cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2016
Ran by CesarAnDrOiD (administrator) on CESARANDROID-PC (01-12-2016 22:06:40)
Running from C:\Users\CesarAnDrOiD\Desktop
Loaded Profiles: CesarAnDrOiD (Available Profiles: CesarAnDrOiD)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(BitTorrent Inc.) C:\Users\CesarAnDrOiD\AppData\Roaming\uTorrent\uTorrent.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 13\Snagit32.exe
(Mega Limited) C:\Users\CesarAnDrOiD\AppData\Local\MEGAsync\MEGAsync.exe
(CHENGDU Yiwo Tech Development Co., Ltd.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(BitTorrent Inc.) C:\Users\CesarAnDrOiD\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(BitTorrent Inc.) C:\Users\CesarAnDrOiD\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 13\SnagPriv.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 13\SnagitEditor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [EaseUS Cleanup] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe [1227456 2016-04-26] (CHENGDU Yiwo Tech Development Co., Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM\...\RunOnce: [!MOF64] => cmd.exe /c "cd %windir%\microsoft.net\framework64\v4.0.30319 & mofcomp.exe -autorecover mof\servicemodel.mof & mofcomp.exe -autorecover mof\servicemodel35.mof & mofcomp.exe -autorecover aspnet.mof & c (the data entry has 182 more characters).
HKU\S-1-5-21-3632631583-3328051805-244849390-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3981368 2016-10-01] (Tonec Inc.)
HKU\S-1-5-21-3632631583-3328051805-244849390-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-3632631583-3328051805-244849390-1000\...\Run: [uTorrent] => C:\Users\CesarAnDrOiD\AppData\Roaming\uTorrent\uTorrent.exe [2145984 2016-11-28] (BitTorrent Inc.)
HKU\S-1-5-21-3632631583-3328051805-244849390-1000\...\MountPoints2: {1edb5ec6-b60a-11e6-9cac-0c84dc920627} - K:\AutoRun.exe
HKU\S-1-5-18\...\Run: [] => 0
ShellExecuteHooks: - {38A4A870-AA3F-11E6-9675-64006A5CFC23} - No File [ ]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\CesarAnDrOiD\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\CesarAnDrOiD\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\CesarAnDrOiD\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\CesarAnDrOiD\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\CesarAnDrOiD\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\CesarAnDrOiD\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 13.lnk [2016-11-30]
ShortcutTarget: Snagit 13.lnk -> C:\Program Files (x86)\TechSmith\Snagit 13\Snagit32.exe (TechSmith Corporation)
Startup: C:\Users\CesarAnDrOiD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-11-30]
ShortcutTarget: MEGAsync.lnk -> C:\Users\CesarAnDrOiD\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{784C46CE-BE49-44BC-A062-0C788C6C13AF}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-3632631583-3328051805-244849390-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-09-06] (Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-09-06] (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: swlnpedq.default
FF ProfilePath: C:\Users\CesarAnDrOiD\AppData\Roaming\Mozilla\Firefox\Profiles\swlnpedq.default [2016-12-01]
FF Homepage: Mozilla\Firefox\Profiles\swlnpedq.default -> google.com/
FF Extension: (Adblock Plus) - C:\Users\CesarAnDrOiD\AppData\Roaming\Mozilla\Firefox\Profiles\swlnpedq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-09-21]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-11-14] [not signed]
FF HKU\S-1-5-21-3632631583-3328051805-244849390-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-3632631583-3328051805-244849390-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\CesarAnDrOiD\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\CesarAnDrOiD\AppData\Roaming\IDM\idmmzcc5 [2016-12-01] [not signed]
FF HKU\S-1-5-21-3632631583-3328051805-244849390-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-11] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-14] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-06-14] (Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-10-29]

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-01] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-29]
CHR Extension: (Google Drive) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-29]
CHR Extension: (YouTube) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-29]
CHR Extension: (Adobe Acrobat) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-11-29]
CHR Extension: (Google Docs Offline) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-29]
CHR Extension: (IDM Integration Module) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-11-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-29]
CHR Extension: (Gmail) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-29]
CHR Extension: (Chrome Media Router) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-29]
CHR Profile: C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default [2016-12-01]
CHR Extension: (Google Slides) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-29]
CHR Extension: (Google Docs) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-29]
CHR Extension: (Google Drive) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-29]
CHR Extension: (MEGA) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2016-11-26]
CHR Extension: (Web2PDFConverter) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkanhckocooacphbnclgcndnpfpoppdk [2016-11-01]
CHR Extension: (YouTube) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-29]
CHR Extension: (Adblock Plus) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-01]
CHR Extension: (Pushbullet) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2016-11-01]
CHR Extension: (Adblock for Youtube™) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2016-11-01]
CHR Extension: (Adobe Acrobat) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-11-14]
CHR Extension: (Google Sheets) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-29]
CHR Extension: (Chrome Remote Desktop) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-11-01]
CHR Extension: (Google Docs Offline) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-29]
CHR Extension: (AdBlock) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-26]
CHR Extension: (Save as PDF) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2016-11-01]
CHR Extension: (IDM Integration Module) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-11-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-29]
CHR Extension: (Gmail) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-29]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-09-30]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-09-30]
StartMenuInternet: Google Chrome.OSLRYKB5KHIVX5RKDT6IOSQV7Q - C:\Users\CesarAnDrOiD\AppData\Local\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\CesarAnDrOiD\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-11-11]
OPR Extension: (IDM Integration Module) - C:\Users\CesarAnDrOiD\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-11-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2815520 2016-10-11] (ESET)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-05-12] (Intel Corporation)
S3 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2015-08-06] (PowerUp Software, LLC) [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [615936 2010-06-14] (Nokia) [File not signed]
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [33224 2016-04-15] (SHAREit Technologies Co.Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3661096 2015-09-14] (TechSmith Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-05-15] (Microsoft Corporation)
S2 Hiwuly; C:\Program Files (x86)\Chidry\Chuziwardschedule.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [232072 2016-10-07] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [212096 2016-10-07] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [177792 2016-10-07] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [48768 2016-10-07] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [76416 2016-10-07] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59528 2016-10-07] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [91784 2016-10-07] (ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2016-01-20] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [15968 2016-01-20] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-01-20] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-01-20] ()
S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB.sys [19968 2016-07-22] (Intel Mobile Communications)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2016-11-11] (Sony Mobile Communications)
R3 isocusb; C:\Windows\System32\drivers\isocusb.sys [261120 2013-03-19] (Intel Corp.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31984 2013-07-30] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [132120 2016-10-18] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [206416 2016-10-18] (Oracle Corporation)
U0 aswVmm; no ImagePath
S3 cpuz138; \??\C:\Users\CesarAnDrOiD\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
S3 iscFlash; \??\C:\Users\CesarAnDrOiD\AppData\Local\Temp\7zSE64A.tmp\iscflashx64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-01 22:06 - 2016-12-01 22:07 - 00024299 _____ C:\Users\CesarAnDrOiD\Desktop\FRST.txt
2016-12-01 22:06 - 2016-12-01 22:06 - 00000000 ____D C:\FRST
2016-12-01 22:06 - 2016-12-01 22:05 - 02411520 _____ (Farbar) C:\Users\CesarAnDrOiD\Desktop\FRST64.exe
2016-12-01 21:06 - 2016-12-01 21:08 - 00004761 _____ C:\Users\CesarAnDrOiD\Desktop\ZHPCleaner.txt
2016-12-01 21:00 - 2016-12-01 21:08 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\ZHP
2016-12-01 21:00 - 2016-12-01 21:00 - 00000801 _____ C:\Users\CesarAnDrOiD\Desktop\ZHPCleaner.lnk
2016-12-01 21:00 - 2016-12-01 21:00 - 00000037 _____ C:\Users\CesarAnDrOiD\Downloads\file-not-found (1).txt
2016-12-01 20:55 - 2016-12-01 20:55 - 00000037 _____ C:\Users\CesarAnDrOiD\Downloads\file-not-found.txt
2016-12-01 16:52 - 2016-12-01 19:54 - 00000000 ____D C:\AdwCleaner
2016-12-01 10:41 - 2016-12-01 10:41 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\WinSetupFromUSB-1-6
2016-11-30 23:56 - 2016-12-01 08:28 - 602144768 _____ C:\Users\CesarAnDrOiD\Downloads\fr_windows_xp_home_with_service_pack_3_x86_cd_x14-92415.iso
2016-11-30 23:43 - 2016-11-30 23:44 - 00002714 _____ C:\Users\CesarAnDrOiD\Desktop\Rkill.txt
2016-11-30 23:43 - 2016-11-30 23:42 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\CesarAnDrOiD\Desktop\rkill.com
2016-11-30 23:42 - 2016-11-30 23:42 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\CesarAnDrOiD\Downloads\rkill.com
2016-11-30 17:53 - 2016-11-30 17:52 - 00002131 _____ C:\Windows\system32\Drivers\etc\hosts.txt
2016-11-30 17:46 - 2016-11-30 19:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-30 17:46 - 2016-11-30 17:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-30 16:23 - 2016-11-30 17:07 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-11-30 14:36 - 2016-11-30 14:36 - 00032086 _____ C:\Users\CesarAnDrOiD\Documents\cc_20161130_143632.reg
2016-11-30 14:30 - 2016-11-30 19:09 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-11-30 14:30 - 2016-11-30 14:33 - 00000000 ____D C:\Program Files\CCleaner
2016-11-30 14:30 - 2016-11-30 14:30 - 00002818 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-11-30 14:30 - 2016-11-30 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-11-30 07:30 - 2016-11-30 07:30 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-11-30 07:25 - 2016-11-30 17:06 - 00000000 ____D C:\ProgramData\ProductData
2016-11-30 07:25 - 2016-11-30 07:28 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\LocalLow\IObit
2016-11-30 07:25 - 2016-11-30 07:25 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2016-11-30 07:25 - 2016-11-30 07:25 - 00000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2016-11-30 07:24 - 2016-11-30 23:36 - 00000000 ____D C:\Program Files (x86)\IObit
2016-11-30 07:24 - 2016-11-30 17:06 - 00000000 ____D C:\ProgramData\IObit
2016-11-30 07:24 - 2016-11-30 07:28 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\IObit
2016-11-30 00:36 - 2016-11-30 00:36 - 00000000 ____D C:\ProgramData\Steam
2016-11-29 22:27 - 2016-11-30 19:09 - 00000671 _____ C:\Users\Public\Desktop\Call of Duty - Modern Warfare 2.lnk
2016-11-29 16:19 - 2016-11-29 16:19 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\PowerUp Software
2016-11-29 16:01 - 2016-11-30 19:09 - 00002132 _____ C:\Users\Public\Desktop\Pinnacle Game Profiler.lnk
2016-11-29 16:01 - 2016-11-30 06:30 - 00119296 _____ C:\Windows\SysWOW64\zlib.dll
2016-11-29 16:01 - 2016-11-29 16:01 - 00000000 ____D C:\ProgramData\PowerUp Software
2016-11-29 16:01 - 2016-11-29 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Game Profiler
2016-11-29 16:01 - 2016-11-29 16:01 - 00000000 ____D C:\Program Files (x86)\PowerUp Software
2016-11-29 16:01 - 2016-01-03 12:32 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dx8vb.dll
2016-11-29 16:01 - 2016-01-03 12:32 - 00511328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capicom.dll
2016-11-29 16:01 - 2016-01-03 12:32 - 00091632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsofile.dll
2016-11-29 16:01 - 2016-01-03 12:32 - 00057344 _____ () C:\Windows\SysWOW64\ADsSecurity.dll
2016-11-29 16:01 - 2016-01-03 12:32 - 00045056 _____ (vbAccelerator) C:\Windows\SysWOW64\SSubTmr6.dll
2016-11-29 16:01 - 2016-01-03 12:32 - 00045056 _____ (Microsoft) C:\Windows\SysWOW64\NTSVC.ocx
2016-11-29 16:01 - 1998-06-17 23:00 - 00089360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2016-11-29 15:53 - 2016-11-29 15:53 - 00018482 _____ C:\Users\CesarAnDrOiD\Downloads\Call of Duty - Modern Warfare 2.pin
2016-11-29 15:49 - 2016-11-29 15:50 - 00038097 _____ C:\Users\CesarAnDrOiD\Downloads\Call of Duty - Modern Warfare 2 - Multiplayer.pin
2016-11-29 14:38 - 2016-11-30 19:09 - 00002035 _____ C:\Users\Public\Desktop\ESET Banking & Payment protection.lnk
2016-11-29 14:38 - 2016-11-29 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-11-29 14:38 - 2016-11-29 14:38 - 00000000 ____D C:\ProgramData\ESET
2016-11-29 14:38 - 2016-11-29 14:38 - 00000000 ____D C:\Program Files\ESET
2016-11-29 13:56 - 2016-11-29 13:56 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\ESET
2016-11-29 10:58 - 2016-11-30 19:08 - 00001085 _____ C:\Users\CesarAnDrOiD\Desktop\Format Factory.lnk
2016-11-29 10:58 - 2016-11-29 10:58 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-11-29 10:58 - 2016-11-29 10:58 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2016-11-29 10:45 - 2016-11-30 19:09 - 00001083 _____ C:\Users\Public\Desktop\Camtasia 9.lnk
2016-11-29 10:45 - 2016-11-29 10:45 - 00000000 ____D C:\Program Files\TechSmith
2016-11-29 07:44 - 2016-11-29 07:44 - 00000000 ____D C:\Users\CesarAnDrOiD\Documents\Camtasia Studio
2016-11-29 07:40 - 2016-11-29 18:49 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-29 07:40 - 2016-11-29 07:40 - 00000000 ____D C:\ProgramData\Avira
2016-11-29 07:40 - 2016-11-29 07:40 - 00000000 ____D C:\ProgramData\Avg
2016-11-29 07:39 - 2016-11-29 07:39 - 00006044 _____ C:\Windows\System32\Tasks\Cherlesenaerly Controls
2016-11-29 07:39 - 2016-11-29 07:39 - 00003532 _____ C:\Windows\System32\Tasks\d55d54fadd454b4024be170002ed6b6c
2016-11-29 07:38 - 2016-11-29 16:04 - 00000000 ____D C:\Program Files (x86)\Chidry
2016-11-29 07:38 - 2016-11-29 07:50 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\Fulers
2016-11-29 07:38 - 2016-11-29 07:39 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\Granes
2016-11-29 07:33 - 2016-11-29 07:33 - 01897575 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\MoveRemlex.bin
2016-11-29 07:32 - 2016-11-29 07:32 - 07310848 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\agent.dat
2016-11-29 07:32 - 2016-11-29 07:32 - 01908110 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\Lotwarm.tst
2016-11-29 07:32 - 2016-11-29 07:32 - 00126464 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\noah.dat
2016-11-29 07:32 - 2016-11-29 07:32 - 00070704 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\Config.xml
2016-11-29 07:32 - 2016-11-29 07:32 - 00018432 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\Main.dat
2016-11-29 07:32 - 2016-11-29 07:32 - 00005568 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\md.xml
2016-11-29 07:31 - 2016-11-29 07:31 - 00190394 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\SingleRuntrax.bin
2016-11-29 07:30 - 2016-11-29 07:30 - 00140288 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\Installer.dat
2016-11-29 07:30 - 2016-11-29 07:30 - 00016224 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\InstallationConfiguration.xml
2016-11-28 21:11 - 2016-11-28 22:12 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\مذكرة ماجستير غوغة محمد أمين نهائية
2016-11-28 21:10 - 2016-11-18 16:32 - 00498299 _____ C:\Users\CesarAnDrOiD\Desktop\مذكرة ماجستير غوغة محمد أمين نهائية.rar
2016-11-28 17:10 - 2016-12-01 20:48 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\LocalLow\uTorrent
2016-11-28 15:48 - 2016-11-30 14:35 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\CrashDumps
2016-11-28 07:18 - 2016-11-28 07:19 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\الادارة بالاهداف
2016-11-27 10:59 - 2016-11-30 19:08 - 00002851 _____ C:\Users\CesarAnDrOiD\Desktop\Word 2016.lnk
2016-11-27 10:59 - 2016-11-30 19:08 - 00002829 _____ C:\Users\CesarAnDrOiD\Desktop\PowerPoint 2016.lnk
2016-11-27 10:40 - 2016-11-27 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-11-27 10:40 - 2016-11-27 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-11-27 10:38 - 2016-11-27 10:38 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2016-11-27 10:37 - 2016-11-27 10:37 - 00000000 ____D C:\Program Files\Microsoft Sync Framework
2016-11-27 10:37 - 2016-11-27 10:37 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-11-27 10:32 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-11-27 10:23 - 2016-11-27 10:23 - 00000000 ___RD C:\Users\CesarAnDrOiD\AppData\Roaming\Brother
2016-11-27 10:23 - 2016-11-27 10:23 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\LocalLow\Brother
2016-11-26 16:35 - 2016-11-26 16:35 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\Microsoft Toolkit v2.6.2.E_M_A
2016-11-25 23:26 - 2016-11-25 23:26 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\ControlCenter4
2016-11-25 23:23 - 2016-11-30 19:09 - 00002164 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk
2016-11-25 23:23 - 2016-11-27 10:26 - 00007889 _____ C:\Windows\BRRBCOM.INI
2016-11-25 23:23 - 2016-11-25 23:23 - 00007818 _____ C:\Windows\BROPJ172W.INI
2016-11-25 23:23 - 2016-11-25 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2016-11-25 23:22 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
2016-11-25 23:22 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\Browny02
2016-11-25 23:22 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\Brother
2016-11-25 23:22 - 2016-11-25 23:22 - 00000000 ____D C:\ProgramData\ControlCenter4
2016-11-25 23:22 - 2016-11-25 23:22 - 00000000 ____D C:\Brother
2016-11-25 23:22 - 2013-05-09 13:34 - 00002560 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
2016-11-25 23:22 - 2013-04-15 18:29 - 00180224 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL
2016-11-25 23:22 - 2013-04-15 18:29 - 00133744 _____ (Brother Industries Ltd) C:\Windows\SysWOW64\BRRBI13A.EXE
2016-11-25 23:22 - 2013-04-15 18:29 - 00077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL
2016-11-25 23:22 - 2013-04-15 18:29 - 00050688 _____ (Brother Industries Ltd.) C:\Windows\SysWOW64\BRPRTINK.DLL
2016-11-25 23:22 - 2013-04-15 18:29 - 00045056 _____ C:\Windows\SysWOW64\BRTCPCON.DLL
2016-11-25 23:22 - 2013-04-15 18:29 - 00025299 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL
2016-11-25 23:22 - 2013-04-15 18:29 - 00000114 _____ C:\Windows\SysWOW64\BRLMW03A.INI
2016-11-25 23:22 - 2013-04-15 01:00 - 00227328 _____ (Brother Industries, Ltd.) C:\Windows\system32\BRCOI13I.DLL
2016-11-25 23:22 - 2013-01-10 13:56 - 00253952 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
2016-11-25 23:22 - 2012-10-19 21:07 - 01441792 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrWi212c.dll
2016-11-25 23:22 - 2012-10-19 21:03 - 00054272 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrUsi12c.dll
2016-11-25 23:22 - 2012-07-06 19:56 - 00012800 _____ (Brother Industries Ltd.) C:\Windows\system32\BrCiImg.dll
2016-11-25 23:22 - 2011-09-08 18:36 - 00279040 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrJDec.dll
2016-11-25 23:22 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2016-11-25 23:22 - 2007-12-13 22:16 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
2016-11-25 23:20 - 2016-11-25 23:23 - 00000000 ____D C:\ProgramData\Brother
2016-11-25 19:57 - 2016-11-25 19:57 - 00084388 _____ C:\Users\CesarAnDrOiD\Downloads\Arabic Transparent Bold.ttf
2016-11-25 19:57 - 2016-11-25 19:57 - 00084388 _____ C:\Users\CesarAnDrOiD\Downloads\Arabic Transparent Bold (1).ttf
2016-11-24 22:26 - 2016-11-30 23:37 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\Guitar Pro 6
2016-11-24 22:26 - 2016-11-24 22:26 - 00000000 ____D C:\ProgramData\Guitar Pro 6
2016-11-24 21:12 - 2016-11-24 21:12 - 00001898 _____ C:\Users\CesarAnDrOiD\Downloads\GuitarProV6.1.9.11686MultiLang_201609_archive.torrent
2016-11-24 17:49 - 2016-11-24 17:49 - 00026027 _____ C:\Users\CesarAnDrOiD\Downloads\FaresCD.Com.PESTN17.1.0_archive.torrent
2016-11-24 07:20 - 2016-11-29 07:44 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\TechSmith
2016-11-24 07:20 - 2016-11-24 07:23 - 00000000 ____D C:\Users\CesarAnDrOiD\Documents\Snagit
2016-11-24 07:13 - 2016-11-30 19:09 - 00001184 _____ C:\Users\Public\Desktop\Snagit 13 Editor.lnk
2016-11-24 07:13 - 2016-11-30 19:09 - 00001136 _____ C:\Users\Public\Desktop\Snagit 13.lnk
2016-11-24 07:13 - 2016-11-29 10:49 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\TechSmith
2016-11-24 07:13 - 2016-11-29 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2016-11-24 07:13 - 2016-11-24 07:13 - 00003830 _____ C:\Windows\System32\Tasks\TechSmith Updater
2016-11-24 07:12 - 2016-11-29 10:45 - 00000000 ____D C:\ProgramData\TechSmith
2016-11-24 07:12 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\TechSmith
2016-11-24 06:42 - 2016-11-24 06:42 - 00005203 _____ C:\Users\CesarAnDrOiD\Downloads\FaresCD.Com.Sn.7015_archive.torrent
2016-11-23 12:02 - 2016-11-23 12:49 - 01164095 _____ C:\Users\CesarAnDrOiD\Desktop\الملخص.pptx
2016-11-22 22:27 - 2016-11-22 22:27 - 00000000 __SHD C:\Users\CesarAnDrOiD\AppData\Roaming\Latas
2016-11-22 22:26 - 2016-11-30 19:08 - 00001343 _____ C:\Users\CesarAnDrOiD\Desktop\Hein 4.3.1.lnk
2016-11-22 22:26 - 2016-11-30 19:08 - 00001335 _____ C:\Users\CesarAnDrOiD\Desktop\Hein 4.2.lnk
2016-11-22 22:24 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-11-22 22:24 - 2016-11-22 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-11-22 22:24 - 2016-11-22 22:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-11-22 20:20 - 2016-11-22 20:20 - 00000000 ____D C:\Windows\pss
2016-11-21 14:52 - 2016-11-21 14:52 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\SolidDocuments
2016-11-20 19:28 - 2016-11-28 06:59 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\سعر الصرف
2016-11-20 18:31 - 2016-12-01 21:09 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\LocalLow\Mozilla
2016-11-20 10:59 - 2016-12-01 19:55 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-11-20 08:12 - 2016-11-10 15:22 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\بحوث اقتصادية
2016-11-19 19:11 - 2016-11-19 19:11 - 00040607 _____ C:\Users\CesarAnDrOiD\Downloads\FaresCD.Com.PES.Pro.Pat.2017.V1_archive.torrent
2016-11-18 19:45 - 2016-11-19 18:48 - 1487897519 _____ C:\Users\CesarAnDrOiD\Downloads\iPhone6,2_7.0.3_11B511_Restore.ipsw
2016-11-18 18:56 - 2016-11-30 19:09 - 00001751 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-11-18 18:56 - 2016-11-18 18:57 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\Apple Computer
2016-11-18 18:56 - 2016-11-18 18:56 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\Apple Computer
2016-11-18 18:56 - 2016-11-18 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-18 18:56 - 2016-11-18 18:56 - 00000000 ____D C:\ProgramData\Apple Computer
2016-11-18 18:56 - 2016-11-18 18:56 - 00000000 ____D C:\Program Files\iTunes
2016-11-18 18:56 - 2016-11-18 18:56 - 00000000 ____D C:\Program Files\iPod
2016-11-18 18:55 - 2016-11-30 19:09 - 00002563 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-11-18 18:55 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-11-18 18:55 - 2016-11-18 18:55 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-11-18 18:55 - 2016-11-18 18:55 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\Apple
2016-11-18 18:53 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-11-18 18:53 - 2016-11-18 18:56 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-18 18:53 - 2016-11-18 18:54 - 00000000 ____D C:\ProgramData\Apple
2016-11-18 18:53 - 2016-11-18 18:53 - 00000000 ____D C:\Program Files\Bonjour
2016-11-17 20:36 - 2016-11-30 19:08 - 00001982 _____ C:\Users\CesarAnDrOiD\Desktop\NCK Samsung By Shahzeb.lnk
2016-11-17 20:36 - 2016-11-17 20:36 - 13487022 _____ C:\Users\CesarAnDrOiD\Desktop\NCK Samsung.rar
2016-11-17 20:36 - 2016-11-17 20:36 - 00000000 ____D C:\Program Files\NCK_Samsung By Shahzeb
2016-11-17 18:55 - 2016-11-17 18:55 - 00000000 ____D C:\Users\CesarAnDrOiD\Documents\ViberDownloads
2016-11-17 15:19 - 2016-11-17 15:19 - 00059904 _____ C:\Users\CesarAnDrOiD\Desktop\New Microsoft Publisher Document (2).pub
2016-11-17 12:23 - 2016-11-30 19:09 - 00000925 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2016-11-17 12:23 - 2016-11-30 19:08 - 00000923 _____ C:\Users\CesarAnDrOiD\Desktop\Viber.lnk
2016-11-17 12:23 - 2016-11-22 20:12 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\ViberPC
2016-11-17 12:23 - 2016-11-17 12:23 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
2016-11-17 12:23 - 2016-11-17 12:23 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\Viber
2016-11-17 12:23 - 2016-11-17 12:23 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\Package Cache
2016-11-15 17:05 - 2016-11-15 17:05 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\Macromedia
2016-11-15 17:02 - 2016-11-15 17:02 - 00000000 _____ C:\Users\CesarAnDrOiD\Desktop\New Text Document (2).txt
2016-11-15 16:54 - 2016-11-29 07:47 - 00000000 ____D C:\Windows\system32\appmgmt
2016-11-15 16:54 - 2016-10-10 15:01 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\XI.Pro.11.0.18
2016-11-15 14:26 - 2016-11-15 14:26 - 00000000 ____D C:\Users\CesarAnDrOiD\Documents\قوالب Office المخصصة
2016-11-14 22:14 - 2016-11-30 19:08 - 00001836 _____ C:\Users\CesarAnDrOiD\Desktop\PES2017-DpFileListGeneratorv1.8byBaris - Shortcut.lnk
2016-11-14 21:53 - 2016-11-05 14:42 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\FaresCD.Com.PTE17.2.0
2016-11-14 10:08 - 2016-11-30 19:09 - 00002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2016-11-14 10:08 - 2016-11-30 19:09 - 00002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2016-11-14 10:08 - 2016-11-30 19:09 - 00002164 _____ C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2016-11-14 10:08 - 2016-11-30 19:09 - 00002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2016-11-14 10:08 - 2016-11-30 19:09 - 00002032 _____ C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2016-11-14 10:08 - 2016-11-20 22:54 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-11-14 09:54 - 2016-11-14 09:54 - 00016358 _____ C:\Users\CesarAnDrOiD\Downloads\4E87A7A3D8C823960AB9B885B1A450582F59B166.torrent
2016-11-14 06:18 - 2016-11-17 11:30 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\الاسواق المالية
2016-11-13 21:33 - 2016-11-13 21:33 - 00167220 _____ C:\Users\CesarAnDrOiD\Downloads\لمحه تاريخيه عن نشاة اسواق المال.htm
2016-11-13 21:33 - 2016-11-13 21:33 - 00000000 ____D C:\Users\CesarAnDrOiD\Downloads\لمحه تاريخيه عن نشاة اسواق المال_files
2016-11-13 21:32 - 2016-11-13 21:32 - 00067082 _____ C:\Users\CesarAnDrOiD\Downloads\تاريخ الاسواق المالية - منتديات تداول.htm
2016-11-13 21:32 - 2016-11-13 21:32 - 00000000 ____D C:\Users\CesarAnDrOiD\Downloads\تاريخ الاسواق المالية - منتديات تداول_files
2016-11-13 20:51 - 2016-11-13 20:51 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\ABBYY
2016-11-13 20:47 - 2016-11-30 19:09 - 00002911 _____ C:\Users\Public\Desktop\ABBYY FineReader 12.lnk
2016-11-13 20:47 - 2016-11-13 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 12
2016-11-13 20:39 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\ABBYY FineReader 12
2016-11-13 20:39 - 2016-11-13 20:39 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\ABBYY
2016-11-13 20:37 - 2016-11-13 20:37 - 00000000 ____D C:\ProgramData\ABBYY
2016-11-13 20:32 - 2016-11-13 20:32 - 00000000 ____D C:\temp
2016-11-13 10:08 - 2016-11-28 19:18 - 00000000 ____D C:\Users\CesarAnDrOiD\Downloads\SHAREit
2016-11-13 10:08 - 2016-11-13 10:08 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\SHAREit
2016-11-13 10:08 - 2016-11-13 10:08 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\Lenovo
2016-11-13 10:08 - 2016-11-13 10:08 - 00000000 ____D C:\ProgramData\Lenovo
2016-11-13 09:28 - 2016-11-30 19:09 - 00001117 _____ C:\Users\Public\Desktop\SHAREit.lnk
2016-11-13 09:28 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\SHAREit
2016-11-13 09:28 - 2016-11-13 09:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit
2016-11-13 07:51 - 2016-11-13 07:51 - 00059904 _____ C:\Users\CesarAnDrOiD\Desktop\New Microsoft Publisher Document.pub
2016-11-13 06:28 - 2016-11-13 06:28 - 00024981 _____ C:\Users\CesarAnDrOiD\Downloads\Pro.Evolution.Soccer.2017-FULL.UNLOCKED.torrent
2016-11-13 06:19 - 2016-11-23 09:05 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\TeraCopy
2016-11-12 17:15 - 2016-11-12 17:16 - 06459585 _____ C:\Users\CesarAnDrOiD\Downloads\com.imo.android.imoim-9.8.000000003781-APK4Fun.com.apk
2016-11-12 16:40 - 2016-11-12 17:24 - 89962287 _____ C:\Users\CesarAnDrOiD\Downloads\Taxi.Sim.1.5.0.Mod.MyEGY.apk
2016-11-12 16:39 - 2016-11-12 17:08 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\Drive H
2016-11-12 16:37 - 2016-11-12 16:37 - 00019484 _____ C:\Users\CesarAnDrOiD\Downloads\FaresCD.Com.Pes.2017.Arabic_archive.torrent
2016-11-12 12:35 - 2016-11-12 12:48 - 34749440 _____ C:\Users\CesarAnDrOiD\Downloads\CSC_OJV_T116OJV0AOB3_CL337688_QB3984348_REV04_user_low_ship-v2-cmcm.tar
2016-11-11 22:48 - 2016-11-11 22:48 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\Recovery_for_MM575-291
2016-11-11 22:48 - 2016-11-11 22:15 - 04246567 _____ C:\Users\CesarAnDrOiD\Desktop\Recovery_for_MM575-291.7z
2016-11-11 22:39 - 2016-11-11 22:42 - 10782360 _____ C:\Users\CesarAnDrOiD\Downloads\D65XX_23.5.A.0.575_Kernel_Only.ftf
2016-11-11 22:36 - 2016-11-14 09:57 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2016-11-11 22:35 - 2016-11-12 23:51 - 00000000 ____D C:\Flashtool
2016-11-11 22:34 - 2016-09-22 15:33 - 150704880 _____ (Androxyde) C:\Users\CesarAnDrOiD\Desktop\flashtool-0.9.20.0-windows_2.exe
2016-11-11 22:06 - 2016-11-11 22:06 - 00000000 ____D C:\adb
2016-11-11 19:53 - 2016-11-11 19:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggsomc_01009.Wdf
2016-11-11 19:38 - 2016-11-11 19:38 - 00015553 _____ C:\Users\CesarAnDrOiD\Downloads\FaresCD.Com.ABB.FineR.12.0.101.496_archive.torrent
2016-11-11 19:34 - 2016-11-30 19:08 - 00000958 _____ C:\Users\CesarAnDrOiD\Desktop\Emma.lnk
2016-11-11 19:32 - 2016-11-11 19:33 - 00000000 ____D C:\Program Files\Sony Mobile
2016-11-11 18:38 - 2016-11-11 19:34 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2016-11-11 18:38 - 2016-11-11 18:38 - 00030424 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggsomc.sys
2016-11-11 18:38 - 2016-11-11 18:38 - 00016088 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2016-11-11 18:37 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2016-11-11 17:47 - 2016-11-11 17:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2016-11-11 17:47 - 2016-11-11 17:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2016-11-11 17:20 - 2016-11-14 09:57 - 00000000 ____D C:\Users\CesarAnDrOiD\.oracle_jre_usage
2016-11-11 17:20 - 2016-11-11 17:20 - 00000000 ____D C:\Users\CesarAnDrOiD\.swt
2016-11-11 17:20 - 2016-11-11 17:20 - 00000000 ____D C:\Users\CesarAnDrOiD\.flashTool
2016-11-11 17:10 - 2016-11-30 19:09 - 00002112 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2016-11-11 17:10 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\Sony
2016-11-11 17:10 - 2016-11-11 17:10 - 00000000 ____D C:\ProgramData\Sony
2016-11-11 17:10 - 2016-11-11 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-11-11 11:36 - 2016-11-11 11:36 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2016-11-11 07:26 - 2016-11-30 19:09 - 00001307 _____ C:\Users\Public\Desktop\Samsung Tool PRO.lnk
2016-11-11 07:26 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\Z3X
2016-11-11 07:26 - 2016-11-11 07:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z3X
2016-11-11 07:25 - 2016-11-11 07:25 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\Z3x crack
2016-11-10 21:34 - 2016-11-10 21:34 - 00040276 _____ C:\Users\CesarAnDrOiD\Downloads\FaresCD.Com.PE2017.And_archive.torrent
2016-11-10 19:41 - 2016-11-10 19:41 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\Odin3 v3.10.7
2016-11-10 15:50 - 2016-11-11 11:40 - 00000011 _____ C:\Users\CesarAnDrOiD\Desktop\New Text Document.txt
2016-11-10 15:04 - 2016-11-10 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-11-10 15:01 - 2016-11-10 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Android Device USB driver
2016-11-10 14:59 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\Intel Android Device USB driver
2016-11-10 14:47 - 2016-11-30 19:08 - 00002261 _____ C:\Users\CesarAnDrOiD\Desktop\Manufacturing Flash Tool.lnk
2016-11-10 14:47 - 2016-11-10 15:24 - 00000107 _____ C:\Users\CesarAnDrOiD\mfgft-stats.csv
2016-11-10 14:47 - 2016-11-10 14:47 - 00000000 ____D C:\ProgramData\INTEL
2016-11-10 14:47 - 2016-11-10 14:47 - 00000000 ____D C:\MFLASH_LOGS
2016-11-10 14:46 - 2016-11-10 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSocUSB Driver
2016-11-10 14:46 - 2013-03-19 16:01 - 00261120 _____ (Intel Corp.) C:\Windows\system32\Drivers\isocusb.sys
2016-11-10 14:46 - 2013-03-19 16:01 - 00167936 _____ (Jungo) C:\Windows\system32\wdapi1100.dll
2016-11-10 14:46 - 2013-03-19 16:01 - 00155648 _____ (Jungo) C:\Windows\SysWOW64\wdapi1100.dll
2016-11-10 11:18 - 2015-08-17 14:30 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\Condor_MTK_SP_Downlad_Tool_V5.1524.000
2016-11-09 19:29 - 2016-11-09 19:29 - 00000000 ____D C:\Users\CesarAnDrOiD\Documents\Custom Office Templates
2016-11-06 17:52 - 2016-11-06 17:53 - 04077277 _____ (Igor Pavlov) C:\Users\CesarAnDrOiD\Downloads\a7cn48ww_32.exe
2016-11-06 17:52 - 2016-11-06 17:52 - 04253528 _____ (Igor Pavlov) C:\Users\CesarAnDrOiD\Downloads\a7cn48ww_64.exe
2016-11-06 17:29 - 2016-11-06 17:30 - 05692064 _____ (Lenovo Group Limited ) C:\Users\CesarAnDrOiD\Downloads\b0cna0ww.exe
2016-11-06 17:21 - 2016-11-06 17:23 - 05033704 _____ (Lenovo Group Limited ) C:\Users\CesarAnDrOiD\Downloads\45gu01wf.exe
2016-11-06 15:51 - 2016-11-06 15:51 - 00021925 _____ C:\Users\CesarAnDrOiD\Downloads\FaresCD.Com.PTE17.2.0_archive.torrent
2016-11-05 19:48 - 2016-11-05 19:48 - 00029167 _____ C:\Users\CesarAnDrOiD\Downloads\FaresCD.Com.W10LITE.AIO.MUL_archive.torrent
2016-11-04 16:38 - 2016-11-04 16:38 - 00035757 _____ C:\Users\CesarAnDrOiD\Downloads\FaresCD.Com.Pro.Games.2017_archive.torrent
2016-11-03 15:34 - 2016-11-03 15:47 - 00000000 ____D C:\Users\CesarAnDrOiD\VirtualBox VMs
2016-11-03 15:32 - 2016-11-03 15:47 - 00000000 ____D C:\Users\CesarAnDrOiD\.VirtualBox
2016-11-03 15:28 - 2016-11-30 19:09 - 00001078 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-11-03 15:28 - 2016-11-03 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-11-03 15:28 - 2016-10-18 23:43 - 00933088 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2016-11-03 15:27 - 2016-11-03 15:27 - 00000000 ____D C:\Program Files\Oracle
2016-11-03 15:27 - 2016-10-18 23:43 - 00150280 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-11-03 13:35 - 2016-11-03 13:37 - 10076112 _____ C:\Users\CesarAnDrOiD\Downloads\Patch Tool.zip
2016-11-03 13:35 - 2016-11-03 13:36 - 03096576 _____ C:\Users\CesarAnDrOiD\Downloads\VM Tool.iso
2016-11-03 13:34 - 2016-11-03 13:34 - 01503551 _____ C:\Users\CesarAnDrOiD\Downloads\Edit VMX File (Sierra).pdf
2016-11-03 11:07 - 2016-11-03 11:07 - 00000000 ____D C:\Users\CesarAnDrOiD\Documents\KONAMI
2016-11-03 11:07 - 2016-11-03 11:07 - 00000000 ____D C:\ProgramData\KONAMI
2016-11-03 11:06 - 2016-11-21 07:20 - 00000000 ____D C:\Users\CesarAnDrOiD\Documents\CPY_SAVES
2016-11-02 19:28 - 2016-11-02 19:28 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\canon lbp 6030
2016-11-02 19:25 - 2016-11-02 19:25 - 00029405 _____ C:\Users\CesarAnDrOiD\Downloads\FaresCD.Com.Power.Mega.2017_archive.torrent
2016-11-02 19:21 - 2016-11-02 19:21 - 00011815 _____ C:\Users\CesarAnDrOiD\Downloads\FaresCD.Com.All.Act.10.0_archive.torrent
2016-11-02 14:29 - 2016-11-02 14:29 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\rufus_files
2016-11-02 14:26 - 2016-11-02 14:26 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\epm
2016-11-01 13:11 - 2016-11-30 19:09 - 00001352 _____ C:\Users\Public\Desktop\EaseUS Partition Master 11.0.lnk
2016-11-01 13:11 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\EaseUS
2016-11-01 13:11 - 2016-11-01 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 11.0
2016-11-01 13:11 - 2016-04-26 09:29 - 03563712 _____ C:\Windows\system32\BootMan.exe
2016-11-01 13:11 - 2016-04-26 09:29 - 02662592 _____ C:\Windows\SysWOW64\BootMan.exe
2016-11-01 13:11 - 2016-01-20 20:07 - 00101984 _____ C:\Windows\system32\setupempdrvx64.exe
2016-11-01 13:11 - 2016-01-20 20:07 - 00088160 _____ C:\Windows\SysWOW64\setupempdrv03.exe
2016-11-01 13:11 - 2016-01-20 20:07 - 00018528 _____ C:\Windows\system32\epmntdrv.sys
2016-11-01 13:11 - 2016-01-20 20:07 - 00015968 _____ C:\Windows\SysWOW64\epmntdrv.sys
2016-11-01 13:11 - 2016-01-20 20:07 - 00010848 _____ C:\Windows\system32\EuGdiDrv.sys
2016-11-01 13:11 - 2016-01-20 20:07 - 00010208 _____ C:\Windows\SysWOW64\EuGdiDrv.sys
2016-11-01 13:11 - 2014-11-18 22:46 - 00021088 _____ C:\Windows\SysWOW64\EuEpmGdi.dll
2016-11-01 13:11 - 2014-11-18 22:46 - 00017504 _____ C:\Windows\system32\EuEpmGdi.dll
2016-11-01 10:41 - 2016-11-14 21:41 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\Adobe
2016-11-01 10:41 - 2016-11-01 10:41 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\LocalLow\Adobe
2016-11-01 10:41 - 2016-11-01 10:41 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\CEF
2016-11-01 10:35 - 2016-11-30 19:08 - 00000978 _____ C:\Users\CesarAnDrOiD\Desktop\Telegram.lnk
2016-11-01 10:35 - 2016-11-22 20:11 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\Telegram Desktop
2016-11-01 10:35 - 2016-11-01 10:35 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2016-11-01 08:28 - 2016-11-01 08:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2016-11-01 08:17 - 2016-11-01 08:17 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-11-01 08:15 - 2016-11-30 19:09 - 00001619 _____ C:\Users\Public\Desktop\Launch Care Suite.lnk
2016-11-01 08:14 - 2016-11-01 08:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
2016-11-01 08:13 - 2016-11-29 07:39 - 00000000 ____D C:\Program Files (x86)\PC Connectivity Solution
2016-11-01 08:13 - 2016-11-11 22:07 - 00000000 ____D C:\Program Files\DIFX
2016-11-01 08:13 - 2008-08-28 20:44 - 00025600 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfdx64.sys
2016-11-01 08:12 - 2005-08-04 00:05 - 00035892 _____ (Prolific Technology Inc.) C:\Windows\SysWOW64\SER9PL.sys
2016-11-01 08:12 - 2005-08-04 00:04 - 00026719 _____ C:\Windows\SysWOW64\SERSPL.VXD
2016-11-01 08:11 - 2016-11-01 08:24 - 00000000 ____D C:\ProgramData\Nokia
2016-11-01 07:29 - 2016-11-10 14:37 - 00000000 ____D C:\ProgramData\SP_FT_Logs
2016-11-01 07:26 - 2016-07-23 15:47 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\SP_Flash_Tool_v5.1628_Win
2016-11-01 07:23 - 2016-11-01 08:56 - 577742888 ____N C:\Users\CesarAnDrOiD\Desktop\OT-4033X-Without Mobilis logo__BY GSMSERVE.rar
2016-11-01 07:23 - 2016-11-01 07:23 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\OT-4033X-Without Mobilis logo__BY GSMSERVE
2016-11-01 06:20 - 2014-08-11 21:59 - 00000000 ____D C:\Users\CesarAnDrOiD\Desktop\059V780

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-01 22:05 - 2016-10-29 19:33 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\uTorrent
2016-12-01 21:33 - 2016-10-29 19:59 - 00000000 ____D C:\Users\CesarAnDrOiD\Downloads\Compressed
2016-12-01 20:56 - 2009-07-14 05:45 - 00032688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-01 20:56 - 2009-07-14 05:45 - 00032688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-01 20:48 - 2016-10-29 19:26 - 00000000 __SHD C:\Users\CesarAnDrOiD\IntelGraphicsProfiles
2016-12-01 20:47 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-01 20:06 - 2016-10-29 19:59 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\DMCache
2016-12-01 19:55 - 2016-10-29 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-01 19:53 - 2016-05-15 21:39 - 02025838 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-01 19:53 - 2016-04-18 22:26 - 00684954 _____ C:\Windows\system32\perfh00C.dat
2016-12-01 19:53 - 2016-04-18 22:26 - 00435188 _____ C:\Windows\system32\perfh001.dat
2016-12-01 19:53 - 2016-04-18 22:26 - 00127070 _____ C:\Windows\system32\perfc00C.dat
2016-12-01 19:53 - 2016-04-18 22:26 - 00076298 _____ C:\Windows\system32\perfc001.dat
2016-12-01 19:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-01 17:43 - 2016-10-31 10:55 - 00000440 __RSH C:\ProgramData\ntuser.pol
2016-11-30 23:56 - 2016-10-29 19:59 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\IDM
2016-11-30 19:09 - 2016-10-30 20:05 - 00001038 _____ C:\Users\Public\Desktop\vspdconfig.exe - Shortcut.lnk
2016-11-30 19:09 - 2016-10-30 17:21 - 00002006 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2016-11-30 19:09 - 2016-10-30 17:21 - 00001996 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2016-11-30 19:09 - 2016-10-29 19:34 - 00002578 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-11-30 19:09 - 2016-10-29 18:57 - 00000904 _____ C:\Users\Public\Desktop\AIMP.lnk
2016-11-30 19:09 - 2016-10-29 18:56 - 00002913 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-11-30 19:09 - 2016-10-29 18:56 - 00002892 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-11-30 19:09 - 2016-10-29 18:56 - 00002887 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-11-30 19:09 - 2016-10-29 18:56 - 00002863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-11-30 19:09 - 2016-10-29 18:56 - 00002841 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-11-30 19:09 - 2016-10-29 18:56 - 00002835 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-11-30 19:09 - 2016-10-29 18:56 - 00002815 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-11-30 19:09 - 2016-10-29 18:56 - 00002807 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-11-30 19:09 - 2016-10-29 18:56 - 00002799 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-11-30 19:09 - 2016-10-29 18:52 - 00001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-11-30 19:09 - 2016-10-29 18:52 - 00001115 _____ C:\Users\Public\Desktop\Opera.lnk
2016-11-30 19:09 - 2016-10-29 18:46 - 00001011 _____ C:\Users\Public\Desktop\UltraISO.lnk
2016-11-30 19:09 - 2016-10-29 18:38 - 00001401 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-30 19:09 - 2016-10-29 18:30 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-11-30 19:09 - 2016-10-29 18:30 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-11-30 19:09 - 2016-10-29 15:20 - 00000922 _____ C:\Users\Public\Desktop\PartitionGuru.lnk
2016-11-30 19:09 - 2016-10-29 12:59 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-11-30 19:09 - 2016-10-29 12:59 - 00000990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-11-30 19:09 - 2016-10-29 12:56 - 00002385 _____ C:\Users\CesarAnDrOiD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-30 19:09 - 2009-07-14 06:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-11-30 19:09 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-11-30 19:09 - 2009-07-14 05:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-11-30 19:09 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-11-30 19:09 - 2009-07-14 05:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-11-30 19:09 - 2009-07-14 05:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-11-30 19:08 - 2016-10-30 19:41 - 00001035 _____ C:\Users\CesarAnDrOiD\Desktop\MEGAsync.lnk
2016-11-30 19:08 - 2016-10-30 19:27 - 00000720 _____ C:\Users\CesarAnDrOiD\Desktop\software for ever group.lnk
2016-11-30 19:08 - 2016-10-30 19:27 - 00000643 _____ C:\Users\CesarAnDrOiD\Desktop\joker-soft.lnk
2016-11-30 19:08 - 2016-10-30 17:26 - 00001095 _____ C:\Users\CesarAnDrOiD\Desktop\R3 Tools.lnk
2016-11-30 19:08 - 2016-10-29 19:59 - 00001035 _____ C:\Users\CesarAnDrOiD\Desktop\Internet Download Manager.lnk
2016-11-30 19:08 - 2016-10-29 19:34 - 00002598 _____ C:\Users\CesarAnDrOiD\Desktop\µTorrent.lnk
2016-11-30 19:08 - 2016-10-29 18:57 - 00001152 _____ C:\Users\CesarAnDrOiD\Desktop\PotPlayer.lnk
2016-11-30 19:08 - 2016-10-29 14:46 - 00001218 _____ C:\Users\CesarAnDrOiD\Desktop\CrystalDiskInfo.lnk
2016-11-30 19:08 - 2016-10-29 12:56 - 00002379 _____ C:\Users\CesarAnDrOiD\Desktop\Google Chrome.lnk
2016-11-30 15:58 - 2016-10-29 18:52 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-30 14:23 - 2016-10-29 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
2016-11-30 14:23 - 2016-10-29 18:46 - 00000000 ____D C:\Program Files (x86)\UltraISO
2016-11-30 07:39 - 2016-10-29 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uTorrent
2016-11-30 07:38 - 2016-10-29 19:23 - 00000000 ____D C:\Windows\Panther
2016-11-30 07:37 - 2016-10-29 18:57 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\AIMP
2016-11-30 07:32 - 2009-07-14 03:34 - 00002102 _____ C:\Windows\system32\Drivers\etc\hosts.back
2016-11-30 00:59 - 2016-10-29 18:37 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\VirtualStore
2016-11-29 22:27 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-11-29 18:49 - 2009-07-14 05:45 - 00506224 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-29 16:13 - 2016-10-30 20:05 - 00000000 ____D C:\Program Files (x86)\Volcano Tool
2016-11-29 16:11 - 2016-10-30 17:16 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-11-29 16:01 - 2016-10-30 17:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-29 15:49 - 2016-10-30 19:27 - 00000000 ____D C:\Miracle Box
2016-11-29 12:10 - 2016-10-29 18:46 - 00000000 ____D C:\Users\CesarAnDrOiD\Documents\My ISO Files
2016-11-29 11:18 - 2016-10-29 19:59 - 00000000 ____D C:\Users\CesarAnDrOiD\Downloads\Video
2016-11-29 10:49 - 2016-10-29 18:37 - 00140136 _____ C:\Users\CesarAnDrOiD\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-29 10:44 - 2016-10-29 11:43 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-29 08:31 - 2016-10-29 18:37 - 00000000 ____D C:\Users\CesarAnDrOiD
2016-11-29 08:16 - 2016-10-29 18:56 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-11-29 08:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-11-29 08:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2016-11-29 07:40 - 2016-10-29 18:57 - 00000000 ____D C:\Program Files (x86)\AIMP3
2016-11-29 07:39 - 2016-10-31 21:33 - 00000000 ____D C:\Program Files (x86)\Nokia
2016-11-29 07:39 - 2016-10-30 17:26 - 00000000 ____D C:\Program Files (x86)\rabi3 android
2016-11-29 07:39 - 2016-10-29 19:59 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-11-29 07:39 - 2016-10-29 19:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-29 07:39 - 2016-10-29 18:57 - 00000000 ____D C:\Program Files (x86)\AIMP
2016-11-29 07:39 - 2016-10-29 18:56 - 00000000 ____D C:\Program Files (x86)\SAM CoDeC Pack
2016-11-29 07:39 - 2016-10-29 18:56 - 00000000 ____D C:\Program Files (x86)\Intel
2016-11-29 07:39 - 2016-10-29 18:56 - 00000000 ____D C:\Program Files (x86)\Daum
2016-11-29 07:39 - 2016-10-29 18:56 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-11-29 07:39 - 2016-10-29 18:54 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-11-29 07:39 - 2016-10-29 18:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-11-29 07:39 - 2016-10-29 18:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-29 07:39 - 2016-10-29 14:46 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-11-29 07:39 - 2016-10-29 13:30 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-11-29 07:39 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-11-29 07:39 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-11-29 07:39 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-29 07:39 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-11-29 07:39 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-11-29 07:39 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-11-29 07:39 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-11-27 10:53 - 2016-10-29 18:54 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-11-27 10:37 - 2016-10-29 18:49 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-27 10:37 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-11-27 10:34 - 2011-04-12 09:28 - 00000000 ____D C:\Windows\ShellNew
2016-11-25 11:30 - 2016-10-29 18:52 - 00003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1477763557
2016-11-23 12:00 - 2016-10-31 15:53 - 00000000 ____D C:\Program Files\TeraCopy
2016-11-18 17:25 - 2016-10-30 19:43 - 00000000 ____D C:\Users\CesarAnDrOiD\Documents\MEGAsync Downloads
2016-11-15 17:05 - 2016-10-29 18:38 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\Adobe
2016-11-14 16:29 - 2016-10-29 13:29 - 00000000 ____D C:\ProgramData\Adobe
2016-11-14 06:16 - 2016-10-30 19:41 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\MEGAsync
2016-11-13 20:31 - 2016-10-29 18:57 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Roaming\PotPlayerMini
2016-11-13 00:01 - 2009-07-14 03:34 - 00000638 _____ C:\Windows\win.ini
2016-11-11 16:44 - 2016-10-29 12:59 - 00000000 ____D C:\Users\CesarAnDrOiD\AppData\Local\Mozilla
2016-11-11 07:25 - 2016-08-27 20:25 - 40428222 _____ C:\Users\CesarAnDrOiD\Desktop\Z3x crack.rar
2016-11-10 14:46 - 2016-10-29 18:56 - 00000000 ____D C:\Program Files\Intel
2016-11-08 15:51 - 2016-10-29 13:30 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-01 17:17 - 2016-10-29 19:36 - 00000000 ____D C:\Users\CesarAnDrOiD\Downloads\Max Payne 3 - Complete Edition [FitGirl Repack]

==================== Files in the root of some directories =======

2016-11-29 07:32 - 2016-11-29 07:32 - 7310848 _____ () C:\Users\CesarAnDrOiD\AppData\Roaming\agent.dat
2016-11-29 07:32 - 2016-11-29 07:32 - 0070704 _____ () C:\Users\CesarAnDrOiD\AppData\Roaming\Config.xml
2016-11-29 07:30 - 2016-11-29 07:30 - 0016224 _____ () C:\Users\CesarAnDrOiD\AppData\Roaming\InstallationConfiguration.xml
2016-11-29 07:30 - 2016-11-29 07:30 - 0140288 _____ () C:\Users\CesarAnDrOiD\AppData\Roaming\Installer.dat
2016-11-29 07:32 - 2016-11-29 07:32 - 1908110 _____ () C:\Users\CesarAnDrOiD\AppData\Roaming\Lotwarm.tst
2016-11-29 07:32 - 2016-11-29 07:32 - 0018432 _____ () C:\Users\CesarAnDrOiD\AppData\Roaming\Main.dat
2016-11-29 07:32 - 2016-11-29 07:32 - 0005568 _____ () C:\Users\CesarAnDrOiD\AppData\Roaming\md.xml
2016-11-29 07:33 - 2016-11-29 07:33 - 1897575 _____ () C:\Users\CesarAnDrOiD\AppData\Roaming\MoveRemlex.bin
2016-11-29 07:32 - 2016-11-29 07:32 - 0126464 _____ () C:\Users\CesarAnDrOiD\AppData\Roaming\noah.dat
2016-11-29 07:31 - 2016-11-29 07:31 - 0190394 _____ () C:\Users\CesarAnDrOiD\AppData\Roaming\SingleRuntrax.bin
2016-11-29 07:33 - 2016-11-29 07:33 - 0032038 _____ () C:\Users\CesarAnDrOiD\AppData\Roaming\uninstall_temp.ico

Some files in TEMP:
====================
C:\Users\CesarAnDrOiD\AppData\Local\Temp\libeay32.dll
C:\Users\CesarAnDrOiD\AppData\Local\Temp\msvcr120.dll
C:\Users\CesarAnDrOiD\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-11-24 00:55

==================== End of FRST.txt ============================

Publicité

Signaler le contenu de ce document

Publicité