Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win32:Cryptor was found by AVG (Made all files\Folders hidden and system)


  • This topic is locked This topic is locked
7 replies to this topic

#1 isrgish

isrgish

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 06 March 2018 - 05:46 PM

My USB cards started losing there files and folders. I did an AVG scan and it found a win32cryptor on the device. I posted this problem to "Am I infected? What do I do?" and buddy215 suggested a list of steps for me. After following that list and posting the resulting logs he suggested I come here.

 

These are the steps I took.

1. I ran Malwarebytes free version
2. Malwarebytes Anti-Rootkit 
3. AdwCleaner 
4. Free Virus Scan | Online Virus Scan from ESET | ESET (On this one I wasn't able to follow the exact directions from budy215 since the options were different. I think I managed to find all the option that he suggested I set).

https://www.bleepingcomputer.com/forums/t/672397/win32cryptor-was-found-by-avg

 

This is the link to that post.
 

Following is the log from ESET security (buddy215 said to post it here along with the results from FRST)

 
Scan Log
Version of detection engine: 17012 (20180306)
Date: 3/6/2018  Time: 12:26:58 PM
Scanned disks, folders and files: Operating memory;C:\Boot sector;C:\
C:\Documents and Settings\All Users\Microsoft\Crypto\RSA\MachineKeys\374aa05d6da2df53268cfe7629c03a34_4031c8cf-7c04-411c-b44c-df06585090bf - unable to open [4]
C:\Documents and Settings\All Users\Microsoft\Crypto\RSA\MachineKeys\94261a6da5eaa252b7f90a1b6be6d9dc_4031c8cf-7c04-411c-b44c-df06585090bf - unable to open [4]
C:\Documents and Settings\All Users\Microsoft\Diagnosis\DownloadedSettings\telemetry.ASM-WindowsDefault.json - unable to open [4]
C:\Documents and Settings\All Users\Microsoft\Diagnosis\DownloadedSettings\utc.app.json - unable to open [4]
C:\Documents and Settings\All Users\Microsoft\Diagnosis\events00.rbs - unable to open [4]
C:\Documents and Settings\All Users\Microsoft\Diagnosis\events01.rbs - unable to open [4]
C:\Documents and Settings\All Users\Microsoft\Diagnosis\events10.rbs - unable to open [4]
C:\Documents and Settings\All Users\Microsoft\Diagnosis\events11.rbs - unable to open [4]
C:\Documents and Settings\beigels\AppData\Roaming\kingsoft\office6\update\down\wpsupdate.exe - a variant of Win32/KingSoft.D potentially unwanted application - action selection postponed until scan completion
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.4.5_41372.exe » ZIP » mediaelement/controls.png - archive damaged - the file could not be extracted.
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.4.5_41372.exe » ZIP »  - archive damaged
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.4.5_41865.exe » ZIP »  - archive damaged
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.4.8_42576.exe » ZIP » mediaelement/bigplay.fw.png - archive damaged - the file could not be extracted.
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.4.8_42576.exe » ZIP »  - archive damaged
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.4.9_43295.exe » ZIP » mediaelement/bigplay.fw.png - archive damaged - the file could not be extracted.
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.4.9_43295.exe » ZIP »  - archive damaged
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.4.9_43388.exe » ZIP » mediaelement/bigplay.fw.png - archive damaged - the file could not be extracted.
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.4.9_43388.exe » ZIP »  - archive damaged
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.0_43580.exe » ZIP » mediaelement/bigplay.fw.png - archive damaged - the file could not be extracted.
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.0_43580.exe » ZIP »  - archive damaged
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.0_43804.exe » ZIP » open-sans-light.eot - archive damaged - the file could not be extracted.
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.0_43804.exe » ZIP »  - archive damaged
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.0_43916.exe » ZIP » mediaelement/bigplay.fw.png - archive damaged - the file could not be extracted.
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.0_43916.exe » ZIP »  - archive damaged
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.0_44090.exe » ZIP » open-sans-light.eot - archive damaged - the file could not be extracted.
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.0_44090.exe » ZIP »  - archive damaged
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.0_44294.exe » ZIP » open-sans-light.eot - archive damaged - the file could not be extracted.
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.0_44294.exe » ZIP »  - archive damaged
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.1_44332.exe » ZIP » open-sans-light.eot - archive damaged - the file could not be extracted.
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.1_44332.exe » ZIP »  - archive damaged
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.3_44358.exe » ZIP » mediaelement/bigplay.fw.png - archive damaged - the file could not be extracted.
C:\Documents and Settings\beigels\AppData\Roaming\uTorrent\updates\3.5.3_44358.exe » ZIP »  - archive damaged
C:\Documents and Settings\beigels\Application Data\kingsoft\office6\update\down\wpsupdate.exe - a variant of Win32/KingSoft.D potentially unwanted application - action selection postponed until scan completion
C:\Downloads\ccsetup510.exe » NSIS » PF-Toolbar-W78.exe - Win32/Bundled.Toolbar.Google.D potentially unsafe application - action selection postponed until scan completion
C:\hiberfil.sys - unable to open [4]
C:\Me\Downloads\avc-free.exe » INNO » {tmp}\OCSetupHlp.dll - a variant of Win32/OpenCandy.A potentially unsafe application - action selection postponed until scan completion
C:\Me\Downloads\ccsetup532.exe » NSIS » PF-Toolbar-2016.exe - Win32/Bundled.Toolbar.Google.D potentially unsafe application - action selection postponed until scan completion
C:\Me\Downloads\ccsetup540pro.exe » NSIS » PF-Toolbar-2016.exe - Win32/Bundled.Toolbar.Google.D potentially unsafe application - action selection postponed until scan completion
C:\Me\Downloads\KingoRoot.exe - Win32/InstallCore.Gen.A potentially unwanted application - action selection postponed until scan completion
C:\Me\Downloads\rcsetup152.exe » NSIS » PF-Toolbar-W78.exe - Win32/Bundled.Toolbar.Google.D potentially unsafe application - action selection postponed until scan completion
C:\Me\Lexar\Id.txt.lnk - LNK/Agent.AO trojan - cleaned by deleting [1]
C:\Me\Old Computer\Me\new\Downloads\ccsetup312.exe » NSIS » PRFB-IEToolbar.exe - Win32/Bundled.Toolbar.Google.E potentially unsafe application - action selection postponed until scan completion
C:\Me\Old Computer\Me\new\Downloads\ccsetup324.exe » NSIS » PRFB-IEToolbar.exe - Win32/Bundled.Toolbar.Google.E potentially unsafe application - action selection postponed until scan completion
C:\Me\Old Computer\Me\new\Downloads\ccsetup401.exe » NSIS » PF-Toolbar-W78.exe - Win32/Bundled.Toolbar.Google.D potentially unsafe application - action selection postponed until scan completion
C:\Me\Old Computer\Me\new\Downloads\chromeinstall-6u27.exe » CAB » jusched - archive damaged - the file could not be extracted.
C:\Me\Old Computer\Me\new\Downloads\chromeinstall-6u27.exe » CAB » task.xml - archive damaged - the file could not be extracted.
C:\Me\Old Computer\Me\new\Downloads\chromeinstall-6u27.exe » CAB » task64.xml - archive damaged - the file could not be extracted.
C:\Me\Old Computer\Me\new\Downloads\chromeinstall-7u25.exe » CAB » jusched - archive damaged - the file could not be extracted.
C:\Me\Old Computer\Me\new\Downloads\chromeinstall-7u25.exe » CAB » task.xml - archive damaged - the file could not be extracted.
C:\Me\Old Computer\Me\new\Downloads\chromeinstall-7u25.exe » CAB » task64.xml - archive damaged - the file could not be extracted.
C:\Me\Old Computer\Me\new\Downloads\PhotoScape_V3.6.2.exe » NSIS » Mooii_Toolbar_Omaha.exe - Win32/Bundled.Toolbar.Google.D potentially unsafe application - action selection postponed until scan completion
C:\Me\Old Computer\Me\pdbtools.exe » INNO » setup.data - unsupported option
C:\Microsoft Toolkit 2.5.3 Official Torrent\Microsoft Toolkit.exe » SMARTASSEMBLY » deobfuscated.exe - a variant of MSIL/HackKMS.G potentially unsafe application - action selection postponed until scan completion
C:\pagefile.sys - unable to open [4]
C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\Updates\DBR_17560_1928_x64_Update.exe » INDIGOROSE - archive damaged
C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\Updates\DBRFactorySetupUpdate.exe » INDIGOROSE - archive damaged
C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\Updates\STUpdateNotifier_DBAR18.exe » INDIGOROSE - archive damaged
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\374aa05d6da2df53268cfe7629c03a34_4031c8cf-7c04-411c-b44c-df06585090bf - unable to open [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\94261a6da5eaa252b7f90a1b6be6d9dc_4031c8cf-7c04-411c-b44c-df06585090bf - unable to open [4]
C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.ASM-WindowsDefault.json - unable to open [4]
C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\utc.app.json - unable to open [4]
C:\ProgramData\Microsoft\Diagnosis\events00.rbs - unable to open [4]
C:\ProgramData\Microsoft\Diagnosis\events01.rbs - unable to open [4]
C:\ProgramData\Microsoft\Diagnosis\events10.rbs - unable to open [4]
C:\ProgramData\Microsoft\Diagnosis\events11.rbs - unable to open [4]
C:\System Volume Information\MountPointManagerRemoteDatabase - unable to open [4]
C:\System Volume Information\Syscache.hve - unable to open [4]
C:\System Volume Information\Syscache.hve.LOG1 - unable to open [4]
C:\System Volume Information\Syscache.hve.LOG2 - unable to open [4]
C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - unable to open [4]
C:\System Volume Information\{71e3fd34-1c23-11e8-9471-b083fea6c97a}{3808876b-c176-4e48-b7ae-04046e6cc752} - unable to open [4]
C:\System Volume Information\{71e3fd38-1c23-11e8-9471-b083fea6c97a}{3808876b-c176-4e48-b7ae-04046e6cc752} - unable to open [4]
C:\System Volume Information\{7bafb500-16af-11e8-8b76-b083fea6c97a}{3808876b-c176-4e48-b7ae-04046e6cc752} - unable to open [4]
C:\System Volume Information\{c5583c19-1b8e-11e8-840f-b083fea6c97a}{3808876b-c176-4e48-b7ae-04046e6cc752} - unable to open [4]
C:\System Volume Information\{c958f212-2097-11e8-9c67-b083fea6c97a}{3808876b-c176-4e48-b7ae-04046e6cc752} - unable to open [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\374aa05d6da2df53268cfe7629c03a34_4031c8cf-7c04-411c-b44c-df06585090bf - unable to open [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\94261a6da5eaa252b7f90a1b6be6d9dc_4031c8cf-7c04-411c-b44c-df06585090bf - unable to open [4]
C:\Users\All Users\Microsoft\Diagnosis\DownloadedSettings\telemetry.ASM-WindowsDefault.json - unable to open [4]
C:\Users\All Users\Microsoft\Diagnosis\DownloadedSettings\utc.app.json - unable to open [4]
C:\Users\All Users\Microsoft\Diagnosis\events00.rbs - unable to open [4]
C:\Users\All Users\Microsoft\Diagnosis\events01.rbs - unable to open [4]
C:\Users\All Users\Microsoft\Diagnosis\events10.rbs - unable to open [4]
C:\Users\All Users\Microsoft\Diagnosis\events11.rbs - unable to open [4]
C:\Users\beigels\AppData\Roaming\kingsoft\office6\update\down\wpsupdate.exe - a variant of Win32/KingSoft.D potentially unwanted application - action selection postponed until scan completion
C:\Users\beigels\Application Data\kingsoft\office6\update\down\wpsupdate.exe - a variant of Win32/KingSoft.D potentially unwanted application - action selection postponed until scan completion
C:\Windows\AutoKMS\AutoKMS.exe » SMARTASSEMBLY » deobfuscated.exe - a variant of MSIL/HackKMS.H potentially unsafe application - action selection postponed until scan completion
C:\Windows\CSC\v2.0.6\pq - unable to open [4]
C:\Windows\CSC\v2.0.6\temp\ea-{48219d68-ef42-11e4-8465-901e1819ed3f} - unable to open [4]
C:\Windows\Installer\33df7ea6.msi » MSI » Binary.dumper.js - Win32/Adware.Hicosmea.I application - action selection postponed until scan completion
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl - unable to open [4]
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagtrack-Listener.etl - unable to open [4]
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl - unable to open [4]
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl - unable to open [4]
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl - unable to open [4]
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl - unable to open [4]
Number of scanned objects: 842495
Number of threats found: 18
Number of cleaned objects: 15
Time of completion: 2:22:50 PM  Total scanning time: 6952 sec (01:55:52)
 
Notes:
[1] Object has been deleted as it only contained the virus body.
[4] Object cannot be opened. It may be in use by another application or operating system.
 
**************END*****************
 
Here is the logs from FRST
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018
Ran by beigels (administrator) on SRULYG (06-03-2018 16:55:55)
Running from C:\Users\beigels\Desktop
Loaded Profiles: beigels (Available Profiles: beigels)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Paragon Software) C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\Linux File Systems for Windows by Paragon Software.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
() C:\Program Files (x86)\MyTrigger\MyTrigger.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(ContentWatch, Inc.) C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ContentWatch, Inc.) C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Intel® Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\beigels\AppData\Local\Kingsoft\WPS Office\9.1.0.5200\wtoolex\wpsupdatesvr.exe
(Paragon Software) C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\paragon_service.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncagent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Marek Jasinski) C:\Program Files (x86)\FreeCommander XE\FreeCommander.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [294928 2018-03-05] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [324352 2017-12-18] (ESET)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-04-10] (Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-02-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM-x32\...\Run: [cwcptray] => C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe [676232 2015-01-29] (ContentWatch, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [47432 2013-08-15] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [31048 2013-08-15] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646680 2017-09-27] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1422248 2018-02-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1422248 2018-02-08] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launch MyTrigger.lnk [2015-07-28]
ShortcutTarget: Launch MyTrigger.lnk -> C:\Program Files (x86)\MyTrigger\MyTrigger.exe ()
Startup: C:\Users\beigels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-11-09]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog9 01 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 05 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 06 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 07 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 08 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 09 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 10 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 11 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 12 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 23 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 24 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 05 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 06 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 07 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 08 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 09 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 10 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 11 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 12 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 23 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 24 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.10.10.1
Tcpip\..\Interfaces\{7976DB39-9272-404F-BD3B-9A7378FE42D3}: [DhcpNameServer] 10.10.10.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2779557678-3830489536-1879980627-1000 -> DefaultScope {7523028F-F02A-4F53-AE78-64F59B7253F3} URL = 
SearchScopes: HKU\S-1-5-21-2779557678-3830489536-1879980627-1000 -> {7523028F-F02A-4F53-AE78-64F59B7253F3} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-9.0.1\bin\ssv.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-9.0.1\bin\jp2ssv.dll [2018-01-15] (Oracle Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: ze2aku6s.default
FF ProfilePath: C:\Users\beigels\AppData\Roaming\Mozilla\Firefox\Profiles\ze2aku6s.default [2018-03-06]
FF Extension: (Disable Crash Auto Submit) - C:\Users\beigels\AppData\Roaming\Mozilla\Firefox\Profiles\ze2aku6s.default\features\{4fbc6dc8-e584-47a6-adf6-6b092c136086}\disable-crash-autosubmit@mozilla.org.xpi [2017-12-28] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=12.0.1.0 -> C:\Program Files\Java\jre-9.0.1\bin\dtplugin\npDeployJava1.dll [2018-01-15] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default [2018-03-06]
CHR Extension: (Slides) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Docs) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Google Drive) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (MEGA) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2018-03-05]
CHR Extension: (YouTube) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Pushbullet) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2017-10-17]
CHR Extension: (HIIT Training Timer) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\clngjemjankmaegknppifppncigfnijm [2016-02-23]
CHR Extension: (Google Search) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Timer) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2016-02-23]
CHR Extension: (Adobe Acrobat) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-22]
CHR Extension: (Sheets) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Chrome Remote Desktop) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-12-05]
CHR Extension: (Google Docs Offline) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-31]
CHR Extension: (Timer Loop) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdkfiefeoimmobmhdimachkfcpkgahlc [2016-09-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
CHR Extension: (Gmail) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-28]
CHR Extension: (Chrome Media Router) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-07]
CHR Extension: (Stopwatch / Timer / Alarm) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmbmdkichekkmkgbohcbpfehiekdjnpl [2016-02-23]
CHR Profile: C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-03-06]
CHR Extension: (Google Slides) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-18]
CHR Extension: (Google Docs) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-18]
CHR Extension: (Google Drive) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-18]
CHR Extension: (YouTube) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-18]
CHR Extension: (Google Search) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (Adobe Acrobat) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-15]
CHR Extension: (Google Sheets) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-18]
CHR Extension: (Google Docs Offline) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-15]
CHR Extension: (Gmail) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-18]
CHR Extension: (Chrome Media Router) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-15]
CHR Profile: C:\Users\beigels\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-06]
CHR HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [304776 2018-03-05] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7607288 2018-03-05] (AVG Technologies CZ, s.r.o.)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\65.0.3325.40\remoting_host.exe [71512 2018-02-01] (Google Inc.)
R2 CwAltaService20; C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe [3074440 2015-01-29] (ContentWatch, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-02-26] (Dropbox, Inc.)
S4 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
S4 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2013-10-11] (Portrait Displays, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1940584 2017-12-18] (ESET)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1162768 2018-02-08] (Garmin Ltd. or its subsidiaries)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel® Corporation)
S4 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2672328 2014-07-30] (Invincea, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
R2 Kingsoft_WPS_UpdateService; C:\Users\beigels\AppData\Local\Kingsoft\WPS Office\9.1.0.5200\wtoolex\wpsupdatesvr.exe [133480 2016-01-22] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 ParagonLinuxFSMounter; C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\paragon_service.exe [2651328 2017-11-30] (Paragon Software)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2014-08-18] (Realtek Semiconductor)
S4 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [173256 2014-07-30] (Invincea, Inc.)
S4 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (SoftThinks SAS)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [5962832 2017-12-01] (RealVNC Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-04-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2016-08-24] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2016-08-24] (LG Electronics Inc.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189032 2018-03-05] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\Windows\System32\drivers\avgbdiska.sys [166552 2018-03-05] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [221096 2018-03-05] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [193024 2018-03-05] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [337344 2018-03-05] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51272 2018-03-05] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-03-05] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [139040 2018-03-05] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [102720 2018-03-05] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [76760 2018-03-05] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1019088 2018-03-05] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [452904 2018-03-05] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [198368 2018-03-05] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [372920 2018-03-05] (AVG Technologies CZ, s.r.o.)
S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [25088 2014-09-08] (BlackBerry) [File not signed]
R2 Dokan; C:\Windows\System32\DRIVERS\dokan.sys [67264 2017-11-30] (Windows ® Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [134368 2018-01-19] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107328 2018-01-19] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180088 2018-01-19] (ESET)
S2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50744 2018-01-19] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [81880 2018-01-19] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61040 2018-01-19] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [106304 2018-01-19] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-11-29] ()
S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB.sys [28672 2016-04-29] (Intel Mobile Communications)
S3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2638808 2014-10-15] (Realtek Semiconductor Corp.)
S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [50696 2014-07-30] (Invincea, Inc.)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
S3 massfilter_hs; C:\Windows\SysWOW64\drivers\massfilter_hs.sys [15896 2011-03-07] (HandSet Incorporated)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2018-03-06] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2018-03-06] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2018-03-06] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-03-06] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2018-03-06] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
R2 NPF; C:\Windows\SysWOW64\drivers\npf64.sys [36600 2015-12-16] (Riverbed Technology, Inc.)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [22824 2013-06-18] (Portrait Displays, Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-05-26] (BlackBerry Limited) [File not signed]
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [183304 2014-07-30] (Invincea, Inc.)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [18392 2013-01-25] (Scott)
S3 zghsdiag; C:\Windows\System32\DRIVERS\zghsdiag.sys [129304 2011-03-07] (ZTE Incorporated)
S3 zghsdiag; C:\Windows\SysWOW64\DRIVERS\zghsdiag.sys [113432 2011-03-07] (ZTE Incorporated)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [129304 2011-03-07] (ZTE Incorporated)
S3 zghsmdm; C:\Windows\SysWOW64\DRIVERS\zghsmdm.sys [113432 2011-03-07] (ZTE Incorporated)
S3 zghsnmea; C:\Windows\System32\DRIVERS\zghsnmea.sys [129304 2011-03-07] (ZTE Incorporated)
S3 zghsnmea; C:\Windows\SysWOW64\DRIVERS\zghsnmea.sys [113432 2011-03-07] (ZTE Incorporated)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-03-06 16:55 - 2018-03-06 16:56 - 000030971 _____ C:\Users\beigels\Desktop\FRST.txt
2018-03-06 16:55 - 2018-03-06 16:55 - 000000000 ____D C:\FRST
2018-03-06 15:28 - 2018-03-06 15:28 - 002403328 _____ (Farbar) C:\Users\beigels\Desktop\FRST64.exe
2018-03-06 14:26 - 2018-03-06 14:28 - 000012528 _____ C:\Users\beigels\Desktop\ESET Log 03062018.txt
2018-03-06 13:08 - 2018-03-06 15:08 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-03-06 12:26 - 2018-03-06 12:26 - 000000000 ____D C:\Users\beigels\AppData\Roaming\ESET
2018-03-06 12:20 - 2018-03-06 12:20 - 000000000 ____D C:\Users\beigels\AppData\Local\ESET
2018-03-06 12:19 - 2018-03-06 12:19 - 000001945 _____ C:\Users\Public\Desktop\ESET Banking & Payment protection.lnk
2018-03-06 12:19 - 2018-03-06 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-03-06 12:19 - 2018-03-06 12:19 - 000000000 ____D C:\ProgramData\ESET
2018-03-06 12:19 - 2018-03-06 12:19 - 000000000 ____D C:\Program Files\ESET
2018-03-06 11:54 - 2018-03-06 11:54 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-03-06 11:37 - 2018-03-06 11:39 - 000000000 ____D C:\AdwCleaner
2018-03-06 07:21 - 2018-03-06 11:34 - 000000000 ____D C:\Users\beigels\Desktop\mbar
2018-03-06 07:21 - 2018-03-06 11:34 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-03-06 07:21 - 2018-03-06 07:21 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\75562157.sys
2018-03-06 07:20 - 2018-03-06 07:20 - 000012859 _____ C:\Users\beigels\Desktop\New Text Document.txt
2018-03-06 06:47 - 2018-03-06 06:47 - 004260984 _____ (ESET) C:\Users\beigels\Desktop\eset_smart_security_premium_live_installer.exe
2018-03-06 06:45 - 2018-03-06 06:45 - 014178840 _____ (Malwarebytes Corp.) C:\Users\beigels\Desktop\mbar-1.10.3.1001.exe
2018-03-06 06:45 - 2018-03-06 06:45 - 008222496 _____ (Malwarebytes) C:\Users\beigels\Desktop\AdwCleaner.exe
2018-03-06 06:41 - 2018-03-06 13:08 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-03-06 06:41 - 2018-03-06 07:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-06 06:41 - 2018-03-06 06:41 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-03-06 06:41 - 2018-03-06 06:41 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-03-06 06:41 - 2018-03-06 06:41 - 000001869 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-03-06 06:41 - 2018-03-06 06:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-06 06:41 - 2018-03-06 06:41 - 000000000 ____D C:\Program Files\Malwarebytes
2018-03-06 06:41 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-03-06 04:52 - 2018-03-06 04:52 - 000001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-03-06 04:52 - 2018-03-06 04:52 - 000001037 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2018-03-05 13:24 - 2018-03-05 13:52 - 000000631 _____ C:\Users\beigels\Desktop\Chrome Restore tabs 03052018.txt
2018-03-05 08:02 - 2018-03-05 08:02 - 000381816 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2018-03-05 08:00 - 2018-03-05 08:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-03-02 09:12 - 2018-03-02 09:12 - 000133073 _____ C:\wubildr
2018-02-27 18:08 - 2018-02-27 18:08 - 000000000 ____D C:\ProgramData\Motorola
2018-02-27 18:00 - 2018-02-27 21:52 - 000000000 ____D C:\Program Files (x86)\Motorola Mobility
2018-02-27 18:00 - 2018-02-27 18:00 - 000000000 ____D C:\Users\beigels\AppData\Roaming\Motorola Mobility
2018-02-27 18:00 - 2018-02-27 18:00 - 000000000 ____D C:\Program Files (x86)\Motorola
2018-02-27 17:59 - 2018-02-27 17:59 - 000000000 ____D C:\Program Files\Common Files\Motorola Shared
2018-02-27 17:56 - 2018-02-27 17:56 - 000006128 _____ C:\adb.txt
2018-02-27 17:54 - 2018-02-27 17:54 - 000000000 ____D C:\Users\beigels\AppData\Roaming\Motorola
2018-02-26 17:36 - 2018-02-26 17:36 - 000008192 _____ C:\wubildr.mbr
2018-02-26 17:35 - 2018-02-26 17:35 - 000000000 ____D C:\ubuntu
2018-02-26 06:24 - 2018-02-26 06:24 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-02-26 06:24 - 2018-02-26 06:24 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-02-26 06:24 - 2018-02-26 06:24 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-02-26 06:24 - 2018-02-26 06:24 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-02-23 05:38 - 2017-12-01 12:35 - 000037704 _____ (RealVNC Ltd) C:\Windows\system32\VNCpm.dll
2018-02-23 05:36 - 2018-02-23 05:43 - 000000000 ____D C:\ProgramData\RealVNC-Service
2018-02-23 05:36 - 2018-02-23 05:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC
2018-02-23 05:36 - 2018-02-23 05:36 - 000000000 ____D C:\Program Files\RealVNC
2018-02-23 05:35 - 2018-02-23 05:38 - 000000000 ____D C:\Users\beigels\AppData\Local\RealVNC
2018-02-22 21:31 - 2018-02-22 21:31 - 002572651 _____ C:\Users\beigels\Desktop\man-pages-4.15.tar.gz
2018-02-21 16:07 - 2018-02-22 21:33 - 000000203 _____ C:\Users\beigels\Desktop\Command.txt
2018-02-20 13:26 - 2018-02-20 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kutools for Excel
2018-02-18 10:11 - 2018-02-18 10:11 - 000000000 ____D C:\ProgramData\SystemAcCrux
2018-02-18 10:11 - 2018-02-18 10:11 - 000000000 ____D C:\Program Files (x86)\EaseUS
2018-02-16 16:37 - 2018-02-16 16:37 - 000000409 _____ C:\Users\Public\Desktop\HP USB Disk Storage Format Tool.lnk
2018-02-16 16:37 - 2018-02-16 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
2018-02-16 16:37 - 2018-02-16 16:37 - 000000000 ____D C:\DriveKey
2018-02-16 11:52 - 2018-02-16 11:54 - 1563426816 _____ C:\Users\beigels\Downloads\Fedora-Workstation-Live-x86_64-26-1.5.iso
2018-02-16 11:49 - 2018-02-16 11:49 - 000002023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fedora Media Writer.lnk
2018-02-16 11:49 - 2018-02-16 11:49 - 000000000 ____D C:\Users\beigels\AppData\Local\fedoraproject.org
2018-02-16 11:49 - 2018-02-16 11:49 - 000000000 ____D C:\Program Files (x86)\Fedora Media Writer
2018-02-15 21:58 - 2018-02-16 04:59 - 000000400 __RSH C:\ProgramData\ntuser.pol
2018-02-14 08:19 - 2018-02-10 14:52 - 000395928 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-02-14 08:19 - 2018-02-10 14:03 - 000347296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-02-14 08:19 - 2018-02-10 03:44 - 025740288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-02-14 08:19 - 2018-02-10 02:30 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-02-14 08:19 - 2018-02-10 02:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-02-14 08:19 - 2018-02-10 02:19 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-02-14 08:19 - 2018-02-10 02:17 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-02-14 08:19 - 2018-02-10 02:17 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-02-14 08:19 - 2018-02-10 02:17 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-02-14 08:19 - 2018-02-10 02:16 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-02-14 08:19 - 2018-02-10 02:16 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-02-14 08:19 - 2018-02-10 02:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-02-14 08:19 - 2018-02-10 02:10 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-02-14 08:19 - 2018-02-10 02:09 - 005782016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-02-14 08:19 - 2018-02-10 02:07 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-02-14 08:19 - 2018-02-10 02:06 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-02-14 08:19 - 2018-02-10 02:06 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-02-14 08:19 - 2018-02-10 02:06 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-02-14 08:19 - 2018-02-10 02:06 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-02-14 08:19 - 2018-02-10 02:01 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-02-14 08:19 - 2018-02-10 01:58 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-02-14 08:19 - 2018-02-10 01:52 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-02-14 08:19 - 2018-02-10 01:52 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-02-14 08:19 - 2018-02-10 01:51 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-02-14 08:19 - 2018-02-10 01:49 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-02-14 08:19 - 2018-02-10 01:48 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-02-14 08:19 - 2018-02-10 01:46 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-02-14 08:19 - 2018-02-10 01:45 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-02-14 08:19 - 2018-02-10 01:36 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-02-14 08:19 - 2018-02-10 01:36 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-02-14 08:19 - 2018-02-10 01:34 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-02-14 08:19 - 2018-02-10 01:34 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-02-14 08:19 - 2018-02-10 01:33 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-02-14 08:19 - 2018-02-10 01:32 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-02-14 08:19 - 2018-02-10 01:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-02-14 08:19 - 2018-02-10 01:20 - 020274176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-02-14 08:19 - 2018-02-10 01:14 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-02-14 08:19 - 2018-02-10 01:08 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-02-14 08:19 - 2018-02-10 01:02 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-02-14 08:19 - 2018-02-10 00:57 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-02-14 08:19 - 2018-02-10 00:57 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-02-14 08:19 - 2018-02-10 00:57 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-02-14 08:19 - 2018-02-10 00:57 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-02-14 08:19 - 2018-02-10 00:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-02-14 08:19 - 2018-02-10 00:54 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-02-14 08:19 - 2018-02-10 00:52 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-02-14 08:19 - 2018-02-10 00:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-02-14 08:19 - 2018-02-10 00:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-02-14 08:19 - 2018-02-10 00:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-02-14 08:19 - 2018-02-10 00:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-02-14 08:19 - 2018-02-10 00:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-02-14 08:19 - 2018-02-10 00:42 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-02-14 08:19 - 2018-02-10 00:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-02-14 08:19 - 2018-02-10 00:38 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-02-14 08:19 - 2018-02-10 00:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-02-14 08:19 - 2018-02-10 00:36 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-02-14 08:19 - 2018-02-10 00:35 - 004498944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-02-14 08:19 - 2018-02-10 00:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-02-14 08:19 - 2018-02-10 00:35 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-02-14 08:19 - 2018-02-10 00:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-02-14 08:19 - 2018-02-10 00:33 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-02-14 08:19 - 2018-02-10 00:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-02-14 08:19 - 2018-02-10 00:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-02-14 08:19 - 2018-02-10 00:27 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-02-14 08:19 - 2018-02-10 00:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-02-14 08:19 - 2018-02-10 00:14 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-02-14 08:19 - 2018-02-10 00:10 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-02-14 08:19 - 2018-02-10 00:08 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-02-14 08:19 - 2018-01-12 11:46 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-02-14 08:19 - 2018-01-12 11:44 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-02-14 08:19 - 2018-01-12 11:44 - 001894120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-02-14 08:19 - 2018-01-12 11:44 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-02-14 08:19 - 2018-01-12 11:44 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-02-14 08:19 - 2018-01-12 11:44 - 000371432 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-02-14 08:19 - 2018-01-12 11:44 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-02-14 08:19 - 2018-01-12 11:44 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-02-14 08:19 - 2018-01-12 11:44 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-02-14 08:19 - 2018-01-12 11:44 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-02-14 08:19 - 2018-01-12 11:40 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:33 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-02-14 08:19 - 2018-01-12 11:29 - 004014312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-02-14 08:19 - 2018-01-12 11:29 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-02-14 08:19 - 2018-01-12 11:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-02-14 08:19 - 2018-01-12 11:27 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-02-14 08:19 - 2018-01-12 11:16 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-02-14 08:19 - 2018-01-12 11:16 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-02-14 08:19 - 2018-01-12 11:15 - 000032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-02-14 08:19 - 2018-01-12 11:11 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-02-14 08:19 - 2018-01-12 11:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-02-14 08:19 - 2018-01-12 11:11 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-02-14 08:19 - 2018-01-12 11:10 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-02-14 08:19 - 2018-01-12 11:07 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-02-14 08:19 - 2018-01-12 11:06 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-02-14 08:19 - 2018-01-12 11:03 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-02-14 08:19 - 2018-01-12 11:02 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-02-14 08:19 - 2018-01-12 11:02 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-02-14 08:19 - 2018-01-12 11:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-02-14 08:19 - 2018-01-12 11:01 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-02-14 08:19 - 2018-01-12 11:01 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-02-14 08:19 - 2018-01-12 10:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-02-14 08:19 - 2018-01-12 10:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-02-14 08:19 - 2018-01-12 10:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-02-14 08:19 - 2018-01-12 10:57 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-02-14 08:19 - 2018-01-12 10:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-02-14 08:19 - 2018-01-12 10:56 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 10:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 10:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 10:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-02-14 08:19 - 2018-01-11 11:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-02-14 08:19 - 2018-01-11 11:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-02-14 08:19 - 2018-01-11 11:09 - 003224064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-02-14 08:19 - 2018-01-05 11:31 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-02-14 08:19 - 2018-01-05 11:31 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-02-14 08:19 - 2018-01-05 11:30 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-02-14 08:19 - 2018-01-05 11:30 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-02-14 08:19 - 2018-01-05 11:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-02-14 08:19 - 2018-01-05 11:25 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-02-14 08:19 - 2018-01-05 11:14 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-02-14 08:19 - 2018-01-05 11:11 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-02-14 08:19 - 2018-01-05 11:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-02-14 08:19 - 2018-01-05 11:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-02-14 08:19 - 2018-01-05 11:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-02-14 08:19 - 2018-01-05 10:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-02-14 08:19 - 2017-12-31 21:21 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-02-14 08:19 - 2017-12-31 21:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-02-14 08:19 - 2017-12-31 21:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-02-14 08:19 - 2017-12-31 21:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-02-14 08:19 - 2017-12-31 21:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-02-14 08:19 - 2017-12-31 21:18 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-02-14 08:19 - 2017-12-31 21:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-02-14 08:19 - 2017-12-31 21:18 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-02-14 08:19 - 2017-12-31 21:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-02-14 08:19 - 2017-12-31 21:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-02-14 08:19 - 2017-12-31 21:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-02-14 08:19 - 2017-12-31 21:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-02-14 08:19 - 2017-12-31 21:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-02-14 08:19 - 2017-12-31 21:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-02-14 08:19 - 2017-12-31 21:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-02-14 08:19 - 2017-12-31 20:59 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-02-14 08:19 - 2017-12-31 20:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-02-14 08:19 - 2017-12-31 20:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-02-14 08:19 - 2017-12-31 20:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-02-14 08:19 - 2017-12-31 20:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-02-14 08:19 - 2017-12-31 20:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-02-14 08:19 - 2017-12-31 20:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-02-14 08:19 - 2017-12-31 20:54 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-02-14 08:19 - 2017-12-31 20:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-02-14 08:19 - 2017-12-31 20:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2018-02-14 08:19 - 2017-12-31 20:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2018-02-14 08:19 - 2017-12-31 20:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-02-14 08:19 - 2017-12-31 20:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-02-14 08:19 - 2017-12-31 20:42 - 000460288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-02-14 08:19 - 2017-12-31 20:42 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-02-14 08:19 - 2017-12-31 20:42 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-02-14 08:19 - 2017-12-31 20:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-02-14 08:19 - 2017-12-31 20:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-02-14 08:19 - 2017-12-31 20:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-02-14 08:19 - 2017-12-21 01:27 - 000634312 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-02-14 08:19 - 2017-12-05 12:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-02-14 08:19 - 2017-12-05 11:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2018-02-14 08:19 - 2017-12-05 10:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-02-14 08:19 - 2017-11-07 11:31 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-02-14 08:19 - 2017-11-07 11:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-02-14 08:19 - 2017-11-04 10:31 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-02-14 08:19 - 2017-11-04 10:31 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-02-14 08:19 - 2017-11-04 10:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-02-14 08:19 - 2017-11-04 10:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-02-14 08:19 - 2017-11-02 11:55 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2018-02-14 08:19 - 2017-11-02 11:55 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2018-02-14 08:19 - 2017-11-02 11:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2018-02-14 08:19 - 2017-11-02 11:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2018-02-14 08:19 - 2017-11-02 10:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2018-02-14 08:19 - 2017-11-02 10:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2018-02-14 08:19 - 2017-11-02 10:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2018-02-14 08:19 - 2017-11-02 09:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2018-02-14 08:19 - 2017-10-17 21:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-02-14 08:19 - 2017-10-17 21:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-02-14 08:19 - 2017-10-17 21:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-02-14 08:19 - 2017-10-17 21:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-02-14 08:19 - 2017-10-17 21:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-02-14 08:19 - 2017-10-17 21:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-02-14 08:19 - 2017-10-17 21:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-02-14 08:19 - 2017-10-16 18:04 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2018-02-14 08:19 - 2017-10-16 17:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2018-02-14 08:19 - 2017-10-16 16:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-02-14 08:19 - 2017-10-11 19:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-02-14 08:19 - 2017-10-11 19:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-02-14 08:19 - 2017-10-11 19:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-02-14 08:19 - 2017-10-11 19:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-02-14 08:19 - 2017-10-11 19:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-02-14 08:19 - 2017-10-11 19:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-02-14 08:19 - 2017-10-11 19:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2018-02-14 08:19 - 2017-10-11 19:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-02-14 08:19 - 2017-10-11 19:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-02-14 08:19 - 2017-10-11 19:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-02-14 08:19 - 2017-10-11 19:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2018-02-14 08:19 - 2017-10-11 19:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2018-02-14 08:19 - 2017-10-11 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2018-02-14 08:19 - 2017-10-11 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2018-02-14 08:19 - 2017-10-11 19:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2018-02-14 08:19 - 2017-10-11 19:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2018-02-14 08:19 - 2017-09-07 08:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-02-14 08:18 - 2018-01-21 18:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-02-14 08:18 - 2018-01-21 18:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-02-14 08:18 - 2018-01-19 09:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-02-14 02:31 - 2018-02-14 02:31 - 000001892 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2018-02-13 14:36 - 2018-02-13 14:36 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-02-13 12:45 - 2018-02-13 12:45 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_LGAirDrive_01_11_00.Wdf
2018-02-13 12:44 - 2018-02-13 12:44 - 002356592 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2018-02-13 12:42 - 2016-08-24 18:09 - 000037376 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem64.sys
2018-02-13 12:42 - 2016-08-24 18:08 - 000030720 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag64.sys
2018-02-13 12:41 - 2018-02-13 13:30 - 000000000 ____D C:\Users\beigels\AppData\Roaming\LG Electronics
2018-02-13 12:41 - 2018-02-13 13:30 - 000000000 ____D C:\Users\beigels\AppData\Local\LG Electronics
2018-02-13 12:41 - 2018-02-13 12:41 - 000000000 ____D C:\Users\beigels\Documents\LG Bridge
2018-02-13 12:40 - 2018-02-13 13:30 - 000000000 ____D C:\Program Files (x86)\LG Electronics
2018-02-12 08:32 - 2018-02-12 08:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-02-12 08:32 - 2018-02-12 08:32 - 000000000 ____D C:\Program Files\7-Zip
2018-02-12 08:18 - 2018-02-12 08:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuWin32
2018-02-12 08:18 - 2018-02-12 08:18 - 000000000 ____D C:\Program Files (x86)\GnuWin32
2018-02-07 20:29 - 2018-02-07 20:39 - 000000000 ____D C:\Users\beigels\AppData\Roaming\Notepad++
2018-02-07 20:29 - 2018-02-07 20:29 - 000000826 _____ C:\Users\Public\Desktop\Notepad++.lnk
2018-02-07 20:29 - 2018-02-07 20:29 - 000000000 ____D C:\Users\beigels\AppData\Local\Notepad++
2018-02-07 20:29 - 2018-02-07 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2018-02-07 20:29 - 2018-02-07 20:29 - 000000000 ____D C:\Program Files\Notepad++
2018-02-07 19:10 - 2018-02-07 19:10 - 000000000 ____D C:\Users\beigels\AppData\Local\XmlViewer
2018-02-07 18:56 - 2018-02-07 18:56 - 000013105 _____ C:\Users\beigels\Documents\main.xml
2018-02-07 18:51 - 2018-02-07 18:51 - 000001995 _____ C:\Users\beigels\Desktop\XML Notepad 2007.lnk
2018-02-07 18:51 - 2018-02-07 18:51 - 000000000 ____D C:\Users\beigels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XML Notepad 2007
2018-02-07 18:51 - 2018-02-07 18:51 - 000000000 ____D C:\Program Files (x86)\XML Notepad 2007
2018-02-06 18:56 - 2017-11-30 13:46 - 000067264 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\dokan.sys
2018-02-06 18:55 - 2018-02-07 20:41 - 000003614 _____ C:\Windows\System32\Tasks\LinuxFS Updater
2018-02-06 18:55 - 2018-02-06 18:55 - 000003460 _____ C:\Windows\System32\Tasks\LinuxFS GUI
2018-02-06 18:55 - 2018-02-06 18:55 - 000002641 _____ C:\Users\Public\Desktop\Linux File Systems for Windows by Paragon Software.lnk
2018-02-06 18:55 - 2018-02-06 18:55 - 000000000 ____D C:\ProgramData\Paragon
2018-02-06 18:55 - 2018-02-06 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Linux File Systems for Windows by Paragon Software
2018-02-06 18:55 - 2018-02-06 18:55 - 000000000 ____D C:\Program Files (x86)\Paragon Software
2018-02-05 19:58 - 2018-02-05 19:58 - 000000989 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard.lnk
2018-02-05 19:58 - 2018-02-05 19:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 10
2018-02-05 19:56 - 2017-03-23 09:04 - 003547136 _____ C:\Windows\system32\pwNative.exe
2018-02-05 19:51 - 2018-02-05 19:58 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 10
2018-02-05 19:51 - 2013-09-30 15:26 - 000019152 _____ C:\Windows\system32\pwdrvio.sys
2018-02-05 19:51 - 2013-09-30 15:26 - 000012504 _____ C:\Windows\system32\pwdspio.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-03-06 16:05 - 2015-10-22 22:42 - 000000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-03-06 15:41 - 2015-10-22 22:50 - 000000000 ___RD C:\Users\beigels\Documents\Dropbox
2018-03-06 15:17 - 2015-10-21 15:49 - 000004958 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for srulyG-beigels srulyG
2018-03-06 15:06 - 2017-12-20 11:41 - 000000000 ____D C:\Program Files (x86)\Kutools for Excel
2018-03-06 14:22 - 2015-07-28 08:39 - 000000000 ____D C:\Windows\AutoKMS
2018-03-06 14:22 - 2015-07-28 08:29 - 000000000 ____D C:\Microsoft Toolkit 2.5.3 Official Torrent
2018-03-06 12:19 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2018-03-06 12:03 - 2009-07-13 23:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-06 12:03 - 2009-07-13 23:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-06 11:52 - 2015-10-22 22:42 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-03-06 11:52 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-06 07:20 - 2015-10-22 17:29 - 000000000 ____D C:\Users\beigels\AppData\Local\CrashDumps
2018-03-06 07:17 - 2009-07-13 23:45 - 000466184 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-06 06:43 - 2015-11-02 13:38 - 000000000 ____D C:\Users\beigels\AppData\Roaming\TeamViewer
2018-03-06 06:41 - 2016-02-21 07:44 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-03-06 06:41 - 2015-11-13 00:02 - 000000000 ____D C:\Users\beigels\AppData\Roaming\MPC-HC
2018-03-06 06:41 - 2015-11-04 16:07 - 000000000 ____D C:\Users\beigels\AppData\Roaming\uTorrent
2018-03-06 06:40 - 2017-10-02 10:29 - 000000000 ____D C:\Windows\Minidump
2018-03-06 06:37 - 2015-10-22 22:41 - 000000000 ____D C:\Program Files\CCleaner
2018-03-06 05:52 - 2016-02-21 07:45 - 000000000 ____D C:\Users\beigels\AppData\Local\TeamViewer
2018-03-05 18:02 - 2009-07-14 00:13 - 000785942 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-05 17:58 - 2016-12-05 12:39 - 000000000 ____D C:\Users\beigels\AppData\Roaming\Mp3tag
2018-03-05 17:40 - 2015-07-28 08:31 - 000000000 ____D C:\WATCHER
2018-03-05 17:40 - 2015-04-30 07:25 - 000000000 ____D C:\Temp
2018-03-05 16:57 - 2016-06-17 15:24 - 000000000 ____D C:\Users\beigels\.android
2018-03-05 08:03 - 2017-05-17 23:35 - 000003916 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-03-05 08:02 - 2017-12-05 17:45 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000372920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000139040 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000102720 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000076760 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2018-03-05 08:01 - 2017-05-17 23:35 - 001019088 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2018-03-05 08:01 - 2017-05-17 23:35 - 000337344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2018-03-05 08:01 - 2017-05-17 23:35 - 000221096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2018-03-05 08:01 - 2017-05-17 23:35 - 000193024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2018-03-05 08:01 - 2017-05-17 23:35 - 000166552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2018-03-05 08:01 - 2017-05-17 23:35 - 000051272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2018-03-05 08:00 - 2015-10-22 22:42 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-02-27 21:52 - 2015-04-30 07:25 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-27 03:17 - 2015-11-02 11:24 - 000000000 ____D C:\Users\beigels\AppData\Local\ElevatedDiagnostics
2018-02-27 02:36 - 2015-10-16 12:07 - 000000000 ____D C:\Program Files (x86)\FreeCommander XE
2018-02-27 02:35 - 2015-07-28 08:35 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-27 02:35 - 2015-07-28 08:35 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-26 14:25 - 2017-05-17 09:47 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-26 14:24 - 2016-01-18 10:45 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-22 18:57 - 2015-10-16 12:37 - 000002004 ____H C:\Users\beigels\Documents\Default.rdp
2018-02-21 14:05 - 2015-10-23 11:16 - 000000000 ____D C:\ProgramData\Garmin
2018-02-20 13:26 - 2017-12-20 11:41 - 000001116 _____ C:\Users\beigels\Desktop\Kutools for Excel.lnk
2018-02-20 01:10 - 2015-07-28 08:34 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-19 13:53 - 2015-10-15 23:13 - 000000000 ____D C:\Me
2018-02-19 12:37 - 2011-02-10 09:33 - 000778064 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-02-17 11:34 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2018-02-16 05:32 - 2009-07-14 00:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2018-02-16 05:32 - 2009-07-13 23:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-02-16 05:26 - 2015-10-21 17:05 - 000000000 ____D C:\Windows\system32\appraiser
2018-02-16 05:26 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2018-02-16 05:26 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\Setup
2018-02-16 05:23 - 2017-09-28 08:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-02-16 05:23 - 2015-10-22 23:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-16 05:22 - 2015-10-22 14:35 - 000000000 ____D C:\Windows\system32\MRT
2018-02-16 05:18 - 2017-10-17 14:34 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-02-16 05:18 - 2015-10-22 14:35 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-02-15 21:58 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2018-02-14 19:32 - 2018-01-15 16:47 - 000000000 ____D C:\Users\beigels\AppData\Local\Eclipse
2018-02-14 19:32 - 2018-01-15 15:50 - 000000000 ____D C:\Users\beigels\.p2
2018-02-14 14:41 - 2015-11-19 14:03 - 000000000 ____D C:\Users\beigels\Documents\Outlook Files
2018-02-14 12:38 - 2015-10-22 22:32 - 000000000 ____D C:\ProgramData\WinZip
2018-02-14 12:31 - 2015-10-22 23:07 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2018-02-14 12:31 - 2015-10-22 23:07 - 000001114 _____ C:\Users\Public\Desktop\WinRAR.lnk
2018-02-14 12:31 - 2015-10-22 23:07 - 000000000 ____D C:\Users\beigels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-02-14 12:31 - 2015-10-22 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-02-14 02:31 - 2015-10-23 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-02-14 02:31 - 2015-10-23 11:16 - 000000000 ____D C:\Program Files (x86)\Garmin
2018-02-14 02:31 - 2015-10-16 13:01 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-14 02:30 - 2015-10-23 11:16 - 000003552 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2018-02-13 14:36 - 2015-10-22 22:41 - 000000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-02-12 05:36 - 2018-01-03 13:56 - 000001318 _____ C:\Users\Public\Desktop\Minimal ADB and Fastboot.lnk
2018-02-07 02:39 - 2015-04-30 07:15 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-02-07 02:39 - 2015-04-30 07:15 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-07 02:39 - 2015-04-30 07:15 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-02-07 02:39 - 2015-04-30 07:15 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-02-07 02:39 - 2015-04-30 07:15 - 000000000 ____D C:\Windows\system32\Macromed
 
Some files in TEMP:
====================
2016-01-25 03:42 - 2016-01-25 03:42 - 004995416 _____ (Microsoft Corporation) C:\Users\beigels\AppData\Local\Temp\vcredist10_x86.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-02-27 03:10
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by beigels (06-03-2018 16:56:42)
Running from C:\Users\beigels\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-07-28 13:23:33)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2779557678-3830489536-1879980627-500 - Administrator - Disabled)
beigels (S-1-5-21-2779557678-3830489536-1879980627-1000 - Administrator - Enabled) => C:\Users\beigels
Guest (S-1-5-21-2779557678-3830489536-1879980627-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Smart Security Premium (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: ESET Smart Security Premium (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
ANT Drivers Installer x64 (HKLM\...\{00EC0123-5EC2-4D75-830C-EF11667E74E8}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter 5.8.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Any Video Converter 5.9.9 (HKLM-x32\...\Any Video Converter) (Version: 5.9.9 - Anvsoft)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.2.3046 - AVG Technologies)
Brother MFL-Pro Suite MFC-L2720DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{14C6B17A-F825-431E-9A36-8D89E65B24C8}) (Version: 65.0.3325.40 - Google Inc.)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.0.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Protected Workspace (HKLM-x32\...\{E2CAA395-66B3-4772-85E3-6134DBAB244E}) (Version: 4.0.18189 - Invincea, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 44.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{9AB7E852-655C-4BDE-9042-1D3E6807C85A}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 11.0.159.9 - ESET, spol. s r.o.)
Evernote v. 6.7.5 (HKLM-x32\...\{65B334F4-9E45-11E7-A6A5-005056951CAD}) (Version: 6.7.5.5825 - Evernote Corp.)
Fedora Project - Fedora Media Writer - Tool to write Fedora images to flash drives (HKLM-x32\...\Fedora Media Writer) (Version: "${VERSIONMAJOR}.${VERSIONMINOR}.${VERSIONBUILD}" - "Fedora Project")
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
FreeMouseAutoClicker 3.8 (HKLM-x32\...\{292F00C5-25EF-4FBE-9873-13EF1F69DEED}_is1) (Version:  - Advanced Mouse Auto Clicker ltd.)
Garmin BaseCamp (HKLM-x32\...\{36A0D446-B8E9-4753-BDFE-335F6F4DE59C}) (Version: 4.5.2 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America NT 2016.20 (HKLM-x32\...\{79A8C65B-0289-45A2-9A8D-6AAE0B64A374}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America NT 2017.10 (HKLM-x32\...\{08858497-31DE-491F-B21F-95AC17D75CEF}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America NT 2018.30 (HKLM-x32\...\{152AD9F4-AFBF-417B-AC07-0C6A3EB6D304}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E695D74A-9567-46DA-A4EE-0E191F21194B}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{fb1ff7db-c0d2-43c4-99bf-5b2fa4f9ca0b}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{7C8FDEF1-F311-459C-B3CC-EEF73C721BFD}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
GhostMouse (HKLM-x32\...\GhostMouse_is1) (Version: Free V3.2.3 - ghost-mouse.com)
GnuWin32: CoreUtils version 5.3.0 (HKLM-x32\...\CoreUtils-5.3.0_is1) (Version: 5.3.0 - GnuWin32)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP Display Assistant (HKLM-x32\...\{17B371B7-740F-4C83-BDFE-0C3A2C585103}) (Version: 2.11.045 - Portrait Displays, Inc.)
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )
inAudible (HKLM-x32\...\{AAC55EC7-B06E-47BF-9D24-66DAB0FB2B26}) (Version: 1.194 - The GUN) Hidden
inAudible (HKLM-x32\...\inAudible 1.194) (Version: 1.194 - The GUN)
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.10.0 - Intel)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3234 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6230EE50-BD4E-4B39-904D-3E7600053E08}) (Version: 6.2.1 - Intel Corporation)
iVMS-4200(v2.4.1.3) (HKLM-x32\...\{7697245D-2E00-4B83-AD27-C051DE314D1F}) (Version: 2.4.1.3 - hikvision)
Java 9.0.1 (64-bit) (HKLM\...\{2590B9D6-4310-52BC-808E-1A585861A836}) (Version: 9.0.1.0 - Oracle Corporation)
Java™ SE Development Kit 9.0.1 (64-bit) (HKLM\...\{4AC8DBB2-1AE5-5156-83F9-D4E2E6DD564B}) (Version: 9.0.1.0 - Oracle Corporation)
Kol Halashon Download Manager (HKLM-x32\...\{3B5F6507-5620-4136-B4DD-4E7069BE5B4B}) (Version: 3.00.0000 - Kol Halashon)
Kutools for Excel 16.50 (HKLM-x32\...\{A095BA43-4A97-4D55-8E25-A0BC46F10765}_is1) (Version: 16.50 - Addin Technology Inc.)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.2.0 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
Linux File Systems for Windows by Paragon Software (HKLM-x32\...\{F0CF025B-D6F3-4F7C-939B-23291F52875C}) (Version: 5.0.956 - Paragon Software GmbH)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.2 (HKLM-x32\...\{1901BAF7-7E78-4041-BC88-D0EE5DD1DFD9}_is1) (Version: 1.4.2 - Sam Rodberg)
MiniTool Partition Wizard Free 10.2.2 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 56.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 en-US)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla)
MP3 Diags (HKLM-x32\...\MP3Diags) (Version:  - )
Mp3tag v2.86 (HKLM-x32\...\Mp3tag) (Version: 2.86 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyTrigger (HKLM-x32\...\{133D2CE6-0010-457B-A8B7-6E497114CA1C}) (Version: 1.7.188.0 - torgesta.com)
Net Nanny Parental Controls (HKLM-x32\...\ALTACPHOME_is1) (Version: 6.5 - ContentWatch)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
nutraCoster Workstation (HKLM-x32\...\nutraCoster Workstation) (Version:  - )
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PdfZip (HKLM-x32\...\{9FD5457C-8F9E-4D40-82F9-AB35FE7A123B}) (Version: 2.0.17 - FaradaySoft)
PhoenixSuit (HKLM-x32\...\{EBF1BED9-4321-40D7-8837-177AE54C457C}) (Version: 1.0.5 - AllWinnertech)
PhoneDeck 1.3 (HKLM-x32\...\PhoneDeck_is1) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6053 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Sansa Updater (HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\...\Sansa Updater) (Version:  - SanDisk Corporation)
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.38.024 - Portrait Displays, Inc.) Hidden
Tar-1.13 Binaries (GnuWin32) (HKLM-x32\...\Tar-1.13-bin_is1) (Version: 1.13 - GnuWin32)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
Ubuntu (HKLM-x32\...\Wubi) (Version: 17.10.1-rev328 - Ubuntu)
VBRFix (Moonbase Edition) (HKLM-x32\...\Vbrfix) (Version: 1(beta) H+Moonbase - Moonbase)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VNC Server 6.2.1 (HKLM\...\{D46A65E0-E741-4DD8-BAC1-F35DDB46C2E0}) (Version: 6.2.1.32538 - RealVNC Ltd)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/27/2012 7.0.0000.00001) (HKLM\...\450B7CBC371CAEC6A328083977AA7A09E7AE5D29) (Version: 08/27/2012 7.0.0000.00001 - Google, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WPS Office (9.1.0.5200) (HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\...\Kingsoft Office) (Version: 9.1.0.5200 - Kingsoft Corp.)
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2088.1.A02B03 - ZTE Corporation)
כלי ההגהה של Microsoft Office 2013 - עברית (HKLM\...\{90150000-001F-040D-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2779557678-3830489536-1879980627-1000_Classes\CLSID\{53B2AC1B-7B81-47FC-8D3B-595CDE21D0BA}\InprocServer32 -> C:\Users\beigels\AppData\Local\Apps\Evernote\Evernote\EvernoteCCx64.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
CustomCLSID: HKU\S-1-5-21-2779557678-3830489536-1879980627-1000_Classes\CLSID\{67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F}\InprocServer32 -> C:\Users\beigels\AppData\Local\Kingsoft\WPS Office\9.1.0.5200\office6\qingshellext64.dll (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2779557678-3830489536-1879980627-1000_Classes\CLSID\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}\InprocServer32 -> C:\Users\beigels\AppData\Local\Apps\Evernote\Evernote\EvernoteIEx64.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
CustomCLSID: HKU\S-1-5-21-2779557678-3830489536-1879980627-1000_Classes\CLSID\{93c503ec-b307-4339-bca2-37fe3b4836e8}\InprocServer32 -> C:\Users\beigels\AppData\Local\Apps\Evernote\Evernote\EvernoteOLShim64.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2015-12-07] (SoftThinks SAS)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2015-12-07] (SoftThinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2015-12-07] (SoftThinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2015-12-07] (SoftThinks SAS)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-12-31] ()
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-03-05] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-10-25] (Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-10-25] (Florian Heidenreich)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-10-25] (Florian Heidenreich)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-07-09] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-03-05] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2779557678-3830489536-1879980627-1000: [qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Users\beigels\AppData\Local\Kingsoft\WPS Office\9.1.0.5200\office6\qingshellext64.dll [2016-01-22] (Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-2779557678-3830489536-1879980627-1000: [qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Users\beigels\AppData\Local\Kingsoft\WPS Office\9.1.0.5200\office6\qingshellext64.dll [2016-01-22] (Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers5_S-1-5-21-2779557678-3830489536-1879980627-1000: [qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Users\beigels\AppData\Local\Kingsoft\WPS Office\9.1.0.5200\office6\qingshellext64.dll [2016-01-22] (Zhuhai Kingsoft Office Software Co.,Ltd)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {04E5751E-10D7-471B-AE32-48A8F52F518F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {0B3DE149-1774-454F-B30A-7F3C88F4B1C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
Task: {45D6297E-3262-43CC-9F01-BE8331397167} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {580419A8-33F1-454D-82C8-3850DBABA54D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07] (Adobe Systems Incorporated)
Task: {650ACC87-C6B4-4F2C-B972-049A14A51B21} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-27] (Oracle Corporation)
Task: {6708A4E2-206C-4F17-9EA9-1EF49C08CAB2} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-02-08] ()
Task: {72CA1F8B-59F2-4644-AF7A-2A102795D698} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-03-31] (McAfee, Inc.)
Task: {7A12201C-CFD5-4C34-B1BE-437088FDE397} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {819ECAD1-D4D5-434B-837C-844F7F43109E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {86D6BF07-2501-4729-9D34-6B385742A145} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-03-05] (AVG Technologies CZ, s.r.o.)
Task: {88E5761B-36E0-40F8-BCCD-C76CD5960101} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {8BC993D1-4215-42C9-8337-E4B1A259C96B} - System32\Tasks\LinuxFS Updater => C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\Updater.exe [2017-11-30] (Paragon Software)
Task: {9272878B-2B0B-437F-8981-F4BC1EF3153B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {974FAAAD-667C-46FC-A88C-067F81141A25} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {A7176241-9540-4553-A2BE-7666BBE9E3B9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {AC0BF97E-ADB8-44EA-AFD8-7F38A398FD43} - System32\Tasks\LinuxFS GUI => C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\Linux File Systems for Windows by Paragon Software.exe [2017-11-30] (Paragon Software)
Task: {D5040E68-5DA6-423B-8205-0F3E811A691D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {DB73E199-0B43-4CC8-8249-11146CD7D5DE} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-02-15] (AVG Technologies CZ, s.r.o.)
Task: {E1DDE9FD-50FB-410B-824E-2C23529999AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
Task: {E8B901E5-0476-4B0A-BBC4-408954DAB70C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EFF5AE57-220F-46A1-A540-29E9ACB1FAF0} - System32\Tasks\Microsoft Office 15 Sync Maintenance for srulyG-beigels srulyG => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\beigels\Desktop\fixcomputer.lnk -> F:\fixcomputer.bat ()
 
ShortcutWithArgument: C:\Users\beigels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\beigels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\HIIT Training Timer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=clngjemjankmaegknppifppncigfnijm
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-06-07 15:09 - 2017-06-07 15:09 - 000598528 _____ () C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll
2017-12-31 20:07 - 2017-12-31 20:07 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2018-01-22 04:03 - 2018-01-22 04:03 - 000061920 _____ () C:\Program Files\CCleaner\branding.dll
2005-08-30 11:30 - 2005-08-30 11:30 - 000466944 _____ () C:\Program Files (x86)\MyTrigger\MyTrigger.exe
2017-11-30 13:49 - 2017-11-30 13:49 - 000414208 _____ () C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\dokan.dll
2018-03-06 06:41 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-06 06:41 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-03-05 08:01 - 2018-03-05 08:01 - 000722672 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\vaarclient.dll
2018-03-05 08:02 - 2018-03-05 08:02 - 000913136 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\ffl2.dll
2018-03-05 08:02 - 2018-03-05 08:02 - 000342768 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll
2017-12-20 11:41 - 2017-08-28 09:41 - 003608832 _____ () C:\Program Files (x86)\Kutools for Excel\KTEHelper64.dll
2017-12-20 11:41 - 2017-08-28 09:40 - 009645312 _____ () C:\Program Files (x86)\Kutools for Excel\KTELoader64.dll
2018-02-20 13:26 - 2017-08-28 09:40 - 007302912 _____ () C:\Program Files (x86)\Kutools for Excel\Pane\PaneforKutools64.dll
2018-03-05 08:02 - 2018-03-05 08:02 - 000289008 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2018-03-05 08:02 - 2018-03-05 08:02 - 000281328 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2018-03-06 07:19 - 2018-03-06 07:19 - 005821680 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18030602\algo.dll
2018-03-05 08:02 - 2018-03-05 08:02 - 000758000 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2018-03-05 08:01 - 2018-03-05 08:01 - 000965872 _____ () C:\Program Files (x86)\AVG\Antivirus\shepherdsync.dll
2018-03-05 08:01 - 2018-03-05 08:01 - 000476400 _____ () C:\Program Files (x86)\AVG\Antivirus\gui_cache.dll
2018-03-06 15:24 - 2018-03-06 15:24 - 005822192 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18030604\algo.dll
2018-03-05 08:02 - 2018-03-05 08:02 - 067127976 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-06-07 15:07 - 2017-06-07 15:07 - 000569856 _____ () C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX32.dll
2018-03-05 08:00 - 2018-02-26 06:24 - 000746312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-03-05 08:00 - 2018-02-26 06:24 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-09-08 17:09 - 2018-02-26 06:24 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-03-05 08:00 - 2018-02-26 06:24 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-03-05 08:00 - 2018-02-26 06:24 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-09-08 17:09 - 2018-02-26 06:24 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-03-05 08:00 - 2018-02-26 06:24 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000116184 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-03-05 08:00 - 2018-02-26 06:24 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-09-08 17:09 - 2018-02-26 06:26 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-09-20 16:13 - 2018-02-26 06:24 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-08 17:09 - 2018-02-26 06:27 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-09-08 17:09 - 2018-02-26 06:27 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-09-08 17:09 - 2018-02-26 06:27 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-09-08 17:09 - 2018-02-26 06:27 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-09-08 17:09 - 2018-02-26 06:27 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-03-05 08:00 - 2018-02-26 06:24 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-01-10 20:09 - 2018-02-26 06:26 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-09-08 17:09 - 2018-02-26 06:26 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-03-05 08:00 - 2018-02-26 06:26 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-09-08 17:09 - 2018-02-26 06:26 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2017-07-03 11:50 - 2009-02-27 15:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2018-02-08 13:32 - 2018-02-08 13:32 - 000073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2014-11-10 12:12 - 2014-11-10 12:12 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2018-02-27 02:35 - 2018-02-21 23:12 - 003730264 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\libglesv2.dll
2018-02-27 02:35 - 2018-02-21 23:12 - 000085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3873 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3916 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4014 [0]
AlternateDataStreams: C:\Users\beigels\Documents\Elvenar Press.rms:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\beigels\Documents\_Things to do.doc:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\beigels\Documents\~WRL0413.tmp:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\beigels\Documents\~WRL1438.tmp:com.dropbox.attributes [168]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2016-06-07 09:05 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\beigels\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.10.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: BlackBerry Device Manager => 3
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: Dell Foundation Services => 2
MSCONFIG\Services: DTSRVC => 2
MSCONFIG\Services: InvProtectSvc => 2
MSCONFIG\Services: Kingsoft_WPS_UpdateService => 2
MSCONFIG\Services: PdiService => 2
MSCONFIG\Services: RIM MDNS => 2
MSCONFIG\Services: RIM Tunnel Service => 2
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SboxSvc => 2
MSCONFIG\Services: SftService => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TrueKey => 2
MSCONFIG\Services: TrueKeyScheduler => 2
MSCONFIG\Services: TrueKeyServiceHelper => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\Windows\pss\FAH.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Notifier.lnk => C:\Windows\pss\Update Notifier.lnk.CommonStartup
MSCONFIG\startupreg: DT HWP => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HWP
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: PPort12reminder => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: RIM PeerManager => "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: RtHDVBg => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4 /WAVES_SUBTYPE_FOR_LYNC
MSCONFIG\startupreg: RtHDVCpl => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" /s
MSCONFIG\startupreg: uTorrent => "C:\Users\beigels\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{DF4A808C-62E0-4357-B6E2-76966A6CA14C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{238E844B-ADB6-4508-BDAB-EBF40ACCFD19}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C111B82F-425C-476B-BF89-55F5364835BE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1B6C17DA-9271-4E6D-89AA-C3D3992A0904}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{16EE50F0-375F-43B8-B118-4CCD3770F5DE}C:\users\beigels\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\beigels\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{5B887A0F-5DEB-46C9-A2E7-9ADB3BBE12CC}C:\users\beigels\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\beigels\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{D61ADC17-8C7C-41D2-AFA2-2AAC31B90B83}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20F9A403-88B2-4745-B486-62D806B6C059}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0AC1202E-6C27-4B71-81E3-F966117AF8AF}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe
FirewallRules: [UDP Query User{4F37A4FE-5555-4E9F-BE38-93907B000B3C}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe
FirewallRules: [TCP Query User{88D96294-6AC8-4F79-9974-F6558A4E8D90}C:\users\beigels\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\beigels\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{9C0AB04E-69C4-4CD5-A23F-AB7C6A29ABB0}C:\users\beigels\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\beigels\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{BD861E3E-87C6-4F61-85D1-EAF00E1E098C}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [UDP Query User{50071994-C820-4F74-8D9D-6C784E09C656}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [TCP Query User{A914AC5F-FA59-45C9-BCF9-ADB52ECD8D0F}C:\Program Files\Android\android studio\bin\studio64.exe] => (Allow) C:\Program Files\Android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{942E44CB-45DF-43D1-81C5-BA20665A4D2E}C:\Program Files\Android\android studio\bin\studio64.exe] => (Allow) C:\Program Files\Android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{B5FD89A4-73F2-4CC9-8F44-4EBC4ACB4D38}C:\users\beigels\eclipse-installer\eclipse-inst.exe] => (Allow) C:\users\beigels\eclipse-installer\eclipse-inst.exe
FirewallRules: [UDP Query User{C306D55E-9DD3-42A4-BE6A-22887CAF7ABF}C:\users\beigels\eclipse-installer\eclipse-inst.exe] => (Allow) C:\users\beigels\eclipse-installer\eclipse-inst.exe
FirewallRules: [TCP Query User{2AFEEEAF-CCF0-4FE6-9796-113423E68A4D}C:\program files (x86)\kol halashon\kol halashon download manager\khl download manager.exe] => (Allow) C:\program files (x86)\kol halashon\kol halashon download manager\khl download manager.exe
FirewallRules: [UDP Query User{B22BBCF9-9703-4013-9AC5-6392BB5CE546}C:\program files (x86)\kol halashon\kol halashon download manager\khl download manager.exe] => (Allow) C:\program files (x86)\kol halashon\kol halashon download manager\khl download manager.exe
FirewallRules: [{72DFFBDF-83B8-4140-B44E-2C7C4CED8D31}] => (Allow) C:\Users\beigels\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B5D1C086-3017-47E8-977F-BA2589503649}] => (Allow) C:\Users\beigels\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4D54E8CD-A6B0-4699-A60B-1A51952C4CF5}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\65.0.3325.40\remoting_host.exe
FirewallRules: [{7A1A2934-4CE9-4782-8A70-10C830AAFBCF}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{1244F93A-C6D8-40E5-9633-589DE48F623F}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [TCP Query User{E41F8081-BF4A-4B7B-8FF6-949BE8C5D0B1}C:\users\beigels\appdata\local\temp\pyl45a9.tmp\pyrun.exe] => (Allow) C:\users\beigels\appdata\local\temp\pyl45a9.tmp\pyrun.exe
FirewallRules: [UDP Query User{53F942A9-ABD3-402F-BD36-7F387B4F8900}C:\users\beigels\appdata\local\temp\pyl45a9.tmp\pyrun.exe] => (Allow) C:\users\beigels\appdata\local\temp\pyl45a9.tmp\pyrun.exe
FirewallRules: [{A9C188A4-3A2D-47B6-B41D-65E77F22C279}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9E9A7266-C0AF-4108-8168-D94B1C982F0B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{6F163CA5-D2C6-4458-9B71-88351C275460}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F5CA7C8A-4068-465B-A78C-7434D1484CA8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B8A83648-504D-42B9-B3F3-D0039179436F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B3F88E61-4796-483B-802A-EFDD9917289E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
==================== Restore Points =========================
 
23-02-2018 05:36:17 Installed VNC Server 6.2.1
27-02-2018 17:59:06 Installed Motorola Device Manager
27-02-2018 21:24:49 Removed Motorola Mobile Drivers Installation 6.4.0
27-02-2018 21:51:47 Removed Motorola Device Manager
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/06/2018 02:02:36 PM) (Source: VNC Server) (EventID: 256) (User: )
Description: HostedRendezvous: Rendezvous lookup failed: Hosted Discovery error: Unable to find service: rendezvous
 
Error: (03/06/2018 12:19:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/06/2018 11:59:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/06/2018 11:54:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/06/2018 11:54:45 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/06/2018 11:54:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (03/06/2018 11:50:08 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/06/2018 11:50:08 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
 
System errors:
=============
Error: (03/06/2018 12:00:33 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (03/06/2018 11:55:55 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Biometric and Context Agent Service service hung on starting.
 
Error: (03/06/2018 11:53:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Chrome Remote Desktop Service service to connect.
 
Error: (03/06/2018 11:51:37 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Diagnostics Tracking Service service did not shut down properly after receiving a preshutdown control.
 
Error: (03/06/2018 11:51:05 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Group Policy Client service did not shut down properly after receiving a preshutdown control.
 
Error: (03/06/2018 11:48:47 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (03/06/2018 11:48:47 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (03/06/2018 11:39:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error: 
The service did not start due to a logon failure.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 64%
Total physical RAM: 8110.53 MB
Available physical RAM: 2912.95 MB
Total Virtual: 16219.23 MB
Available Virtual: 11444.4 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:919.74 GB) (Free:534.9 GB) NTFS
Drive f: (DATA) (Network) (Total:847.95 GB) (Free:493.41 GB) NTFS
 
\\?\Volume{48219d44-ef42-11e4-8465-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:11.73 GB) (Free:3.79 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 55422ED0)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.7 GB) - (Type=27)
Partition 3: (Not Active) - (Size=919.7 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 

 



BC AdBot (Login to Remove)

 


#2 isrgish

isrgish
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 06 March 2018 - 05:53 PM

AVG just found the following threat and quarantined it.

 

Win64:Evo-gen [Susp] (C:\Users\beigels\AppData\Roaming\denaf\trzDBA1.tmp)



#3 mAL_rEm018

mAL_rEm018

  • Malware Response Team
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:10 PM

Posted 07 March 2018 - 08:11 PM

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.

Failure to post replies within 4 days will result in this thread being closed.


Hello isrgish,

My name is mAL_rEm018, but feel free to call me mAL.  I will be helping you with your malware related problems. :)

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Because of this, I advise you to backup any personal files and folders before you start.


Cobian Backup
DriveImage XML


To make sure everything goes smoothly, I would like you to observe the following rules:

  • You must have Administrator rights, permissions for this computer.
  • Please reply to this thread.  Do not start another topic.
  • Perform all actions in the order given.
  • If you don't know, stop and ask!
  • DO NOT run any other fix or removal tools unless instructed to do so!
  • Don't attempt to install any new software (other than those I ask you to) until your computer is clean.
  • DO NOT post for help at any other forum.  Applying fixes from multiple help sites can cause problems.
  • I advise you to print the instructions if possible, since your internet connection might not be available during some of the fixes.
  • Absence of symptoms does not mean that everything is clear, therefore stick with this topic until I give you the "all clear".

I am currently reviewing your logs and will return as soon as possible, with additional instructions.


Teacher at the Malware Removal University.

Member of UNITE

 

Failure to post replies within 4 days will result in this thread being closed


#4 mAL_rEm018

mAL_rEm018

  • Malware Response Team
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:10 PM

Posted 08 March 2018 - 04:37 AM

Hello isrgish,

Please follow the instructions below..

CKScanner

  • Please download following tool to your Desktop: Link
  • Right-Click on CKScanner.exe and select "Run as Administrator" to run it...if UAC prompts, please allow it.
  • Select Search For Files
  • When the scan in finished, click on Save List To File.
  • Open CKFiles.txt on your desktop and post the contents in your next reply.
    Only run CKScanner.exe once.


-----------------------------------------
In your next reply, I would like to see..

  • Did you encounter any problems while following my instructions?
  • CKFiles.txt

 


Teacher at the Malware Removal University.

Member of UNITE

 

Failure to post replies within 4 days will result in this thread being closed


#5 isrgish

isrgish
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 08 March 2018 - 09:22 PM

Hi mAL,

 

First I want to thank you for helping me out, I greatly appreciate it.

 

When I backed up my important files while I was going thru them I deleted a lot of them. I hope that was OK.

 

I was able to follow you instructions without any complications. Here is the contents of ckfiles.

 

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\me\downloads\how to_ successfully install any 'no-icon' or background process apk without errors - blackberry forums at crackberry.com.doc
c:\me\downloads\how to_ successfully install any 'no-icon' or background process apk without errors - blackberry forums at crackberry.com.fix.htm
c:\me\downloads\keygen for dietmp3.rar
c:\me\downloads\pre-req-15-eggcrackinglog.docx
c:\me\downloads\new forms for nsf 2017\pre-req-15-eggcrackinglog.pdf
c:\me\downloads\sd card\after cwm backup\android\data\it.nikodroid.offline\files\cache\4\f753951303swlhone-small-crack-does-not-mean-that-you-are-broken-e60f28c5fa66
c:\me\downloads\sd card\after cwm backup\android\media\devian.tubemate.v3\video\aide cracked apk for android_hd.mp4
c:\me\downloads\sd card\after cwm backup\android\media\devian.tubemate.v3\video\how to crack any software to full version,full video course availble_high.mp4
c:\me\downloads\sd card\android\data\it.nikodroid.offline\files\cache\4\f753951303swlhone-small-crack-does-not-mean-that-you-are-broken-e60f28c5fa66
c:\me\downloads\sd card\android\media\devian.tubemate.v3\video\aide cracked apk for android_hd.mp4
c:\me\downloads\sd card\android\media\devian.tubemate.v3\video\how to crack any software to full version,full video course availble_high.mp4
c:\program files (x86)\inaudible\ng\rcrack.exe
scanner sequence 3.GE.11.DDAPNZ
 ----- EOF ----- 


#6 mAL_rEm018

mAL_rEm018

  • Malware Response Team
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:10 PM

Posted 09 March 2018 - 12:13 PM

Hello isrgish,


Cracked/illegal software

While going through your logs I noticed that you have cracked/illegal software on your computer.  If you want my help, then I expect you to remove any and all of the following from your computer:

  • Illegal software
  • Cracked software
  • illegal software key generators


Once this is done, I would like to see a fresh set of FRST logs..




  • Right-click on FRST64.exe and select Run as administrator.
  • Ensure that Addition.txt is checked.
  • Select Scan.
  • When the scan is over two windows will open, FRST.txt and Addition.txt.
  • Please post the contents of both logs in your next reply.


-----------------------------------------
In your next reply, I would like to see..

  • FRST.txt
  • Addition.txt

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

 


Teacher at the Malware Removal University.

Member of UNITE

 

Failure to post replies within 4 days will result in this thread being closed


#7 isrgish

isrgish
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 09 March 2018 - 01:39 PM

I'm not sure which programs you are referring to. As far as I know all the programs I installed are legal copies. This si a computer that's at my work place and someone has used it before me. If you can please let me know which ones are illegal I will promptly remove them.

 

I did find some videos about cracking software and I deleted them.

 

I also went thru the Uninstall a Program Dialog and found a few that maybe aren't legal so I deleted them

 

Thank You,J

 

Here are the results

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018
Ran by beigels (administrator) on SRULYG (09-03-2018 18:37:40)
Running from C:\Users\beigels\Desktop
Loaded Profiles: beigels (Available Profiles: beigels)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Paragon Software) C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\Linux File Systems for Windows by Paragon Software.exe
(ContentWatch, Inc.) C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
() C:\Program Files (x86)\MyTrigger\MyTrigger.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(ContentWatch, Inc.) C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Intel® Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\beigels\AppData\Local\Kingsoft\WPS Office\9.1.0.5200\wtoolex\wpsupdatesvr.exe
(Paragon Software) C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\paragon_service.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncagent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Marek Jasinski) C:\Program Files (x86)\FreeCommander XE\FreeCommander.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Marek Jasinski) C:\Program Files (x86)\FreeCommander XE\FcContextMenu64.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [294928 2018-03-05] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [324352 2017-12-18] (ESET)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-04-10] (Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-02-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM-x32\...\Run: [cwcptray] => C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe [676232 2015-01-29] (ContentWatch, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646680 2017-09-27] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1422248 2018-02-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1422248 2018-02-08] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launch MyTrigger.lnk [2015-07-28]
ShortcutTarget: Launch MyTrigger.lnk -> C:\Program Files (x86)\MyTrigger\MyTrigger.exe ()
GroupPolicy: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog9 01 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 05 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 06 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 07 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 08 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 09 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 10 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 11 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 12 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 23 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9 24 C:\Windows\SysWOW64\cwalsp.dll [1053576 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 05 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 06 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 07 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 08 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 09 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 10 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 11 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 12 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 23 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Winsock: Catalog9-x64 24 C:\Windows\system32\cwalsp64.dll [1550848 2015-01-29] (ContentWatch, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.10.10.1
Tcpip\..\Interfaces\{7976DB39-9272-404F-BD3B-9A7378FE42D3}: [DhcpNameServer] 10.10.10.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2779557678-3830489536-1879980627-1000 -> DefaultScope {7523028F-F02A-4F53-AE78-64F59B7253F3} URL = 
SearchScopes: HKU\S-1-5-21-2779557678-3830489536-1879980627-1000 -> {7523028F-F02A-4F53-AE78-64F59B7253F3} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-9.0.1\bin\ssv.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-9.0.1\bin\jp2ssv.dll [2018-01-15] (Oracle Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: ze2aku6s.default
FF ProfilePath: C:\Users\beigels\AppData\Roaming\Mozilla\Firefox\Profiles\ze2aku6s.default [2018-03-07]
FF Extension: (Disable Crash Auto Submit) - C:\Users\beigels\AppData\Roaming\Mozilla\Firefox\Profiles\ze2aku6s.default\features\{4fbc6dc8-e584-47a6-adf6-6b092c136086}\disable-crash-autosubmit@mozilla.org.xpi [2017-12-28] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=12.0.1.0 -> C:\Program Files\Java\jre-9.0.1\bin\dtplugin\npDeployJava1.dll [2018-01-15] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default [2018-03-09]
CHR Extension: (Slides) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Docs) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Google Drive) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (MEGA) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2018-03-09]
CHR Extension: (YouTube) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Google Search) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Timer) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2016-02-23]
CHR Extension: (Adobe Acrobat) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-22]
CHR Extension: (Sheets) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Google Docs Offline) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-31]
CHR Extension: (Timer Loop) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdkfiefeoimmobmhdimachkfcpkgahlc [2016-09-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
CHR Extension: (Gmail) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-28]
CHR Extension: (Chrome Media Router) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-07]
CHR Extension: (Stopwatch / Timer / Alarm) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmbmdkichekkmkgbohcbpfehiekdjnpl [2016-02-23]
CHR Profile: C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-03-06]
CHR Extension: (Google Slides) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-18]
CHR Extension: (Google Docs) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-18]
CHR Extension: (Google Drive) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-18]
CHR Extension: (YouTube) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-18]
CHR Extension: (Google Search) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (Adobe Acrobat) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-15]
CHR Extension: (Google Sheets) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-18]
CHR Extension: (Google Docs Offline) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-15]
CHR Extension: (Gmail) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-18]
CHR Extension: (Chrome Media Router) - C:\Users\beigels\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-15]
CHR Profile: C:\Users\beigels\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-06]
CHR HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [304776 2018-03-05] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7607288 2018-03-05] (AVG Technologies CZ, s.r.o.)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 CwAltaService20; C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe [3074440 2015-01-29] (ContentWatch, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-02-26] (Dropbox, Inc.)
S4 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
S4 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2013-10-11] (Portrait Displays, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1940584 2017-12-18] (ESET)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1162768 2018-02-08] (Garmin Ltd. or its subsidiaries)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel® Corporation)
S4 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2672328 2014-07-30] (Invincea, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
R2 Kingsoft_WPS_UpdateService; C:\Users\beigels\AppData\Local\Kingsoft\WPS Office\9.1.0.5200\wtoolex\wpsupdatesvr.exe [133480 2016-01-22] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 ParagonLinuxFSMounter; C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\paragon_service.exe [2651328 2017-11-30] (Paragon Software)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2014-08-18] (Realtek Semiconductor)
S4 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [173256 2014-07-30] (Invincea, Inc.)
S4 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (SoftThinks SAS)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [5962832 2017-12-01] (RealVNC Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-04-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2016-08-24] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2016-08-24] (LG Electronics Inc.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189032 2018-03-05] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\Windows\System32\drivers\avgbdiska.sys [166552 2018-03-05] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [221096 2018-03-05] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [193024 2018-03-05] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [337344 2018-03-05] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51272 2018-03-05] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-03-05] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [139040 2018-03-05] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [102720 2018-03-05] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [76760 2018-03-05] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1019088 2018-03-05] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [452904 2018-03-05] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [198368 2018-03-05] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [372920 2018-03-05] (AVG Technologies CZ, s.r.o.)
S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [25088 2014-09-08] (BlackBerry) [File not signed]
R2 Dokan; C:\Windows\System32\DRIVERS\dokan.sys [67264 2017-11-30] (Windows ® Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [134368 2018-01-19] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107328 2018-01-19] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180088 2018-01-19] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50744 2018-01-19] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [81880 2018-01-19] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61040 2018-01-19] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [106304 2018-01-19] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-11-29] ()
S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB.sys [28672 2016-04-29] (Intel Mobile Communications)
S3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2638808 2014-10-15] (Realtek Semiconductor Corp.)
S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [50696 2014-07-30] (Invincea, Inc.)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
S3 massfilter_hs; C:\Windows\SysWOW64\drivers\massfilter_hs.sys [15896 2011-03-07] (HandSet Incorporated)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2018-03-07] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2018-03-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2018-03-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-03-09] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
R2 NPF; C:\Windows\SysWOW64\drivers\npf64.sys [36600 2015-12-16] (Riverbed Technology, Inc.)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [22824 2013-06-18] (Portrait Displays, Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-05-26] (BlackBerry Limited) [File not signed]
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [183304 2014-07-30] (Invincea, Inc.)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [18392 2013-01-25] (Scott)
S3 zghsdiag; C:\Windows\System32\DRIVERS\zghsdiag.sys [129304 2011-03-07] (ZTE Incorporated)
S3 zghsdiag; C:\Windows\SysWOW64\DRIVERS\zghsdiag.sys [113432 2011-03-07] (ZTE Incorporated)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [129304 2011-03-07] (ZTE Incorporated)
S3 zghsmdm; C:\Windows\SysWOW64\DRIVERS\zghsmdm.sys [113432 2011-03-07] (ZTE Incorporated)
S3 zghsnmea; C:\Windows\System32\DRIVERS\zghsnmea.sys [129304 2011-03-07] (ZTE Incorporated)
S3 zghsnmea; C:\Windows\SysWOW64\DRIVERS\zghsnmea.sys [113432 2011-03-07] (ZTE Incorporated)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 MBAMWebProtection; system32\DRIVERS\mwac.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-03-09 18:37 - 2018-03-09 18:37 - 000029292 _____ C:\Users\beigels\Desktop\FRST.txt
2018-03-09 15:57 - 2018-03-09 15:57 - 000188038 _____ C:\Users\beigels\Desktop\1520611024_MuniMeterReciept03012018.pdf.tiff
2018-03-09 14:41 - 2018-03-09 14:41 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-03-09 03:49 - 2018-03-09 14:40 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-03-09 02:18 - 2018-03-09 02:18 - 000001458 _____ C:\Users\beigels\Desktop\ckfiles.txt
2018-03-09 02:00 - 2018-03-09 02:00 - 000468480 _____ () C:\Users\beigels\Desktop\CKScanner.exe
2018-03-09 00:52 - 2018-03-09 00:59 - 000000000 ____D C:\Program Files (x86)\Cobian Backup 11
2018-03-07 11:01 - 2018-03-09 14:41 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-03-07 11:01 - 2018-03-07 11:01 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-03-06 18:44 - 2018-03-06 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Attribute Changer
2018-03-06 18:44 - 2018-03-06 18:44 - 000000000 ____D C:\Program Files\Attribute Changer
2018-03-06 16:55 - 2018-03-09 18:37 - 000000000 ____D C:\FRST
2018-03-06 15:28 - 2018-03-06 15:28 - 002403328 _____ (Farbar) C:\Users\beigels\Desktop\FRST64.exe
2018-03-06 14:26 - 2018-03-06 14:28 - 000012528 _____ C:\Users\beigels\Desktop\ESET Log 03062018.txt
2018-03-06 12:26 - 2018-03-06 12:26 - 000000000 ____D C:\Users\beigels\AppData\Roaming\ESET
2018-03-06 12:20 - 2018-03-06 12:20 - 000000000 ____D C:\Users\beigels\AppData\Local\ESET
2018-03-06 12:19 - 2018-03-06 12:19 - 000001945 _____ C:\Users\Public\Desktop\ESET Banking & Payment protection.lnk
2018-03-06 12:19 - 2018-03-06 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-03-06 12:19 - 2018-03-06 12:19 - 000000000 ____D C:\ProgramData\ESET
2018-03-06 12:19 - 2018-03-06 12:19 - 000000000 ____D C:\Program Files\ESET
2018-03-06 11:37 - 2018-03-06 11:39 - 000000000 ____D C:\AdwCleaner
2018-03-06 07:21 - 2018-03-06 11:34 - 000000000 ____D C:\Users\beigels\Desktop\mbar
2018-03-06 07:21 - 2018-03-06 11:34 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-03-06 07:21 - 2018-03-06 07:21 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\75562157.sys
2018-03-06 07:20 - 2018-03-06 07:20 - 000012859 _____ C:\Users\beigels\Desktop\New Text Document.txt
2018-03-06 06:47 - 2018-03-06 06:47 - 004260984 _____ (ESET) C:\Users\beigels\Desktop\eset_smart_security_premium_live_installer.exe
2018-03-06 06:45 - 2018-03-06 06:45 - 014178840 _____ (Malwarebytes Corp.) C:\Users\beigels\Desktop\mbar-1.10.3.1001.exe
2018-03-06 06:45 - 2018-03-06 06:45 - 008222496 _____ (Malwarebytes) C:\Users\beigels\Desktop\AdwCleaner.exe
2018-03-06 06:41 - 2018-03-06 07:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-06 06:41 - 2018-03-06 06:41 - 000001869 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-03-06 06:41 - 2018-03-06 06:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-06 06:41 - 2018-03-06 06:41 - 000000000 ____D C:\Program Files\Malwarebytes
2018-03-06 06:41 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-03-06 04:52 - 2018-03-06 04:52 - 000001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-03-06 04:52 - 2018-03-06 04:52 - 000001037 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2018-03-05 13:24 - 2018-03-05 13:52 - 000000631 _____ C:\Users\beigels\Desktop\Chrome Restore tabs 03052018.txt
2018-03-05 08:02 - 2018-03-05 08:02 - 000381816 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2018-03-05 08:00 - 2018-03-05 08:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-03-02 09:12 - 2018-03-02 09:12 - 000133073 _____ C:\wubildr
2018-02-27 18:08 - 2018-02-27 18:08 - 000000000 ____D C:\ProgramData\Motorola
2018-02-27 18:00 - 2018-02-27 21:52 - 000000000 ____D C:\Program Files (x86)\Motorola Mobility
2018-02-27 18:00 - 2018-02-27 18:00 - 000000000 ____D C:\Users\beigels\AppData\Roaming\Motorola Mobility
2018-02-27 18:00 - 2018-02-27 18:00 - 000000000 ____D C:\Program Files (x86)\Motorola
2018-02-27 17:59 - 2018-02-27 17:59 - 000000000 ____D C:\Program Files\Common Files\Motorola Shared
2018-02-27 17:56 - 2018-02-27 17:56 - 000006128 _____ C:\adb.txt
2018-02-27 17:54 - 2018-02-27 17:54 - 000000000 ____D C:\Users\beigels\AppData\Roaming\Motorola
2018-02-26 17:36 - 2018-02-26 17:36 - 000008192 _____ C:\wubildr.mbr
2018-02-26 17:35 - 2018-02-26 17:35 - 000000000 ____D C:\ubuntu
2018-02-26 06:24 - 2018-02-26 06:24 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-02-26 06:24 - 2018-02-26 06:24 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-02-26 06:24 - 2018-02-26 06:24 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-02-26 06:24 - 2018-02-26 06:24 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-02-23 05:38 - 2017-12-01 12:35 - 000037704 _____ (RealVNC Ltd) C:\Windows\system32\VNCpm.dll
2018-02-23 05:36 - 2018-02-23 05:43 - 000000000 ____D C:\ProgramData\RealVNC-Service
2018-02-23 05:36 - 2018-02-23 05:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC
2018-02-23 05:36 - 2018-02-23 05:36 - 000000000 ____D C:\Program Files\RealVNC
2018-02-23 05:35 - 2018-03-07 11:01 - 000000000 ____D C:\Users\beigels\AppData\Local\RealVNC
2018-02-22 21:31 - 2018-02-22 21:31 - 002572651 _____ C:\Users\beigels\Desktop\man-pages-4.15.tar.gz
2018-02-21 16:07 - 2018-02-22 21:33 - 000000203 _____ C:\Users\beigels\Desktop\Command.txt
2018-02-20 13:26 - 2018-02-20 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kutools for Excel
2018-02-18 10:11 - 2018-02-18 10:11 - 000000000 ____D C:\ProgramData\SystemAcCrux
2018-02-18 10:11 - 2018-02-18 10:11 - 000000000 ____D C:\Program Files (x86)\EaseUS
2018-02-16 16:37 - 2018-02-16 16:37 - 000000409 _____ C:\Users\Public\Desktop\HP USB Disk Storage Format Tool.lnk
2018-02-16 16:37 - 2018-02-16 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
2018-02-16 16:37 - 2018-02-16 16:37 - 000000000 ____D C:\DriveKey
2018-02-16 11:52 - 2018-02-16 11:54 - 1563426816 _____ C:\Users\beigels\Downloads\Fedora-Workstation-Live-x86_64-26-1.5.iso
2018-02-16 11:49 - 2018-02-16 11:49 - 000002023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fedora Media Writer.lnk
2018-02-16 11:49 - 2018-02-16 11:49 - 000000000 ____D C:\Users\beigels\AppData\Local\fedoraproject.org
2018-02-16 11:49 - 2018-02-16 11:49 - 000000000 ____D C:\Program Files (x86)\Fedora Media Writer
2018-02-15 21:58 - 2018-02-16 04:59 - 000000400 __RSH C:\ProgramData\ntuser.pol
2018-02-14 08:19 - 2018-02-10 14:52 - 000395928 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-02-14 08:19 - 2018-02-10 14:03 - 000347296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-02-14 08:19 - 2018-02-10 03:44 - 025740288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-02-14 08:19 - 2018-02-10 02:30 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-02-14 08:19 - 2018-02-10 02:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-02-14 08:19 - 2018-02-10 02:19 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-02-14 08:19 - 2018-02-10 02:17 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-02-14 08:19 - 2018-02-10 02:17 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-02-14 08:19 - 2018-02-10 02:17 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-02-14 08:19 - 2018-02-10 02:16 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-02-14 08:19 - 2018-02-10 02:16 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-02-14 08:19 - 2018-02-10 02:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-02-14 08:19 - 2018-02-10 02:10 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-02-14 08:19 - 2018-02-10 02:09 - 005782016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-02-14 08:19 - 2018-02-10 02:07 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-02-14 08:19 - 2018-02-10 02:06 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-02-14 08:19 - 2018-02-10 02:06 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-02-14 08:19 - 2018-02-10 02:06 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-02-14 08:19 - 2018-02-10 02:06 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-02-14 08:19 - 2018-02-10 02:01 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-02-14 08:19 - 2018-02-10 01:58 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-02-14 08:19 - 2018-02-10 01:52 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-02-14 08:19 - 2018-02-10 01:52 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-02-14 08:19 - 2018-02-10 01:51 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-02-14 08:19 - 2018-02-10 01:49 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-02-14 08:19 - 2018-02-10 01:48 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-02-14 08:19 - 2018-02-10 01:46 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-02-14 08:19 - 2018-02-10 01:45 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-02-14 08:19 - 2018-02-10 01:36 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-02-14 08:19 - 2018-02-10 01:36 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-02-14 08:19 - 2018-02-10 01:34 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-02-14 08:19 - 2018-02-10 01:34 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-02-14 08:19 - 2018-02-10 01:33 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-02-14 08:19 - 2018-02-10 01:32 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-02-14 08:19 - 2018-02-10 01:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-02-14 08:19 - 2018-02-10 01:20 - 020274176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-02-14 08:19 - 2018-02-10 01:14 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-02-14 08:19 - 2018-02-10 01:08 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-02-14 08:19 - 2018-02-10 01:02 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-02-14 08:19 - 2018-02-10 00:57 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-02-14 08:19 - 2018-02-10 00:57 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-02-14 08:19 - 2018-02-10 00:57 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-02-14 08:19 - 2018-02-10 00:57 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-02-14 08:19 - 2018-02-10 00:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-02-14 08:19 - 2018-02-10 00:54 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-02-14 08:19 - 2018-02-10 00:52 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-02-14 08:19 - 2018-02-10 00:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-02-14 08:19 - 2018-02-10 00:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-02-14 08:19 - 2018-02-10 00:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-02-14 08:19 - 2018-02-10 00:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-02-14 08:19 - 2018-02-10 00:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-02-14 08:19 - 2018-02-10 00:42 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-02-14 08:19 - 2018-02-10 00:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-02-14 08:19 - 2018-02-10 00:38 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-02-14 08:19 - 2018-02-10 00:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-02-14 08:19 - 2018-02-10 00:36 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-02-14 08:19 - 2018-02-10 00:35 - 004498944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-02-14 08:19 - 2018-02-10 00:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-02-14 08:19 - 2018-02-10 00:35 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-02-14 08:19 - 2018-02-10 00:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-02-14 08:19 - 2018-02-10 00:33 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-02-14 08:19 - 2018-02-10 00:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-02-14 08:19 - 2018-02-10 00:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-02-14 08:19 - 2018-02-10 00:27 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-02-14 08:19 - 2018-02-10 00:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-02-14 08:19 - 2018-02-10 00:14 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-02-14 08:19 - 2018-02-10 00:10 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-02-14 08:19 - 2018-02-10 00:08 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-02-14 08:19 - 2018-01-12 11:46 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-02-14 08:19 - 2018-01-12 11:44 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-02-14 08:19 - 2018-01-12 11:44 - 001894120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-02-14 08:19 - 2018-01-12 11:44 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-02-14 08:19 - 2018-01-12 11:44 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-02-14 08:19 - 2018-01-12 11:44 - 000371432 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-02-14 08:19 - 2018-01-12 11:44 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-02-14 08:19 - 2018-01-12 11:44 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-02-14 08:19 - 2018-01-12 11:44 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-02-14 08:19 - 2018-01-12 11:44 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-02-14 08:19 - 2018-01-12 11:40 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:33 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-02-14 08:19 - 2018-01-12 11:29 - 004014312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-02-14 08:19 - 2018-01-12 11:29 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-02-14 08:19 - 2018-01-12 11:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-02-14 08:19 - 2018-01-12 11:27 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 11:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-02-14 08:19 - 2018-01-12 11:16 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-02-14 08:19 - 2018-01-12 11:16 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-02-14 08:19 - 2018-01-12 11:15 - 000032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-02-14 08:19 - 2018-01-12 11:11 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-02-14 08:19 - 2018-01-12 11:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-02-14 08:19 - 2018-01-12 11:11 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-02-14 08:19 - 2018-01-12 11:10 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-02-14 08:19 - 2018-01-12 11:07 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-02-14 08:19 - 2018-01-12 11:06 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-02-14 08:19 - 2018-01-12 11:03 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-02-14 08:19 - 2018-01-12 11:02 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-02-14 08:19 - 2018-01-12 11:02 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-02-14 08:19 - 2018-01-12 11:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-02-14 08:19 - 2018-01-12 11:01 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-02-14 08:19 - 2018-01-12 11:01 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-02-14 08:19 - 2018-01-12 10:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-02-14 08:19 - 2018-01-12 10:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-02-14 08:19 - 2018-01-12 10:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-02-14 08:19 - 2018-01-12 10:57 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-02-14 08:19 - 2018-01-12 10:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-02-14 08:19 - 2018-01-12 10:56 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 10:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 10:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-02-14 08:19 - 2018-01-12 10:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-02-14 08:19 - 2018-01-11 11:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-02-14 08:19 - 2018-01-11 11:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-02-14 08:19 - 2018-01-11 11:09 - 003224064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-02-14 08:19 - 2018-01-05 11:31 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-02-14 08:19 - 2018-01-05 11:31 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-02-14 08:19 - 2018-01-05 11:30 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-02-14 08:19 - 2018-01-05 11:30 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-02-14 08:19 - 2018-01-05 11:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-02-14 08:19 - 2018-01-05 11:25 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-02-14 08:19 - 2018-01-05 11:14 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-02-14 08:19 - 2018-01-05 11:11 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-02-14 08:19 - 2018-01-05 11:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-02-14 08:19 - 2018-01-05 11:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-02-14 08:19 - 2018-01-05 11:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-02-14 08:19 - 2018-01-05 10:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-02-14 08:19 - 2017-12-31 21:21 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-02-14 08:19 - 2017-12-31 21:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-02-14 08:19 - 2017-12-31 21:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-02-14 08:19 - 2017-12-31 21:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-02-14 08:19 - 2017-12-31 21:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-02-14 08:19 - 2017-12-31 21:18 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-02-14 08:19 - 2017-12-31 21:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-02-14 08:19 - 2017-12-31 21:18 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-02-14 08:19 - 2017-12-31 21:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-02-14 08:19 - 2017-12-31 21:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-02-14 08:19 - 2017-12-31 21:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-02-14 08:19 - 2017-12-31 21:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-02-14 08:19 - 2017-12-31 21:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-02-14 08:19 - 2017-12-31 21:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-02-14 08:19 - 2017-12-31 21:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-02-14 08:19 - 2017-12-31 21:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-02-14 08:19 - 2017-12-31 21:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-02-14 08:19 - 2017-12-31 20:59 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-02-14 08:19 - 2017-12-31 20:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-02-14 08:19 - 2017-12-31 20:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-02-14 08:19 - 2017-12-31 20:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-02-14 08:19 - 2017-12-31 20:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-02-14 08:19 - 2017-12-31 20:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-02-14 08:19 - 2017-12-31 20:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-02-14 08:19 - 2017-12-31 20:54 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-02-14 08:19 - 2017-12-31 20:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-02-14 08:19 - 2017-12-31 20:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2018-02-14 08:19 - 2017-12-31 20:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2018-02-14 08:19 - 2017-12-31 20:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-02-14 08:19 - 2017-12-31 20:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-02-14 08:19 - 2017-12-31 20:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-02-14 08:19 - 2017-12-31 20:42 - 000460288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-02-14 08:19 - 2017-12-31 20:42 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-02-14 08:19 - 2017-12-31 20:42 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-02-14 08:19 - 2017-12-31 20:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-02-14 08:19 - 2017-12-31 20:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-02-14 08:19 - 2017-12-31 20:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-02-14 08:19 - 2017-12-21 01:27 - 000634312 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-02-14 08:19 - 2017-12-05 12:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-02-14 08:19 - 2017-12-05 12:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-02-14 08:19 - 2017-12-05 12:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-02-14 08:19 - 2017-12-05 11:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2018-02-14 08:19 - 2017-12-05 10:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-02-14 08:19 - 2017-11-07 11:31 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-02-14 08:19 - 2017-11-07 11:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-02-14 08:19 - 2017-11-04 10:31 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-02-14 08:19 - 2017-11-04 10:31 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-02-14 08:19 - 2017-11-04 10:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-02-14 08:19 - 2017-11-04 10:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-02-14 08:19 - 2017-11-02 11:55 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2018-02-14 08:19 - 2017-11-02 11:55 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2018-02-14 08:19 - 2017-11-02 11:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2018-02-14 08:19 - 2017-11-02 11:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2018-02-14 08:19 - 2017-11-02 10:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2018-02-14 08:19 - 2017-11-02 10:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2018-02-14 08:19 - 2017-11-02 10:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2018-02-14 08:19 - 2017-11-02 09:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2018-02-14 08:19 - 2017-10-17 21:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-02-14 08:19 - 2017-10-17 21:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-02-14 08:19 - 2017-10-17 21:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-02-14 08:19 - 2017-10-17 21:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-02-14 08:19 - 2017-10-17 21:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-02-14 08:19 - 2017-10-17 21:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-02-14 08:19 - 2017-10-17 21:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-02-14 08:19 - 2017-10-16 18:04 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2018-02-14 08:19 - 2017-10-16 17:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2018-02-14 08:19 - 2017-10-16 16:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-02-14 08:19 - 2017-10-11 19:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-02-14 08:19 - 2017-10-11 19:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-02-14 08:19 - 2017-10-11 19:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-02-14 08:19 - 2017-10-11 19:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-02-14 08:19 - 2017-10-11 19:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-02-14 08:19 - 2017-10-11 19:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-02-14 08:19 - 2017-10-11 19:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-02-14 08:19 - 2017-10-11 19:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2018-02-14 08:19 - 2017-10-11 19:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2018-02-14 08:19 - 2017-10-11 19:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-02-14 08:19 - 2017-10-11 19:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-02-14 08:19 - 2017-10-11 19:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-02-14 08:19 - 2017-10-11 19:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2018-02-14 08:19 - 2017-10-11 19:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2018-02-14 08:19 - 2017-10-11 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2018-02-14 08:19 - 2017-10-11 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2018-02-14 08:19 - 2017-10-11 19:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2018-02-14 08:19 - 2017-10-11 19:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2018-02-14 08:19 - 2017-09-07 08:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-02-14 08:19 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-02-14 08:18 - 2018-01-21 18:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-02-14 08:18 - 2018-01-21 18:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-02-14 08:18 - 2018-01-19 09:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-02-14 08:18 - 2018-01-19 09:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-02-14 02:31 - 2018-02-14 02:31 - 000001892 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2018-02-13 14:36 - 2018-03-07 10:56 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-02-13 12:45 - 2018-02-13 12:45 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_LGAirDrive_01_11_00.Wdf
2018-02-13 12:44 - 2018-02-13 12:44 - 002356592 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2018-02-13 12:42 - 2016-08-24 18:09 - 000037376 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem64.sys
2018-02-13 12:42 - 2016-08-24 18:08 - 000030720 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag64.sys
2018-02-13 12:41 - 2018-02-13 13:30 - 000000000 ____D C:\Users\beigels\AppData\Roaming\LG Electronics
2018-02-13 12:41 - 2018-02-13 13:30 - 000000000 ____D C:\Users\beigels\AppData\Local\LG Electronics
2018-02-13 12:41 - 2018-02-13 12:41 - 000000000 ____D C:\Users\beigels\Documents\LG Bridge
2018-02-13 12:40 - 2018-02-13 13:30 - 000000000 ____D C:\Program Files (x86)\LG Electronics
2018-02-12 08:32 - 2018-02-12 08:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-02-12 08:32 - 2018-02-12 08:32 - 000000000 ____D C:\Program Files\7-Zip
2018-02-12 08:18 - 2018-02-12 08:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuWin32
2018-02-12 08:18 - 2018-02-12 08:18 - 000000000 ____D C:\Program Files (x86)\GnuWin32
2018-02-07 20:29 - 2018-02-07 20:39 - 000000000 ____D C:\Users\beigels\AppData\Roaming\Notepad++
2018-02-07 20:29 - 2018-02-07 20:29 - 000000826 _____ C:\Users\Public\Desktop\Notepad++.lnk
2018-02-07 20:29 - 2018-02-07 20:29 - 000000000 ____D C:\Users\beigels\AppData\Local\Notepad++
2018-02-07 20:29 - 2018-02-07 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2018-02-07 20:29 - 2018-02-07 20:29 - 000000000 ____D C:\Program Files\Notepad++
2018-02-07 19:10 - 2018-02-07 19:10 - 000000000 ____D C:\Users\beigels\AppData\Local\XmlViewer
2018-02-07 18:56 - 2018-02-07 18:56 - 000013105 _____ C:\Users\beigels\Documents\main.xml
2018-02-07 18:51 - 2018-02-07 18:51 - 000001995 _____ C:\Users\beigels\Desktop\XML Notepad 2007.lnk
2018-02-07 18:51 - 2018-02-07 18:51 - 000000000 ____D C:\Users\beigels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XML Notepad 2007
2018-02-07 18:51 - 2018-02-07 18:51 - 000000000 ____D C:\Program Files (x86)\XML Notepad 2007
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-03-09 18:25 - 2015-07-28 08:34 - 000000000 ____D C:\Program Files (x86)\Google
2018-03-09 18:24 - 2015-11-12 23:24 - 000000000 ____D C:\Users\beigels\AppData\Roaming\Anvsoft
2018-03-09 18:16 - 2017-12-20 11:41 - 000000000 ____D C:\Program Files (x86)\Kutools for Excel
2018-03-09 18:16 - 2015-10-22 22:50 - 000000000 ___RD C:\Users\beigels\Documents\Dropbox
2018-03-09 18:05 - 2015-10-22 22:42 - 000000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-03-09 17:21 - 2015-11-19 14:03 - 000000000 ____D C:\Users\beigels\Documents\Outlook Files
2018-03-09 15:00 - 2009-07-13 23:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-09 15:00 - 2009-07-13 23:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-09 14:59 - 2015-10-21 15:49 - 000004958 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for srulyG-beigels srulyG
2018-03-09 14:39 - 2015-10-22 22:42 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-03-09 14:39 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-09 03:39 - 2015-07-28 08:31 - 000000000 ____D C:\WATCHER
2018-03-09 03:39 - 2015-04-30 07:25 - 000000000 ____D C:\Temp
2018-03-09 01:53 - 2015-10-15 23:13 - 000000000 ____D C:\Me
2018-03-09 01:23 - 2009-07-14 00:13 - 000785942 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-09 01:23 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2018-03-09 01:20 - 2015-11-04 16:07 - 000000000 ____D C:\Users\beigels\AppData\Roaming\uTorrent
2018-03-09 00:59 - 2015-10-22 17:29 - 000000000 ____D C:\Users\beigels\AppData\Local\CrashDumps
2018-03-07 10:48 - 2015-07-28 08:39 - 000119952 _____ C:\Users\beigels\AppData\Local\GDIPFONTCACHEV1.DAT
2018-03-07 10:47 - 2016-09-08 17:01 - 000000000 ____D C:\Windows\pss
2018-03-07 10:10 - 2017-05-17 23:35 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-03-06 18:43 - 2016-12-05 12:39 - 000000000 ____D C:\Users\beigels\AppData\Roaming\Mp3tag
2018-03-06 18:12 - 2015-11-02 13:38 - 000000000 ____D C:\Users\beigels\AppData\Roaming\TeamViewer
2018-03-06 14:22 - 2015-07-28 08:39 - 000000000 ____D C:\Windows\AutoKMS
2018-03-06 14:22 - 2015-07-28 08:29 - 000000000 ____D C:\Microsoft Toolkit 2.5.3 Official Torrent
2018-03-06 07:17 - 2009-07-13 23:45 - 000466184 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-06 06:41 - 2016-02-21 07:44 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-03-06 06:41 - 2015-11-13 00:02 - 000000000 ____D C:\Users\beigels\AppData\Roaming\MPC-HC
2018-03-06 06:40 - 2017-10-02 10:29 - 000000000 ____D C:\Windows\Minidump
2018-03-06 06:37 - 2015-10-22 22:41 - 000000000 ____D C:\Program Files\CCleaner
2018-03-06 05:52 - 2016-02-21 07:45 - 000000000 ____D C:\Users\beigels\AppData\Local\TeamViewer
2018-03-05 16:57 - 2016-06-17 15:24 - 000000000 ____D C:\Users\beigels\.android
2018-03-05 08:02 - 2017-12-05 17:45 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000372920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000139040 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000102720 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000076760 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2018-03-05 08:02 - 2017-05-17 23:35 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2018-03-05 08:01 - 2017-05-17 23:35 - 001019088 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2018-03-05 08:01 - 2017-05-17 23:35 - 000337344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2018-03-05 08:01 - 2017-05-17 23:35 - 000221096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2018-03-05 08:01 - 2017-05-17 23:35 - 000193024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2018-03-05 08:01 - 2017-05-17 23:35 - 000166552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2018-03-05 08:01 - 2017-05-17 23:35 - 000051272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2018-03-05 08:00 - 2015-10-22 22:42 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-02-27 21:52 - 2015-04-30 07:25 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-27 03:17 - 2015-11-02 11:24 - 000000000 ____D C:\Users\beigels\AppData\Local\ElevatedDiagnostics
2018-02-27 02:36 - 2015-10-16 12:07 - 000000000 ____D C:\Program Files (x86)\FreeCommander XE
2018-02-27 02:35 - 2015-07-28 08:35 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-27 02:35 - 2015-07-28 08:35 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-26 14:25 - 2017-05-17 09:47 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-26 14:24 - 2016-01-18 10:45 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-22 18:57 - 2015-10-16 12:37 - 000002004 ____H C:\Users\beigels\Documents\Default.rdp
2018-02-21 14:05 - 2015-10-23 11:16 - 000000000 ____D C:\ProgramData\Garmin
2018-02-20 13:26 - 2017-12-20 11:41 - 000001116 _____ C:\Users\beigels\Desktop\Kutools for Excel.lnk
2018-02-19 12:37 - 2011-02-10 09:33 - 000778064 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-02-17 11:34 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2018-02-16 05:32 - 2009-07-14 00:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2018-02-16 05:32 - 2009-07-13 23:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-02-16 05:26 - 2015-10-21 17:05 - 000000000 ____D C:\Windows\system32\appraiser
2018-02-16 05:26 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2018-02-16 05:26 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\Setup
2018-02-16 05:23 - 2017-09-28 08:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-02-16 05:23 - 2015-10-22 23:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-16 05:22 - 2015-10-22 14:35 - 000000000 ____D C:\Windows\system32\MRT
2018-02-16 05:18 - 2017-10-17 14:34 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-02-16 05:18 - 2015-10-22 14:35 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-02-15 21:58 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2018-02-14 19:32 - 2018-01-15 16:47 - 000000000 ____D C:\Users\beigels\AppData\Local\Eclipse
2018-02-14 19:32 - 2018-01-15 15:50 - 000000000 ____D C:\Users\beigels\.p2
2018-02-14 12:38 - 2015-10-22 22:32 - 000000000 ____D C:\ProgramData\WinZip
2018-02-14 12:31 - 2015-10-22 23:07 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2018-02-14 12:31 - 2015-10-22 23:07 - 000001114 _____ C:\Users\Public\Desktop\WinRAR.lnk
2018-02-14 12:31 - 2015-10-22 23:07 - 000000000 ____D C:\Users\beigels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-02-14 12:31 - 2015-10-22 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-02-14 02:31 - 2015-10-23 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-02-14 02:31 - 2015-10-23 11:16 - 000000000 ____D C:\Program Files (x86)\Garmin
2018-02-14 02:31 - 2015-10-16 13:01 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-14 02:30 - 2015-10-23 11:16 - 000003552 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2018-02-13 14:36 - 2015-10-22 22:41 - 000000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-02-12 05:36 - 2018-01-03 13:56 - 000001318 _____ C:\Users\Public\Desktop\Minimal ADB and Fastboot.lnk
2018-02-07 20:41 - 2018-02-06 18:55 - 000003614 _____ C:\Windows\System32\Tasks\LinuxFS Updater
2018-02-07 02:39 - 2015-04-30 07:15 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-02-07 02:39 - 2015-04-30 07:15 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-07 02:39 - 2015-04-30 07:15 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-02-07 02:39 - 2015-04-30 07:15 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-02-07 02:39 - 2015-04-30 07:15 - 000000000 ____D C:\Windows\system32\Macromed
 
Some files in TEMP:
====================
2016-01-25 03:42 - 2016-01-25 03:42 - 004995416 _____ (Microsoft Corporation) C:\Users\beigels\AppData\Local\Temp\vcredist10_x86.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-03-09 02:40
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by beigels (09-03-2018 18:38:12)
Running from C:\Users\beigels\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-07-28 13:23:33)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2779557678-3830489536-1879980627-500 - Administrator - Disabled)
beigels (S-1-5-21-2779557678-3830489536-1879980627-1000 - Administrator - Enabled) => C:\Users\beigels
Guest (S-1-5-21-2779557678-3830489536-1879980627-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Smart Security Premium (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: ESET Smart Security Premium (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
ANT Drivers Installer x64 (HKLM\...\{00EC0123-5EC2-4D75-830C-EF11667E74E8}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter 5.9.9 (HKLM-x32\...\Any Video Converter) (Version: 5.9.9 - Anvsoft)
Attribute Changer 9.0a (HKLM\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 9.0a - Romain Petges)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.2.3046 - AVG Technologies)
Brother MFL-Pro Suite MFC-L2720DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.0.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Protected Workspace (HKLM-x32\...\{E2CAA395-66B3-4772-85E3-6134DBAB244E}) (Version: 4.0.18189 - Invincea, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 44.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{9AB7E852-655C-4BDE-9042-1D3E6807C85A}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 11.0.159.9 - ESET, spol. s r.o.)
Evernote v. 6.7.5 (HKLM-x32\...\{65B334F4-9E45-11E7-A6A5-005056951CAD}) (Version: 6.7.5.5825 - Evernote Corp.)
Fedora Project - Fedora Media Writer - Tool to write Fedora images to flash drives (HKLM-x32\...\Fedora Media Writer) (Version: "${VERSIONMAJOR}.${VERSIONMINOR}.${VERSIONBUILD}" - "Fedora Project")
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
FreeMouseAutoClicker 3.8 (HKLM-x32\...\{292F00C5-25EF-4FBE-9873-13EF1F69DEED}_is1) (Version:  - Advanced Mouse Auto Clicker ltd.)
Garmin BaseCamp (HKLM-x32\...\{36A0D446-B8E9-4753-BDFE-335F6F4DE59C}) (Version: 4.5.2 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America NT 2016.20 (HKLM-x32\...\{79A8C65B-0289-45A2-9A8D-6AAE0B64A374}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America NT 2017.10 (HKLM-x32\...\{08858497-31DE-491F-B21F-95AC17D75CEF}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America NT 2018.30 (HKLM-x32\...\{152AD9F4-AFBF-417B-AC07-0C6A3EB6D304}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E695D74A-9567-46DA-A4EE-0E191F21194B}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{fb1ff7db-c0d2-43c4-99bf-5b2fa4f9ca0b}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{7C8FDEF1-F311-459C-B3CC-EEF73C721BFD}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
GhostMouse (HKLM-x32\...\GhostMouse_is1) (Version: Free V3.2.3 - ghost-mouse.com)
GnuWin32: CoreUtils version 5.3.0 (HKLM-x32\...\CoreUtils-5.3.0_is1) (Version: 5.3.0 - GnuWin32)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP Display Assistant (HKLM-x32\...\{17B371B7-740F-4C83-BDFE-0C3A2C585103}) (Version: 2.11.045 - Portrait Displays, Inc.)
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.10.0 - Intel)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3234 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6230EE50-BD4E-4B39-904D-3E7600053E08}) (Version: 6.2.1 - Intel Corporation)
iVMS-4200(v2.4.1.3) (HKLM-x32\...\{7697245D-2E00-4B83-AD27-C051DE314D1F}) (Version: 2.4.1.3 - hikvision)
Java 9.0.1 (64-bit) (HKLM\...\{2590B9D6-4310-52BC-808E-1A585861A836}) (Version: 9.0.1.0 - Oracle Corporation)
Java™ SE Development Kit 9.0.1 (64-bit) (HKLM\...\{4AC8DBB2-1AE5-5156-83F9-D4E2E6DD564B}) (Version: 9.0.1.0 - Oracle Corporation)
Kol Halashon Download Manager (HKLM-x32\...\{3B5F6507-5620-4136-B4DD-4E7069BE5B4B}) (Version: 3.00.0000 - Kol Halashon)
Kutools for Excel 16.50 (HKLM-x32\...\{A095BA43-4A97-4D55-8E25-A0BC46F10765}_is1) (Version: 16.50 - Addin Technology Inc.)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.2.0 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
Linux File Systems for Windows by Paragon Software (HKLM-x32\...\{F0CF025B-D6F3-4F7C-939B-23291F52875C}) (Version: 5.0.956 - Paragon Software GmbH)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.2 (HKLM-x32\...\{1901BAF7-7E78-4041-BC88-D0EE5DD1DFD9}_is1) (Version: 1.4.2 - Sam Rodberg)
MiniTool Partition Wizard Free 10.2.2 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 56.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 en-US)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla)
MP3 Diags (HKLM-x32\...\MP3Diags) (Version:  - )
Mp3tag v2.86 (HKLM-x32\...\Mp3tag) (Version: 2.86 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyTrigger (HKLM-x32\...\{133D2CE6-0010-457B-A8B7-6E497114CA1C}) (Version: 1.7.188.0 - torgesta.com)
Net Nanny Parental Controls (HKLM-x32\...\ALTACPHOME_is1) (Version: 6.5 - ContentWatch)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
nutraCoster Workstation (HKLM-x32\...\nutraCoster Workstation) (Version:  - )
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PdfZip (HKLM-x32\...\{9FD5457C-8F9E-4D40-82F9-AB35FE7A123B}) (Version: 2.0.17 - FaradaySoft)
PhoenixSuit (HKLM-x32\...\{EBF1BED9-4321-40D7-8837-177AE54C457C}) (Version: 1.0.5 - AllWinnertech)
PhoneDeck 1.3 (HKLM-x32\...\PhoneDeck_is1) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6053 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Sansa Updater (HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\...\Sansa Updater) (Version:  - SanDisk Corporation)
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.38.024 - Portrait Displays, Inc.) Hidden
Tar-1.13 Binaries (GnuWin32) (HKLM-x32\...\Tar-1.13-bin_is1) (Version: 1.13 - GnuWin32)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
Ubuntu (HKLM-x32\...\Wubi) (Version: 17.10.1-rev328 - Ubuntu)
VBRFix (Moonbase Edition) (HKLM-x32\...\Vbrfix) (Version: 1(beta) H+Moonbase - Moonbase)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VNC Server 6.2.1 (HKLM\...\{D46A65E0-E741-4DD8-BAC1-F35DDB46C2E0}) (Version: 6.2.1.32538 - RealVNC Ltd)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/27/2012 7.0.0000.00001) (HKLM\...\450B7CBC371CAEC6A328083977AA7A09E7AE5D29) (Version: 08/27/2012 7.0.0000.00001 - Google, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WPS Office (9.1.0.5200) (HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\...\Kingsoft Office) (Version: 9.1.0.5200 - Kingsoft Corp.)
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2088.1.A02B03 - ZTE Corporation)
כלי ההגהה של Microsoft Office 2013 - עברית (HKLM\...\{90150000-001F-040D-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2779557678-3830489536-1879980627-1000_Classes\CLSID\{53B2AC1B-7B81-47FC-8D3B-595CDE21D0BA}\InprocServer32 -> C:\Users\beigels\AppData\Local\Apps\Evernote\Evernote\EvernoteCCx64.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
CustomCLSID: HKU\S-1-5-21-2779557678-3830489536-1879980627-1000_Classes\CLSID\{67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F}\InprocServer32 -> C:\Users\beigels\AppData\Local\Kingsoft\WPS Office\9.1.0.5200\office6\qingshellext64.dll (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2779557678-3830489536-1879980627-1000_Classes\CLSID\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}\InprocServer32 -> C:\Users\beigels\AppData\Local\Apps\Evernote\Evernote\EvernoteIEx64.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
CustomCLSID: HKU\S-1-5-21-2779557678-3830489536-1879980627-1000_Classes\CLSID\{93c503ec-b307-4339-bca2-37fe3b4836e8}\InprocServer32 -> C:\Users\beigels\AppData\Local\Apps\Evernote\Evernote\EvernoteOLShim64.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2015-12-07] (SoftThinks SAS)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2015-12-07] (SoftThinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2015-12-07] (SoftThinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2015-12-07] (SoftThinks SAS)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-12-31] ()
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-03-05] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-10-25] (Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files\Attribute Changer\acshell.dll [2018-02-28] (Romain Petges)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-10-25] (Florian Heidenreich)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files\Attribute Changer\acshell.dll [2018-02-28] (Romain Petges)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-10-25] (Florian Heidenreich)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-07-09] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-03-05] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2779557678-3830489536-1879980627-1000: [qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Users\beigels\AppData\Local\Kingsoft\WPS Office\9.1.0.5200\office6\qingshellext64.dll [2016-01-22] (Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-2779557678-3830489536-1879980627-1000: [qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Users\beigels\AppData\Local\Kingsoft\WPS Office\9.1.0.5200\office6\qingshellext64.dll [2016-01-22] (Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers5_S-1-5-21-2779557678-3830489536-1879980627-1000: [qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Users\beigels\AppData\Local\Kingsoft\WPS Office\9.1.0.5200\office6\qingshellext64.dll [2016-01-22] (Zhuhai Kingsoft Office Software Co.,Ltd)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {04E5751E-10D7-471B-AE32-48A8F52F518F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {0B3DE149-1774-454F-B30A-7F3C88F4B1C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
Task: {45D6297E-3262-43CC-9F01-BE8331397167} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {580419A8-33F1-454D-82C8-3850DBABA54D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07] (Adobe Systems Incorporated)
Task: {650ACC87-C6B4-4F2C-B972-049A14A51B21} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-27] (Oracle Corporation)
Task: {6708A4E2-206C-4F17-9EA9-1EF49C08CAB2} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-02-08] ()
Task: {72CA1F8B-59F2-4644-AF7A-2A102795D698} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-03-31] (McAfee, Inc.)
Task: {7A12201C-CFD5-4C34-B1BE-437088FDE397} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {819ECAD1-D4D5-434B-837C-844F7F43109E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {86D6BF07-2501-4729-9D34-6B385742A145} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-03-05] (AVG Technologies CZ, s.r.o.)
Task: {88E5761B-36E0-40F8-BCCD-C76CD5960101} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {8BC993D1-4215-42C9-8337-E4B1A259C96B} - System32\Tasks\LinuxFS Updater => C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\Updater.exe [2017-11-30] (Paragon Software)
Task: {9272878B-2B0B-437F-8981-F4BC1EF3153B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {974FAAAD-667C-46FC-A88C-067F81141A25} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {A7176241-9540-4553-A2BE-7666BBE9E3B9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {AC0BF97E-ADB8-44EA-AFD8-7F38A398FD43} - System32\Tasks\LinuxFS GUI => C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\Linux File Systems for Windows by Paragon Software.exe [2017-11-30] (Paragon Software)
Task: {D5040E68-5DA6-423B-8205-0F3E811A691D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {DB73E199-0B43-4CC8-8249-11146CD7D5DE} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-02-15] (AVG Technologies CZ, s.r.o.)
Task: {E1DDE9FD-50FB-410B-824E-2C23529999AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
Task: {E8B901E5-0476-4B0A-BBC4-408954DAB70C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EFF5AE57-220F-46A1-A540-29E9ACB1FAF0} - System32\Tasks\Microsoft Office 15 Sync Maintenance for srulyG-beigels srulyG => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\beigels\Desktop\fixcomputer.lnk -> F:\fixcomputer.bat ()
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-06-07 15:09 - 2017-06-07 15:09 - 000598528 _____ () C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX64.dll
2017-12-31 20:07 - 2017-12-31 20:07 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2005-08-30 11:30 - 2005-08-30 11:30 - 000466944 _____ () C:\Program Files (x86)\MyTrigger\MyTrigger.exe
2017-11-30 13:49 - 2017-11-30 13:49 - 000414208 _____ () C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\dokan.dll
2018-03-06 06:41 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-05 08:01 - 2018-03-05 08:01 - 000722672 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\vaarclient.dll
2018-03-05 08:02 - 2018-03-05 08:02 - 000913136 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\ffl2.dll
2018-03-05 08:02 - 2018-03-05 08:02 - 000342768 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll
2018-03-05 08:02 - 2018-03-05 08:02 - 000289008 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2018-03-05 08:02 - 2018-03-05 08:02 - 000281328 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2018-03-08 21:21 - 2018-03-08 21:21 - 005822192 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18030812\algo.dll
2018-03-05 08:02 - 2018-03-05 08:02 - 000758000 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2018-03-05 08:01 - 2018-03-05 08:01 - 000965872 _____ () C:\Program Files (x86)\AVG\Antivirus\shepherdsync.dll
2018-03-05 08:01 - 2018-03-05 08:01 - 000476400 _____ () C:\Program Files (x86)\AVG\Antivirus\gui_cache.dll
2018-03-09 14:42 - 2018-03-09 14:42 - 005822192 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18030900\algo.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2018-02-08 13:32 - 2018-02-08 13:32 - 000073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2018-03-05 08:02 - 2018-03-05 08:02 - 067127976 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2018-03-05 08:00 - 2018-02-26 06:24 - 000746312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-03-05 08:00 - 2018-02-26 06:24 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-09-08 17:09 - 2018-02-26 06:24 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-03-05 08:00 - 2018-02-26 06:24 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-03-05 08:00 - 2018-02-26 06:24 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-09-08 17:09 - 2018-02-26 06:24 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-03-05 08:00 - 2018-02-26 06:24 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000116184 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-03-05 08:00 - 2018-02-26 06:24 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-09-08 17:09 - 2018-02-26 06:26 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-09-20 16:13 - 2018-02-26 06:24 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-08 17:09 - 2018-02-26 06:27 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-09-08 17:09 - 2018-02-26 06:27 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-09-08 17:09 - 2018-02-26 06:27 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-09-08 17:09 - 2018-02-26 06:26 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-09-08 17:09 - 2018-02-26 06:27 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-09-08 17:09 - 2018-02-26 06:24 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-09-08 17:09 - 2018-02-26 06:27 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-03-05 08:00 - 2018-02-26 06:24 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-01-10 20:09 - 2018-02-26 06:26 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-09-08 17:09 - 2018-02-26 06:26 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-03-05 08:00 - 2018-02-26 06:26 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-09-08 17:09 - 2018-02-26 06:26 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-03-05 08:00 - 2018-02-26 06:26 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2017-07-03 11:50 - 2009-02-27 15:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-11-10 12:12 - 2014-11-10 12:12 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-06-07 15:07 - 2017-06-07 15:07 - 000569856 _____ () C:\Users\beigels\AppData\Local\MEGAsync\ShellExtX32.dll
2018-02-27 02:35 - 2018-02-21 23:12 - 003730264 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\libglesv2.dll
2018-02-27 02:35 - 2018-02-21 23:12 - 000085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\libegl.dll
2018-02-02 20:02 - 2018-02-01 20:28 - 017841152 _____ () C:\Users\beigels\AppData\Local\Google\Chrome\User Data\PepperFlash\28.0.0.161\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3873 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3916 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4014 [0]
AlternateDataStreams: C:\Users\beigels\Documents\Elvenar Press.rms:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\beigels\Documents\_Things to do.doc:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\beigels\Documents\~WRL0413.tmp:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\beigels\Documents\~WRL1438.tmp:com.dropbox.attributes [168]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2016-06-07 09:05 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2779557678-3830489536-1879980627-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\beigels\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.10.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: BlackBerry Device Manager => 3
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: Dell Foundation Services => 2
MSCONFIG\Services: DTSRVC => 2
MSCONFIG\Services: InvProtectSvc => 2
MSCONFIG\Services: Kingsoft_WPS_UpdateService => 2
MSCONFIG\Services: PdiService => 2
MSCONFIG\Services: RIM MDNS => 2
MSCONFIG\Services: RIM Tunnel Service => 2
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SboxSvc => 2
MSCONFIG\Services: SftService => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TrueKey => 2
MSCONFIG\Services: TrueKeyScheduler => 2
MSCONFIG\Services: TrueKeyServiceHelper => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\Windows\pss\FAH.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Notifier.lnk => C:\Windows\pss\Update Notifier.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^beigels^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: DT HWP => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HWP
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: PPort12reminder => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: RIM PeerManager => "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: RtHDVBg => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4 /WAVES_SUBTYPE_FOR_LYNC
MSCONFIG\startupreg: RtHDVCpl => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" /s
MSCONFIG\startupreg: uTorrent => "C:\Users\beigels\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{DF4A808C-62E0-4357-B6E2-76966A6CA14C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{238E844B-ADB6-4508-BDAB-EBF40ACCFD19}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C111B82F-425C-476B-BF89-55F5364835BE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1B6C17DA-9271-4E6D-89AA-C3D3992A0904}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{16EE50F0-375F-43B8-B118-4CCD3770F5DE}C:\users\beigels\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\beigels\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{5B887A0F-5DEB-46C9-A2E7-9ADB3BBE12CC}C:\users\beigels\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\beigels\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{D61ADC17-8C7C-41D2-AFA2-2AAC31B90B83}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20F9A403-88B2-4745-B486-62D806B6C059}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0AC1202E-6C27-4B71-81E3-F966117AF8AF}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe
FirewallRules: [UDP Query User{4F37A4FE-5555-4E9F-BE38-93907B000B3C}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe
FirewallRules: [TCP Query User{88D96294-6AC8-4F79-9974-F6558A4E8D90}C:\users\beigels\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\beigels\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{9C0AB04E-69C4-4CD5-A23F-AB7C6A29ABB0}C:\users\beigels\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\beigels\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{BD861E3E-87C6-4F61-85D1-EAF00E1E098C}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [UDP Query User{50071994-C820-4F74-8D9D-6C784E09C656}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [TCP Query User{A914AC5F-FA59-45C9-BCF9-ADB52ECD8D0F}C:\Program Files\Android\android studio\bin\studio64.exe] => (Allow) C:\Program Files\Android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{942E44CB-45DF-43D1-81C5-BA20665A4D2E}C:\Program Files\Android\android studio\bin\studio64.exe] => (Allow) C:\Program Files\Android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{B5FD89A4-73F2-4CC9-8F44-4EBC4ACB4D38}C:\users\beigels\eclipse-installer\eclipse-inst.exe] => (Allow) C:\users\beigels\eclipse-installer\eclipse-inst.exe
FirewallRules: [UDP Query User{C306D55E-9DD3-42A4-BE6A-22887CAF7ABF}C:\users\beigels\eclipse-installer\eclipse-inst.exe] => (Allow) C:\users\beigels\eclipse-installer\eclipse-inst.exe
FirewallRules: [TCP Query User{2AFEEEAF-CCF0-4FE6-9796-113423E68A4D}C:\program files (x86)\kol halashon\kol halashon download manager\khl download manager.exe] => (Allow) C:\program files (x86)\kol halashon\kol halashon download manager\khl download manager.exe
FirewallRules: [UDP Query User{B22BBCF9-9703-4013-9AC5-6392BB5CE546}C:\program files (x86)\kol halashon\kol halashon download manager\khl download manager.exe] => (Allow) C:\program files (x86)\kol halashon\kol halashon download manager\khl download manager.exe
FirewallRules: [{72DFFBDF-83B8-4140-B44E-2C7C4CED8D31}] => (Allow) C:\Users\beigels\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B5D1C086-3017-47E8-977F-BA2589503649}] => (Allow) C:\Users\beigels\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7A1A2934-4CE9-4782-8A70-10C830AAFBCF}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{1244F93A-C6D8-40E5-9633-589DE48F623F}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [TCP Query User{E41F8081-BF4A-4B7B-8FF6-949BE8C5D0B1}C:\users\beigels\appdata\local\temp\pyl45a9.tmp\pyrun.exe] => (Allow) C:\users\beigels\appdata\local\temp\pyl45a9.tmp\pyrun.exe
FirewallRules: [UDP Query User{53F942A9-ABD3-402F-BD36-7F387B4F8900}C:\users\beigels\appdata\local\temp\pyl45a9.tmp\pyrun.exe] => (Allow) C:\users\beigels\appdata\local\temp\pyl45a9.tmp\pyrun.exe
FirewallRules: [{A9C188A4-3A2D-47B6-B41D-65E77F22C279}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9E9A7266-C0AF-4108-8168-D94B1C982F0B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{6F163CA5-D2C6-4458-9B71-88351C275460}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F5CA7C8A-4068-465B-A78C-7434D1484CA8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B8A83648-504D-42B9-B3F3-D0039179436F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B3F88E61-4796-483B-802A-EFDD9917289E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
==================== Restore Points =========================
 
09-03-2018 02:47:31 Scheduled Checkpoint
09-03-2018 18:23:43 Removed inAudible
09-03-2018 18:25:06 Removed Chrome Remote Desktop Host
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/09/2018 06:24:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/09/2018 06:09:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/09/2018 06:09:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/09/2018 02:43:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/09/2018 02:39:48 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/09/2018 02:39:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (03/09/2018 03:48:18 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (03/09/2018 03:48:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
 
System errors:
=============
Error: (03/09/2018 02:52:02 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (03/09/2018 02:41:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Biometric and Context Agent Service service hung on starting.
 
Error: (03/09/2018 03:49:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avgbIDSAgent service failed to start due to the following error: 
The pipe has been ended.
 
Error: (03/09/2018 03:49:22 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Background Intelligent Transfer Service service terminated with service-specific error %%-2147024846 = The request is not supported..
 
Error: (03/09/2018 03:49:22 AM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: The BITS service failed to start.  Error 2147942450.
 
Error: (03/09/2018 03:49:21 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Biometric and Context Agent Service service hung on starting.
 
Error: (03/09/2018 03:49:06 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Group Policy Client service did not shut down properly after receiving a preshutdown control.
 
Error: (03/09/2018 02:03:35 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 69%
Total physical RAM: 8110.53 MB
Available physical RAM: 2480.28 MB
Total Virtual: 16219.23 MB
Available Virtual: 10749.79 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:919.74 GB) (Free:713.98 GB) NTFS
Drive e: (Clip Jam) (Removable) (Total:7.79 GB) (Free:7.79 GB) FAT32
Drive f: (DATA) (Network) (Total:847.95 GB) (Free:403.57 GB) NTFS
Drive g: (DOCS) (Removable) (Total:14.62 GB) (Free:13.16 GB) FAT32
 
\\?\Volume{48219d44-ef42-11e4-8465-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:11.73 GB) (Free:3.79 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 55422ED0)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.7 GB) - (Type=27)
Partition 3: (Not Active) - (Size=919.7 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.
 
========================================================
Disk: 2 (Protective MBR) (Size: 14.6 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#8 mAL_rEm018

mAL_rEm018

  • Malware Response Team
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:10 PM

Posted 10 March 2018 - 05:40 AM

Hello isrgish,

 

This si a computer that's at my work place and someone has used it before me. If you can please let me know which ones are illegal I will promptly remove them.

Thank you for letting me know.  Unfortunately, I do not work on business computers for various reasons, one of them being that I have no idea whether the IT department of your company has given you permission to post here or not.  This is my personal choice, but some helpers are willing to provide help for these types of computer, which is why I will ask you to open a new topic in the Virus, Trojan, Spyware, and Malware Removal Logs forum and wait for someone else to take your topic.  It would also be a good idea to add a note mentioning that this is your work computer, so that your new helper is aware of the situation.

My sincerest apologies for the misunderstanding, and I wish you all the best in getting the computer problems solved.

Best regards,

mAL  

This topic is now closed.

 


Teacher at the Malware Removal University.

Member of UNITE

 

Failure to post replies within 4 days will result in this thread being closed





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users