FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2016
Ran by DERELiCT (administrator) on DESKTOP-915RKMO (06-12-2016 11:19:04)

Running from E:\Stiahnut Sbory\Virus Cleaner
Loaded Profiles: DERELiCT (Available Profiles: DERELiCT)
Platform: Windows 10 Pro Version 1607 (X64) Language: Sloven ina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335
081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file wi
ll not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminSer
vice.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRu
n\OfficeClickToRun.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.ex
e
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVD
isplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter
\SamsungRapidApp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAS
torIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAS
torDataMgrSvc.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to d
efault or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Tech
nology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStar
tMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFil
ter\SamsungRapidApp.exe [123800 2016-11-18] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [91
83232 2016-11-29] (Realtek Semiconductor)
HKLM\...\Run: [ZAM] => E:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [139158
88 2016-11-24] (Zemana Ltd.)
HKU\S-1-5-21-1946667366-4261309416-1815579214-1001\...\Policies\Explorer: [NoLow
DiskSpaceChecks] 1
HKU\S-1-5-21-1946667366-4261309416-1815579214-1001\...\MountPoints2: {45ac413d-7
e3e-11e6-8d5c-a82dfa4fd2af} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1946667366-4261309416-1815579214-1001\Control Panel\Desktop\\SCRNSA
VE.EXE -> C:\Windows\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corpor

ation)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C
5-64A52A78855D} => E:\Program Files (x86)\Internet Download Manager\IDMShellExt6
4.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A5
24} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F36062
82} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F
30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA
5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF2
0E} => No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961D
E2C8A0ED} => No File
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25
-CAADC86A215D} => No File
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88
D47B7} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F22
74A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3
606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D
2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA
96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCC
AEF20E} => No File
BootExecute: autocheck autochk *
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be remo
ved or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{acc41c1f-dcc4-4ba9-bf12-6cf0f900c5aa}: [NameServer] 8.8.8.8
,8.8.4.4
Tcpip\..\Interfaces\{acc41c1f-dcc4-4ba9-bf12-6cf0f900c5aa}: [DhcpNameServer] 192
.168.100.1
Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3
A8} -> E:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-11-3
0] (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458
C2A3A8} -> E:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-11
-30] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Pro
gram Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\O
CHelper.dll [2016-10-30] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A
9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\
Microsoft Office\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Prog
ram Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corpo
ration)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\
Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office1
6\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program File
s\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program
Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.
DLL [2016-10-30] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Fi
les\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation
)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Progra
m Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOS
B.DLL [2016-10-30] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Micr
osoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\
Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2
016-10-30] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: lj04epde.default
FF ProfilePath: C:\Users\DERELiCT\AppData\Roaming\Mozilla\Firefox\Profiles\lj04e
pde.default [2016-12-06]
FF Homepage: Mozilla\Firefox\Profiles\lj04epde.default -> www.google.sk
FF Extension: (Google Translator for Firefox) - C:\Users\DERELiCT\AppData\Roamin
g\Mozilla\Firefox\Profiles\lj04epde.default\Extensions\translator@zoli.bod.xpi [
2016-12-03]
FF Extension: (FT DeepDark) - C:\Users\DERELiCT\AppData\Roaming\Mozilla\Firefox\
Profiles\lj04epde.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [201
6-12-06]
FF Extension: (Adblock Plus) - C:\Users\DERELiCT\AppData\Roaming\Mozilla\Firefox
\Profiles\lj04epde.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016-12-03]
FF Extension: (IDM integration) - E:\Program Files (x86)\Internet Download Manag
er\idmmzcc2.xpi [2016-11-16]
FF HKU\S-1-5-21-1946667366-4261309416-1815579214-1001\...\Firefox\Extensions: [m
ozilla_cc2@internetdownloadmanager.com] - E:\Program Files (x86)\Internet Downlo
ad Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1946667366-4261309416-1815579214-1001\...\SeaMonkey\Extensions:
[mozilla_cc@internetdownloadmanager.com] - C:\Users\DERELiCT\AppData\Roaming\IDM
\idmmzcc5
FF Extension: (IDM CC) - C:\Users\DERELiCT\AppData\Roaming\IDM\idmmzcc5 [2016-12
-06] [not signed]
FF HKU\S-1-5-21-1946667366-4261309416-1815579214-1001\...\SeaMonkey\Extensions:
[mozilla_cc2@internetdownloadmanager.com] - E:\Program Files (x86)\Internet Down
load Manager\idmmzcc2.xpi
StartMenuInternet: FIREFOX.EXE - E:\Program Files\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR Profile: C:\Users\DERELiCT\AppData\Local\Google\Chrome\User Data\Default [20
16-12-06]
CHR Extension: (Prezentcie Google) - C:\Users\DERELiCT\AppData\Local\Google\Chrome
\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-17]

CHR Extension: (Dokumenty Google) - C:\Users\DERELiCT\AppData\Local\Google\Chrom
e\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-17]
CHR Extension: (Disk Google) - C:\Users\DERELiCT\AppData\Local\Google\Chrome\Use
r Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-17]
CHR Extension: (YouTube) - C:\Users\DERELiCT\AppData\Local\Google\Chrome\User Da
ta\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-17]
CHR Extension: (Adblock Plus) - C:\Users\DERELiCT\AppData\Local\Google\Chrome\Us
er Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-17]
CHR Extension: (Tabuky Google) - C:\Users\DERELiCT\AppData\Local\Google\Chrome\Use
r Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-17]
CHR Extension: (Dokumenty Google v reime offline) - C:\Users\DERELiCT\AppData\Loca
l\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2
016-11-17]
CHR Extension: (Black carbon + silver metal) - C:\Users\DERELiCT\AppData\Local\G
oogle\Chrome\User Data\Default\Extensions\lodhggoaglindpoejnjldimdlikkphph [2016
-11-17]
CHR Extension: (Platby Internetovho obchodu Chrome) - C:\Users\DERELiCT\AppData\Lo
cal\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
[2016-11-17]
CHR Extension: (Gmail) - C:\Users\DERELiCT\AppData\Local\Google\Chrome\User Data
\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-17]
CHR Extension: (Chrome Media Router) - C:\Users\DERELiCT\AppData\Local\Google\Ch
rome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-17]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - E:\Program F
iles (x86)\Internet Download Manager\IDMGCExt.crx [2016-11-30]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. T
he file will not be moved unless listed separately.)
S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.ex
e [1276216 2016-09-13] ()
S4 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [60862
32 2016-11-27] ()
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [325880 2
015-12-14] (Windows (R) Win 7 DDK provider)
S4 AxAutoMntSrv; E:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.ex
e [39376 2015-03-12] (Alcohol Soft Development Team)
S4 AxVirtualAHCISrv; E:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServi
ceEx.exe [99712 2015-12-04] (Alcohol Soft Development Team)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\Offi
ceClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2815520 2016-10-11]
(ESET)
S4 HDDC3Service; E:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3 Corporat
e\HDDC3Service.exe [332144 2016-09-13] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IA
StorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler
.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
[1136608 2016-03-10] (Malwarebytes)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mi
ni.exe [4692840 2016-08-15] (Acronis International GmbH)
S4 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBacku
pServer\mobile_backup_server.exe [7717528 2016-07-18] (Acronis International Gmb
H)
S4 mobile_backup_status_server; E:\Program Files (x86)\Acronis\TrueImageHome\mob
ile_backup_status_server.exe [1510712 2016-09-13] ()

S4 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [10529
6 2015-06-04] (MSI)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.N
vContainer\NVDisplay.Container.exe [458176 2016-11-24] (NVIDIA Corporation)
S4 PAExec; C:\WINDOWS\PAExec.exe [189112 2016-11-29] (Power Admin LLC)
S4 PDAgent; E:\Program Files\Raxco\PerfectDisk\PDAgent.exe [3162048 2016-01-13]
(Raxco Software, Inc.)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2016-07-06] ()
S3 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2016-07-06] ()
S4 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3764
472 2016-09-07] (Paramount Software UK Ltd)
R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [29080 2016-11
-18] (Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.e
xe [2889896 2016-09-28] (Microsoft Corporation)
S4 StarWindServiceAE; E:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\S
tarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S4 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagent
srv.exe [9729272 2016-08-11] ()
S4 TeamViewer; E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [1021668
8 2016-11-28] (TeamViewer GmbH)
S4 VMAuthdService; E:\Program Files (x86)\VMware\VMware Workstation\vmware-authd
.exe [97864 2016-11-11] (VMware, Inc.)
S4 VMwareHostd; E:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.ex
e [12472904 2016-11-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (M
icrosoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16]
(Microsoft Corporation)
S4 WiseBootAssistant; E:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [64
6904 2016-10-13] (WiseCleaner.com)
S4 WPSHWPBC_ASUS; C:\Program Files (x86)\ASUSTek Computer Inc\ASUS USB-N14\WPSHW
PBC.exe [318976 2015-07-08] () [File not signed]
S3 ZAMSvc; E:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13915888 2016-11-2
4] (Zemana Ltd.) [File not signed]
===================== Drivers (Whitelisted) ======================
R3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (AnvS
oft Inc.)
R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [154448 2016-07-11] (RedFox)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [154448 2016-07-11] (RedFox)
S3 CisUtMonitor; C:\WINDOWS\System32\DRIVERS\CisUtMonitor.sys [44816 2016-08-25]
(CrystalIdea Software)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [232072 2016-10-13] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [212096 2016-10-13] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-06-28] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [177792 2016-10-13] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [48768 2016-10-13] (ESET)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySof
t, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySof
t, Inc.)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [76416 2016-10-13] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [91784 2016-10-13] (ESET)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [24056 2016-01-14] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [21496 2016-01-14] ()

S3 ESETCleanersDriver; C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [18116
0 2016-08-16] (ESET)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] ()
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [375136 2016-11-27
] (Acronis International GmbH)
S3 fltsrv2227; C:\WINDOWS\system32\DRIVERS\fltsrv2227.sys [160600 2016-08-24] (A
cronis International GmbH)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2016-11-2
2] (Glarysoft Ltd)
R0 hotcore3; C:\WINDOWS\System32\DRIVERS\hotcore3.sys [34056 2014-11-17] (Parago
n Software Group)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-06-23] (REALi
X(tm))
R1 ISODrive; E:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-1
1-21] (EZB Systems, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwa
rebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-1204] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10]
(Malwarebytes Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16]
()
R3 netr28ux; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2224128 2016-07-16] (Medi
aTek Inc.)
S3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368
2012-10-26] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64
.sys [13368 2012-11-09] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3
696fe4b96482e60\nvlddmkm.sys [14182960 2016-11-25] (NVIDIA Corporation)
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [92344 2016-11-27] (Sysi
nternals - www.sysinternals.com)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplend
ence Software Projects Sp.)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realt
ek
)
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [2
72792 2016-11-18] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [11151
2 2016-11-18] (Samsung Electronics Co., Ltd.)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [196152 2016-10-13] (Duplex Secu
re Ltd)
R1 SPVDPort; C:\WINDOWS\System32\drivers\spvdbus.sys [99768 2016-11-03] ()
R2 SPVVEngine; C:\WINDOWS\system32\Drivers\spvve.sys [248760 2016-11-03] ()
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1267544 2016-11-27] (Acronis Intern
ational GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [212320 2016-11-27]
(Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [687968 2016-11-27] (Acronis Interna
tional GmbH)
S3 TrojanKillerDriver; C:\WINDOWS\System32\DRIVERS\gtkdrv.sys [17568 2016-12-01]
(Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [132120 2016-11-21] (
Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206416 2016-11-21] (O
racle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [135824 2016-09-12] (Oracle
Corporation)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331104 2016-11-27
] (Acronis International GmbH)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2016-11-11] (VMware, Inc
.)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2016-09-02] (VMware, Inc.
)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sy
s [34520 2015-07-09] (VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft
Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Micro
soft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Micro
soft Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [14800 2016-06-16] (wisecleaner.com)
S3 WiseRegNotify; C:\Windows\WiseRegNotify.sys [29616 2016-09-06] (WiseCleaner.c
om)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2016-12-06] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-12-06] (Ze
mana Ltd.)
U3 DfSdkS; no ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-06 11:14 - 2016-12-06 11:18 - 00002096
HPCleaner.txt
2016-12-06 11:10 - 2016-12-06 11:18 - 00000000
oaming\ZHP
2016-12-06 10:30 - 2016-12-06 11:19 - 00023638
2016-12-06 10:30 - 2016-12-06 11:19 - 00013064
race
2016-12-06 10:30 - 2016-12-06 10:30 - 00203680
stem32\Drivers\zamguard64.sys
2016-12-06 10:30 - 2016-12-06 10:30 - 00203680
stem32\Drivers\zam64.sys
2016-12-06 10:30 - 2016-12-06 10:30 - 00000000
ndows\Start Menu\Programs\Zemana AntiMalware
2016-12-06 10:29 - 2016-12-06 10:29 - 00000000
ocal\Zemana
2016-12-06 09:09 - 2016-12-04 13:50 - 03951128
RELiCT\Desktop\Geek Uninstaller x64.exe
2016-12-05 11:56 - 2016-12-05 11:57 - 00108364
2.2016_11.56.57_log.txt
2016-12-05 09:30 - 2016-12-06 10:37 - 00003336
ridinSoft Anti-Malware
2016-12-04 22:53 - 2016-12-05 11:24 - 00000000
oaming\qBittorrent
2016-12-04 22:53 - 2016-12-04 22:53 - 00000000
ocal\qBittorrent
_____ C:\Users\DERELiCT\Desktop\Z
____D C:\Users\DERELiCT\AppData\R
_____ C:\WINDOWS\ZAM.krnl.trace
_____ C:\WINDOWS\ZAM_Guard.krnl.t
_____ (Zemana Ltd.) C:\WINDOWS\sy
_____ (Zemana Ltd.) C:\WINDOWS\sy
____D C:\ProgramData\Microsoft\Wi
____D C:\Users\DERELiCT\AppData\L
_____ (Geek Un nstaller) C:\Users\DE
_____ C:\TDSSKiller.3.1.0.12_05.1
_____ C:\WINDOWS\System32\Tasks\G
2016-12-04 22:52 - 2016-12-04 22:52 - 00000803

ttorrent.lnk
2016-12-04 22:30 - 2016-12-04 22:30 - 00000214
orerShellUnelevatedTask.job
2016-12-04 17:42 - 2016-12-04 17:43 - 00000000
ocal\CaptureOne
2016-12-04 17:42 - 2016-12-04 17:42 - 00000000
ocal\Phase_One
2016-12-04 17:42 - 2016-12-04 17:42 - 00000000
ocal\IsolatedStorage
2016-12-04 16:14 - 2016-12-06 11:19 - 00000000
2016-12-04 11:43 - 2016-12-04 11:43 - 00410960
E.DAT
2016-12-03 20:31 - 2016-12-03 20:46 - 00000000
ocal\Mozilla
2016-12-03 20:31 - 2016-12-03 20:31 - 00000873
ndows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-03 20:31 - 2016-12-03 20:31 - 00000000
oaming\Mozilla
2016-12-03 20:31 - 2016-12-03 20:31 - 00000000
lla Maintenance Service
2016-12-03 08:31 - 2016-12-03 08:31 - 00000000
oaming\SecuROM
2016-12-03 08:31 - 2016-12-03 08:31 - 00000000
oaming\Red Alert 3
2016-12-02 23:07 - 2016-12-03 13:51 - 00000000
oaming\Red Alert 3 Uprising
2016-12-02 23:04 - 2016-12-02 23:04 - 00000000
ndows\Start Menu\Programs\Electronic Arts
2016-12-02 23:04 - 2008-05-30 14:19 - 00511496
WINDOWS\system32\XAudio2_1.dll
2016-12-02 23:04 - 2008-05-30 14:19 - 00507400
WINDOWS\SysWOW64\XAudio2_1.dll
2016-12-02 23:04 - 2008-05-30 14:18 - 00238088
WINDOWS\SysWOW64\xactengine3_1.dll
2016-12-02 23:04 - 2008-05-30 14:18 - 00177672
WINDOWS\system32\xactengine3_1.dll
2016-12-02 23:04 - 2008-05-30 14:17 - 00068104
WINDOWS\system32\XAPOFX1_0.dll
2016-12-02 23:04 - 2008-05-30 14:17 - 00065032
WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-12-02 23:04 - 2008-05-30 14:17 - 00025608
WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-12-02 23:04 - 2008-05-30 14:16 - 00028168
WINDOWS\system32\X3DAudio1_4.dll
2016-12-02 23:04 - 2008-05-30 14:11 - 04991496
WINDOWS\system32\D3DX9_38.dll
2016-12-02 23:04 - 2008-05-30 14:11 - 03850760
WINDOWS\SysWOW64\D3DX9_38.dll
2016-12-02 23:04 - 2008-05-30 14:11 - 01941528
WINDOWS\system32\D3DCompiler_38.dll
2016-12-02 23:04 - 2008-05-30 14:11 - 01491992
WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-12-02 23:04 - 2008-05-30 14:11 - 00540688
WINDOWS\system32\d3dx10_38.dll
2016-12-02 23:04 - 2008-05-30 14:11 - 00467984
WINDOWS\SysWOW64\d3dx10_38.dll
2016-12-02 23:04 - 2008-03-05 16:04 - 00489480
WINDOWS\system32\XAudio2_0.dll
2016-12-02 23:04 - 2008-03-05 16:03 - 00479752
_____ C:\Users\Public\Desktop\qBi
_____ C:\WINDOWS\Tasks\CreateExpl
____D C:\FRST
_____ C:\WINDOWS\system32\FNTCACH
_____ C:\ProgramData\Microsoft\Wi
____D C:\Program Files (x86)\Mozi
__RHD C:\Users\DERELiCT\AppData\R
_____ (Microsoft Corporation) C:\
WINDOWS\SysWOW64\XAudio2_0.dll
2016-12-02 23:04 - 2008-03-05 16:03
2016-12-02 23:04 - 2008-03-05 16:03
2016-12-02 23:04 - 2008-03-05 16:00
2016-12-02 23:04 - 2008-03-05 16:00
2016-12-02 23:04 - 2008-03-05 15:56
WINDOWS\system32\D3DX9_37.dll
2016-12-02 23:04 - 2008-03-05 15:56
2016-12-02 23:04 - 2008-03-05 15:56
2016-12-02 23:04 - 2008-03-05 15:56
2016-12-02 23:04 - 2008-02-05 23:07
2016-12-02 23:04 - 2008-02-05 23:07
2016-12-02 23:04 - 2007-10-22 03:40
2016-12-02 23:04 - 2007-10-22 03:39
2016-12-02 23:04 - 2007-10-22 03:37
2016-12-02 23:04 - 2007-10-22 03:37
2016-12-02 23:04 - 2007-10-12 15:14
2016-12-02 23:04 - 2007-10-12 15:14
2016-12-02 23:04 - 2007-10-12 15:14
2016-12-02 23:04 - 2007-10-12 15:14
2016-12-02 23:04 - 2007-10-02 09:56
2016-12-02 23:04 - 2007-10-02 09:56
2016-12-02 23:04 - 2007-07-20 00:57
2016-12-02 23:04 - 2007-07-20 00:57
2016-12-02 23:04 - 2007-07-19 18:14
2016-12-02 23:04 - 2007-07-19 18:14
2016-12-02 23:04 - 2007-07-19 18:14
2016-12-02 23:04 - 2007-07-19 18:14
2016-12-02 23:04 - 2007-07-19 18:14
2016-12-02 23:04 - 2007-07-19 18:14
2016-12-02 23:04 - 2007-06-20 20:49
2016-12-02 23:04 - 2007-06-20 20:46
- 00238088 _____ (Microsoft Corporation) C:\

2016-12-02 23:04 - 2007-05-16 16:45
2016-12-02 23:04 - 2007-05-16 16:45
2016-12-02 23:04 - 2007-05-16 16:45
2016-12-02 23:04 - 2007-05-16 16:45
2016-12-02 23:04 - 2007-05-16 16:45
2016-12-02 23:04 - 2007-05-16 16:45
2016-12-02 23:04 - 2007-04-04 18:55
2016-12-02 23:04 - 2007-04-04 18:55
2016-12-02 23:04 - 2007-04-04 18:54
WINDOWS\system32\xinput1_3.dll
2016-12-02 23:04 - 2007-04-04 18:53
WINDOWS\SysWOW64\xinput1_3.dll
2016-12-02 23:04 - 2007-03-15 16:57
2016-12-02 23:04 - 2007-03-15 16:57
2016-12-02 23:04 - 2007-03-12 16:42
2016-12-02 23:04 - 2007-03-12 16:42
2016-12-02 23:04 - 2007-03-12 16:42
2016-12-02 23:04 - 2007-03-12 16:42
2016-12-02 23:04 - 2007-03-05 12:42
WINDOWS\system32\x3daudio1_1.dll
2016-12-02 23:04 - 2007-03-05 12:42
WINDOWS\SysWOW64\x3daudio1_1.dll
2016-12-02 23:04 - 2007-01-24 15:27
2016-12-02 23:04 - 2007-01-24 15:27
2016-12-02 23:04 - 2006-12-08 12:02
2016-12-02 23:04 - 2006-12-08 12:00
2016-12-02 23:04 - 2006-11-29 13:06
2016-12-02 23:04 - 2006-11-29 13:06
2016-12-02 23:04 - 2006-11-29 13:06
WINDOWS\system32\d3dx10.dll
2016-12-02 23:04 - 2006-11-29 13:06
WINDOWS\SysWOW64\d3dx10.dll
2016-12-02 23:04 - 2006-09-28 16:05
2016-12-02 23:04 - 2006-09-28 16:05
2016-12-02 23:04 - 2006-09-28 16:05
2016-12-02 23:04 - 2006-09-28 16:04

2016-12-02 23:04 - 2006-07-28 09:31
2016-12-02 23:04 - 2006-07-28 09:30
2016-12-02 23:04 - 2006-07-28 09:30
2016-12-02 23:04 - 2006-07-28 09:30
2016-12-02 23:04 - 2006-05-31 07:24
2016-12-02 23:04 - 2006-05-31 07:22
2016-12-02 23:04 - 2006-03-31 12:41
2016-12-02 23:04 - 2006-03-31 12:40
2016-12-02 23:04 - 2006-03-31 12:40
2016-12-02 23:04 - 2006-03-31 12:39
2016-12-02 23:04 - 2006-03-31 12:39
2016-12-02 23:04 - 2006-03-31 12:39
2016-12-02 23:04 - 2006-02-03 08:43
2016-12-02 23:04 - 2006-02-03 08:43
2016-12-02 23:04 - 2006-02-03 08:42
2016-12-02 23:04 - 2006-02-03 08:42
2016-12-02 23:04 - 2006-02-03 08:41
WINDOWS\system32\x3daudio1_0.dll
2016-12-02 23:04 - 2006-02-03 08:41
WINDOWS\SysWOW64\x3daudio1_0.dll
2016-12-02 23:04 - 2005-12-05 18:09
2016-12-02 23:04 - 2005-12-05 18:09
2016-12-02 23:04 - 2005-07-22 19:59
2016-12-02 23:04 - 2005-07-22 19:59
2016-12-02 23:04 - 2005-05-26 15:34
2016-12-02 23:04 - 2005-05-26 15:34
2016-12-02 23:04 - 2005-03-18 17:19
2016-12-02 23:04 - 2005-03-18 17:19
2016-12-02 23:04 - 2005-02-05 19:45
2016-12-02 23:04 - 2005-02-05 19:45
2016-12-02 22:12 - 2016-12-02 22:12
oaming\NVIDIA
2016-12-01 17:28 - 2016-12-04 15:28

- 00000000 ____D C:\Users\DERELiCT\AppData\R
- 00000000 ____D C:\Users\DERELiCT\AppData\R
oaming\IDM
2016-12-01 17:28 - 2016-12-01 17:28 - 00000000 ____D C:\Users\DERELiCT\AppData\R
oaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-12-01 17:28 - 2016-12-01 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Wi
ndows\Start Menu\Programs\Internet Download Manager
2016-12-01 17:28 - 2016-12-01 17:28 - 00000000 ____D C:\ProgramData\IDM
oaming\Yamicsoft
oaming\Microsoft\Windows\Start Menu\Programs\Yamicsoft
2016-12-01 16:09 - 2016-12-01 16:09 - 00000000 ____D C:\WINDOWS\Panther
2016-11-30 21:03 - 2016-11-30 21:03 - 00001027 _____ C:\Users\DERELiCT\Desktop\A
shampoo Burning Studio 18.lnk
2016-11-30 19:37 - 2016-11-30 19:37 - 23678464 _____ (Microsoft Corporation) C:\
WINDOWS\system32\mshtml.dll
WINDOWS\system32\edgehtml.dll
WINDOWS\system32\shell32.dll
WINDOWS\SysWOW64\shell32.dll
WINDOWS\SysWOW64\mshtml.dll
WINDOWS\SysWOW64\edgehtml.dll
WINDOWS\system32\Windows.UI.Xaml.dll
WINDOWS\SysWOW64\Windows.UI.Xaml.dll
WINDOWS\system32\ieframe.dll
WINDOWS\SysWOW64\ieframe.dll
WINDOWS\system32\twinui.dll
WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
WINDOWS\system32\Chakra.dll
WINDOWS\system32\ntoskrnl.exe
WINDOWS\system32\BingMaps.dll
WINDOWS\system32\mos.dll
WINDOWS\SysWOW64\twinui.dll
WINDOWS\system32\windows.storage.dll
WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
WINDOWS\system32\mspaint.exe
WINDOWS\SysWOW64\mspaint.exe
WINDOWS\system32\Windows.Media.dll
WINDOWS\SysWOW64\mos.dll
WINDOWS\SysWOW64\Chakra.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 05722832 _____ (Microsoft
WINDOWS\SysWOW64\windows.storage.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 05380608 _____ (Microsoft
WINDOWS\SysWOW64\BingMaps.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 05111296 _____ (Microsoft
WINDOWS\system32\cdp.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 04749312 _____ (Microsoft
WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 04746752 _____ (Microsoft
WINDOWS\system32\jscript9.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 04708864 _____ (Microsoft
WINDOWS\system32\ExplorerFrame.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 04673304 _____ (Microsoft
WINDOWS\explorer.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 04612608 _____ (Microsoft
WINDOWS\SysWOW64\Windows.Media.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 04423680 _____ (Microsoft
WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 04311736 _____ (Microsoft
WINDOWS\SysWOW64\explorer.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 04136448 _____ (Microsoft
WINDOWS\system32\Windows.StateRepository.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 04130432 _____ (Microsoft
WINDOWS\system32\mfcore.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 03892864 _____ (Microsoft
WINDOWS\SysWOW64\mfcore.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 03777536 _____ (Microsoft
WINDOWS\system32\MFMediaEngine.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 03666432 _____ (Microsoft
WINDOWS\SysWOW64\jscript9.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 03616768 _____ (Microsoft
WINDOWS\system32\win32kfull.sys
2016-11-30 19:37 - 2016-11-30 19:37 - 03542016 _____ (Microsoft
WINDOWS\system32\actxprxy.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 03441152 _____ (Microsoft
WINDOWS\system32\MapRouter.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 03400192 _____ (Microsoft
WINDOWS\system32\SyncCenter.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 03370496 _____ (Microsoft
WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 03306496 _____ (Microsoft
WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 03196416 _____ (Microsoft
WINDOWS\SysWOW64\cdp.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02998272 _____ (Microsoft
WINDOWS\SysWOW64\win32kfull.sys
2016-11-30 19:37 - 2016-11-30 19:37 - 02953216 _____ (Microsoft
WINDOWS\system32\MapGeocoder.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02913136 _____ (Microsoft
WINDOWS\system32\combase.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02852864 _____ (Microsoft
WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02828376 _____ (Microsoft
WINDOWS\system32\d3d11.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02800128 _____ (Microsoft
WINDOWS\system32\netshell.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02716672 _____ (Microsoft
WINDOWS\system32\WsmSvc.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02688512 _____ (Microsoft
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
WINDOWS\system32\Windows.UI.Logon.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02682880
WINDOWS\SysWOW64\netshell.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02681200
omponents.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02669056
WINDOWS\system32\wininet.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02611200
WINDOWS\system32\gameux.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02510848
WINDOWS\system32\NetworkMobileSettings.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02484736
WINDOWS\SysWOW64\gameux.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02482280
WINDOWS\system32\msmpeg2vdec.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02362880
WINDOWS\SysWOW64\MapRouter.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02333184
WINDOWS\SysWOW64\WsmSvc.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02317312
WINDOWS\system32\wuaueng.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02287616
WINDOWS\system32\dwmcore.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02277248
WINDOWS\SysWOW64\d3d11.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02275840
WINDOWS\system32\AppXDeploymentServer.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02256384
WINDOWS\SysWOW64\wininet.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02213760
WINDOWS\system32\KernelBase.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02206496
WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02189152
WINDOWS\system32\Drivers\dxgkrnl.sys
2016-11-30 19:37 - 2016-11-30 19:37 - 02186896
WINDOWS\system32\hevcdecoder.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02166752
WINDOWS\SysWOW64\combase.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02109952
WINDOWS\SysWOW64\MapGeocoder.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02104320
WINDOWS\system32\wlidsvc.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02084352
WINDOWS\system32\DeviceFlows.DataModel.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02048496
omponents.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 02009600
WINDOWS\system32\SRHInproc.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01992704
WINDOWS\SysWOW64\dwmcore.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01988560
WINDOWS\system32\mfmp4srcsnk.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01969912
WINDOWS\SysWOW64\hevcdecoder.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01886344
WINDOWS\system32\ntdll.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01880576
WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01859264

_____ C:\WINDOWS\system32\CoreUIC
_____ C:\WINDOWS\SysWOW64\CoreUIC
WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01852720 _____ (Microsoft
WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01779712 _____ (Microsoft
WINDOWS\system32\urlmon.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01755136 _____ (Microsoft
WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01738048 _____ (Microsoft
WINDOWS\system32\WindowsCodecs.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01726976 _____ (Microsoft
WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01709056 _____ (Microsoft
WINDOWS\system32\UIAutomationCore.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01706488 _____ (Microsoft
WINDOWS\SysWOW64\KernelBase.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01692672 _____ (Microsoft
WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01691136 _____ (Microsoft
WINDOWS\system32\aitstatic.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 01631232 _____ (Microsoft
WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01631232 _____ (Microsoft
WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01600624 _____ (Microsoft
WINDOWS\system32\sppobjs.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01595392 _____ (Microsoft
WINDOWS\SysWOW64\urlmon.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01589760 _____ (Microsoft
WINDOWS\system32\msdtctm.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01576448 _____ (Microsoft
WINDOWS\SysWOW64\actxprxy.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01572768 _____ (Microsoft
WINDOWS\SysWOW64\ntdll.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01556480 _____ (Microsoft
WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01513472 _____ (Microsoft
WINDOWS\system32\win32kbase.sys
2016-11-30 19:37 - 2016-11-30 19:37 - 01503032 _____ (Microsoft
WINDOWS\SysWOW64\WindowsCodecs.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01490944 _____ (Microsoft
WINDOWS\system32\lsasrv.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01477632 _____ (Microsoft
WINDOWS\system32\wsecedit.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01473048 _____ (Microsoft
WINDOWS\system32\mfplat.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01430720 _____ (Microsoft
WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01418312 _____ (Microsoft
WINDOWS\system32\msctf.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01366016 _____ (Microsoft
WINDOWS\system32\wpncore.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01359360 _____ (Microsoft
WINDOWS\system32\usercpl.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01357824 _____ (Microsoft
WINDOWS\SysWOW64\UIAutomationCore.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01336320 _____ (Microsoft
WINDOWS\SysWOW64\wsecedit.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01293152 _____ (Microsoft
WINDOWS\system32\LicenseManager.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01274712 _____ (Microsoft
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
WINDOWS\system32\ole32.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01267512 _____ (Microsoft
WINDOWS\system32\WinTypes.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01263856 _____ (Microsoft
WINDOWS\SysWOW64\msctf.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01232384 _____ (Microsoft
WINDOWS\system32\dosvc.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01228288 _____ (Microsoft
WINDOWS\SysWOW64\usercpl.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01220096 _____ (Microsoft
WINDOWS\system32\wscui.cpl
2016-11-30 19:37 - 2016-11-30 19:37 - 01196544 _____ (Microsoft
WINDOWS\SysWOW64\wscui.cpl
2016-11-30 19:37 - 2016-11-30 19:37 - 01123912 _____ (Microsoft
WINDOWS\SysWOW64\mfplat.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01107456 _____ (Microsoft
WINDOWS\system32\aadtb.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01069720 _____ (Microsoft
WINDOWS\system32\MrmCoreR.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01062480 _____ (Microsoft
WINDOWS\system32\mfsvr.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01060864 _____ (Microsoft
WINDOWS\system32\JpMapControl.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01031680 _____ (Microsoft
WINDOWS\system32\MapsStore.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01004032 _____ (Microsoft
WINDOWS\system32\enterprisecsps.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 01002496 _____ (Microsoft
WINDOWS\system32\SRH.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00991232 _____ (Microsoft
WINDOWS\system32\comdlg32.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00981504 _____ (Microsoft
WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00967168 _____ (Microsoft
WINDOWS\system32\Drivers\bthport.sys
2016-11-30 19:37 - 2016-11-30 19:37 - 00960000 _____ (Microsoft
WINDOWS\system32\modernexecserver.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00959112 _____ (Microsoft
WINDOWS\SysWOW64\ole32.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00956416 _____ (Microsoft
WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00952416 _____ (Microsoft
WINDOWS\SysWOW64\mfsvr.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00942080 _____ (Microsoft
WINDOWS\system32\audiosrv.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00936448 _____ (Microsoft
WINDOWS\system32\NMAA.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00912896 _____ (Microsoft
WINDOWS\SysWOW64\comdlg32.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00909312 _____ (Microsoft
WINDOWS\system32\Windows.UI.Search.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00905216 _____ (Microsoft
WINDOWS\system32\MapControlCore.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00882680 _____ (Microsoft
WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00873472 _____ (Microsoft
WINDOWS\SysWOW64\aadtb.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00870912 _____ (Microsoft
WINDOWS\system32\msdtcprx.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00870400 _____ (Microsoft
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
WINDOWS\system32\mfmkvsrcsnk.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00869848 _____ (Microsoft
WINDOWS\SysWOW64\MrmCoreR.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00861024 _____ (Microsoft
WINDOWS\SysWOW64\LicenseManager.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00846560 _____ (Microsoft
WINDOWS\SysWOW64\WinTypes.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00842240 _____ (Microsoft
WINDOWS\system32\ntshrui.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00838144 _____ (Microsoft
WINDOWS\SysWOW64\JpMapControl.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00822784 _____ (Microsoft
WINDOWS\SysWOW64\Chakradiag.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00807424 _____ (Microsoft
WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00779776 _____ (Microsoft
WINDOWS\system32\cscui.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00772608 _____ (Microsoft
WINDOWS\SysWOW64\ntshrui.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00764392 _____ (Microsoft
WINDOWS\system32\CoreMessaging.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00760832 _____ (Microsoft
WINDOWS\SysWOW64\NMAA.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00748544 _____ (Microsoft
WINDOWS\system32\StoreAgent.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00746496 _____ (Microsoft
WINDOWS\SysWOW64\msdtcprx.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00743224 _____ (Microsoft
WINDOWS\system32\sppwinob.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00730112 _____ (Microsoft
WINDOWS\system32\fveapi.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00717824 _____ (Microsoft
WINDOWS\system32\LogonController.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00716800 _____ (Microsoft
WINDOWS\system32\ShareHost.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00715264 _____ (Microsoft
WINDOWS\SysWOW64\MapControlCore.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00713216 _____ (Microsoft
WINDOWS\system32\Drivers\srv2.sys
2016-11-30 19:37 - 2016-11-30 19:37 - 00711680 _____ (Microsoft
WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00691712 _____ (Microsoft
WINDOWS\system32\lsm.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00690688 _____ (Microsoft
WINDOWS\system32\ieproxy.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00673792 _____ (Microsoft
WINDOWS\system32\winlogon.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 00658264 _____ (Microsoft
WINDOWS\system32\Drivers\dxgmms2.sys
2016-11-30 19:37 - 2016-11-30 19:37 - 00657920 _____ (Microsoft
WINDOWS\system32\rasmans.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00650752 _____ (Microsoft
WINDOWS\system32\RDXService.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00641024 _____ (Microsoft
WINDOWS\system32\ngccredprov.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00637400 _____ (Microsoft
WINDOWS\system32\dxgi.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00635904 _____ (Microsoft
WINDOWS\SysWOW64\jscript9diag.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00632320 _____ (Microsoft
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
WINDOWS\system32\rasapi32.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00620544 _____ (Microsoft
WINDOWS\system32\bcastdvr.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 00615424 _____ (Microsoft
WINDOWS\system32\wpnprv.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00603488 _____ (Microsoft
WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00590960 _____ (Microsoft
WINDOWS\system32\AudioSes.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00590336 _____ (Microsoft
WINDOWS\system32\efswrt.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00587776 _____ (Microsoft
WINDOWS\system32\vpnike.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00574464 _____ (Microsoft
WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00567296 _____ (Microsoft
WINDOWS\system32\DevicePairing.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00566784 _____ (Microsoft
WINDOWS\SysWOW64\ShareHost.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00565248 _____ (Microsoft
WINDOWS\SysWOW64\rasapi32.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00560128 _____ (Microsoft
WINDOWS\system32\AppReadiness.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00557568 _____ (Microsoft
WINDOWS\SysWOW64\StoreAgent.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00545280 _____ (Microsoft
WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00539136 _____ (Microsoft
WINDOWS\system32\PlayToManager.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00534096 _____ (Microsoft
WINDOWS\system32\AudioEng.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00527880 _____ (Microsoft
WINDOWS\SysWOW64\dxgi.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00519168 _____ (Microsoft
WINDOWS\SysWOW64\ngccredprov.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00506880 _____ (Microsoft
WINDOWS\SysWOW64\DevicePairing.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00505856 _____ (Microsoft
WINDOWS\SysWOW64\bcastdvr.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 00499200 _____ (Microsoft
WINDOWS\SysWOW64\LogonController.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00495104 _____ (Microsoft
WINDOWS\system32\DataSenseHandlers.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00489472 _____ (Microsoft
WINDOWS\system32\NetSetupShim.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00484584 _____ (Microsoft
WINDOWS\SysWOW64\AudioSes.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00483840 _____ (Microsoft
WINDOWS\SysWOW64\CoreMessaging.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00455520 _____ (Microsoft
WINDOWS\system32\securekernel.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 00455168 _____ (Microsoft
WINDOWS\system32\dmenrollengine.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00454592 _____ (Microsoft
WINDOWS\system32\services.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 00446976 _____ (Microsoft
WINDOWS\system32\MapConfiguration.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00433504 _____ (Microsoft
WINDOWS\system32\Drivers\rdbss.sys
2016-11-30 19:37 - 2016-11-30 19:37 - 00431616 _____ (Microsoft
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
WINDOWS\SysWOW64\efswrt.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00425984 _____
WINDOWS\system32\aadcloudap.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00424616 _____
WINDOWS\system32\MFPlay.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00418952 _____
WINDOWS\system32\AUDIOKSE.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00411648 _____
WINDOWS\system32\cdpsvc.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00411136 _____
WINDOWS\system32\facecredentialprovider.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00410112 _____
WINDOWS\system32\AppXDeploymentClient.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00409088 _____
WINDOWS\system32\NgcCtnr.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00407552 _____
WINDOWS\system32\Windows.Internal.Management.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00401760 _____
WINDOWS\system32\Drivers\dxgmms1.sys
2016-11-30 19:37 - 2016-11-30 19:37 - 00400384 _____
WINDOWS\SysWOW64\PlayToManager.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00396800 _____
WINDOWS\system32\StorSvc.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00395264 _____
WINDOWS\SysWOW64\dmenrollengine.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00391168 _____
WINDOWS\system32\wuuhext.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00389632 _____
WINDOWS\system32\stobject.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00389632 _____
WINDOWS\system32\ActivationManager.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00388096 _____
WINDOWS\system32\zipfldr.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00382784 _____
WINDOWS\SysWOW64\AUDIOKSE.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00381952 _____
WINDOWS\system32\cryptngc.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00380928 _____
WINDOWS\system32\wincorlib.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00379392 _____
WINDOWS\system32\apprepsync.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00374448 _____
WINDOWS\SysWOW64\MFPlay.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00366080 _____
WINDOWS\system32\SearchFolder.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00366080 _____
WINDOWS\system32\RDXTaskFactory.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00364544 _____
WINDOWS\SysWOW64\NetSetupShim.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00360040 _____
WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 00359936 _____
WINDOWS\SysWOW64\mtxclu.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00358912 _____
WINDOWS\SysWOW64\stobject.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00352096 _____
WINDOWS\system32\Drivers\fastfat.sys
2016-11-30 19:37 - 2016-11-30 19:37 - 00348672 _____
WINDOWS\SysWOW64\zipfldr.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00347648 _____
(Microsoft Corporation) C:\

WINDOWS\system32\rascustom.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00339456 _____ (Microsoft Corporation)
WINDOWS\system32\cdpusersvc.dll
WINDOWS\system32\AudioEndpointBuilder.dll
WINDOWS\system32\Drivers\pci.sys
WINDOWS\SysWOW64\ActivationManager.dll
WINDOWS\SysWOW64\MapConfiguration.dll
WINDOWS\system32\Windows.Storage.ApplicationData.dll
WINDOWS\system32\domgmt.dll
WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
WINDOWS\SysWOW64\SearchFolder.dll
WINDOWS\SysWOW64\AppXDeploymentClient.dll
WINDOWS\system32\moshostcore.dll
WINDOWS\SysWOW64\ieproxy.dll
WINDOWS\system32\msdtcuiu.dll
WINDOWS\SysWOW64\Windows.Internal.Management.dll
WINDOWS\SysWOW64\wincorlib.dll
WINDOWS\SysWOW64\cryptngc.dll
WINDOWS\system32\EnterpriseAppMgmtSvc.dll
WINDOWS\SysWOW64\apprepsync.dll
WINDOWS\system32\wkssvc.dll
WINDOWS\system32\Drivers\mrxsmb10.sys
WINDOWS\system32\netplwiz.dll
WINDOWS\system32\policymanager.dll
WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
WINDOWS\system32\indexeddbserver.dll
WINDOWS\system32\InstallAgentUserBroker.exe
WINDOWS\SysWOW64\msdtcuiu.dll
WINDOWS\system32\Drivers\xboxgip.sys
WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
WINDOWS\SysWOW64\policymanager.dll
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
C:\
WINDOWS\system32\CloudExperienceHost.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00226816 _____
WINDOWS\system32\cdd.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00223584 _____
WINDOWS\system32\Drivers\mrxsmb20.sys
2016-11-30 19:37 - 2016-11-30 19:37 - 00223232 _____
WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 00219488 _____
WINDOWS\system32\Drivers\tpm.sys
2016-11-30 19:37 - 2016-11-30 19:37 - 00216576 _____
WINDOWS\system32\fveapibase.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00211968 _____
WINDOWS\system32\InstallAgent.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 00206848 _____
WINDOWS\system32\win32k.sys
2016-11-30 19:37 - 2016-11-30 19:37 - 00198856 _____
WINDOWS\system32\wscapi.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00198656 _____
WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00198656 _____
WINDOWS\system32\BcastDVRHelper.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00198144 _____
WINDOWS\system32\dpapisrv.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00187520 _____
WINDOWS\system32\CloudStorageWizard.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 00187392 _____
WINDOWS\system32\mdmregistration.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00185344 _____
WINDOWS\system32\DisplayManager.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00184832 _____
WINDOWS\system32\wscsvc.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00180224 _____
WINDOWS\SysWOW64\InstallAgent.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 00178176 _____
WINDOWS\system32\sppnp.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00176128 _____
WINDOWS\system32\apprepapi.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00172544 _____
WINDOWS\system32\DeviceEnroller.exe
2016-11-30 19:37 - 2016-11-30 19:37 - 00170496 _____
WINDOWS\system32\AppCapture.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00167848 _____
WINDOWS\SysWOW64\wscapi.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00165376 _____
WINDOWS\SysWOW64\mdmregistration.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00164352 _____
WINDOWS\system32\dialserver.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00163840 _____
WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00163752 _____
WINDOWS\system32\RTWorkQ.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00161792 _____
WINDOWS\system32\EditionUpgradeHelper.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00159744 _____
WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00159232 _____
WINDOWS\system32\wscinterop.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00158720 _____
WINDOWS\system32\VEStoreEventHandlers.dll
2016-11-30 19:37 - 2016-11-30 19:37 - 00157536 _____

WINDOWS\SysWOW64\CloudStorageWizard.exe
WINDOWS\SysWOW64\BcastDVRHelper.dll
WINDOWS\SysWOW64\RTWorkQ.dll
WINDOWS\system32\MapsBtSvc.dll
WINDOWS\SysWOW64\win32k.sys
WINDOWS\system32\dmcertinst.exe
WINDOWS\system32\EDPCleanup.exe
WINDOWS\system32\migisol.dll
WINDOWS\SysWOW64\AppCapture.dll
WINDOWS\SysWOW64\DisplayManager.dll
WINDOWS\system32\sendmail.dll
WINDOWS\system32\Drivers\partmgr.sys
WINDOWS\system32\mfaudiocnv.dll
WINDOWS\SysWOW64\apprepapi.dll
WINDOWS\system32\setupugc.exe
WINDOWS\SysWOW64\sendmail.dll
WINDOWS\system32\Windows.StateRepositoryClient.dll
WINDOWS\SysWOW64\migisol.dll
WINDOWS\SysWOW64\MapsBtSvc.dll
WINDOWS\system32\IdCtrls.dll
WINDOWS\SysWOW64\setupugc.exe
WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.d
ll
WINDOWS\system32\ReportingCSP.dll
WINDOWS\SysWOW64\wscinterop.dll
WINDOWS\system32\VPNv2CSP.dll
WINDOWS\system32\RjvMDMConfig.dll
WINDOWS\system32\DeviceReactivation.dll
WINDOWS\system32\browserbroker.dll
WINDOWS\system32\umpoext.dll
WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll

WINDOWS\SysWOW64\mfaudiocnv.dll
WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.d
ll
WINDOWS\system32\MosStorage.dll
WINDOWS\system32\NetCfgNotifyObjectHost.exe
WINDOWS\system32\moshost.dll
WINDOWS\system32\HttpsDataSource.dll
WINDOWS\system32\Windows.StateRepositoryBroker.dll
WINDOWS\SysWOW64\MosStorage.dll
WINDOWS\system32\ProvSysprep.dll
WINDOWS\system32\lpremove.exe
WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
WINDOWS\SysWOW64\xolehlp.dll
WINDOWS\system32\Windows.UI.Shell.dll
WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
WINDOWS\system32\LaunchWinApp.exe
WINDOWS\system32\Drivers\modem.sys
WINDOWS\system32\EAMProgressHandler.dll
WINDOWS\system32\CbtBackgroundManagerPolicy.dll
WINDOWS\system32\ReAgentc.exe
WINDOWS\SysWOW64\LaunchWinApp.exe
WINDOWS\SysWOW64\WSManHTTPConfig.exe
WINDOWS\system32\WSManHTTPConfig.exe
WINDOWS\SysWOW64\ReAgentc.exe
2016-11-30 19:02 - 2016-11-30 19:02 - 00000795 _____ C:\ProgramData\Microsoft\Wi
ndows\Start Menu\Programs\TeamViewer 12.lnk
2016-11-30 16:21 - 2016-10-17 16:35 - 00223464 _____ (Tonec Inc.) C:\WINDOWS\sys
tem32\Drivers\idmwfp.sys
2016-11-29 20:58 - 2016-11-29 20:58 - 00000000 ____D C:\Program Files\Realtek
2016-11-29 20:58 - 2016-11-29 09:40 - 07704405 _____ C:\WINDOWS\system32\Drivers
\RTAIODAT.DAT
2016-11-29 20:58 - 2016-11-29 09:40 - 05511680 _____ (Realtek Semiconductor Corp
.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-11-29 20:58 - 2016-11-29 09:40 - 03295064 _____ (Fortemedia Corporation) C:
\WINDOWS\system32\FMAPO64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 03283240

.) C:\WINDOWS\system32\RtkApi64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 03204096
.) C:\WINDOWS\system32\RtPgEx64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 03201376
.) C:\WINDOWS\system32\RltkAPO64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 03014144
.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-11-29 20:58 - 2016-11-29 09:40 - 02201088
.) C:\WINDOWS\system32\RCoInstII64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 02050168
WS\system32\MaxxAudioEQ64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 01360512
.) C:\WINDOWS\system32\RTCOM64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00689872
.) C:\WINDOWS\system32\RtDataProc64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00642920
C:\WINDOWS\system32\MBTHX64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00577832
C:\WINDOWS\SysWOW64\MBTHX32.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00574752
tion) C:\WINDOWS\system32\AERTAC64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00532376
\system32\SRSTSX64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00410032
C:\WINDOWS\system32\MBWrp64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00387312
C:\WINDOWS\system32\RTEEP64A.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00343704
.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00330560
WS\system32\MaxxAudioAPO20.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00321712
C:\WINDOWS\system32\RP3DHT64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00321712
C:\WINDOWS\system32\RP3DAA64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00221960
\system32\SRSTSH64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00214824
C:\WINDOWS\system32\RTEED64A.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00209528
\system32\SRSHP64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00192976
.) C:\WINDOWS\system32\RtkCfg64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00166200
\system32\SRSWOW64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00122312
DOWS\system32\CONEQMSAPOGUILibrary.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00118592
tion) C:\WINDOWS\system32\AERTAR64.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00110976
C:\WINDOWS\system32\RTEEL64A.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00088344
C:\WINDOWS\system32\RTEEG64A.dll
2016-11-29 20:58 - 2016-11-29 09:40 - 00041080
C:\WINDOWS\system32\Drivers\MBfilt64.sys
2016-11-29 20:58 - 2016-11-29 09:40 - 00023688
.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-11-29 19:47 - 2016-12-06 10:28 - 00000000
2016-11-29 19:47 - 2016-11-29 19:47 - 00000000
_____ (Realtek Semiconductor Corp

_____ (Waves Audio Ltd.) C:\WINDO
_____ (Creative Technology Ltd.)
_____ (Andrea Electronics Corpora
_____ (SRS Labs, Inc.) C:\WINDOWS
_____ (Dolby Laboratories, Inc.)
_____ (Waves Audio Ltd.) C:\WINDO
_____ (Real Sound Lab SIA) C:\WIN
_____ (Andrea Electronics Corpora
____D C:\ProgramData\NVIDIA
____D C:\ProgramData\NVIDIA Corpo
ration
2016-11-29 19:47 - 2016-11-29 19:47
anRT
2016-11-29 19:47 - 2016-11-29 19:47
IA Corporation
2016-11-29 19:47 - 2016-11-24 21:53
system32\OpenCL.dll
2016-11-29 19:47 - 2016-11-24 21:53
SysWOW64\OpenCL.dll
2016-11-29 19:47 - 2016-11-24 20:39
DOWS\system32\nvcpl.dll
2016-11-29 19:47 - 2016-11-24 20:39
DOWS\system32\nvsvc64.dll
2016-11-29 19:47 - 2016-11-24 20:39
DOWS\system32\nvsvcr.dll
2016-11-29 19:47 - 2016-11-24 20:39
DOWS\system32\nv3dappshext.dll
2016-11-29 19:47 - 2016-11-24 20:39
DOWS\system32\nvmctray.dll
2016-11-29 19:47 - 2016-11-24 20:39
DOWS\system32\nv3dappshextr.dll
2016-11-29 19:47 - 2016-11-24 20:39
DOWS\system32\nvshext.dll
2016-11-29 19:47 - 2016-11-23 13:58
c.bin
2016-11-29 19:47 - 2016-09-09 19:25
1.dll
2016-11-29 19:47 - 2016-09-09 19:25
1.dll
2016-11-29 19:47 - 2016-09-09 19:25
nfo.exe
2016-11-29 19:47 - 2016-09-09 19:24
nfo.exe
2016-11-29 19:46 - 2016-11-24 21:53
ler.dll
2016-11-29 19:46 - 2016-11-24 21:53
ler.dll
2016-11-29 19:46 - 2016-11-24 21:53
DOWS\system32\nvoglv64.dll
2016-11-29 19:46 - 2016-11-24 21:53
DOWS\SysWOW64\nvoglv32.dll
2016-11-29 19:46 - 2016-11-24 21:53
DOWS\system32\nvptxJitCompiler.dll
2016-11-29 19:46 - 2016-11-24 21:53
DOWS\system32\nvopencl.dll
2016-11-29 19:46 - 2016-11-24 21:53
DOWS\system32\nvcuda.dll
2016-11-29 19:46 - 2016-11-24 21:53
DOWS\SysWOW64\nvopencl.dll
2016-11-29 19:46 - 2016-11-24 21:53
DOWS\SysWOW64\nvptxJitCompiler.dll
2016-11-29 19:46 - 2016-11-24 21:53
DOWS\SysWOW64\nvcuda.dll
2016-11-29 19:46 - 2016-11-24 21:53
DOWS\system32\nvapi64.dll
2016-11-29 19:46 - 2016-11-24 21:53
DOWS\SysWOW64\nvapi.dll
2016-11-29 19:46 - 2016-11-24 21:53
DOWS\system32\nvcuvid.dll
2016-11-29 19:46 - 2016-11-24 21:53
- 00000000 ____D C:\Program Files (x86)\Vulk

- 00000000 ____D C:\Program Files (x86)\NVID
- 00213952 _____ (Khronos Group) C:\WINDOWS\
- 00201664 _____ (Khronos Group) C:\WINDOWS\
- 06384576 _____ (NVIDIA Corporation) C:\WIN
- 07538847 _____ C:\WINDOWS\system32\nvcopro
- 00269600 _____ C:\WINDOWS\SysWOW64\vulkan- 00261920 _____ C:\WINDOWS\system32\vulkan- 00110880 _____ C:\WINDOWS\SysWOW64\vulkani
- 00125216 _____ C:\WINDOWS\system32\vulkani
- 40123840 _____ C:\WINDOWS\system32\nvcompi
- 35224632 _____ C:\WINDOWS\SysWOW64\nvcompi
DOWS\SysWOW64\nvcuvid.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 01951680 _____
DOWS\system32\nvdispco6437609.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 01586744 _____
DOWS\system32\nvdispgenco6437609.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 01037248 _____
DOWS\system32\NvFBC64.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00975296 _____
DOWS\SysWOW64\NvFBC.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00945208 _____
DOWS\system32\NvIFR64.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00895424 _____
DOWS\SysWOW64\NvIFR.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00802584 _____
DOWS\system32\nvEncMFTH264.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00683640 _____
DOWS\system32\nvfatbinaryLoader.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00643928 _____
DOWS\SysWOW64\nvEncMFTH264.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00572888 _____
DOWS\SysWOW64\nvfatbinaryLoader.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00439864 _____
DOWS\system32\NvIFROpenGL.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00394704 _____
DOWS\system32\nvEncodeAPI64.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00388544 _____
DOWS\SysWOW64\NvIFROpenGL.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00386104 _____
DOWS\system32\nvDecMFTMjpeg.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00347072 _____
DOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00327224 _____
DOWS\SysWOW64\nvEncodeAPI.dll
2016-11-29 19:46 - 2016-11-24 21:53 - 00042296 _____
pb
2016-11-29 19:46 - 2016-11-24 21:53 - 00000669 _____
.json
2016-11-29 19:46 - 2016-11-24 21:53 - 00000669 _____
.json
2016-11-29 19:44 - 2016-11-29 19:47 - 00000000 ____D
poration
2016-11-29 19:41 - 2016-11-29 19:41 - 00000108 _____
ustorka a SKT.txt
2016-11-29 18:59 - 2016-11-29 18:59 - 00000000 ____D
oaming\Tracker Software
2016-11-29 18:58 - 2016-11-29 18:58 - 00000000 ____D
2016-11-29 18:58 - 2016-11-29 18:58 - 00000000 ____D
ftware
2016-11-29 18:58 - 2016-11-28 15:01 - 00150208 _____
(Canada) Ltd.) C:\WINDOWS\system32\pxcpm5L.dll
2016-11-29 18:53 - 2016-11-29 18:53 - 00000000 ____D
ware
2016-11-29 18:53 - 2016-11-29 18:53 - 00000000 ____D
ndows\Start Menu\Programs\PDF-XChange PDF Viewer
2016-11-29 18:51 - 2016-11-29 18:51 - 00000000 ____D
\Bandicam
2016-11-29 18:51 - 2016-11-29 18:51 - 00000000 ____D
oaming\BANDISOFT
2016-11-29 18:47 - 2016-11-29 18:47 - 00000000 ____D
iMPEG1
(NVIDIA Corporation) C:\WIN

C:\WINDOWS\system32\nvinfo.
C:\WINDOWS\SysWOW64\nv-vk32
C:\WINDOWS\system32\nv-vk64
C:\Program Files\NVIDIA Cor
C:\Users\DERELiCT\Desktop\R
C:\Users\DERELiCT\AppData\R
C:\ProgramData\FileOpen
C:\Program Files\Tracker So
(Tracker Software Products
C:\ProgramData\Tracker Soft
C:\ProgramData\Microsoft\Wi
C:\Users\DERELiCT\Documents
C:\Program Files (x86)\Band
2016-11-28 17:02 - 2016-11-28 17:02 - 00000000 ____D C:\WINDOWS\system32\RAPID

2016-11-28 17:02 - 2016-11-18 19:04 - 00272792 _____ (Samsung Electronics Co., L
td.) C:\WINDOWS\system32\Drivers\SamsungRapidDiskFltr.sys
2016-11-28 16:13 - 2016-11-28 17:01 - 00000000 ____D C:\Program Files (x86)\Sams
ung
2016-11-28 16:13 - 2016-11-28 16:17 - 00002594 _____ C:\WINDOWS\System32\Tasks\S
amsungMagician
2016-11-28 16:13 - 2016-11-28 16:13 - 00000000 ____D C:\ProgramData\Samsung
ndows\Start Menu\Programs\Samsung Magician
oaming\Acronis
2016-11-27 16:03 - 2016-11-27 16:07 - 00000000 ____D C:\Users\DERELiCT\VirtualBo
x VMs
oaming\Microsoft\Windows\Start Menu\Programs\Acronis
2016-11-27 14:53 - 2016-11-27 16:01 - 00000000 ____D C:\ProgramData\Acronis
2016-11-27 14:53 - 2016-11-27 14:53 - 01267544 _____ (Acronis International GmbH
) C:\WINDOWS\system32\Drivers\tib.sys
) C:\WINDOWS\system32\Drivers\tnd.sys
) C:\WINDOWS\system32\Drivers\file_tracker.sys
) C:\WINDOWS\system32\Drivers\snapman.sys
) C:\WINDOWS\system32\Drivers\virtual_file.sys
) C:\WINDOWS\system32\Drivers\tib_mounter.sys
) C:\WINDOWS\system32\Drivers\fltsrv.sys
ndows\Start Menu\Programs\Acronis True Image.lnk
ndows\Start Menu\Programs\Acronis
2016-11-27 14:53 - 2016-11-27 14:53 - 00000000 ____D C:\ProgramData\Acronis Mobi
le Backup Data
2016-11-27 14:53 - 2016-11-27 14:53 - 00000000 ____D C:\Program Files (x86)\Acro
nis
2016-11-27 13:37 - 2016-11-27 13:37 - 00000000 ____D C:\Users\DERELiCT\Documents
\DyingLight
ndows\Start Menu\Programs\KNIGHT
ndows\Start Menu\Programs\CDBurnerXP.lnk
oaming\Canneverbe Limited
2016-11-27 10:31 - 2016-11-27 10:31 - 00000000 ____D C:\ProgramData\Canneverbe L
imited
oaming\27973
oaming\DVDFab9
ndows\Start Menu\Programs\DVDFab 9
\DVDFab9
2016-11-22 19:43 - 2016-11-22 19:43 - 00000000 ____D C:\Program Files (x86)\ASUS
Tek Computer Inc
2016-11-22 18:00 - 2016-11-23 19:39 - 00000000 ____D C:\Users\DERELiCT\AppData\L
ocal\Elaborate Bytes
2016-11-22 15:43 - 2016-12-02 22:53 - 00000000 ____D C:\Users\DERELiCT\.VirtualB
ox
2016-11-22 15:43 - 2016-11-22 15:43 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\
system32\Drivers\GUBootStartup.sys
ndows\Start Menu\Programs\Glary Utilities 5.lnk
oaming\GlarySoft
ndows\Start Menu\Programs\Oracle VM VirtualBox
ndows\Start Menu\Programs\Glary Utilities 5
2016-11-22 15:43 - 2016-11-21 17:45 - 00933088 _____ (Oracle Corporation) C:\WIN
DOWS\system32\Drivers\VBoxDrv.sys
DOWS\system32\Drivers\VBoxUSBMon.sys
DOWS\system32\Drivers\VBoxNetLwf.sys
DOWS\system32\Drivers\VBoxNetAdp6.sys
ndows\Start Menu\Programs\PerfectDisk.lnk
2016-11-20 21:48 - 2016-11-20 21:48 - 00000000 ____D C:\ProgramData\Raxco
2016-11-20 21:48 - 2016-11-20 21:48 - 00000000 ____D C:\Program Files\Common Fil
es\Raxco
2016-11-20 16:47 - 2016-07-13 05:57 - 00002061 _____ C:\Users\DERELiCT\Desktop\W
indows Update.lnk
\ConvertXtoHD
2016-11-19 11:15 - 2016-11-22 19:31 - 00000000 ____D C:\ProgramData\VSO
oaming\VSO
\ConvertXtoVideo
2016-11-19 10:47 - 2016-11-19 10:47 - 00000862 _____ C:\Users\DERELiCT\AppData\L
ocal\recently-used.xbel
2016-11-19 10:47 - 2016-11-19 10:47 - 00000000 ____D C:\Users\DERELiCT\.thumbnai
ls
ndows\Start Menu\Programs\WinToUSB
es\DESIGNER
2016-11-18 19:04 - 2016-11-18 19:04 - 00111512 _____ (Samsung Electronics Co., L
td.) C:\WINDOWS\system32\Drivers\SamsungRapidFSFltr.sys
2016-11-18 11:10 - 2016-11-19 19:41 - 00002280 _____ C:\WINDOWS\System32\Tasks\C
CleanerSkipUAC
\My ISO Files
ndows\Start Menu\Programs\UltraISO
ndows\Start Menu\Programs\Google Chrome.lnk
ocal\Google
2016-11-17 11:55 - 2016-11-18 08:51 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpda
teTaskMachineUA.job
2016-11-17 11:55 - 2016-11-18 08:51 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpda
teTaskMachineCore.job
2016-11-17 11:55 - 2016-11-17 13:13 - 00003544 _____ C:\WINDOWS\System32\Tasks\G
oogleUpdateTaskMachineUA
2016-11-17 11:55 - 2016-11-17 13:13 - 00003320 _____ C:\WINDOWS\System32\Tasks\G
oogleUpdateTaskMachineCore
2016-11-17 11:55 - 2016-11-17 11:55 - 00000000 ____D C:\Program Files (x86)\Goog
le
oaming\Elaborate Bytes
oaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2016-11-16 10:24 - 2016-11-19 10:47 - 00000000 ____D C:\Users\DERELiCT\.gimp-2.8
ocal\paint.net
ndows\Start Menu\Programs\paint.net.lnk
ndows\Start Menu\Programs\GIMP 2.lnk
ocalLow\Mozilla
2016-11-14 11:27 - 2016-11-14 11:27 - 00000000 ____D C:\Users\Public\Documents\S
hared Virtual Machines
es\VMware
2016-11-14 11:27 - 2016-11-14 11:27 - 00000000 ____D C:\Program Files (x86)\VMwa
re
2016-11-14 11:27 - 2016-11-11 23:22 - 00400968 _____ (VMware, Inc.) C:\WINDOWS\S
ysWOW64\vmnat.exe
2016-11-14 11:27 - 2016-11-11 23:22 - 00366664 _____ (VMware, Inc.) C:\WINDOWS\S
ysWOW64\vmnetdhcp.exe
2016-11-14 11:27 - 2016-11-11 23:21 - 01148488 _____ (VMware, Inc.) C:\WINDOWS\s
ystem32\vnetlib64.dll
ystem32\Drivers\vmkbd.sys
ystem32\vnetinst.dll
ystem32\Drivers\vmnetuserif.sys
2016-11-12 12:41 - 2016-11-12 12:41 - 00000000 ____D C:\ProgramData\Codemasters
2016-11-12 12:03 - 2016-11-12 12:03 - 00000000 ____D C:\ProgramData\SoftPerfect
ndows\Start Menu\Programs\SoftPerfect RAM Disk
2016-11-12 12:03 - 2016-11-12 12:03 - 00000000 ____D C:\Program Files\SoftPerfec
t RAM Disk
\spvve.sys
\spvdbus.sys
oaming\HD Tune Pro
ndows\Start Menu\Programs\HD Tune Pro
ystem32\vmnetbridge.dll
ystem32\Drivers\vmnetbridge.sys
ystem32\Drivers\vmnetadapter.sys
2016-11-11 23:05 - 2016-11-11 23:05 - 00045632

ystem32\Drivers\vmnet.sys
2016-11-10 21:02 - 2016-11-10 21:02 - 00000000
ndows\Start Menu\Programs\CrystalDiskMark5
2016-11-09 18:02 - 2016-11-25 20:36 - 00000000
2016-11-08 19:55 - 2016-11-08 19:55 - 00000000
ndows\Start Menu\Programs\WinToHDD
2016-11-08 19:52 - 2016-11-02 13:01 - 00315744
) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-08 19:52 - 2016-11-02 12:22 - 00601712
WINDOWS\SysWOW64\oleaut32.dll
2016-11-08 19:52 - 2016-11-02 12:13 - 00773720
WINDOWS\system32\oleaut32.dll
2016-11-08 19:52 - 2016-11-02 12:12 - 02255712
WINDOWS\system32\Drivers\ntfs.sys
2016-11-08 19:52 - 2016-11-02 12:12 - 00376672
WINDOWS\system32\Drivers\clfs.sys
2016-11-08 19:52 - 2016-11-02 12:12 - 00341344
WINDOWS\SysWOW64\msv1_0.dll
2016-11-08 19:52 - 2016-11-02 12:10 - 02323728
WINDOWS\SysWOW64\d3d10warp.dll
2016-11-08 19:52 - 2016-11-02 12:09 - 02257104
WINDOWS\SysWOW64\iertutil.dll
2016-11-08 19:52 - 2016-11-02 12:08 - 00576408
WINDOWS\SysWOW64\wer.dll
2016-11-08 19:52 - 2016-11-02 12:08 - 00186424
WINDOWS\SysWOW64\weretw.dll
2016-11-08 19:52 - 2016-11-02 12:05 - 00405856
WINDOWS\system32\msv1_0.dll
2016-11-08 19:52 - 2016-11-02 12:03 - 00714592
WINDOWS\system32\Drivers\vhdmp.sys
2016-11-08 19:52 - 2016-11-02 12:02 - 00682816
WINDOWS\system32\wer.dll
2016-11-08 19:52 - 2016-11-02 12:02 - 00238056
WINDOWS\system32\weretw.dll
2016-11-08 19:52 - 2016-11-02 12:01 - 01415744
WINDOWS\SysWOW64\gdi32full.dll
2016-11-08 19:52 - 2016-11-02 12:01 - 00545936
WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-08 19:52 - 2016-11-02 11:49 - 00037376
SysWOW64\atmlib.dll
2016-11-08 19:52 - 2016-11-02 11:48 - 00081408
WINDOWS\SysWOW64\mshtmled.dll
2016-11-08 19:52 - 2016-11-02 11:46 - 00065536
WINDOWS\SysWOW64\wininetlui.dll
2016-11-08 19:52 - 2016-11-02 11:44 - 00089088
WINDOWS\SysWOW64\AuthExt.dll
2016-11-08 19:52 - 2016-11-02 11:42 - 00632832
WINDOWS\SysWOW64\sud.dll
2016-11-08 19:52 - 2016-11-02 11:42 - 00549376
WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-08 19:52 - 2016-11-02 11:40 - 00896512
WINDOWS\SysWOW64\fontext.dll
2016-11-08 19:52 - 2016-11-02 11:39 - 00465920
WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-08 19:52 - 2016-11-02 11:38 - 00760832
WINDOWS\SysWOW64\appwiz.cpl
2016-11-08 19:52 - 2016-11-02 11:37 - 00299008
WINDOWS\system32\rdpinit.exe
2016-11-08 19:52 - 2016-11-02 11:36 - 00415744
_____ (VMware, Inc.) C:\WINDOWS\s

____D C:\ProgramData\RedFox
_____ (Adobe Systems Incorporated
_____ (Adobe Systems) C:\WINDOWS\
WINDOWS\system32\rdpshell.exe
2016-11-08 19:52 - 2016-11-02 11:32 - 00040448 _____ (Microsoft
WINDOWS\system32\efsext.dll
2016-11-08 19:52 - 2016-11-02 11:31 - 00226304 _____ (Microsoft
WINDOWS\system32\WpcTok.exe
2016-11-08 19:52 - 2016-11-02 11:31 - 00115712 _____ (Microsoft
WINDOWS\system32\TSpkg.dll
2016-11-08 19:52 - 2016-11-02 11:31 - 00090624 _____ (Microsoft
WINDOWS\SysWOW64\olepro32.dll
2016-11-08 19:52 - 2016-11-02 11:30 - 00109056 _____ (Microsoft
WINDOWS\system32\dab.dll
2016-11-08 19:52 - 2016-11-02 11:29 - 07469056 _____ (Microsoft
WINDOWS\SysWOW64\mstscax.dll
2016-11-08 19:52 - 2016-11-02 11:29 - 00884224 _____ (Microsoft
WINDOWS\SysWOW64\inetcomm.dll
2016-11-08 19:52 - 2016-11-02 11:29 - 00336896 _____ (Microsoft
WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-08 19:52 - 2016-11-02 11:29 - 00296960 _____ (Microsoft
WINDOWS\system32\mfsensorgroup.dll
2016-11-08 19:52 - 2016-11-02 11:29 - 00122368 _____ (Microsoft
WINDOWS\SysWOW64\NPSM.dll
2016-11-08 19:52 - 2016-11-02 11:28 - 00566784 _____ (Microsoft
WINDOWS\system32\ActionCenterCPL.dll
2016-11-08 19:52 - 2016-11-02 11:28 - 00432128 _____ (Microsoft
WINDOWS\system32\WpAXHolder.dll
2016-11-08 19:52 - 2016-11-02 11:28 - 00411136 _____ (Microsoft
WINDOWS\system32\DeviceCenter.dll
2016-11-08 19:52 - 2016-11-02 11:28 - 00324608 _____ (Microsoft
WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-08 19:52 - 2016-11-02 11:28 - 00274432 _____ (Microsoft
WINDOWS\system32\ListSvc.dll
2016-11-08 19:52 - 2016-11-02 11:28 - 00252928 _____ (Microsoft
WINDOWS\system32\ubpm.dll
2016-11-08 19:52 - 2016-11-02 11:28 - 00240640 _____ (Microsoft
WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-08 19:52 - 2016-11-02 11:28 - 00109568 _____ (Microsoft
WINDOWS\SysWOW64\chartv.dll
2016-11-08 19:52 - 2016-11-02 11:28 - 00079360 _____ (Microsoft
WINDOWS\SysWOW64\asycfilt.dll
2016-11-08 19:52 - 2016-11-02 11:27 - 02458112 _____ (Microsoft
WINDOWS\SysWOW64\themecpl.dll
2016-11-08 19:52 - 2016-11-02 11:27 - 01388544 _____ (Microsoft
WINDOWS\system32\Windows.UI.Cred.dll
2016-11-08 19:52 - 2016-11-02 11:27 - 00631296 _____ (Microsoft
WINDOWS\system32\WlanMediaManager.dll
2016-11-08 19:52 - 2016-11-02 11:27 - 00580608 _____ (Microsoft
WINDOWS\SysWOW64\hgcpl.dll
2016-11-08 19:52 - 2016-11-02 11:27 - 00545792 _____ (Microsoft
WINDOWS\system32\timedate.cpl
2016-11-08 19:52 - 2016-11-02 11:27 - 00422400 _____ (Microsoft
WINDOWS\SysWOW64\twinapi.dll
2016-11-08 19:52 - 2016-11-02 11:26 - 02747392 _____ (Microsoft
WINDOWS\SysWOW64\rdpcore.dll
2016-11-08 19:52 - 2016-11-02 11:26 - 00579072 _____ (Microsoft
WINDOWS\system32\ddraw.dll
2016-11-08 19:52 - 2016-11-02 11:25 - 00655872 _____ (Microsoft
WINDOWS\system32\sud.dll
2016-11-08 19:52 - 2016-11-02 11:25 - 00496128 _____ (Microsoft
WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-08 19:52 - 2016-11-02 11:24 - 00940032 _____ (Microsoft
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
WINDOWS\system32\fontext.dll
2016-11-08 19:52 - 2016-11-02 11:23
WINDOWS\SysWOW64\mstsc.exe
2016-11-08 19:52 - 2016-11-02 11:23
WINDOWS\system32\Drivers\bowser.sys
2016-11-08 19:52 - 2016-11-02 11:19
WINDOWS\system32\NPSM.dll
2016-11-08 19:52 - 2016-11-02 11:19
WINDOWS\system32\chartv.dll
2016-11-08 19:52 - 2016-11-02 11:19
WINDOWS\system32\asycfilt.dll
2016-11-08 19:52 - 2016-11-02 11:18
WINDOWS\system32\WpcRefreshTask.dll
2016-11-08 19:52 - 2016-11-02 11:17
WINDOWS\system32\wwansvc.dll
2016-11-08 19:52 - 2016-11-02 11:17
WINDOWS\system32\appwiz.cpl
2016-11-08 19:52 - 2016-11-02 11:16
WINDOWS\system32\rdpcore.dll
2016-11-08 19:52 - 2016-11-02 11:16
WINDOWS\system32\themecpl.dll
2016-11-08 19:52 - 2016-11-02 11:16
WINDOWS\system32\authui.dll
2016-11-08 19:52 - 2016-11-02 11:16
WINDOWS\system32\hgcpl.dll
2016-11-08 19:52 - 2016-11-02 11:16
WINDOWS\system32\LockAppBroker.dll
2016-11-08 19:52 - 2016-11-02 11:16
WINDOWS\system32\ActionCenter.dll
2016-11-08 19:52 - 2016-11-02 11:15
WINDOWS\system32\twinapi.dll
2016-11-08 19:52 - 2016-11-02 11:13
WINDOWS\system32\MSVidCtl.dll
2016-11-08 19:52 - 2016-11-02 09:20
base.xml
2016-11-08 19:51 - 2016-11-02 12:20
) C:\WINDOWS\system32\atmfd.dll
2016-11-08 19:51 - 2016-11-02 12:15
WINDOWS\system32\winresume.efi
2016-11-08 19:51 - 2016-11-02 12:15
WINDOWS\system32\winresume.exe
2016-11-08 19:51 - 2016-11-02 12:13
WINDOWS\system32\winload.efi
2016-11-08 19:51 - 2016-11-02 12:13
WINDOWS\system32\winload.exe
2016-11-08 19:51 - 2016-11-02 12:13
WINDOWS\system32\wifitask.exe
2016-11-08 19:51 - 2016-11-02 12:08
WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-08 19:51 - 2016-11-02 12:08
WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-08 19:51 - 2016-11-02 12:04
WINDOWS\system32\d3d10warp.dll
2016-11-08 19:51 - 2016-11-02 12:04
WINDOWS\SysWOW64\comctl32.dll
2016-11-08 19:51 - 2016-11-02 12:03
WINDOWS\system32\iertutil.dll
2016-11-08 19:51 - 2016-11-02 12:02
WINDOWS\system32\NetSetupEngine.dll
2016-11-08 19:51 - 2016-11-02 12:02

- 00446896 _____ C:\WINDOWS\system32\ApnData
- 00378720 _____ (Adobe Systems Incorporated
WINDOWS\system32\NetSetupApi.dll
WINDOWS\SysWOW64\input.dll
WINDOWS\system32\rdpudd.dll
WINDOWS\system32\d3d9.dll
WINDOWS\system32\gdi32full.dll
WINDOWS\system32\fontdrvhost.exe
WINDOWS\system32\input.dll
WINDOWS\system32\Drivers\iorate.sys
WINDOWS\SysWOW64\TSpkg.dll
WINDOWS\SysWOW64\efsext.dll
WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
WINDOWS\SysWOW64\mfsensorgroup.dll
WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
WINDOWS\SysWOW64\dxtrans.dll
WINDOWS\SysWOW64\FSClient.dll
WINDOWS\SysWOW64\iepeers.dll
WINDOWS\SysWOW64\Windows.UI.Cred.dll
WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
WINDOWS\SysWOW64\ddraw.dll
WINDOWS\SysWOW64\UIAnimation.dll
WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
WINDOWS\SysWOW64\msinfo32.exe
WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-08 19:51 - 2016-11-02 11:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\
system32\atmlib.dll
WINDOWS\system32\wininetlui.dll
WINDOWS\system32\FlightSettings.dll
WINDOWS\system32\Windows.UI.BioFeedback.dll
WINDOWS\system32\PsmServiceExtHost.dll
2016-11-08 19:51 - 2016-11-02 11:30 - 00134144 _____ (Microsoft
WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-08 19:51 - 2016-11-02 11:29 - 01247232 _____ (Microsoft
WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-08 19:51 - 2016-11-02 11:29 - 00418304 _____ (Microsoft
WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-08 19:51 - 2016-11-02 11:29 - 00314880 _____ (Microsoft
WINDOWS\system32\FSClient.dll
2016-11-08 19:51 - 2016-11-02 11:29 - 00276992 _____ (Microsoft
WINDOWS\system32\dxtrans.dll
2016-11-08 19:51 - 2016-11-02 11:29 - 00139264 _____ (Microsoft
WINDOWS\system32\iepeers.dll
2016-11-08 19:51 - 2016-11-02 11:28 - 00321024 _____ (Microsoft
WINDOWS\system32\NetworkUXBroker.dll
2016-11-08 19:51 - 2016-11-02 11:28 - 00279552 _____ (Microsoft
WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-08 19:51 - 2016-11-02 11:28 - 00088576 _____ (Microsoft
WINDOWS\system32\mshtmled.dll
2016-11-08 19:51 - 2016-11-02 11:26 - 01509376 _____ (Microsoft
WINDOWS\SysWOW64\ieapfltr.dll
2016-11-08 19:51 - 2016-11-02 11:26 - 00798208 _____ (Microsoft
WINDOWS\SysWOW64\authui.dll
2016-11-08 19:51 - 2016-11-02 11:26 - 00273920 _____ (Microsoft
WINDOWS\system32\UIAnimation.dll
2016-11-08 19:51 - 2016-11-02 11:25 - 00541696 _____ (Microsoft
WINDOWS\system32\ipnathlp.dll
2016-11-08 19:51 - 2016-11-02 11:23 - 02356736 _____ (Microsoft
WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-08 19:51 - 2016-11-02 11:23 - 00199680 _____ (Microsoft
WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-08 19:51 - 2016-11-02 11:23 - 00072704 _____ (Microsoft
WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-08 19:51 - 2016-11-02 11:22 - 00369664 _____ (Microsoft
WINDOWS\system32\msinfo32.exe
2016-11-08 19:51 - 2016-11-02 11:20 - 00167936 _____ (Microsoft
WINDOWS\system32\ErrorDetails.dll
2016-11-08 19:51 - 2016-11-02 11:19 - 08075776 _____ (Microsoft
WINDOWS\system32\mstscax.dll
2016-11-08 19:51 - 2016-11-02 11:19 - 01586176 _____ (Microsoft
WINDOWS\system32\Windows.Globalization.dll
2016-11-08 19:51 - 2016-11-02 11:19 - 00805888 _____ (Microsoft
WINDOWS\system32\FrameServer.dll
2016-11-08 19:51 - 2016-11-02 11:18 - 00243712 _____ (Microsoft
WINDOWS\system32\shdocvw.dll
2016-11-08 19:51 - 2016-11-02 11:17 - 00982528 _____ (Microsoft
WINDOWS\system32\inetcomm.dll
2016-11-08 19:51 - 2016-11-02 11:16 - 04148736 _____ (Microsoft
WINDOWS\system32\rdpcorets.dll
2016-11-08 19:51 - 2016-11-02 11:16 - 01637888 _____ (Microsoft
WINDOWS\system32\ieapfltr.dll
2016-11-08 19:51 - 2016-11-02 11:16 - 00770560 _____ (Microsoft
WINDOWS\system32\bisrv.dll
2016-11-08 19:51 - 2016-11-02 11:16 - 00265728 _____ (Microsoft
WINDOWS\system32\NetSetupSvc.dll
2016-11-08 19:51 - 2016-11-02 11:15 - 01348608 _____ (Microsoft
WINDOWS\system32\wifinetworkmanager.dll
2016-11-08 19:51 - 2016-11-02 11:13 - 03299840 _____ (Microsoft
WINDOWS\system32\mstsc.exe
2016-11-08 19:51 - 2016-11-02 11:13 - 00322048 _____ (Microsoft
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
Corporation) C:\
WINDOWS\system32\GlobCollationHost.dll
2016-11-08 19:51 - 2016-11-02 10:11 - 00788624
nls
2016-11-08 19:51 - 2016-11-02 10:11 - 00788624
nls
2016-11-06 19:02 - 2016-11-06 19:02 - 01377088
2016-11-06 18:29 - 2016-11-06 18:29 - 16064712
OWS\SysWOW64\libmfxsw32.dll
_____ C:\WINDOWS\SysWOW64\locale.
_____ C:\WINDOWS\system32\locale.
_____ C:\trimcheck-0.7-win64.exe
_____ (Intel Corporation) C:\WIND
==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-06 11:10 - 2016-06-17 14:37 - 00000000 ____D
oaming\DMCache
2016-12-06 10:37 - 2016-06-16 18:32 - 00000000 ___RD
rogramy
2016-12-06 10:32 - 2016-06-16 20:53 - 04611070 _____
B.dat
2016-12-06 10:32 - 2016-06-16 20:53 - 01345142 _____
B.dat
2016-12-06 10:32 - 2016-06-16 18:24 - 09421306 _____
ingBackup.INI
2016-12-06 10:29 - 2016-08-28 17:58 - 00000000 ____D
oaming\Skype
2016-12-06 10:28 - 2016-08-02 18:58 - 00000006 ____H
2016-12-06 09:57 - 2016-07-16 07:04 - 00262144 _____
BBI
2016-12-06 09:57 - 2016-06-16 19:14 - 00000000 ____D
ocal\ClassicShell
2016-12-06 07:45 - 2016-07-16 12:47 - 00000000 ____D
2016-12-05 12:24 - 2016-09-19 11:28 - 00002650 _____
reateExplorerShellUnelevatedTask
2016-12-05 11:45 - 2016-08-02 18:53 - 00000000 ____D
udy
2016-12-05 11:11 - 2016-06-17 14:44 - 00000000 ____D
ocal\Mirillis
2016-12-05 09:39 - 2016-10-03 19:59 - 00028272 _____
\TrueSight.sys
2016-12-04 21:33 - 2016-06-16 19:40 - 00000000 ____D
ocal\CrashDumps
2016-12-04 19:50 - 2016-06-16 18:33 - 00000000 ___RD
oje Hry
2016-12-04 18:06 - 2016-06-18 10:03 - 00002679 _____
nstant System Restore Point.lnk
2016-12-04 18:06 - 2016-06-17 21:43 - 00001770 _____
urn Off PC.lnk
2016-12-04 17:51 - 2016-06-23 10:35 - 00000000 ____D
oaming\Geek Uninstaller
2016-12-04 17:39 - 2016-06-16 18:32 - 00000000 ____D
e
2016-12-04 17:35 - 2016-06-17 18:30 - 00000000 ____D
oaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-04 16:44 - 2016-09-21 07:43 - 00192216 _____
ystem32\Drivers\MBAMSwissArmy.sys
2016-12-04 16:11 - 2016-06-16 19:55 - 00000000 ____D
oaming\AIMP
2016-12-04 16:01 - 2016-09-21 08:00 - 00000000 ____D
oaming\TeamViewer
2016-12-04 12:26 - 2016-07-16 12:45 - 00000000 ____D
C:\Users\DERELiCT\Desktop\P
C:\WINDOWS\system32\perfh01
C:\WINDOWS\system32\perfc01
C:\WINDOWS\system32\PerfStr
C:\WINDOWS\Tasks\SA.DAT
C:\WINDOWS\system32\config\
C:\Users\DERELiCT\AppData\L
C:\WINDOWS\AppReadiness
C:\WINDOWS\System32\Tasks\C
C:\WINDOWS\system32\SleepSt
C:\WINDOWS\system32\Drivers
C:\Users\DERELiCT\Desktop\M
C:\Users\DERELiCT\Desktop\I
C:\Users\DERELiCT\Desktop\T
C:\ProgramData\Package Cach
(Malwarebytes) C:\WINDOWS\s
C:\WINDOWS\INF
2016-12-03 20:28 - 2016-08-02 18:55 - 00000000 ____D C:\Users\DERELiCT

2016-12-03 20:27 - 2016-08-02 18:55 - 03407872 _____ C:\Users\DERELiCT\ntuser.ba
k
2016-12-03 20:17 - 2016-06-16 18:50 - 00000000 ___HD C:\Program Files (x86)\Inst
allShield Installation Information
2016-12-03 20:14 - 2016-06-17 14:29 - 00000000 ____D C:\ProgramData\TEMP
2016-12-03 13:28 - 2016-06-16 18:32 - 00000000 ___RD C:\Users\DERELiCT\Desktop\D
okumenty
2016-12-01 20:05 - 2016-07-01 13:53 - 00001031 _____ C:\Users\DERELiCT\AppData\R
oaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2016-12-01 19:45 - 2016-10-11 18:34 - 00017568 _____ (Windows (R) Win 7 DDK prov
ider) C:\WINDOWS\system32\Drivers\gtkdrv.sys
oaming\GHISLER
oaming\Wise Care 365
oaming\WiseUpdate
2016-12-01 16:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-30 21:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReport
s
oaming\Ashampoo
oaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-11-30 21:03 - 2016-06-17 14:01 - 00000000 ____D C:\ProgramData\Ashampoo
ocal\ashampoo
2016-11-30 19:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-11-30 19:39 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-11-30 19:39 - 2016-06-16 18:20 - 00000000 __RHD C:\Users\Public\AccountPict
ures
2016-11-30 19:38 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControl
Panel
2016-11-30 19:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioP
lugIns
2016-11-30 19:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-30 19:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-30 19:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-30 19:38 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-30 19:38 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-11-30 19:38 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-11-30 19:38 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
WINDOWS\system32\enrollmentapi.dll
oaming\Anvsoft
2016-11-30 18:50 - 2016-06-16 20:00 - 00000208 _____ C:\Users\DERELiCT\AppData\R
oaming\burnaware.ini
ndows\Start Menu\Programs\BurnAware Professional
2016-11-29 20:59 - 2016-06-16 18:50 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-11-29 20:58 - 2016-08-02 18:53 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-11-29 19:47 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Help
2016-11-29 19:45 - 2016-06-17 14:00 - 00000126 ___SH C:\ProgramData\.zreglib
oaming\Wise Registry Cleaner
2016-11-29 19:42 - 2016-11-04 16:15 - 00189112 _____ (Power Admin LLC) C:\WINDOW
S\PAExec.exe
2016-11-29 19:42 - 2016-06-16 18:35 - 00000000 ___RD C:\Users\DERELiCT\Desktop\D
DU
2016-11-28 16:23 - 2016-10-16 21:12 - 00000000 ____D
oaming\Notepad++
2016-11-27 15:21 - 2016-07-06 09:09 - 00092344 ____H
rnals.com) C:\WINDOWS\system32\Drivers\PROCMON23.SYS
2016-11-27 13:34 - 2016-08-22 08:41 - 00000000 ____D
2016-11-25 20:36 - 2016-09-25 09:43 - 00000000 ____D
ndows\Start Menu\Programs\RedFox
2016-11-24 20:39 - 2016-09-07 18:21 - 00001951 _____
ery.bat
2016-11-23 21:44 - 2016-09-03 09:30 - 00000000 ____D
\The Witcher 3
2016-11-23 19:51 - 2016-09-25 09:49 - 00000000 ____D
ndows\Start Menu\Programs\Elaborate Bytes
2016-11-23 19:51 - 2016-09-25 09:49 - 00000000 ____D
tes
2016-11-22 16:11 - 2016-08-03 17:54 - 00000000 ____D
ndows\Start Menu\Programs\CPUID
2016-11-22 16:10 - 2016-06-16 20:12 - 00000000 ____D
ndows\Start Menu\Programs\HWiNFO64
2016-11-22 15:49 - 2016-06-17 15:00 - 00000000 ____D
oaming\VMware
2016-11-22 15:49 - 2016-06-17 15:00 - 00000000 ____D
ocal\VMware
2016-11-22 15:40 - 2016-08-28 17:58 - 00000000 ____D
2016-11-22 15:39 - 2016-09-11 10:49 - 00000000 ____D
ndows\Start Menu\Programs\Core Temp
2016-11-21 20:43 - 2016-07-28 10:13 - 00000000 ____D
ndows\Start Menu\Programs\Winaero Tweaker
2016-11-21 20:43 - 2016-07-28 10:13 - 00000000 ____D
eaker
2016-11-20 17:22 - 2016-09-18 18:31 - 00000000 ____D
oaming\avidemux
2016-11-19 20:08 - 2016-08-28 17:58 - 00000000 ___RD
e
2016-11-19 11:17 - 2016-10-30 18:03 - 00082816 _____
ELiCT\AppData\Roaming\pcouffin.sys
2016-11-19 11:17 - 2016-10-30 18:03 - 00007859 _____
oaming\pcouffin.cat
2016-11-19 11:17 - 2016-07-29 10:12 - 00000000 ____D
ndows\Start Menu\Programs\VSO
2016-11-19 11:15 - 2016-07-29 10:12 - 00000000 ____D
2016-11-19 09:29 - 2016-10-23 14:57 - 00000000 ____D
Office
2016-11-19 09:29 - 2016-07-16 12:47 - 00000000 ____D
6.com.microsoft
2016-11-19 09:29 - 2016-07-16 12:47 - 00000000 ____D
es\microsoft shared
2016-11-17 09:54 - 2016-06-17 14:44 - 00000000 ____D
oaming\Mirillis
2016-11-17 09:54 - 2016-06-17 14:44 - 00000000 ____D
2016-11-16 10:23 - 2016-06-16 18:35 - 00000000 ___RD
rafick Programy
2016-11-15 09:48 - 2016-06-17 14:59 - 00000000 ____D
2016-11-14 11:27 - 2016-06-16 18:49 - 07811338 _____
ingBackup.INI
2016-11-14 08:59 - 2016-06-16 18:20 - 00000000 ____D
ocal\Packages
2016-11-13 22:41 - 2016-07-16 12:47 - 00000000 ___HD
s
(Sysinternals - www.sysinte
C:\WINDOWS\SysWOW64\directx
C:\WINDOWS\NvContainerRecov
C:\Users\DERELiCT\Documents
C:\ProgramData\Elaborate By
C:\ProgramData\Skype
C:\Program Files\Winaero Tw
C:\Program Files (x86)\Skyp
(VSO Software) C:\Users\DER
C:\Program Files (x86)\vso
C:\Program Files\Microsoft
C:\ProgramData\regid.1991-0
C:\Program Files\Common Fil
C:\ProgramData\Mirillis
C:\Users\DERELiCT\Desktop\G
C:\ProgramData\VMware
C:\WINDOWS\SysWOW64\PerfStr
C:\Program Files\WindowsApp

ocal\Adobe
2016-11-12 18:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macrome
d
2016-11-12 18:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macrome
d
2016-11-12 12:41 - 2016-06-19 09:06 - 00466456 _____ (Creative Labs) C:\WINDOWS\
system32\wrap_oal.dll
2016-11-12 12:41 - 2016-06-19 09:06 - 00444952 _____ (Creative Labs) C:\WINDOWS\
SysWOW64\wrap_oal.dll
2016-11-12 12:41 - 2016-06-19 09:06 - 00122904 _____ (Portions (C) Creative Labs
Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-11-12 12:41 - 2016-06-19 09:06 - 00109080 _____ (Portions (C) Creative Labs
Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-11-12 12:41 - 2016-06-19 09:06 - 00000000 ____D C:\Program Files (x86)\Open
AL
\My Games
oaming\Wise Disk Cleaner
ndows\Start Menu\Programs\Wise Disk Cleaner
2016-11-08 20:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
oaming\Driver Magician
ndows\Start Menu\Programs\Driver Magician
oaming\Wise Euask
2016-11-08 19:55 - 2016-06-16 19:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-08 19:52 - 2016-06-16 19:02 - 141011376 ____C (Microsoft Corporation) C:
\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
2016-04-14 10:52 - 2016-04-14 10:52 - 2174976 _____
) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-06-16 20:00 - 2016-11-30 18:50 - 0000208 _____
\Roaming\burnaware.ini
2016-10-30 18:03 - 2016-11-19 11:17 - 0007859 _____
\Roaming\pcouffin.cat
2016-10-30 18:03 - 2016-11-19 11:17 - 0001167 _____
\Roaming\pcouffin.inf
2016-10-30 18:03 - 2016-11-19 11:17 - 0000055 _____
\Roaming\pcouffin.log
2016-10-30 18:03 - 2016-11-19 11:17 - 0082816 _____
LiCT\AppData\Roaming\pcouffin.sys
2016-07-07 08:04 - 2016-07-07 08:04 - 1065984 _____
\Local\file__0.localstorage
2016-08-27 15:33 - 2016-08-27 15:33 - 0000001 _____
\Local\llftool.4.40.agreement
2016-08-29 09:07 - 2016-08-29 09:07 - 0000019 _____
\Local\llftool.license
2016-11-19 10:47 - 2016-11-19 10:47 - 0000862 _____
\Local\recently-used.xbel
2016-06-19 10:20 - 2016-08-25 10:48 - 0007606 _____
\Local\Resmon.ResmonCfg
2016-06-17 14:00 - 2016-11-29 19:45 - 0000126 ___SH
Some files in TEMP:
(Advanced Micro Devices Inc.

() C:\Users\DERELiCT\AppData
(VSO Software) C:\Users\DERE
() C:\ProgramData\.zreglib
====================
C:\Users\DERELiCT\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-11-26 20:08
==================== End of FRST.txt ============================

FRST

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

FRST

Transféré par

Droits d'auteur :

Formats disponibles

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2016

Ran by DERELiCT (administrator) on DESKTOP-915RKMO (06-12-2016 11:19:04)

VE.EXE -> C:\Windows\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corpor

Microsoft Office\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)

\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-17]

ile_backup_status_server.exe [1510712 2016-09-13] ()

S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [21496 2016-01-14] ()

2016-12-04 22:52 - 2016-12-04 22:52 - 00000803

- 00238088 _____ (Microsoft Corporation) C:\

- 04496232 _____ (Microsoft Corporation) C:\

- 00083736 _____ (Microsoft Corporation) C:\

_____ (Microsoft Corporation) C:\

(Microsoft Corporation) C:\

(Microsoft Corporation) C:\

2016-11-30 19:37 - 2016-11-30 19:37 - 00091936 _____ (Microsoft Corporation) C:\

2016-11-29 20:58 - 2016-11-29 09:40 - 03283240

_____ (Realtek Semiconductor Corp

- 00000000 ____D C:\Program Files (x86)\Vulk

(NVIDIA Corporation) C:\WIN

2016-11-28 17:02 - 2016-11-28 17:02 - 00000000 ____D C:\WINDOWS\system32\RAPID

2016-11-11 23:05 - 2016-11-11 23:05 - 00045632

_____ (VMware, Inc.) C:\WINDOWS\s

- 03106304 _____ (Microsoft Corporation) C:\

==================== One Month Modified files and folders ========

2016-12-03 20:28 - 2016-08-02 18:55 - 00000000 ____D C:\Users\DERELiCT

2016-11-12 18:11 - 2016-06-17 14:18 - 00000000 ____D C:\Users\DERELiCT\AppData\L

(Advanced Micro Devices Inc.

Vous aimerez peut-être aussi