 2016-06-11 16:33 - 2016-06-11 22:12 - 00000000 ____D C:\Users\Admin\AppData\Local\AutoIt v3
- 2016-06-11 16:33 - 2016-06-11 16:33 - 00000000 ____D C:\Users\Admin\Documents\autoit
- 2016-06-11 16:25 - 2016-06-11 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
- 2016-06-11 16:24 - 2016-06-11 22:12 - 00000000 ____D C:\Program Files (x86)\AutoIt3
- 2016-06-11 16:15 - 2016-06-11 16:24 - 12273456 _____ (AutoIt Team) C:\Users\Admin\Downloads\autoit-v3-setup.exe
- 2016-06-11 16:15 - 2016-06-11 16:15 - 00000000 ____D C:\Users\Admin\Documents\Resource Tuner 2
- 2016-06-11 16:13 - 2016-06-11 16:13 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Resource Tuner 2
- 2016-06-11 16:13 - 2016-06-11 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Tuner
- 2016-06-11 16:13 - 2016-06-11 16:13 - 00000000 ____D C:\Program Files (x86)\Resource Tuner
- 2016-06-11 16:12 - 2016-06-11 16:12 - 04438933 _____ (Heaventools Software ) C:\Users\Admin\Downloads\ResTuner_setup.exe
- 2016-06-11 16:08 - 2016-06-11 16:08 - 00000000 ____D C:\Users\Admin\AppData\Roaming\JetBrains
- 2016-06-11 16:02 - 2016-06-11 16:03 - 00000000 ____D C:\Users\Admin\AppData\Local\JetBrains
- 2016-06-11 15:59 - 2016-06-11 15:59 - 00000000 ____D C:\Users\Admin\AppData\Local\NuGet
- 2016-06-11 15:57 - 2016-06-11 15:58 - 00890432 _____ (JetBrains) C:\Users\Admin\Downloads\JetBrains.dotPeek.2016.1.2.web.exe
- 2016-06-11 13:36 - 2016-06-11 13:36 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tubenoia Youtube Bot
- 2016-06-11 13:36 - 2016-06-11 13:36 - 00000000 ____D C:\Program Files (x86)\Tubenoia Youtube Bot
- 2016-06-11 13:03 - 2016-06-11 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
- 2016-06-11 13:01 - 2016-06-11 13:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
- 2016-06-11 13:01 - 2016-06-11 13:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
- 2016-06-11 12:36 - 2016-06-11 12:40 - 00000000 ____D C:\Users\Admin\Documents\Acunetix WVS 9
- 2016-06-11 12:34 - 2016-06-11 12:36 - 00000000 ____D C:\Users\Public\Documents\Acunetix WVS 9
- 2016-06-11 12:33 - 2016-06-11 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acunetix Web Vulnerability Scanner 9.5
- 2016-06-11 12:33 - 2016-06-11 12:33 - 00000000 ____D C:\Program Files (x86)\Acunetix
- 2016-06-11 11:58 - 2016-06-11 12:34 - 00000724 _____ C:\WINDOWS\WVS_InstDBLogFile.csv
- 2016-06-11 11:58 - 2016-06-11 12:33 - 00000000 ____D C:\ProgramData\Acunetix WVS 9
- 2016-06-11 11:46 - 2016-06-11 11:54 - 00000000 ____D C:\Users\Admin\Downloads\Acunetix Web Vulnerability Scanner 9.5 Cracked [0x22] [DL FIX]
- 2016-06-11 11:38 - 2016-06-11 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jagex
- 2016-06-11 11:38 - 2016-06-11 11:38 - 00000000 ____D C:\Program Files\Jagex
- 2016-06-11 11:36 - 2016-06-11 11:37 - 03855552 _____ (Jagex Ltd ) C:\Users\Admin\Downloads\RuneScape-Setup.exe
- 2016-06-10 22:15 - 2016-06-10 22:15 - 00000000 ____D C:\Users\Admin\AppData\Roaming\NuGet
- 2016-06-10 22:13 - 2016-06-10 22:13 - 00000000 ____D C:\Users\Admin\.dnx
- 2016-06-10 18:51 - 2016-06-10 19:03 - 677179265 _____ C:\Users\Admin\Downloads\treat-10k-pack.zip
- 2016-06-10 16:18 - 2016-02-23 03:21 - 01001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
- 2016-06-10 16:18 - 2016-02-23 02:52 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll
- 2016-06-10 16:18 - 2015-11-13 01:57 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll
- 2016-06-10 16:18 - 2015-11-13 01:55 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll
- 2016-06-10 16:18 - 2015-11-13 01:54 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll
- 2016-06-10 16:18 - 2015-11-13 01:53 - 01073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll
- 2016-06-10 16:18 - 2015-11-13 01:53 - 00727552 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll
- 2016-06-10 16:18 - 2015-11-13 01:52 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe
- 2016-06-10 16:18 - 2015-11-13 01:51 - 08574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll
- 2016-06-10 16:18 - 2015-11-13 01:50 - 05562880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe
- 2016-06-10 16:18 - 2015-11-13 01:31 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsReporting.dll
- 2016-06-10 16:18 - 2015-11-13 01:29 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll
- 2016-06-10 16:18 - 2015-11-13 01:29 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll
- 2016-06-10 16:18 - 2015-11-13 01:28 - 00763904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll
- 2016-06-10 16:18 - 2015-11-13 01:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll
- 2016-06-10 16:18 - 2015-11-13 01:26 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe
- 2016-06-10 16:18 - 2015-11-13 01:25 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe
- 2016-06-10 16:18 - 2015-11-13 01:23 - 06584320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll
- 2016-06-10 16:03 - 2016-06-12 16:24 - 00000021 _____ C:\Users\Admin\Desktop\proxy.ini
- 2016-06-10 12:41 - 2016-06-10 12:41 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\David Szymanski
- 2016-06-10 09:52 - 2016-06-10 09:52 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TubeTycoon
- 2016-06-10 08:30 - 2016-06-10 22:13 - 00000000 ____D C:\Users\Admin\Documents\Visual Studio 2015
- 2016-06-09 22:09 - 2016-06-09 22:09 - 00000000 ____D C:\Program Files (x86)\AppInsights
- 2016-06-09 21:59 - 2016-06-09 21:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
- 2016-06-09 21:44 - 2016-06-09 21:44 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
- 2016-06-09 21:36 - 2016-06-09 21:36 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
- 2016-06-09 21:35 - 2016-06-09 21:35 - 00000000 ____D C:\Program Files (x86)\ShellDir
- 2016-06-09 21:32 - 2016-06-09 21:59 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
- 2016-06-09 21:20 - 2016-06-09 21:20 - 00000000 ____D C:\ProgramData\Microsoft DNX
- 2016-06-09 21:20 - 2016-06-09 21:20 - 00000000 ____D C:\Program Files\Microsoft DNX
- 2016-06-09 21:13 - 2016-06-09 21:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
- 2016-06-09 20:54 - 2016-06-09 20:54 - 00000000 ____D C:\Program Files\IIS Express
- 2016-06-09 20:54 - 2016-06-09 20:54 - 00000000 ____D C:\Program Files (x86)\IIS Express
- 2016-06-09 20:53 - 2016-06-09 20:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
- 2016-06-09 20:51 - 2016-06-09 20:51 - 00000000 ____D C:\ProgramData\NuGet
- 2016-06-09 20:51 - 2016-06-09 20:51 - 00000000 ____D C:\Program Files (x86)\NuGet
- 2016-06-09 20:48 - 2016-06-09 20:48 - 00000000 ____D C:\Program Files\IIS
- 2016-06-09 20:48 - 2016-06-09 20:48 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
- 2016-06-09 20:48 - 2016-06-09 20:48 - 00000000 ____D C:\Program Files (x86)\IIS
- 2016-06-09 20:42 - 2016-06-09 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
- 2016-06-09 20:40 - 2016-06-09 20:40 - 00001505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
- 2016-06-09 20:38 - 2016-06-10 08:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
- 2016-06-09 20:38 - 2016-06-09 20:38 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
- 2016-06-09 20:35 - 2016-06-09 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
- 2016-06-09 20:34 - 2016-06-09 20:34 - 00000000 ____D C:\WINDOWS\symbols
- 2016-06-09 20:34 - 2016-06-09 20:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
- 2016-06-09 20:26 - 2015-10-29 20:12 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxToolsReportGenerator.dll
- 2016-06-09 20:26 - 2015-10-29 20:12 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxToolsReportGenerator.dll
- 2016-06-09 20:26 - 2015-10-29 19:38 - 00369152 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe
- 2016-06-09 20:26 - 2015-10-29 19:37 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXGIDebug.dll
- 2016-06-09 20:26 - 2015-10-29 19:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsProxyStub.dll
- 2016-06-09 20:26 - 2015-10-29 19:36 - 00349184 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe
- 2016-06-09 20:26 - 2015-10-29 19:35 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXGIDebug.dll
- 2016-06-09 20:26 - 2015-10-29 19:35 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsProxyStub.dll
- 2016-06-09 20:26 - 2015-10-29 19:34 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf_gputiming.dll
- 2016-06-09 20:26 - 2015-10-29 19:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf_gputiming.dll
- 2016-06-09 20:26 - 2015-10-29 19:30 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1debug3.dll
- 2016-06-09 20:26 - 2015-10-29 19:29 - 05667840 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
- 2016-06-09 20:26 - 2015-10-29 19:27 - 04533760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
- 2016-06-09 20:26 - 2015-10-29 19:27 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1debug3.dll
- 2016-06-09 20:26 - 2015-10-29 19:12 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11_3SDKLayers.dll
- 2016-06-09 20:26 - 2015-10-29 19:11 - 01064960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11_3SDKLayers.dll
- 2016-06-09 20:22 - 2016-06-09 22:04 - 00000000 ____D C:\Program Files\Microsoft SQL Server
- 2016-06-09 20:22 - 2016-06-09 22:04 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
- 2016-06-09 20:22 - 2016-06-09 20:38 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
- 2016-06-09 20:22 - 2016-06-09 20:22 - 00001514 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
- 2016-06-09 20:13 - 2016-06-09 20:24 - 00000000 ____D C:\WINDOWS\system32\1033
- 2016-06-09 20:12 - 2016-06-09 21:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
- 2016-06-09 20:12 - 2016-06-09 20:12 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
- 2016-06-09 19:57 - 2016-06-11 20:41 - 00000000 ____D C:\Program Files (x86)\Windows Kits
- 2016-06-09 19:57 - 2016-06-11 20:41 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
- 2016-06-09 19:53 - 2016-06-09 19:53 - 00234640 _____ () C:\WINDOWS\act.exe
- 2016-06-09 19:14 - 2016-06-09 19:15 - 00213848 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\vs_community_ENU.exe
- 2016-06-09 08:28 - 2016-06-09 08:28 - 00000000 ____D C:\Users\Admin\Documents\My Games
- 2016-06-09 08:28 - 2016-06-09 08:28 - 00000000 ____D C:\Users\Admin\Desktop\Hacknet.v4.015
- 2016-06-08 23:03 - 2016-06-09 08:23 - 00000000 ____D C:\Program Files (x86)\HACKNET
- 2016-06-08 23:03 - 2016-06-08 23:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HACKNET
- 2016-06-08 22:47 - 2016-06-08 22:47 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\South East Games
- 2016-06-08 22:46 - 2016-06-08 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint The Town Red
- 2016-06-08 22:45 - 2016-06-08 22:46 - 00000000 ____D C:\Program Files (x86)\Paint The Town Red
- 2016-06-08 08:19 - 2014-02-04 15:29 - 00316928 _____ (CANON INC.) C:\WINDOWS\system32\CNC_CBC.dll
- 2016-06-08 08:19 - 2014-02-04 15:29 - 00105984 _____ (CANON INC.) C:\WINDOWS\system32\CNC_CBI.dll
- 2016-06-08 08:19 - 2014-01-21 13:16 - 00369664 _____ (CANON INC.) C:\WINDOWS\system32\CNC_CBL.dll
- 2016-06-08 08:19 - 2013-12-02 09:57 - 00088320 _____ C:\WINDOWS\system32\CNC1780D.TBL
- 2016-06-08 08:19 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA6.dll
- 2016-06-08 08:17 - 2016-06-08 08:17 - 00000000 ____D C:\Users\Admin\AppData\Local\HP
- 2016-06-07 14:21 - 2016-06-07 14:21 - 00086368 _____ C:\Users\Admin\Downloads\skessentials.sk
- 2016-06-06 11:50 - 2016-06-06 11:50 - 00056334 _____ C:\Users\Admin\Downloads\PIZZA SE.pdf
- 2016-06-06 10:55 - 2016-06-06 10:55 - 00603122 _____ C:\Users\Admin\Downloads\Hifonics Amazon Guide.pdf
- 2016-06-06 08:41 - 2016-06-10 16:02 - 00001694 _____ C:\Users\Admin\Documents\proxies.txt
- 2016-06-06 08:27 - 2016-06-06 08:27 - 00000000 ____D C:\Users\Admin\Desktop\GaterProxy8.9Premium
- 2016-06-05 20:41 - 2016-06-05 20:45 - 00000000 ____D C:\Users\Admin\AppData\Local\Mirillis
- 2016-06-05 20:41 - 2016-06-05 20:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mirillis
- 2016-06-05 20:41 - 2016-06-05 20:41 - 00000000 ____D C:\ProgramData\Mirillis
- 2016-06-05 20:41 - 2016-06-05 20:41 - 00000000 ____D C:\Action!
- 2016-06-05 20:40 - 2016-06-05 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
- 2016-06-05 20:40 - 2016-06-05 20:40 - 00000000 ____D C:\Program Files (x86)\Mirillis
- 2016-06-05 20:06 - 2016-06-05 20:06 - 00282624 _____ (Newtonsoft) C:\Users\Admin\Downloads\Newtonsoft.Json.dll
- 2016-06-05 20:06 - 2016-06-05 20:06 - 00181248 _____ () C:\Users\Admin\Downloads\Dox Tool V2.exe
- 2016-06-05 14:16 - 2016-06-18 21:12 - 00000000 ____D C:\Users\Admin\AppData\Roaming\StardewValley
- 2016-06-05 14:15 - 2016-06-05 14:15 - 00000000 ____D C:\skidrowrepacks
- 2016-06-05 11:09 - 2016-06-05 11:51 - 00000000 ____D C:\Users\Admin\AppData\Roaming\.minecraft
- 2016-06-05 11:09 - 2016-06-05 11:09 - 00000000 ____D C:\Users\Admin\AppData\Roaming\java
- 2016-06-05 11:05 - 2016-06-05 11:08 - 00000000 ____D C:\Program Files (x86)\Minecraft
- 2016-06-05 11:05 - 2016-06-05 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
- 2016-06-05 11:03 - 2016-06-05 11:03 - 02314240 _____ C:\Users\Admin\Downloads\MinecraftInstaller.msi
- 2016-06-04 15:39 - 2016-06-04 15:39 - 00000048 _____ C:\Users\Admin\.bash_history
- 2016-06-04 15:39 - 2016-06-04 15:39 - 00000000 ____D C:\Users\Admin\Desktop\MineCraft
- 2016-06-04 15:30 - 2016-06-04 15:30 - 00000000 ____D C:\Users\Admin\.m2
- 2016-06-04 15:27 - 2016-06-04 15:27 - 00000066 _____ C:\Users\Admin\.gitconfig
- 2016-06-04 15:26 - 2016-06-04 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
- 2016-06-04 15:26 - 2016-06-04 15:26 - 00000000 ____D C:\ProgramData\Git
- 2016-06-04 15:25 - 2016-06-04 15:26 - 00000000 ____D C:\Program Files\Git
- 2016-06-04 15:24 - 2016-06-04 15:25 - 31223584 _____ (The Git Development Community ) C:\Users\Admin\Downloads\Git-2.8.3-64-bit.exe
- 2016-06-04 15:24 - 2016-06-04 15:24 - 03411586 _____ C:\Users\Admin\Desktop\BuildTools.jar
- 2016-06-04 09:49 - 2016-06-04 09:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nordic Games
- 2016-06-04 09:41 - 2016-06-04 09:41 - 00000000 ____D C:\Program Files (x86)\Nordic Games
- 2016-06-04 09:11 - 2016-06-04 09:16 - 00000000 ____D C:\Users\Admin\Downloads\Painkiller.Hell.and.Damnation.2012-SKIDROW
- 2016-06-04 09:09 - 2016-06-04 09:09 - 00669696 _____ C:\Users\Admin\Downloads\Painkiller Hell .iso
- 2016-06-04 07:58 - 2016-06-04 07:58 - 05965930 _____ C:\Users\Admin\Downloads\Overnight Income.rar
- 2016-06-03 19:06 - 2016-06-03 19:06 - 00215947 _____ C:\Users\Admin\Downloads\BTCExplosion.pdf
- 2016-06-03 15:48 - 2016-06-03 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\35MM
- 2016-06-03 15:47 - 2016-06-03 15:48 - 00000000 ____D C:\35MM
- 2016-06-03 15:46 - 2016-06-03 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtubers Life v0.7.7
- 2016-06-03 15:43 - 2016-06-20 18:59 - 00000000 ____D C:\Users\Admin\Desktop\Windows
- 2016-06-03 15:42 - 2016-06-03 15:42 - 00000000 ____D C:\Program Files (x86)\Youtubers Life v0.7.7
- 2016-06-03 13:44 - 2016-06-03 13:44 - 01230336 _____ C:\Users\Admin\Desktop\RoyalViewer.exe
- 2016-06-03 12:03 - 2016-06-03 12:03 - 00464384 _____ C:\Users\Admin\Desktop\EZfrags v8.33.exe
- 2016-06-03 08:52 - 2016-06-03 08:58 - 00000000 ____D C:\Users\Admin\AppData\Local\midori
- 2016-06-03 08:52 - 2016-06-03 08:58 - 00000000 ____D C:\Users\Admin\.dbus-keyrings
- 2016-06-03 08:52 - 2016-06-03 08:52 - 00000000 ____D C:\Users\Admin\AppData\Local\webkit
- 2016-06-03 08:50 - 2016-06-03 08:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Midori
- 2016-06-03 08:50 - 2016-06-03 08:51 - 00000000 ____D C:\Program Files (x86)\Midori
- 2016-06-03 08:43 - 2016-06-03 08:50 - 39535258 _____ C:\Users\Admin\Downloads\midori_0.5.11_32_.exe
- 2016-06-03 08:35 - 2016-06-03 08:35 - 00707354 _____ C:\WINDOWS\unins000.exe
- 2016-06-03 08:35 - 2016-06-03 08:35 - 00001529 _____ C:\WINDOWS\unins000.dat
- 2016-06-03 08:35 - 2016-06-03 08:35 - 00000000 ____D C:\WINDOWS\SysWOW64\GPBAK
- 2016-06-03 08:35 - 2008-04-14 02:11 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
- 2016-06-03 08:35 - 2001-08-23 13:00 - 00034871 _____ C:\WINDOWS\SysWOW64\gpedit.msc
- 2016-06-02 22:06 - 2016-06-02 22:07 - 17519307 _____ C:\Users\Admin\Downloads\youtube-outros.zip
- 2016-06-02 21:05 - 2016-06-02 21:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\HandBrake
- 2016-06-02 21:05 - 2016-06-02 21:05 - 00000000 ____D C:\Users\Admin\AppData\Roaming\HandBrake Team
- 2016-06-02 21:04 - 2016-06-02 21:04 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
- 2016-06-02 21:04 - 2016-06-02 21:04 - 00000000 ____D C:\Program Files\Handbrake
- 2016-06-02 21:02 - 2016-06-02 21:03 - 16520043 _____ C:\Users\Admin\Downloads\HandBrake-0.10.5-x86_64-Win_GUI-1.exe
- 2016-06-02 21:01 - 2016-06-02 21:01 - 00000000 ____D C:\Users\Admin\AppData\Local\fontconfig
- 2016-06-02 20:52 - 2016-06-02 20:52 - 00000096 _____ C:\Users\Admin\AppData\Roaming\settings.xml
- 2016-06-02 20:52 - 2016-06-02 20:52 - 00000000 ____D C:\Users\Admin\Documents\convertedVideos
- 2016-06-02 20:52 - 2016-06-02 20:52 - 00000000 ____D C:\Users\Admin\AppData\Local\SkinSoft
- 2016-06-02 20:51 - 2016-06-02 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Mov To Mp4 Converter
- 2016-06-02 20:51 - 2016-06-02 20:51 - 00000000 ____D C:\Program Files (x86)\convertaudiofree
- 2016-06-02 20:49 - 2016-06-02 20:49 - 16742922 _____ (convertaudiofree) C:\Users\Admin\Downloads\movtomp4_setup.exe
- 2016-06-02 20:49 - 2016-06-02 20:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\convertaudiofree
- 2016-06-01 07:09 - 2016-06-14 23:21 - 00002294 ____H C:\Users\Admin\Documents\Default.rdp
- 2016-05-31 23:09 - 2016-06-01 00:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\WindSolutions
- 2016-05-31 23:09 - 2016-06-01 00:00 - 00000000 ____D C:\ProgramData\WindSolutions
- 2016-05-31 23:09 - 2016-05-31 23:09 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
- 2016-05-31 23:08 - 2016-05-31 23:09 - 06758512 _____ (WindSolutions) C:\Users\Admin\Downloads\Install_CopyTransControlCenter.exe
- 2016-05-31 22:05 - 2016-05-31 22:05 - 00000000 ____D C:\Users\Admin\AppData\Roaming\iMobie
- 2016-05-31 22:05 - 2016-05-31 22:05 - 00000000 ____D C:\Users\Admin\AppData\Local\iMobie_Inc
- 2016-05-31 22:05 - 2016-05-31 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
- 2016-05-31 22:05 - 2016-05-31 22:05 - 00000000 ____D C:\Program Files (x86)\iMobie
- 2016-05-31 22:04 - 2016-05-31 22:04 - 01074600 _____ (iMobie Inc.) C:\Users\Admin\Downloads\anytrans-setup.exe
- 2016-05-31 22:04 - 2016-05-31 22:04 - 01074600 _____ (iMobie Inc.) C:\Users\Admin\Downloads\anytrans-setup (1).exe
- 2016-05-31 12:27 - 2016-05-31 12:27 - 01814124 _____ C:\Users\Admin\Desktop\video-1464711104.mp4
- 2016-05-31 02:54 - 2016-05-31 02:54 - 00420545 _____ C:\Users\Admin\Downloads\enhance_views.xpi
- 2016-05-31 00:35 - 2016-05-31 01:53 - 00000000 ____D C:\UltraViews
- 2016-05-31 00:35 - 2016-05-31 01:31 - 00000000 ____D C:\Users\Admin\AppData\Local\Phantasiac
- 2016-05-31 00:35 - 2016-05-31 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraViews
- 2016-05-31 00:21 - 2016-05-31 00:35 - 27350710 _____ (Phantasiac ) C:\Users\Admin\Downloads\Setup UltraViews.exe
- 2016-05-30 17:08 - 2016-05-30 17:08 - 00003644 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-garall94@gmail.com
- 2016-05-30 17:05 - 2016-06-09 13:26 - 00000000 ____D C:\Users\Admin\Documents\Adobe
- 2016-05-30 17:05 - 2016-05-30 17:05 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
- 2016-05-30 16:50 - 2016-05-30 16:51 - 00000853 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
- 2016-05-30 16:33 - 2016-05-30 16:40 - 00000000 ____D C:\Users\Admin\Downloads\Adobe Photoshop CC 2015 (20150529.r.88) (32+64Bit) + Crack
- 2016-05-29 21:28 - 2016-05-29 21:28 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Katapult
- 2016-05-29 20:07 - 2016-05-29 20:07 - 00000000 ____D C:\Users\Admin\Downloads\Malwarebytes Anti-Malware Premium 2.1.8.1057 Multilingual + KeyGen by FFF
- 2016-05-29 20:05 - 2016-05-29 20:06 - 00000000 ____D C:\Users\Admin\Downloads\Malwarebytes Anti-Malware v2.1.8.1057 + Serial
- 2016-05-29 19:38 - 2016-05-29 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WTFast
- 2016-05-29 19:38 - 2016-05-29 19:38 - 00000000 ____D C:\Program Files (x86)\WTFast
- 2016-05-29 19:38 - 2016-04-07 11:36 - 00037872 _____ (AAA Internet Publishing, Inc.) C:\WINDOWS\system32\Drivers\WtfEngineDrv.sys
- 2016-05-29 19:37 - 2016-05-29 19:38 - 25913088 _____ (Initex & AAA Internet Publishing ) C:\Users\Admin\Downloads\WTFastSetup.4.1.0.741.exe
- 2016-05-29 19:34 - 2016-05-29 19:39 - 00000000 ____D C:\Users\Admin\AppData\Local\AAA_Internet_Publishing,_
- 2016-05-29 19:34 - 2016-05-29 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WTFast Beta
- 2016-05-29 19:33 - 2016-05-29 19:35 - 00000000 ____D C:\Program Files (x86)\WTFast Beta
- 2016-05-29 16:15 - 2016-05-29 16:16 - 00001561 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall.lnk
- 2016-05-29 16:15 - 2016-05-29 16:15 - 00000000 ____D C:\Program Files (x86)\blackscriptz.club
- 2016-05-29 15:35 - 2016-05-29 15:37 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.5
- 2016-05-29 15:35 - 2016-05-29 15:35 - 00000000 ____D C:\Users\Admin\AppData\Local\Package Cache
- 2016-05-29 15:33 - 2016-05-29 15:34 - 28743504 _____ (Python Software Foundation) C:\Users\Admin\Downloads\python-3.5.1.exe
- 2016-05-29 14:56 - 2016-05-29 14:56 - 00007817 _____ C:\Users\Admin\Downloads\Garrette-Allen.pdf
- 2016-05-29 12:51 - 2016-05-29 12:51 - 05285376 _____ C:\Users\Admin\AppData\Roaming\chromedriver221.exe
- 2016-05-29 12:51 - 2016-05-29 12:51 - 00701954 _____ C:\Users\Admin\AppData\Roaming\WebDriver.FirefoxExt2530.zip
- 2016-05-29 12:51 - 2016-05-29 12:51 - 00034476 _____ C:\Users\Admin\AppData\Roaming\disable_webrtc-1.0.6.xpi
- 2016-05-29 12:51 - 2016-05-29 12:51 - 00000000 ____D C:\ProgramData\Isolated Storage
- 2016-05-29 12:50 - 2016-05-29 12:51 - 18587648 _____ (PhantomJS) C:\Users\Admin\AppData\Roaming\PhantomJSv211.exe
- 2016-05-29 12:48 - 2016-05-29 12:52 - 00000000 ____D C:\Users\Admin\AppData\Roaming\UBot Studio
- 2016-05-29 12:47 - 2016-05-29 12:56 - 00000000 ____D C:\Program Files (x86)\CoinCollector
- 2016-05-29 12:47 - 2016-05-29 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoinCollector
- 2016-05-29 12:47 - 2016-05-29 12:47 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AutoClickBots
- 2016-05-27 15:33 - 2016-05-27 15:33 - 06541784 _____ (Tim Kosse) C:\Users\Admin\Downloads\FileZilla_3.18.0_win64-setup.exe
- 2016-05-26 19:03 - 2016-05-26 19:03 - 00088263 _____ C:\Users\Admin\Downloads\2015TurboTaxReturn.pdf
- 2016-05-26 09:40 - 2016-05-26 09:41 - 35414201 _____ C:\Users\Admin\Downloads\Template 9 AuraOutro.zip
- 2016-05-26 09:12 - 2016-05-26 09:12 - 00002600 _____ C:\Users\Admin\Documents\Register Vegas Pro.htm
- 2016-05-26 09:02 - 2016-05-26 09:02 - 00000000 ____D C:\Users\Admin\Downloads\Sony Vegas Pro 13.0 Build 453 (x64) + Patch DI
- 2016-05-26 09:01 - 2016-05-26 09:01 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Sony Creative Software Inc
- 2016-05-26 08:59 - 2016-05-26 08:59 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Publish Providers
- 2016-05-26 08:51 - 2016-05-26 09:08 - 00006322 _____ C:\WINDOWS\system32\--traceoff
- 2016-05-26 08:51 - 2016-05-26 08:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
- 2016-05-26 08:51 - 2016-05-26 08:51 - 00000000 _____ C:\WINDOWS\system32\--debugoff
- 2016-05-26 08:50 - 2016-05-26 08:57 - 00000000 ____D C:\Users\Admin\AppData\Local\Sony
- 2016-05-26 08:50 - 2016-05-26 08:50 - 00000000 ____D C:\ProgramData\Sony
- 2016-05-26 08:50 - 2016-05-26 08:50 - 00000000 ____D C:\Program Files\Sony
- 2016-05-26 08:50 - 2016-05-26 08:50 - 00000000 ____D C:\Program Files (x86)\Sony
- 2016-05-26 08:49 - 2016-05-26 09:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Sony
- 2016-05-26 08:43 - 2016-05-26 08:43 - 00296253 ____R C:\Users\Admin\Downloads\Affiliate Marketing Secrets to Freedom.pdf
- 2016-05-26 08:38 - 2016-05-26 08:39 - 00000000 ____D C:\Users\Admin\Downloads\Sony Vegas Pro 13.0 build 290 (64 bit) Multilingual [ChingLiu]
- 2016-05-25 14:52 - 2016-05-25 14:52 - 00000000 ____D C:\Users\Admin\Documents\OilEnterprise
- 2016-05-25 14:25 - 2016-05-25 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\astragon Entertainment GmbH
- 2016-05-25 14:24 - 2016-05-25 14:24 - 00000000 ____D C:\Program Files (x86)\astragon Entertainment GmbH
- 2016-05-25 13:24 - 2016-05-25 13:33 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
- 2016-05-25 13:24 - 2016-05-25 13:32 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
- 2016-05-25 13:18 - 2016-05-25 13:18 - 00000000 ____D C:\Users\Admin\AppData\Local\Ndemic Creations
- 2016-05-24 22:07 - 2016-05-24 22:07 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\SquareEnix
- 2016-05-24 22:06 - 2016-05-24 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FINAL FANTASY IX
- 2016-05-24 21:34 - 2016-05-24 21:59 - 00000000 ____D C:\Users\Admin\Downloads\FINAL.FANTASY.IX-CODEX
- 2016-05-24 21:32 - 2016-05-25 07:50 - 00000000 ____D C:\Users\Admin\Downloads\3DMGAME-Plague.Inc.Evolved.v1.0.1.Cracked-3DM
- 2016-05-24 19:46 - 2016-05-24 19:46 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Nvizzio Creations
- 2016-05-24 19:39 - 2016-05-24 19:41 - 00000000 ____D C:\Users\Admin\Downloads\Oil.Enterprise-SKIDROW
- 2016-05-24 19:33 - 2016-05-24 19:33 - 00030913 _____ C:\Users\Admin\Downloads\Oil.Enterprise-SKIDROW-[rarbg.com].torrent
- 2016-05-24 19:27 - 2016-05-24 19:40 - 00000000 ____D C:\Users\Admin\Downloads\3DMGAME-RollerCoaster.Tycoon.World.Deluxe.Edition.Early.Access.With.Update.4.Cracked-3DM
- 2016-05-24 19:26 - 2016-05-24 19:26 - 00036488 _____ C:\Users\Admin\Downloads\RollerCoaster.Tycoon.Deluxe.Edition.Incl.Update.4.torrent
- 2016-05-24 17:31 - 2016-06-21 13:54 - 00000000 ____D C:\Users\Admin\Desktop\Photoshop SHit
- 2016-05-23 14:56 - 2016-05-23 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bighits4U Viewer
- 2016-05-23 14:56 - 2016-05-23 14:56 - 00000000 ____D C:\Program Files (x86)\Bighits4U Viewer 3.0
- 2016-05-23 14:54 - 2016-05-23 14:56 - 20041775 _____ (BigHits4U ) C:\Users\Admin\Downloads\Bighits4U Viewer Setup 3.0.exe
- 2016-05-23 13:03 - 2016-05-29 21:28 - 00000000 ____D C:\Users\Admin\AppData\Roaming\SmartSteamEmu
- 2016-05-23 13:03 - 2016-05-23 13:03 - 00000000 ____D C:\Users\Admin\Documents\U-Play online
- 2016-05-23 13:03 - 2016-05-23 13:03 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\U-Play online
- 2016-05-23 13:00 - 2016-05-23 13:01 - 00000000 ____D C:\youtuberslife
- 2016-05-23 12:27 - 2016-06-01 06:50 - 00000000 ____D C:\Users\Admin\AppData\Local\CrossCode
- 2016-05-23 12:25 - 2016-05-23 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrossCode v0.6.1
- 2016-05-23 12:25 - 2016-05-23 12:25 - 00000000 ____D C:\Program Files (x86)\CrossCode v0.6.1
- 2016-05-23 12:09 - 2016-05-23 13:00 - 674235217 _____ C:\Users\Admin\Downloads\YoutubersLifewwwskidrowrepackscom.exe
- 2016-05-23 09:52 - 2016-06-18 19:20 - 00000000 ____D C:\Users\Admin\Desktop\Streaming
- 2016-05-23 09:48 - 2016-05-23 09:48 - 05227019 _____ C:\Users\Admin\Downloads\namebench-1.3.1-Windows.exe
- ==================== One Month Modified files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2016-06-22 14:18 - 2015-07-16 14:53 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BB5CA899-0B9C-44DA-AF07-1A9076B8FA23}
- 2016-06-22 14:12 - 2016-05-20 10:39 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
- 2016-06-22 14:12 - 2015-08-04 12:18 - 00000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
- 2016-06-22 14:12 - 2015-07-28 18:04 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- 2016-06-22 14:11 - 2016-01-26 06:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
- 2016-06-22 14:09 - 2016-01-26 05:45 - 00000000 ____D C:\Users\Admin
- 2016-06-22 14:09 - 2015-10-30 02:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
- 2016-06-22 14:07 - 2015-09-01 11:45 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
- 2016-06-22 10:53 - 2015-07-28 18:04 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- 2016-06-22 10:48 - 2016-01-24 11:56 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- 2016-06-22 08:53 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
- 2016-06-22 08:53 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
- 2016-06-21 17:41 - 2016-01-26 05:39 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
- 2016-06-21 13:54 - 2016-05-19 22:00 - 00000132 _____ C:\Users\Admin\AppData\Roaming\Adobe PNG Format CS6 Prefs
- 2016-06-21 13:03 - 2016-05-19 21:00 - 00000000 ___RD C:\Users\Admin\Creative Cloud Files
- 2016-06-21 13:03 - 2016-05-19 21:00 - 00000000 ____D C:\ProgramData\boost_interprocess
- 2016-06-21 12:49 - 2015-10-05 20:38 - 00000000 ____D C:\Program Files (x86)\Steam
- 2016-06-21 12:38 - 2016-04-02 12:22 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
- 2016-06-21 12:29 - 2016-05-17 13:55 - 00390564 _____ C:\Users\Admin\Documents\starburn.txt
- 2016-06-21 11:44 - 2016-05-19 19:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\obs-studio
- 2016-06-21 11:30 - 2015-07-16 14:48 - 00000000 ____D C:\Users\Admin\Documents\Youcam
- 2016-06-20 19:09 - 2016-01-23 16:27 - 00000000 ____D C:\Users\Admin\AppData\Roaming\BitTorrent
- 2016-06-20 18:47 - 2015-10-30 03:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
- 2016-06-20 18:45 - 2015-08-04 14:05 - 00000000 ____D C:\Program Files\Microsoft Office 15
- 2016-06-20 09:44 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
- 2016-06-19 12:16 - 2016-05-14 13:52 - 00000000 ____D C:\Games
- 2016-06-19 11:28 - 2016-05-17 16:54 - 00000000 ____D C:\Users\Admin\AppData\Local\UNDERTALE
- 2016-06-18 11:55 - 2016-02-09 22:55 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2016-06-18 11:55 - 2016-02-09 22:55 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2016-06-17 13:31 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
- 2016-06-16 11:32 - 2016-01-26 05:44 - 00972168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
- 2016-06-16 11:32 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
- 2016-06-16 10:46 - 2015-07-16 17:38 - 00000000 __RHD C:\Users\Public\AccountPictures
- 2016-06-16 10:42 - 2016-01-26 05:35 - 05022616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
- 2016-06-16 10:37 - 2015-10-30 03:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
- 2016-06-16 10:37 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
- 2016-06-16 10:37 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\bcastdvr
- 2016-06-16 09:23 - 2016-05-22 20:21 - 00000000 ____D C:\Users\Admin\AppData\Local\{797F4F23-5DD7-239B-304F-06731427FAEB}
- 2016-06-16 09:22 - 2016-05-17 16:11 - 00000155 _____ C:\Users\Admin\AppData\Roaming\WB.CFG
- 2016-06-14 23:07 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
- 2016-06-14 21:55 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
- 2016-06-14 20:10 - 2015-07-20 13:32 - 00000000 ____D C:\WINDOWS\system32\MRT
- 2016-06-14 17:41 - 2015-07-20 13:32 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
- 2016-06-14 14:33 - 2015-10-30 03:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
- 2016-06-14 14:33 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
- 2016-06-14 07:33 - 2016-02-05 11:44 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
- 2016-06-14 07:30 - 2016-02-05 11:43 - 00000000 ___RD C:\Program Files (x86)\Skype
- 2016-06-14 07:30 - 2016-02-05 11:43 - 00000000 ____D C:\ProgramData\Skype
- 2016-06-13 17:06 - 2016-02-14 00:42 - 00000000 ____D C:\Program Files (x86)\Adobe
- 2016-06-13 10:13 - 2016-02-10 19:52 - 00000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
- 2016-06-12 19:13 - 2016-05-18 22:45 - 00000000 ____D C:\Users\Admin\Desktop\OfflineStorage
- 2016-06-12 16:14 - 2016-05-17 19:08 - 00000000 ____D C:\Users\Admin\Desktop\64 Bit
- 2016-06-11 21:26 - 2015-10-15 22:05 - 00000000 ____D C:\ProgramData\Package Cache
- 2016-06-11 16:25 - 2015-10-30 05:07 - 00000000 ____D C:\WINDOWS\ShellNew
- 2016-06-09 22:04 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
- 2016-06-09 21:44 - 2016-01-28 13:01 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
- 2016-06-09 20:34 - 2016-01-26 08:14 - 00000000 ____D C:\Program Files (x86)\MSBuild
- 2016-06-09 13:26 - 2015-07-16 14:45 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
- 2016-06-08 23:07 - 2015-07-16 14:45 - 00000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
- 2016-06-07 10:27 - 2016-02-14 01:43 - 00000518 _____ C:\Users\Admin\Desktop\bitcoin.txt
- 2016-06-06 18:49 - 2015-10-02 20:03 - 00000258 __RSH C:\ProgramData\ntuser.pol
- 2016-06-06 18:47 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
- 2016-06-06 14:20 - 2016-05-17 14:13 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Free Audio Editor
- 2016-06-04 07:11 - 2016-02-14 00:47 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
- 2016-06-04 07:11 - 2016-02-14 00:47 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
- 2016-06-03 08:35 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
- 2016-05-30 17:05 - 2016-02-14 00:49 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
- 2016-05-30 17:01 - 2016-05-19 20:28 - 00000000 ____D C:\Program Files\Common Files\Adobe
- 2016-05-30 16:57 - 2016-05-19 20:36 - 00000000 ____D C:\Program Files\Adobe
- 2016-05-30 16:55 - 2016-02-14 00:21 - 00000000 ____D C:\ProgramData\Adobe
- 2016-05-28 01:55 - 2016-01-26 05:39 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
- 2016-05-27 15:34 - 2016-03-02 10:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\FileZilla
- 2016-05-26 21:42 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\NDF
- 2016-05-26 14:09 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
- 2016-05-25 07:36 - 2016-05-16 11:52 - 00000000 ____D C:\Users\Admin\AppData\Roaming\OBS
- 2016-05-25 07:35 - 2016-05-20 10:36 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
- 2016-05-25 07:35 - 2016-05-19 20:39 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
- 2016-05-25 07:35 - 2016-05-19 20:37 - 00001291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
- 2016-05-25 07:35 - 2016-05-19 20:36 - 00001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
- 2016-05-25 07:35 - 2016-05-19 20:35 - 00001253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
- 2016-05-25 07:35 - 2016-05-19 20:30 - 00001607 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
- 2016-05-25 07:35 - 2016-05-19 20:30 - 00001437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
- 2016-05-25 07:35 - 2016-05-19 19:36 - 00001286 _____ C:\Users\Public\Desktop\OBS Studio.lnk
- 2016-05-25 07:35 - 2016-05-17 14:13 - 00001370 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Free Audio Editor 2016.lnk
- 2016-05-25 07:35 - 2016-02-07 11:01 - 00001111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
- 2016-05-25 07:35 - 2016-01-30 16:38 - 00001289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
- 2016-05-25 07:35 - 2016-01-28 13:01 - 00001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
- 2016-05-25 07:35 - 2016-01-28 13:01 - 00001385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
- 2016-05-25 07:35 - 2016-01-26 06:00 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
- 2016-05-25 07:35 - 2015-12-18 08:17 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
- 2016-05-25 07:35 - 2015-11-12 00:31 - 00001279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
- 2016-05-25 07:35 - 2015-08-10 12:21 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
- 2016-05-25 07:35 - 2015-08-04 12:29 - 00002411 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
- 2016-05-25 07:35 - 2015-07-18 16:07 - 00002955 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HitLeap Viewer.lnk
- 2016-05-25 07:35 - 2014-08-27 02:10 - 00002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - hp.lnk
- 2016-05-25 07:31 - 2015-10-30 05:02 - 00000000 ____D C:\WINDOWS\DigitalLocker
- 2016-05-23 23:54 - 2015-07-28 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
- ==================== Files in the root of some directories =======
- 2016-06-21 12:35 - 2016-06-21 12:35 - 0000068 ___SH () C:\Users\Admin\AppData\Roaming\.Identifier
- 2016-05-19 22:00 - 2016-06-21 13:54 - 0000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe PNG Format CS6 Prefs
- 2016-05-29 12:51 - 2016-05-29 12:51 - 5285376 _____ () C:\Users\Admin\AppData\Roaming\chromedriver221.exe
- 2016-05-29 12:51 - 2016-05-29 12:51 - 0034476 _____ () C:\Users\Admin\AppData\Roaming\disable_webrtc-1.0.6.xpi
- 2016-06-21 12:35 - 2016-06-21 12:35 - 0003584 _____ () C:\Users\Admin\AppData\Roaming\FXvPQWnzcgrfBtxz
- 2016-06-21 10:00 - 2016-06-20 13:29 - 0463376 ___SH () C:\Users\Admin\AppData\Roaming\OhUEVIATEUUP
- 2016-06-21 10:00 - 2016-06-20 13:29 - 0048549 ___SH () C:\Users\Admin\AppData\Roaming\PDRcIagNaUiFGWTVfQS
- 2016-06-21 10:00 - 2016-06-20 13:29 - 0750320 ___SH (AutoIt Team) C:\Users\Admin\AppData\Roaming\PDRcIagNaUiFGWTVfQSeN.cmd
- 2016-05-29 12:50 - 2016-05-29 12:51 - 18587648 _____ (PhantomJS) C:\Users\Admin\AppData\Roaming\PhantomJSv211.exe
- 2016-06-02 20:52 - 2016-06-02 20:52 - 0000096 _____ () C:\Users\Admin\AppData\Roaming\settings.xml
- 2016-06-20 10:41 - 2016-06-20 00:31 - 1978696 __RSH (PhotoFiltre) C:\Users\Admin\AppData\Roaming\updatevalid.exe
- 2016-06-21 12:35 - 2016-06-21 12:35 - 0086016 _____ () C:\Users\Admin\AppData\Roaming\VvKkIsaTynXg
- 2016-05-17 16:11 - 2016-06-16 09:22 - 0000155 _____ () C:\Users\Admin\AppData\Roaming\WB.CFG
- 2016-05-29 12:51 - 2016-05-29 12:51 - 0701954 _____ () C:\Users\Admin\AppData\Roaming\WebDriver.FirefoxExt2530.zip
- 2016-03-01 19:01 - 2016-03-20 14:17 - 0000600 _____ () C:\Users\Admin\AppData\Local\PUTTY.RND
- 2015-12-13 00:46 - 2015-12-13 00:18 - 0421376 _____ () C:\Users\Admin\AppData\Local\TempBustabit Predictions.exe
- 2016-06-20 10:35 - 2016-06-20 10:35 - 0001587 __RSH () C:\ProgramData\Valid Update
- Some files in TEMP:
- ====================
- C:\Users\Admin\AppData\Local\Temp\AAMHelper.exe
- C:\Users\Admin\AppData\Local\Temp\AdobeApplicationManager.exe
- C:\Users\Admin\AppData\Local\Temp\AppandoraDeviceService.exe
- C:\Users\Admin\AppData\Local\Temp\hss_update.exe
- C:\Users\Admin\AppData\Local\Temp\i4jdel0.exe
- C:\Users\Admin\AppData\Local\Temp\jansi-32-1612521951201275350.dll
- C:\Users\Admin\AppData\Local\Temp\jansi-32-775454057711301090.dll
- C:\Users\Admin\AppData\Local\Temp\jscrcap2_libNativeApi_x86.dll
- C:\Users\Admin\AppData\Local\Temp\jscrcap_libNativeApi_x86.dll
- C:\Users\Admin\AppData\Local\Temp\McCSPInstall.dll
- C:\Users\Admin\AppData\Local\Temp\mccspuninstall.exe
- C:\Users\Admin\AppData\Local\Temp\Modio Launcher.exe
- C:\Users\Admin\AppData\Local\Temp\namebench.exe
- C:\Users\Admin\AppData\Local\Temp\Protect096753e7.dll
- C:\Users\Admin\AppData\Local\Temp\python27.dll
- C:\Users\Admin\AppData\Local\Temp\RoyalViewer.exe
- C:\Users\Admin\AppData\Local\Temp\tcl85.dll
- C:\Users\Admin\AppData\Local\Temp\tk85.dll
- ==================== Bamital & volsnap =================
- (There is no automatic fix for files that do not pass verification.)
- C:\WINDOWS\system32\winlogon.exe => File is digitally signed
- C:\WINDOWS\system32\wininit.exe => File is digitally signed
- C:\WINDOWS\explorer.exe => File is digitally signed
- C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
- C:\WINDOWS\system32\svchost.exe => File is digitally signed
- C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
- C:\WINDOWS\system32\services.exe => File is digitally signed
- C:\WINDOWS\system32\User32.dll => File is digitally signed
- C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
- C:\WINDOWS\system32\userinit.exe => File is digitally signed
- C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
- C:\WINDOWS\system32\rpcss.dll => File is digitally signed
- C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
- C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
- C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
- LastRegBack: 2016-06-19 11:55
- ==================== End of FRST.txt ============================
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
- Ran by Admin (2016-06-22 14:18:58)
- Running from C:\Users\Admin\Desktop
- Windows 10 Home Version 1511 (X64) (2016-01-26 10:22:00)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Admin (S-1-5-21-1238564941-3387910719-2561191832-1001 - Administrator - Enabled) => C:\Users\Admin
- Administrator (S-1-5-21-1238564941-3387910719-2561191832-500 - Administrator - Disabled)
- DefaultAccount (S-1-5-21-1238564941-3387910719-2561191832-503 - Limited - Disabled)
- Guest (S-1-5-21-1238564941-3387910719-2561191832-501 - Limited - Disabled)
- HomeGroupUser$ (S-1-5-21-1238564941-3387910719-2561191832-1003 - Limited - Enabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- 35MM (HKLM-x32\...\35MM_is1) (Version: - )
- 4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
- 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
- 8BitBoy (HKLM\...\Steam App 296910) (Version: - AwesomeBlade)
- Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.30.1 - Mirillis)
- Active Directory Authentication Library for SQL Server (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
- Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1100.286 - Microsoft Corporation) Hidden
- Acunetix Web Vulnerability Scanner 9.5 (HKLM-x32\...\{ffec63c3-090d-45ea-afd7-eab07edb5822}_is1) (Version: 9.5 - Acunetix)
- Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
- Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
- Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
- Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
- Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
- Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
- Angry Video Game Nerd II: ASSimilation (HKLM\...\YW5ncnl2aWRlb2dhbWVuZXJkaWlhc3NpbWlsYXRpb24_is1) (Version: 1 - )
- Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - Blue Byte)
- AnyTrans (HKLM-x32\...\AnyTrans) (Version: 4.9.5.0 - iMobie Inc.)
- AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
- Appandora version 2.1.7 (HKLM-x32\...\{3BA67286-845D-46A7-9A58-FA8B7897BC34}_is1) (Version: 2.1.7 - Appandora, Inc.)
- Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
- Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
- Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
- Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
- Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
- Aspire YouTube Viewer 1.1 (HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\3d971c6241aae6be) (Version: 1.0.0.1 - Aspire YouTube Viewer 1.1)
- AutoIt v3.3.14.2 (HKLM-x32\...\AutoItv3) (Version: 3.3.14.2 - AutoIt Team)
- AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
- Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden
- Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
- AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
- Barn Yarn Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
- Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
- Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
- Bighits4U Viewer 3.0 (HKLM-x32\...\{899C05FE-0136-468A-A223-48A02ED91255}_is1) (Version: 3.0 - BigHits4U)
- BitTorrent (HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\BitTorrent) (Version: 7.9.7.42331 - BitTorrent Inc.)
- Black Chocobo (HKLM-x32\...\Black_Chocobo) (Version: - )
- Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
- Blueprint Tycoon (HKLM\...\Steam App 454060) (Version: - Endless Loop Studios)
- Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
- Build-a-lot Mysteries (x32 Version: 3.0.2.51 - WildTangent) Hidden
- Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
- Cabela's® Hunting Expeditions (HKLM-x32\...\Steam App 214210) (Version: - Fun Labs)
- Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine)
- Chromium (HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\Chromium) (Version: 46.0.2480.0 - Chromium)
- CoinCollector (HKLM-x32\...\CoinCollector 4.0) (Version: 4.0 - AutoClickBots)
- CoinCollector (x32 Version: 4.0 - AutoClickBots) Hidden
- CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\CopyTrans Suite) (Version: 4.008 - WindSolutions)
- Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
- CrossCode v0.6.1 version v0.6.1 (HKLM-x32\...\{C8117EF7-6643-4E78-B0C4-1AF9815EE832}_is1) (Version: v0.6.1 - CrossCode)
- Curse at Twilight (x32 Version: 3.0.2.51 - WildTangent) Hidden
- CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
- Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
- CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
- CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3912 - CyberLink Corp.)
- CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
- CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
- D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
- Dark Souls III (HKLM-x32\...\Dark Souls III_is1) (Version: - )
- Delicious - Emily's Wonder Wedding Premium Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
- Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version: - Eidos Montreal)
- DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
- Doorways: The Underworld (HKLM\...\Steam App 311250) (Version: - Saibot Studios)
- Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
- Dotfuscator and Analytics Community Edition 5.19.1 (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
- Ellipse (HKLM-x32\...\{CF04F1C0-75FA-4D81-A25F-423D291878C2}) (Version: 1.0.502 - MxS Elite)
- Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
- Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
- Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
- FileZilla Client 3.16.0 (HKLM-x32\...\FileZilla Client) (Version: 3.16.0 - Tim Kosse)
- FINAL FANTASY IX (HKLM-x32\...\FINAL FANTASY IX_is1) (Version: - )
- FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix)
- Fishdom 3: Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden
- Five Nights at Freddys 4 (HKLM-x32\...\Five Nights at Freddys 4_is1) (Version: - )
- Fort Defense (x32 Version: 3.0.2.51 - WildTangent) Hidden
- Free Audio Editor 2016 v9.3.3 (HKLM-x32\...\Free Audio Editor 2016_is1) (Version: - Copyright(C) 2005-2016 FAEMedia, Inc.)
- Free Mov To Mp4 Converter (HKLM-x32\...\{1AAD824F-A64E-43EB-8ADE-FFC84E3A6E8C}) (Version: 1.0.0 - convertaudiofree)
- Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
- Git version 2.8.3 (HKLM\...\Git_is1) (Version: 2.8.3 - The Git Development Community)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
- Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
- Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
- Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
- gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
- HACKNET (HKLM-x32\...\HACKNET1.0) (Version: 1.0 - SKIDROWREPACKS.com)
- HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
- Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
- HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.)
- HP Documentation (HKLM-x32\...\{DCB0919F-F0A6-4C63-800F-B6825D6C0434}) (Version: 1.1.0.0 - Hewlett-Packard)
- HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
- HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
- HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
- HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
- HP Utility Center (HKLM\...\{82E6836B-9400-4965-9FD2-46BD64D8BE41}) (Version: 2.4.7 - Hewlett-Packard Company)
- HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
- IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
- IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
- IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
- Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
- Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
- Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
- Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
- Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
- iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
- Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
- Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
- Joining Hands 2 (x32 Version: 3.0.2.51 - WildTangent) Hidden
- King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
- Lost in Reefs 2 (x32 Version: 3.0.2.51 - WildTangent) Hidden
- LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
- Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
- Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
- Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
- Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
- Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
- Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
- Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
- Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
- Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
- Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
- Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
- Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
- Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
- Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
- Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4833.1001 - Microsoft Corporation)
- Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
- Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
- Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
- Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
- Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
- Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
- Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
- Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
- Microsoft SQL Server 2016 LocalDB RC0 (HKLM\...\{9CED5D08-5664-4668-A927-CD6C60C4175D}) (Version: 13.0.1100.286 - Microsoft Corporation)
- Microsoft SQL Server 2016 Management Objects RC0 (HKLM-x32\...\{948B5F49-A57E-46B4-9F1E-145D7A9E66D7}) (Version: 13.0.1100.286 - Microsoft Corporation)
- Microsoft SQL Server 2016 Management Objects RC0 (x64) (HKLM\...\{F6F8053F-D328-4ACA-93A1-A49E495899F2}) (Version: 13.0.1100.286 - Microsoft Corporation)
- Microsoft SQL Server 2016 T-SQL Language Service RC0 (HKLM-x32\...\{1852BD30-570B-4E47-8752-461448E8E250}) (Version: 13.0.12000.52 - Microsoft Corporation)
- Microsoft SQL Server 2016 T-SQL ScriptDom RC0 (HKLM\...\{D9F55D00-A8AB-4518-A56E-D9D5E615542A}) (Version: 13.0.1100.286 - Microsoft Corporation)
- Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
- Microsoft SQL Server Data Tools - enu (14.0.60311.1) (HKLM-x32\...\{28292CA9-8D65-4E37-95A3-753EEB38F122}) (Version: 14.0.60311.1 - Microsoft Corporation)
- Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
- Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
- Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM\...\{495CC0B4-D4C3-4D87-8317-F66BA48C5552}) (Version: 13.0.1100.286 - Microsoft Corporation)
- Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM-x32\...\{3A87F9F2-D65D-4BA9-8459-E5BBE31EA64D}) (Version: 13.0.1100.286 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
- Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
- Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
- Microsoft Visual Studio Community 2015 with Update 2 (HKLM-x32\...\{04fa3a35-1f49-4510-8051-819cdc1e6e01}) (Version: 14.0.25123.0 - Microsoft Corporation)
- Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
- Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
- Midori 0.5.11 (HKLM-x32\...\Midori) (Version: 0.5.11 - Christian Dywan)
- Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
- Modio 5 (HKLM-x32\...\{3DA224A5-666B-4941-8998-2F19C6D126A5}_is1) (Version: - GameTuts)
- Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
- Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla)
- Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
- Mozilla Thunderbird 38.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 en-US)) (Version: 38.6.0 - Mozilla)
- MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
- MultiBit HD 0.1.4 (HKLM\...\6925-4794-5772-4956) (Version: 0.1.4 - Bitcoin Solutions Ltd)
- Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
- Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
- OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.14.1 - OBS Project)
- Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
- Office 15 Click-to-Run Licensing Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
- Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
- Oil Enterprise (HKLM-x32\...\Oil Enterprise_is1) (Version: - )
- Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
- OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
- Oracle VM VirtualBox 5.0.6 (HKLM\...\{D09FC154-2747-4BC8-838E-B2EC414C4F6A}) (Version: 5.0.6 - Oracle Corporation)
- Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
- Painkiller Hell and Damnation (HKLM-x32\...\Painkiller Hell and Damnation_is1) (Version: - )
- Paint The Town Red version 0.3.8 (HKLM-x32\...\{B970ADBC-DEEC-4E83-BA6F-0F694C189B0B}_is1) (Version: 0.3.8 - Paint The Town Red)
- paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
- PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
- Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
- Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
- Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
- Pokki Download Helper (HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\PokkiDownloadHelper) (Version: 1.3.1.289 - Pokki)
- Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
- PowerISO (HKLM-x32\...\PowerISO) (Version: 6.5 - Power Software Ltd)
- PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
- Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
- Prerequisites for SSDT RC0 (HKLM-x32\...\{AB72EB1C-9CF4-4274-984D-5EDA8BF37A08}) (Version: 13.0.1100.286 - Microsoft Corporation)
- Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
- Python 3.5.1 (32-bit) (HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
- Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
- Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
- Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
- Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
- Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
- Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
- Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
- Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
- Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
- Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
- Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.55 - Realtek Semiconductor Corp.)
- Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
- REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.)
- Resource Tuner 2.05 (HKLM-x32\...\Resource Tuner_is1) (Version: 2.05 - Heaventools Software)
- Ringtonesia Android Maker 3 (HKLM-x32\...\Ringtonesia Android Maker) (Version: 3 - Red Kawa)
- Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
- Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
- Roslyn Language Services - x86 (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
- RPG Maker MV (HKLM-x32\...\RPGMV_is1) (Version: 1.0.0.0 - KADOKAWA)
- RPG Tycoon (HKLM-x32\...\RPG Tycoon) (Version: - )
- RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd)
- SciTE4AutoIt3 16.306.1237.0 (HKLM-x32\...\SciTE4AutoIt3) (Version: 16.306.1237.0 - Jos van der Zande)
- Sengoku (HKLM-x32\...\Steam App 73210) (Version: - Paradox Development Studio)
- SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
- Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
- Solitaire Mystery Four Seasons (x32 Version: 3.0.2.51 - WildTangent) Hidden
- Source SDK Base 2013 Singleplayer (HKLM\...\Steam App 243730) (Version: - )
- Sparkle 2 (x32 Version: 3.0.2.51 - WildTangent) Hidden
- Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
- swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
- Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
- Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
- Team Explorer for Microsoft Visual Studio 2015 Update 2 (x32 Version: 14.95.25118 - Microsoft) Hidden
- Terramining Launcher v9.1 9.1 (HKLM-x32\...\Terramining Launcher v9.1 9.1) (Version: 9.1 - TerraminingMC)
- TerraWorld Online - Reborn v2.2.7b (HKLM-x32\...\TerraWorld Online - Reborn v2.2.7b_is1) (Version: - TerraNovita Software BVBA)
- Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
- The Music Machine (HKLM\...\Steam App 359040) (Version: - David Szymanski)
- The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
- The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
- Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
- Towns (HKLM-x32\...\Steam App 221020) (Version: - Xavi Canal, Ben Palgi)
- Tubenoia Youtube Bot 1.0 (HKLM-x32\...\Tubenoia Youtube Bot) (Version: 1.0 - Youtube Bots)
- TypeScript Power Tool (x32 Version: 1.8.9.0 - Microsoft Corporation) Hidden
- TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.31.0 - Microsoft Corporation) Hidden
- Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
- UltraViews version 1.1 (HKLM-x32\...\{5585E0A6-3A91-4FA7-A322-513A6880D5E5}_is1) (Version: 1.1 - Phantasiac)
- Undertale (HKLM-x32\...\Undertale0.1) (Version: 0.1 - UNDERTALE)
- Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
- Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
- Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
- Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
- Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
- Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
- Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
- Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
- Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
- Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
- Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
- Viking Saga (x32 Version: 3.0.2.48 - WildTangent) Hidden
- Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
- VS Update core components (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
- vs_update2notification (x32 Version: 14.0.25132 - Microsoft Corporation) Hidden
- WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
- WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
- Welcome to the Game version 1.0 (HKLM-x32\...\{F092F89F-60CD-4488-A483-35D52DF9266B}_is1) (Version: 1.0 - Welcome to the Game)
- WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
- WildTangent Games App for HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
- Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
- Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
- Wondershare Filmora(Build 7.2.0) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
- WTFast 4.1 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 4.1.0.741 - Initex & AAA Internet Publishing)
- WTFast Beta 4.0 (HKLM-x32\...\{162DC956-6167-407C-8265-4CC3B8E61B96}_is1) (Version: 4.0.1.459 - Initex & AAA Internet Publishing)
- XSplit Broadcaster (HKLM-x32\...\{E3124560-BA19-4CD5-8D79-E064AA001FA2}) (Version: 2.7.1512.2130 - SplitmediaLabs)
- Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
- YouTube Downloader App 3.00 (HKLM-x32\...\YouTube Downloader App) (Version: 3.00 - Regensoft)
- Youtube Ranking Software 2.5 (HKLM-x32\...\Youtube Ranking Software 2.5) (Version: 2.5 - blackscriptz.club)
- Youtubers Life v0.7.7 version 0.7.7 (HKLM-x32\...\{E3322F8C-310D-4067-BC6B-C1D01499DA8D}_is1) (Version: 0.7.7 - Youtubers Life v0.7.7 Full Version)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-1238564941-3387910719-2561191832-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FD8E73FEA996}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
- CustomCLSID: HKU\S-1-5-21-1238564941-3387910719-2561191832-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\FileCoAuth.exe (Microsoft Corporation)
- CustomCLSID: HKU\S-1-5-21-1238564941-3387910719-2561191832-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
- CustomCLSID: HKU\S-1-5-21-1238564941-3387910719-2561191832-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {0B6D5344-F8A3-4E9E-AB8F-F2A2F75A8C06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
- Task: {0D002C12-C180-4A73-A57F-1513CA8FC54B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
- Task: {116BD68B-ED7D-4AAD-95D1-189B151BB078} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
- Task: {136AFB39-E5AE-4430-A15C-890EDECB1341} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
- Task: {18234F52-6CF6-4496-9AFF-C4A62805563E} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-05-15] (Microsoft Corporation)
- Task: {1F3A0929-DF9C-42E6-B75A-9CBC1AF2342C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-12-18] (Hewlett-Packard)
- Task: {20EC928A-FCB8-4773-9D80-141E1E5366E1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
- Task: {305E4644-3F2C-4E28-B5DE-82E1BEBC8FDC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
- Task: {3E4F1ED6-6AB9-48A6-B677-8C0C22C5CCC0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-04-12] (Microsoft Corporation)
- Task: {4E481E84-F7F8-43BE-9CA7-B0458F9EA072} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-01-24] (Synaptics Incorporated)
- Task: {53229414-45CC-4F43-8CAC-DCB9D06FB08F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
- Task: {5A45839C-28FE-4AFC-99F1-8EE031076F60} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
- Task: {7180A89A-AA77-41EA-85DA-E2C72E7427D1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
- Task: {77D6B973-3EBF-46D2-AE0C-DA4258CAEB2B} - System32\Tasks\{728902B6-8C4C-49E4-ADF1-8209EAA15B41} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.111/en/abandoninstall?source=lightinstaller&page=tsInstall
- Task: {7B8D4760-C38C-49A0-827E-D582220D2ADC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
- Task: {7D247919-0E54-45CE-B9A3-549E9ADA1598} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
- Task: {7EF551B9-D161-4F7C-B37D-441C058F18AA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
- Task: {80239443-FCE9-4580-A2C5-506DD83E703B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
- Task: {845F555F-CA03-4052-B5F2-5AE04E9895EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
- Task: {9E7045B8-EAA9-433A-9680-CFD5D92E3C03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
- Task: {BB0C0971-8D4E-464F-90F8-908B1EF306C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
- Task: {CD0116F2-4538-4286-A97E-3B21E48C22D2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
- Task: {D14B9953-FE94-42D0-B66B-A8E8DB32F8E5} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-garall94@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
- Task: {D427C9C7-E513-4442-B924-2D11834091D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-12-18] (Hewlett-Packard)
- Task: {D7FF0173-971F-4E02-8275-74489591534A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
- Task: {E719A54F-DC1D-4391-963E-2C8E31A2B086} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
- Task: {EC2E5B95-AA24-4EC8-AD6E-2582D7672D95} - System32\Tasks\Product Updater => C:\Program Files (x86)\Free Audio Editor 2016\FFProductUpdater.exe [2016-03-10] ()
- Task: {EDDC4655-61AD-489D-A91E-15CE4FAAA601} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
- Task: {F3C577BD-1AC1-4470-A21B-F8E2E9258F72} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
- Task: {F790F25A-A96A-47C4-822C-C0F1A33CA17C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
- Task: {FCC84D7F-889A-4763-9D4D-37107C06A74A} - System32\Tasks\Valid Update => C:\ProgramData\Valid\valid_update.exe
- Task: {FCCD474B-A8F3-41E4-939A-48CC92F33486} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- ==================== Shortcuts =============================
- (The entries could be listed to be restored or removed.)
- ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Fair AdBlock App (by STANDS).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=dcnofaichneijfbkdkghmhjjbepjmble
- ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Simple EPUB Reader.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ojhbgcchcbdjdenibfmjofobklkkhofc
- ==================== Loaded Modules (Whitelisted) ==============
- 2015-10-30 03:17 - 2015-10-30 03:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
- 2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
- 2014-03-28 16:31 - 2014-03-28 16:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
- 2014-03-28 16:27 - 2014-03-28 16:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
- 2014-03-28 16:27 - 2014-03-28 16:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
- 2014-03-28 16:27 - 2014-03-28 16:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
- 2014-03-28 16:48 - 2014-03-28 16:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
- 2014-03-28 16:48 - 2014-03-28 16:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
- 2015-11-20 15:57 - 2015-11-20 15:57 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
- 2015-11-20 15:57 - 2015-11-20 15:57 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
- 2016-06-11 12:33 - 2014-05-05 11:40 - 01599008 _____ () C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 9.5\WVSScheduler.exe
- 2015-08-04 14:05 - 2016-04-19 19:26 - 00114888 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
- 2016-05-10 14:23 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
- 2016-05-10 14:23 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
- 2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
- 2016-05-09 17:03 - 2016-05-09 17:03 - 00959176 _____ () C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64\ClientTelemetry.dll
- 2015-11-01 14:12 - 2015-09-01 12:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
- 2016-05-08 17:32 - 2016-05-09 05:36 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
- 2016-01-26 08:23 - 2016-01-26 08:23 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
- 2016-05-10 14:17 - 2016-04-23 00:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
- 2014-03-28 16:36 - 2014-03-28 16:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
- 2016-06-14 17:02 - 2016-05-27 23:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
- 2016-06-14 17:02 - 2016-05-27 23:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
- 2016-06-14 17:03 - 2016-05-27 23:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
- 2016-06-14 17:03 - 2016-05-27 23:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
- 2016-05-08 17:32 - 2016-05-09 05:36 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
- 2016-05-17 13:55 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
- 2016-05-17 13:55 - 2014-09-11 18:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
- 2016-06-18 11:55 - 2016-06-15 05:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
- 2016-06-18 11:55 - 2016-06-15 05:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
- 2014-08-27 02:20 - 2014-02-21 00:13 - 00866056 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
- 2014-08-27 02:09 - 2014-03-12 02:34 - 00866056 _____ () C:\Program Files (x86)\CyberLink\YouCam\subsys\BigBang\Runtime\UNO.dll
- 2014-08-27 02:09 - 2011-08-23 22:39 - 00081920 _____ () C:\Program Files (x86)\CyberLink\YouCam\koan\_ctypes.pyd
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- AlternateDataStreams: C:\Program Files (x86)\CoinCollector:{6D004E00-7700-3000-5300-4E0036005000} [664]
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
- ==================== Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
- IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
- IE trusted site: HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\localhost -> localhost
- IE trusted site: HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\webcompanion.com -> hxxp://webcompanion.com
- ==================== Hosts content: ==========================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2013-08-22 09:25 - 2016-06-09 19:53 - 00001517 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
- 0.0.0.0 keystone.mwbsys.com
- 0.0.0.0 lmlicenses.wip4.adobe.com
- 0.0.0.0 lm.licenses.adobe.com
- 0.0.0.0 na1r.services.adobe.com
- 0.0.0.0 hlrcv.stage.adobe.com
- 0.0.0.0 practivate.adobe.com
- 0.0.0.0 activate.adobe.com
- 0.0.0.0 platform.wondershare.com
- 128.199.121.125 akisaadp.com
- 128.199.121.125 onhax.net
- 127.0.0.2 www.onhax.net
- 128.199.121.125 do2dear.net
- 128.199.121.125 cloudanna.com
- 128.199.121.125 www.fullstuff.net
- 128.199.121.125 www.masterkreatif.com
- 128.199.121.125 keyscity.net
- 128.199.121.125 piratecity.net
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
- DNS Servers: 4.4.4.4 - 8.8.8.8
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: )
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (Currently there is no automatic fix for this section.)
- HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
- HKLM\...\StartupApproved\Run: => "iTunesHelper"
- HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
- HKLM\...\StartupApproved\Run32: => "Appandora device service"
- HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
- HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
- HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
- HKLM\...\StartupApproved\Run32: => "SwitchBoard"
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\StartupApproved\Run: => "GoogleDriveSync"
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\StartupApproved\Run: => "OneDrive"
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\StartupApproved\Run: => "EADM"
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\StartupApproved\Run: => "Skype"
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\StartupApproved\Run: => "Speech Recognition"
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\StartupApproved\Run: => "Steam"
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\StartupApproved\Run: => "YTMaxViewer"
- HKU\S-1-5-21-1238564941-3387910719-2561191832-1001\...\StartupApproved\Run: => "WTFast Tray"
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
- FirewallRules: [{E86AB2FF-BC22-4EB6-B86A-D6494CAF5E72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{58F99FB3-C0FC-4942-9066-245F51B4A171}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{36F65C63-343C-4FD9-BE07-31CE0D5D288C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 2070\Anno5.exe
- FirewallRules: [{B2549456-BB8F-4230-A7D4-A57CABE0E936}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 2070\Anno5.exe
- FirewallRules: [{A6BE4400-547A-43B9-9AD1-829AD387DF7B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
- FirewallRules: [{CE821EEB-5334-4AE7-BE8D-A72950457BD5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
- FirewallRules: [{FD6FB4EB-6DBF-4834-A76C-FE1E0574DE7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 2070\Anno5.exe
- FirewallRules: [{DF579865-9B73-4DFF-9C2A-E5BD34EABB7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 2070\Anno5.exe
- FirewallRules: [{959F5662-B80E-4176-A1E8-F3575ECAB7D8}] => (Allow) C:\Users\Admin\AppData\Roaming\BitTorrent\BitTorrent.exe
- FirewallRules: [{77DAB400-C0E8-4824-8622-0CFED01E6284}] => (Allow) C:\Users\Admin\AppData\Roaming\BitTorrent\BitTorrent.exe
- FirewallRules: [{07C004B2-0CAB-4A3A-A4C5-C4C90DB7689A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
- FirewallRules: [{879BC065-09F4-4B60-8C42-BF3F2435532B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{CA5FE0B4-A9A7-4B47-9151-33D022309111}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{709A9554-A24D-442F-897A-89227C00AE15}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{6979FA5C-8B97-4643-AACB-5EA6CEA964E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{1208B88B-09B0-42D4-8657-2FDCC593F7AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{AF69C02E-12AB-47C5-8C38-DBF57C632ADE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{70DF53FB-F3B8-4247-B1A7-D18948576264}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
- FirewallRules: [{9BB45DE5-DCCD-416F-BAE0-51844FA402BA}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
- FirewallRules: [{CC066C39-9577-4A2E-BE6F-CC862E0F64BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex - Human Revolution\dxhr.exe
- FirewallRules: [{00F4B004-8182-472C-848D-1C3A796E69C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex - Human Revolution\dxhr.exe
- FirewallRules: [{5B7FBB7A-FD29-446D-8FA5-3B6F804E03ED}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
- FirewallRules: [{98D737CB-4B6A-47BE-9B73-A0123F1147A9}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
- FirewallRules: [{CB6E9360-495A-4FD3-B696-69441E54DC76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sengoku\Sengoku.exe
- FirewallRules: [{ECBD4475-977C-44FA-80F8-4CC6427DB4FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sengoku\Sengoku.exe
- FirewallRules: [{85889F48-BE2B-40F1-A272-0B38293D3531}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
- FirewallRules: [{5B4B9B1E-18FC-41A0-B4E4-07C5A2D5A2A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
- FirewallRules: [{B4E49E6D-8572-4490-A552-716D202A21A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\towns\Towns.exe
- FirewallRules: [{33259285-17AA-40EC-A9E5-6D78A9E93FEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\towns\Towns.exe
- FirewallRules: [{CD4DFCB2-4BA1-452A-B0E9-6A8107B34F46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
- FirewallRules: [{486FBB92-35E6-4051-8BAC-52E544368324}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
- FirewallRules: [{1DD496C0-9BE9-47D6-AE07-0FB53163583A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
- FirewallRules: [{3A72C920-DD16-4582-B99D-B82E5274DE82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
- FirewallRules: [{A8A9C0C0-F46B-4ACC-AC2B-3A4A34F21925}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe
- FirewallRules: [{DBBA195D-CFFF-4167-9B85-60D8510F168F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe
- FirewallRules: [{C77DCBFD-A292-4980-930D-71CB76EF77CF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- FirewallRules: [{701E6C59-E293-4EE4-8D9B-DD585D0C5084}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- FirewallRules: [{2268464B-03E3-4EA0-91CC-37DCC0C9E01A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{8D47F38A-CC9E-42A9-96F3-E56987C2F18C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{7036689C-6060-44EB-BF2C-4CA92BD9A374}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{BA25EF87-8925-41A8-9426-53478CE5A55C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{6051A6CE-80EF-424B-AD1E-CE4B056475CD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
- FirewallRules: [{913E35AC-9829-4FE0-935C-B43179894848}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{838CA221-8E45-40B0-ABE5-7FE3EBA22EB7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{F9A21635-3372-45C0-B662-BCB5D2615A1C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{ABFFD67C-62F3-426C-A82D-C8E3631E1EEB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{C370D876-BD6A-4435-ADB0-9C1B453F3330}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
- FirewallRules: [{5D9473FD-3134-438B-B75F-ED0D9DB76CBF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
- FirewallRules: [{0DD8DF4B-A7B7-4F53-B6A3-31A9A94F235A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
- FirewallRules: [{9E422C68-58D1-42CD-B4AD-F619F1AC1161}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
- FirewallRules: [{4A812EFB-D65B-441A-B568-F5EB9D4EEFD0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
- FirewallRules: [{29F0E393-E0E5-4838-A621-67D9C4B2C468}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
- FirewallRules: [{3A826C1D-A081-4E96-8E8E-766F1682A262}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
- FirewallRules: [{3C3A243B-B959-495F-BD72-289076206F57}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
- FirewallRules: [{CB527F91-79D8-4736-9D0F-2EC20AB50FB3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
- FirewallRules: [{DCB096BE-6606-41E7-B1CF-0F062E1A1643}] => (Allow) LPort=2869
- FirewallRules: [{33FA0B91-F64F-4EA5-8D70-C85AAAB4FF43}] => (Allow) LPort=1900
- FirewallRules: [{C84613E4-2E26-4364-A86A-6E540990052E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [TCP Query User{CD771943-2FA8-44A0-B6EC-4F6F31A502C9}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe
- FirewallRules: [UDP Query User{9881EC44-493F-43DB-8EA4-F201E705C31E}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe
- FirewallRules: [{628E8527-BD1D-4264-8C76-3B5912308C60}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
- FirewallRules: [{C08DA943-B695-43DE-8C54-AA147814FFA7}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
- FirewallRules: [{85818CD5-9661-433B-9195-B25E6C3000EF}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
- FirewallRules: [TCP Query User{8DBDDFBC-E658-4900-9B8D-C1005C09F871}C:\program files (x86)\java\jre1.8.0_71\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_71\bin\java.exe
- FirewallRules: [UDP Query User{1AB5B997-DA86-4E9F-B991-4EC1A9959B52}C:\program files (x86)\java\jre1.8.0_71\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_71\bin\java.exe
- FirewallRules: [{FBC05A6B-2C4E-4452-96AC-9C92795024B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2013 Singleplayer\hl2.exe
- FirewallRules: [{EE0BFCD7-8435-4D97-8956-0466E94CE6C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2013 Singleplayer\hl2.exe
- FirewallRules: [TCP Query User{A67801F6-8F1C-4EFA-B022-64B7C60D0ED6}C:\youtuberslife\youtuberslife.exe] => (Allow) C:\youtuberslife\youtuberslife.exe
- FirewallRules: [UDP Query User{A81392B4-EA5E-42F3-8185-3F491DBBA903}C:\youtuberslife\youtuberslife.exe] => (Allow) C:\youtuberslife\youtuberslife.exe
- FirewallRules: [{3AE57B43-4B4D-4E1F-9DDF-C1A7737567DC}] => (Block) %ProgramFiles%\Sony\Vegas Pro 13.0\vegas130.exe
- FirewallRules: [TCP Query User{0FD48501-3335-46B4-8D79-843D886C59FE}C:\program files (x86)\wtfast beta\wtfast.exe] => (Allow) C:\program files (x86)\wtfast beta\wtfast.exe
- FirewallRules: [UDP Query User{50B0266F-EE24-46F1-8A0C-911D9194F59E}C:\program files (x86)\wtfast beta\wtfast.exe] => (Allow) C:\program files (x86)\wtfast beta\wtfast.exe
- FirewallRules: [{880D6E0C-1DC3-424A-8DA7-D2DFCE41C139}] => (Allow) C:\Program Files (x86)\WTFast\WTFast.exe
- FirewallRules: [TCP Query User{DB26C4DA-1B68-4F37-ADB4-0314417FB254}C:\users\admin\desktop\chkn.v0.1.01\chkn.v0.1.01\chkn.exe] => (Allow) C:\users\admin\desktop\chkn.v0.1.01\chkn.v0.1.01\chkn.exe
- FirewallRules: [UDP Query User{1CBF9675-E348-445F-8106-E1D98DF58AF6}C:\users\admin\desktop\chkn.v0.1.01\chkn.v0.1.01\chkn.exe] => (Allow) C:\users\admin\desktop\chkn.v0.1.01\chkn.v0.1.01\chkn.exe
- FirewallRules: [{020F273E-F0F9-4336-85DA-5261BA4A3A12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blueprint Tycoon\BlueprintTycoon.exe
- FirewallRules: [{AAA5534A-6A9F-4023-A1D8-6AD3C79C2738}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blueprint Tycoon\BlueprintTycoon.exe
- FirewallRules: [{9A8E3E07-D070-4E84-9784-CDE9087CE56B}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
- FirewallRules: [{5089D47E-F8E7-48F8-91E0-FF8D8D53513C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{CB46A353-71E1-4EDC-9615-E89C91DBF538}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{EDAF3679-B801-43E1-9951-E1A9DDD3577B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doorways The Underworld\Doorways.exe
- FirewallRules: [{30B3E392-E41B-4C94-8192-64C60D3B83BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doorways The Underworld\Doorways.exe
- FirewallRules: [TCP Query User{D12C4D99-3FD1-4A44-AB37-6538421A4F55}C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe
- FirewallRules: [UDP Query User{E69289F6-BA50-4DE2-9AC0-AF62652C3428}C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe
- FirewallRules: [{5ACD0526-2E87-4A30-A77B-E51A9508DF39}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
- FirewallRules: [{02C792FE-96C9-499E-A159-9919E32C1CF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Music Machine\The Music Machine.exe
- FirewallRules: [{F3E1A417-B0B3-458C-A020-5CF929CF303D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Music Machine\The Music Machine.exe
- FirewallRules: [{CAE0F453-9EE2-402D-8FE0-5A86DB0841C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitBoy\8bitboy.exe
- FirewallRules: [{5DC4E8F8-E2DC-4C19-B226-57B5163973E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitBoy\8bitboy.exe
- FirewallRules: [{914B2FF7-12BC-4570-96AA-E2A4CD72A167}] => (Allow) C:\Users\Admin\AppData\Local\Chromium\Application\chrome.exe
- FirewallRules: [{9FFE24B9-5673-4245-8DB5-A2C543E42D40}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
- FirewallRules: [{C49B041A-7B98-4796-90ED-5835BED44BDB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- ==================== Restore Points =========================
- 10-06-2016 22:17:44 Microsoft Visual Studio Community 2015 with Update 2
- 14-06-2016 17:37:54 Windows Update
- 21-06-2016 17:39:25 Windows Update
- ==================== Faulty Device Manager Devices =============
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (06/22/2016 02:07:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: Task Scheduling Error: m->NextScheduledSPRetry 9777578
- Error: (06/22/2016 02:07:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: Task Scheduling Error: m->NextScheduledEvent 9777578
- Error: (06/22/2016 02:07:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: Task Scheduling Error: Continuously busy for more than a second
- Error: (06/22/2016 11:24:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: Task Scheduling Error: m->NextScheduledSPRetry 5687
- Error: (06/22/2016 11:24:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: Task Scheduling Error: m->NextScheduledEvent 5687
- Error: (06/22/2016 11:24:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: Task Scheduling Error: Continuously busy for more than a second
- Error: (06/22/2016 11:24:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: Task Scheduling Error: m->NextScheduledSPRetry 1609
- Error: (06/22/2016 11:24:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: Task Scheduling Error: m->NextScheduledEvent 1609
- Error: (06/22/2016 11:24:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: Task Scheduling Error: Continuously busy for more than a second
- Error: (06/22/2016 09:14:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
- Description: Task Scheduling Error: m->NextScheduledSPRetry 1218
- System errors:
- =============
- Error: (06/22/2016 02:15:27 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
- Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
- Error: (06/22/2016 02:11:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
- Description: WLAN Extensibility Module has failed to start.
- Module Path: C:\WINDOWS\system32\Rtlihvs.dll
- Error Code: 126
- Error: (06/22/2016 02:09:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The User Data Access_a3f5e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
- Error: (06/22/2016 02:09:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The User Data Storage_a3f5e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
- Error: (06/22/2016 02:09:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Contact Data_a3f5e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
- Error: (06/22/2016 02:09:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Sync Host_a3f5e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
- Error: (06/22/2016 02:09:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
- Error: (06/22/2016 11:24:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
- Error: (06/22/2016 09:14:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
- Error: (06/21/2016 09:31:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
- CodeIntegrity:
- ===================================
- Date: 2016-06-21 19:09:19.281
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-06-19 21:56:59.788
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-06-19 21:56:27.799
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-06-17 20:38:31.452
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-06-17 20:38:07.580
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-06-16 19:43:15.298
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-06-16 10:43:10.318
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-06-15 19:09:26.979
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-06-15 19:09:14.713
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- Date: 2016-06-14 08:41:26.911
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
- ==================== Memory info ===========================
- Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
- Percentage of memory in use: 50%
- Total physical RAM: 3986.96 MB
- Available physical RAM: 1972.7 MB
- Total Virtual: 6418.96 MB
- Available Virtual: 4247.7 MB
- ==================== Drives ================================
- Drive c: (Windows) (Fixed) (Total:435.05 GB) (Free:80.64 GB) NTFS
- Drive d: (RECOVERY) (Fixed) (Total:21.06 GB) (Free:2.11 GB) NTFS ==>[system with boot components (obtained from drive)]
- Drive f: (One Way Flight) (CDROM) (Total:1.44 GB) (Free:0 GB) UDF
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (Size: 465.8 GB) (Disk ID: 159542BB)
- Partition: GPT.
- ==================== End of Addition.txt ============================
Add Comment
Please, Sign In to add comment