Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Regsvr32 Module failed to load error

Started by bonhiver , Jan 27 2018 03:59 AM
HELP frst regsvr32

  • This topic is locked This topic is locked

#1
bonhiver
Posted 27 January 2018 - 03:59 AM

bonhiver

    New Member

  • Member
  • Pip
  • 6 posts

Hello. I've been receiving this error on startup for a few months already. A help is very much appreciated! :(

reg1.png

 

 

Here are my FRST results:

 

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.01.2018
Ran by maran (administrator) on MARANATHA (27-01-2018 16:12:11)
Running from C:\Users\maran\Desktop
Loaded Profiles: maran (Available Profiles: maran & ReportServer & MSSQLFDLauncher & MSSQLSERVER)
Platform: Windows 10 Enterprise Version 1709 16299.192 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(HP) C:\Windows\System32\HP3DDGService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Dell Inc.) C:\Windows\System32\ngvpnmgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(iFunSoft) C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe
() C:\xampp\mysql\bin\mysqld.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Simnet Ltd. ) C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(BitTorrent Inc.) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe
(OLYMPUS IMAGING CORP.) C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
() C:\xampp\xampp-control.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(BitTorrent Inc.) C:\Users\maran\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(BitTorrent Inc.) C:\Users\maran\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(Pushbullet Inc) C:\Users\maran\AppData\Local\Pushbullet\bin\pushbullet_client.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Users\maran\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\maran\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\maran\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\maran\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\maran\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\CredentialUIBroker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230304 2017-12-09] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [735544 2015-08-07] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2015-09-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5764384 2017-11-20] (IObit)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [1910424 2017-10-30] ()
HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [55664 2014-11-19] (OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [SmartRAM] => C:\Program Files (x86)\IObit\Advanced SystemCare\Suo10_SmartRAM.exe [562976 2017-02-10] (IObit)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [Simple Sticky Notes] => C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe [1461768 2018-01-21] (Simnet Ltd. )
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [Advanced SystemCare 10] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3920672 2017-03-30] (IObit)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [Eztion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\maran\AppData\Local\YQPack\dchwypkt.dll <==== ATTENTION
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4019312 2017-03-28] (Tonec Inc.)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [BitTorrent] => C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe [2150088 2017-07-15] (BitTorrent Inc.)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [420208 2014-11-19] (OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [Spotify Web Helper] => C:\Users\maran\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-25] (Spotify Ltd)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell VPN Connection.lnk [2017-06-18]
ShortcutTarget: Dell VPN Connection.lnk ->  (No File)
Startup: C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XAMPP Control Panel.lnk [2016-09-20]
ShortcutTarget: XAMPP Control Panel.lnk -> C:\xampp\xampp-control.exe ()
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2763142683-1454455776-2827359566-1001] => 170.1.188.133:8080
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{25ebb883-603b-4b94-a76c-207203c47890}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{29f5be8f-0fe6-4823-b582-2fbf60071e3f}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{88dd9597-2871-44ac-aa21-01f8e2713050}: [DhcpNameServer] 192.168.15.1

Internet Explorer:
==================
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-01-22] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-22] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-13] (Oracle Corporation)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2016-08-03] (IObit)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-13] (Oracle Corporation)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: jc83uiyi.default
FF ProfilePath: C:\Users\maran\AppData\Roaming\Mozilla\Firefox\Profiles\jc83uiyi.default [2018-01-27]
FF user.js: detected! => C:\Users\maran\AppData\Roaming\Mozilla\Firefox\Profiles\jc83uiyi.default\user.js [2017-12-13]
FF Extension: (Looking Glass) - C:\Users\maran\AppData\Roaming\Mozilla\Firefox\Profiles\jc83uiyi.default\Extensions\[email protected] [2017-12-13] [Legacy]
FF Extension: (Wildfire) - C:\Users\maran\AppData\Roaming\Mozilla\Firefox\Profiles\jc83uiyi.default\Extensions\[email protected] [2018-01-22]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2016\\antispam32\bdwteff => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2016\\antispam32\bdwteff => not found
FF HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (No Name) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2017-03-28]
FF HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26] [Legacy]
FF HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\maran\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\maran\AppData\Roaming\IDM\idmmzcc5 [2017-04-13] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)

Chrome: 
=======
CHR HomePage: Default -> hxxp://search.babylon.com/?affID=111015&tt=300511_band1&babsrc=HP_ss&mntrId=e4234abc000000000000000000000000
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR NewTab: Default ->  Active:"chrome-extension://oeiijfgmbaopeehamdhiiepidbpfkcda/index.html"
CHR Profile: C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default [2018-01-27]
CHR Extension: (Adblock Plus) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-27]
CHR Extension: (Pushbullet) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2017-12-11]
CHR Extension: (iMacros for Chrome) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2018-01-22]
CHR Extension: (Grammarly for Chrome) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-01-27]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2018-01-24]
CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-12-21]
CHR Extension: (SessionBox - Free multi login to any website) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\megbklhjamjbcafknkgmokldgolkdfig [2018-01-24]
CHR Extension: (Everliker | Free Bot) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbohdphjekodehfnilakihailcpjcdkm [2018-01-22]
CHR Extension: (IDM Integration Module) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-01-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (FOCUS) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolfchbaajenmoghacolnbilmdfjeabi [2017-12-13]
CHR Extension: (OverTask) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeiijfgmbaopeehamdhiiepidbpfkcda [2017-12-13]
CHR Extension: (Chrome Media Router) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-13]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-04-07]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-04-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2017-03-21] (IObit)
R2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2015-01-29] (Apache Software Foundation) [File not signed]
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [104824 2015-08-07] (Alps Electric Co., Ltd.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2018-01-18] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7780528 2018-01-15] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-26] (NVIDIA Corporation)
R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2015-09-03] (Hewlett-Packard Development Company, L.P.)
S3 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 iFunSoftUpdaterSvc; C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe [2956472 2017-12-25] (iFunSoft)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [359848 2015-09-09] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1769760 2017-11-14] (IObit)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
S2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation)
S3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation)
S2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation)
R2 mysql; C:\xampp\mysql\bin\mysqld.exe [11045376 2015-03-26] () [File not signed]
R2 NgVpnMgr; C:\WINDOWS\system32\ngvpnmgr.exe [584160 2016-05-06] (Dell Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-26] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-26] (NVIDIA Corporation)
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2467008 2015-04-20] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-12-09] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Corporation)
S4 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2016-03-27] () [File not signed]
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation)
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 Tomcat7; C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe [103936 2013-10-18] (Apache Software Foundation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-23] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-23] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe [440832 2016-12-15] (Wondershare) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [54296 2017-10-03] (HP)
R3 bcbtums; C:\WINDOWS\system32\DRIVERS\bcbtums.sys [186152 2017-12-09] (Broadcom Corporation.)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11794376 2017-07-13] (Broadcom Corp)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S1 DNE; C:\WINDOWS\system32\DRIVERS\dnelwf64.sys [327976 2015-10-14] (Citrix Systems, Inc.)
S3 ElcMouLFlt; C:\WINDOWS\System32\drivers\ElcMouLFlt.sys [28648 2015-09-10] (ELECOM)
S3 ElcMouUFlt; C:\WINDOWS\System32\drivers\ElcMouUFlt.sys [27624 2015-09-10] (ELECOM)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-12-03] (EldoS Corporation)
S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-12-09] (ELAN Microelectronic Corp.)
R2 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [183576 2016-12-05] (BitDefender LLC)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [40472 2017-10-03] (HP)
S1 HssDRV6; C:\WINDOWS\system32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-03-29] (REALiX(tm))
R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [44096 2017-03-17] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39288 2017-03-08] (IObit.com)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40440 2017-02-17] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [34080 2017-06-23] (IObit.com)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R1 MpKsl67ed0c68; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3FFDB675-F6B7-422C-9E9C-2E824F6F55C2}\MpKsl67ed0c68.sys [58120 2018-01-27] (Microsoft Corporation)
R1 MpKslfdac5bfe; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3B8CFB08-DA01-4A5A-836F-A88470240FE8}\MpKslfdac5bfe.sys [58120 2018-01-26] (Microsoft Corporation)
S3 NgFilter; C:\WINDOWS\System32\drivers\ngfilter.sys [35088 2016-05-03] (Dell Inc.)
R3 NgLog; C:\WINDOWS\System32\drivers\nglog.sys [39176 2016-05-03] (Dell Inc.)
R3 NgVpn; C:\WINDOWS\System32\drivers\ngvpn.sys [118536 2016-05-03] (Dell Inc.)
R3 NgWfp; C:\WINDOWS\System32\drivers\ngwfp.sys [39688 2016-05-03] (Dell Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_c8a41364c1b3daa8\nvlddmkm.sys [17036560 2018-01-16] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50808 2017-12-09] (NVIDIA Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52792 2017-02-17] (IObit.com)
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation)
S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-09-11] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [259584 2017-09-29] (Microsoft Corporation)
S3 silabser; C:\WINDOWS\System32\DriverStore\FileRepository\silabser.inf_amd64_b0120324baa1f160\silabser.sys [92952 2017-11-16] (Silicon Laboratories Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-03-29] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\TRUFOS.sys [520032 2016-12-05] (BitDefender S.R.L.)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] () [File not signed]
S1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-23] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-23] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-23] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [32832 2017-12-09] (HP)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-27 16:12 - 2018-01-27 16:15 - 000031083 _____ C:\Users\maran\Desktop\FRST.txt
2018-01-27 16:08 - 2018-01-27 16:12 - 000000000 ____D C:\FRST
2018-01-27 16:07 - 2018-01-27 16:07 - 002393088 _____ (Farbar) C:\Users\maran\Desktop\FRST64.exe
2018-01-27 15:28 - 2018-01-27 15:28 - 000003026 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (maran)
2018-01-27 15:23 - 2018-01-27 15:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-01-27 15:22 - 2018-01-27 15:22 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-26 00:28 - 2018-01-26 00:28 - 000000000 ____D C:\Users\maran\Downloads\Logan (2017) [YTS.AG]
2018-01-25 23:32 - 2018-01-25 23:32 - 000000000 ____D C:\Users\maran\Downloads\Room (2015) [YTS.AG]
2018-01-25 23:22 - 2018-01-25 23:22 - 000000000 ____D C:\Users\maran\Downloads\Mother! (2017) [YTS.AG]
2018-01-25 23:20 - 2018-01-25 23:20 - 000000000 ____D C:\Users\maran\Downloads\Atomic Blonde (2017) [YTS.AG]
2018-01-25 23:18 - 2018-01-25 23:18 - 000000000 ____D C:\Users\maran\Downloads\American Made (2017) [YTS.AG]
2018-01-25 23:03 - 2018-01-25 23:03 - 000000000 ____D C:\Users\maran\Desktop\test
2018-01-25 16:29 - 2018-01-25 18:09 - 000000000 ____D C:\Users\maran\Downloads\Paddington (2014)
2018-01-25 16:23 - 2018-01-25 16:23 - 000000000 ____D C:\Users\maran\Downloads\Storks (2016) [YTS.AG]
2018-01-25 16:19 - 2018-01-25 16:19 - 000000000 ____D C:\Users\maran\Downloads\Throne Of Elves (2016) [YTS.AG]
2018-01-25 16:11 - 2018-01-25 16:11 - 000000000 ____D C:\Users\maran\Downloads\Bright (2017) [YTS.AG]
2018-01-25 15:23 - 2018-01-25 15:23 - 000000000 ____D C:\Users\maran\Downloads\The LEGO Ninjago Movie (2017) [YTS.AG]
2018-01-25 13:30 - 2018-01-25 13:30 - 000000000 ____D C:\Users\maran\Downloads\The Jungle Book (1967) [YTS.AG]
2018-01-25 13:08 - 2018-01-25 13:08 - 000000000 ____D C:\Users\maran\Downloads\Happy Death Day (2017) [YTS.AG]
2018-01-25 13:05 - 2018-01-25 14:32 - 000000000 ____D C:\Users\maran\Downloads\Tangled (2010)
2018-01-25 13:02 - 2018-01-25 14:45 - 000000000 ____D C:\Users\maran\Downloads\Dinosaur (2000)
2018-01-25 13:02 - 2018-01-25 13:14 - 000000000 ____D C:\Users\maran\Downloads\Wreck-It Ralph (2012)
2018-01-25 13:00 - 2018-01-25 13:12 - 000000000 ____D C:\Users\maran\Downloads\The Boxtrolls (2014)
2018-01-25 12:58 - 2018-01-25 12:58 - 000000000 ____D C:\Users\maran\Downloads\The Iron Giant (1999) [YTS.AG]
2018-01-25 09:32 - 2018-01-25 22:35 - 000000000 ____D C:\Users\maran\Downloads\Omohide Poro Poro (Only Yesterday)
2018-01-24 21:07 - 2018-01-24 21:07 - 000000000 ____D C:\Users\maran\Downloads\Valerian And The City Of A Thousand Planets (2017) [YTS.AG]
2018-01-24 20:25 - 2018-01-25 14:37 - 000000000 ____D C:\Users\maran\Downloads\Geostorm (2017) [YTS.AG]
2018-01-24 20:24 - 2018-01-24 20:25 - 000000000 ____D C:\Users\maran\Downloads\Thor Ragnarok (2017) [YTS.AG]
2018-01-24 17:38 - 2018-01-24 18:28 - 742156461 ____R C:\Users\maran\Downloads\[AnimeRG] Wolf Children (Ookami Kodomo no Ame to Yuki) (Dual Audio) [BD-720p-8bit] [KaMi].mkv
2018-01-24 17:38 - 2018-01-24 17:38 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-24 17:38 - 2018-01-24 17:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-24 17:38 - 2018-01-24 17:38 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-24 17:32 - 2018-01-02 01:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-24 17:32 - 2018-01-01 20:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-24 17:32 - 2018-01-01 20:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-24 17:32 - 2018-01-01 20:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-24 17:32 - 2018-01-01 20:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-24 17:32 - 2018-01-01 20:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-24 17:32 - 2018-01-01 20:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-24 17:32 - 2018-01-01 20:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-24 17:32 - 2018-01-01 20:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-24 17:32 - 2018-01-01 20:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-24 17:32 - 2018-01-01 20:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-24 17:32 - 2018-01-01 20:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-24 17:32 - 2018-01-01 20:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-24 17:32 - 2018-01-01 20:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-24 17:32 - 2018-01-01 20:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-24 17:32 - 2018-01-01 20:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-24 17:32 - 2018-01-01 20:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-24 17:32 - 2018-01-01 20:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-24 17:32 - 2018-01-01 20:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-24 17:32 - 2018-01-01 20:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-24 17:32 - 2018-01-01 20:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-24 17:32 - 2018-01-01 20:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-24 17:32 - 2018-01-01 20:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-24 17:32 - 2018-01-01 20:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-24 17:32 - 2018-01-01 20:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-24 17:32 - 2018-01-01 20:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-24 17:32 - 2018-01-01 20:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-24 17:32 - 2018-01-01 20:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-24 17:32 - 2018-01-01 20:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-24 17:32 - 2018-01-01 20:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-24 17:32 - 2018-01-01 20:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-24 17:32 - 2018-01-01 20:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-24 17:32 - 2018-01-01 20:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-24 17:32 - 2018-01-01 20:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-24 17:32 - 2018-01-01 19:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-24 17:32 - 2018-01-01 19:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-24 17:32 - 2018-01-01 19:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-24 17:32 - 2018-01-01 19:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-24 17:32 - 2018-01-01 19:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-24 17:32 - 2018-01-01 19:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-24 17:32 - 2018-01-01 19:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-24 17:32 - 2018-01-01 19:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-24 17:32 - 2018-01-01 19:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-24 17:32 - 2018-01-01 19:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-24 17:32 - 2018-01-01 19:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-24 17:32 - 2018-01-01 19:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-24 17:32 - 2018-01-01 19:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-24 17:32 - 2018-01-01 19:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-24 17:32 - 2018-01-01 19:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-24 17:32 - 2018-01-01 19:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-24 17:32 - 2018-01-01 19:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-24 17:32 - 2018-01-01 19:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-24 17:32 - 2018-01-01 19:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-24 17:32 - 2018-01-01 19:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-24 17:32 - 2018-01-01 19:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-24 17:32 - 2018-01-01 19:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-24 17:32 - 2018-01-01 19:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-24 17:32 - 2018-01-01 19:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-24 17:32 - 2018-01-01 19:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-24 17:32 - 2018-01-01 19:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-24 17:32 - 2018-01-01 19:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-24 17:32 - 2018-01-01 19:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-24 17:32 - 2018-01-01 19:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-24 17:32 - 2018-01-01 19:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-24 17:32 - 2018-01-01 19:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-24 17:32 - 2018-01-01 19:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-24 17:32 - 2018-01-01 19:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-24 17:32 - 2018-01-01 19:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-24 17:32 - 2018-01-01 19:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-24 17:32 - 2018-01-01 19:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-24 17:32 - 2018-01-01 19:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-24 17:32 - 2018-01-01 19:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-24 17:32 - 2018-01-01 19:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-24 17:32 - 2018-01-01 19:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-24 17:32 - 2018-01-01 19:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-24 17:32 - 2018-01-01 19:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-24 17:32 - 2018-01-01 19:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-24 17:32 - 2018-01-01 19:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-24 17:32 - 2018-01-01 19:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-24 17:32 - 2018-01-01 19:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-24 17:32 - 2018-01-01 19:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-24 17:32 - 2018-01-01 19:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-24 17:32 - 2018-01-01 19:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-24 17:32 - 2018-01-01 19:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-24 17:32 - 2018-01-01 19:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-24 17:32 - 2018-01-01 19:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-24 17:31 - 2018-01-01 20:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-24 17:31 - 2018-01-01 20:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-24 17:31 - 2018-01-01 20:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-24 17:31 - 2018-01-01 20:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-24 17:31 - 2018-01-01 20:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-24 17:31 - 2018-01-01 20:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-24 17:31 - 2018-01-01 20:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-24 17:31 - 2018-01-01 20:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-24 17:31 - 2018-01-01 20:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-24 17:31 - 2018-01-01 20:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-24 17:31 - 2018-01-01 20:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-24 17:31 - 2018-01-01 20:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-24 17:31 - 2018-01-01 20:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-24 17:31 - 2018-01-01 20:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-01-24 17:31 - 2018-01-01 20:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-01-24 17:31 - 2018-01-01 20:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-24 17:31 - 2018-01-01 20:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-24 17:31 - 2018-01-01 20:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-24 17:31 - 2018-01-01 20:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-01-24 17:31 - 2018-01-01 20:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-24 17:31 - 2018-01-01 20:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-24 17:31 - 2018-01-01 20:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-24 17:31 - 2018-01-01 20:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-24 17:31 - 2018-01-01 20:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-24 17:31 - 2018-01-01 20:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-01-24 17:31 - 2018-01-01 20:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-24 17:31 - 2018-01-01 20:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-24 17:31 - 2018-01-01 20:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-01-24 17:31 - 2018-01-01 20:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-01-24 17:31 - 2018-01-01 20:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-24 17:31 - 2018-01-01 20:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-24 17:31 - 2018-01-01 20:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-24 17:31 - 2018-01-01 20:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-24 17:31 - 2018-01-01 20:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-24 17:31 - 2018-01-01 20:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-24 17:31 - 2018-01-01 20:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-24 17:31 - 2018-01-01 20:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-01-24 17:31 - 2018-01-01 20:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-24 17:31 - 2018-01-01 20:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-24 17:31 - 2018-01-01 20:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-01-24 17:31 - 2018-01-01 20:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-24 17:31 - 2018-01-01 20:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-24 17:31 - 2018-01-01 20:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-24 17:31 - 2018-01-01 20:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-24 17:31 - 2018-01-01 20:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-24 17:31 - 2018-01-01 20:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-24 17:31 - 2018-01-01 20:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-24 17:31 - 2018-01-01 20:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-01-24 17:31 - 2018-01-01 19:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-24 17:31 - 2018-01-01 19:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-24 17:31 - 2018-01-01 19:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-24 17:31 - 2018-01-01 19:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-24 17:31 - 2018-01-01 19:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-24 17:31 - 2018-01-01 19:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-01-24 17:31 - 2018-01-01 19:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-01-24 17:31 - 2018-01-01 19:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-01-24 17:31 - 2018-01-01 19:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-24 17:31 - 2018-01-01 19:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-24 17:31 - 2018-01-01 19:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-24 17:31 - 2018-01-01 19:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-24 17:31 - 2018-01-01 19:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-24 17:31 - 2018-01-01 19:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-24 17:31 - 2018-01-01 19:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-01-24 17:31 - 2018-01-01 19:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-24 17:31 - 2018-01-01 19:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-24 17:31 - 2018-01-01 19:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-24 17:31 - 2018-01-01 19:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-01-24 17:31 - 2018-01-01 19:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-24 17:31 - 2018-01-01 19:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-24 17:31 - 2018-01-01 19:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-24 17:31 - 2018-01-01 19:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-24 17:31 - 2018-01-01 19:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-24 17:31 - 2018-01-01 19:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-24 17:31 - 2018-01-01 19:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-24 17:31 - 2018-01-01 19:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-24 17:31 - 2018-01-01 19:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-24 17:31 - 2018-01-01 19:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-24 17:31 - 2018-01-01 19:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-24 17:31 - 2018-01-01 19:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-24 17:31 - 2018-01-01 19:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-24 17:31 - 2018-01-01 19:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-01-24 17:31 - 2018-01-01 19:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-01-24 17:31 - 2018-01-01 19:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-24 17:31 - 2018-01-01 19:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-24 17:31 - 2018-01-01 19:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-24 17:31 - 2018-01-01 19:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-24 17:31 - 2018-01-01 19:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-24 17:31 - 2018-01-01 19:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-24 17:31 - 2018-01-01 19:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-24 17:31 - 2018-01-01 19:11 - 001955328 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-24 17:31 - 2018-01-01 19:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-01-24 17:31 - 2018-01-01 19:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-24 17:31 - 2018-01-01 19:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-01-24 17:31 - 2018-01-01 19:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-24 17:31 - 2018-01-01 19:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-24 17:31 - 2018-01-01 19:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-24 17:31 - 2018-01-01 19:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-24 17:31 - 2018-01-01 19:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-24 17:30 - 2018-01-01 19:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-24 17:30 - 2018-01-01 19:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-24 17:30 - 2018-01-01 19:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-01-24 17:30 - 2018-01-01 19:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-24 17:30 - 2018-01-01 19:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-24 17:30 - 2018-01-01 19:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-24 17:30 - 2018-01-01 19:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2018-01-24 17:30 - 2018-01-01 19:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-24 17:30 - 2018-01-01 19:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-01-24 17:30 - 2018-01-01 19:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-24 17:30 - 2018-01-01 19:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-24 17:30 - 2018-01-01 19:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-24 17:30 - 2018-01-01 19:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-24 17:30 - 2018-01-01 19:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-24 17:30 - 2018-01-01 19:21 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-24 17:30 - 2018-01-01 19:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-24 17:30 - 2018-01-01 19:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-24 17:30 - 2018-01-01 19:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-24 17:30 - 2018-01-01 19:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-24 17:30 - 2018-01-01 19:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-24 17:30 - 2018-01-01 19:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-01-24 17:30 - 2018-01-01 19:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-24 17:30 - 2018-01-01 19:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-24 17:30 - 2018-01-01 19:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-24 17:30 - 2018-01-01 19:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-01-24 17:30 - 2018-01-01 19:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-24 17:30 - 2018-01-01 19:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-24 17:30 - 2018-01-01 19:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-24 17:30 - 2018-01-01 19:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-24 17:30 - 2018-01-01 19:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-24 17:30 - 2018-01-01 19:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-24 17:30 - 2018-01-01 19:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-24 17:30 - 2018-01-01 19:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-24 17:30 - 2018-01-01 19:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-24 17:05 - 2018-01-24 19:01 - 000000000 ____D C:\Users\maran\Downloads\Summer Wars (2009)[Dual Audo][720p][MeGaTroN]
2018-01-24 17:01 - 2018-01-24 18:56 - 1001461484 _____ C:\Users\maran\Downloads\The Girl Who Leapt Through Time [BD 1280x720 x264 AAC].mp4
2018-01-24 16:34 - 2018-01-24 16:37 - 000000000 ____D C:\Users\maran\Downloads\Tokyo Godfathers (2003) 720p BRRiP x264 AAC [Team Nanban]
2018-01-24 16:11 - 2018-01-24 16:59 - 000000000 ____D C:\Users\maran\Downloads\Breathe (2017) [YTS.AG]
2018-01-24 16:08 - 2018-01-25 09:31 - 000000000 ____D C:\Users\maran\Downloads\E.T The Extra Terrestrial (1982)
2018-01-24 14:56 - 2018-01-24 18:56 - 000000000 ____D C:\Users\maran\Downloads\It (2017) [YTS.AG]
2018-01-24 14:50 - 2018-01-24 14:50 - 000000000 ____D C:\Users\maran\Downloads\Dunkirk (2017) [YTS.AG]
2018-01-24 14:40 - 2018-01-24 14:40 - 000000000 ____D C:\Users\maran\Downloads\Cars 3 (2017) [YTS.AG]
2018-01-24 14:35 - 2018-01-24 15:13 - 000000000 ____D C:\Users\maran\Downloads\Arrietty (2010)
2018-01-24 14:32 - 2018-01-24 14:32 - 000000000 ____D C:\Users\maran\Downloads\Walking with Dinosaurs 3D
2018-01-24 14:19 - 2018-01-24 16:22 - 000000000 ____D C:\Users\maran\Downloads\Flatliners (2017)
2018-01-23 19:30 - 2018-01-23 19:46 - 000000000 ____D C:\Users\maran\AppData\Local\OLYMPUS
2018-01-23 19:29 - 2018-01-23 19:29 - 000001222 _____ C:\Users\maran\Desktop\OLYMPUS Viewer 3.lnk
2018-01-23 19:29 - 2018-01-23 19:29 - 000001198 _____ C:\Users\maran\Desktop\OLYMPUS Digital Camera Updater.lnk
2018-01-23 19:29 - 2018-01-23 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Viewer 3
2018-01-23 19:29 - 2018-01-23 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Digital Camera Updater
2018-01-23 19:29 - 2018-01-23 19:29 - 000000000 ____D C:\Program Files (x86)\OLYMPUS
2018-01-23 19:26 - 2018-01-23 19:26 - 000000000 ____D C:\OLYMPUS
2018-01-23 19:24 - 2005-09-23 08:16 - 001079808 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc80u.dll
2018-01-23 19:24 - 2005-09-23 06:07 - 000095744 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl80.dll
2018-01-23 19:24 - 2005-09-23 06:05 - 000626688 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2018-01-23 19:24 - 2005-09-23 06:05 - 000548864 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2018-01-23 19:23 - 2018-01-23 19:23 - 000001473 _____ C:\Users\maran\Desktop\E-M10MarkII Instruction Manual.lnk
2018-01-23 19:23 - 2018-01-23 19:23 - 000000000 ____D C:\Users\Public\Documents\OLYMPUS
2018-01-23 19:23 - 2018-01-23 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Camera
2018-01-23 19:15 - 2018-01-23 19:15 - 000003708 _____ C:\WINDOWS\System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-23 19:15 - 2018-01-23 19:15 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-01-23 19:15 - 2017-12-19 10:43 - 000081808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-23 19:15 - 2017-09-14 07:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-01-23 19:15 - 2017-09-14 07:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-01-23 19:15 - 2017-09-14 07:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-01-23 19:15 - 2017-09-14 07:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-01-23 19:14 - 2017-12-19 10:43 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-01-22 18:07 - 2018-01-22 18:07 - 000000000 ___HD C:\Users\maran\MicrosoftEdgeBackups
2018-01-22 16:29 - 2018-01-23 19:29 - 000000000 ____D C:\Program Files\DIFX
2018-01-22 16:27 - 2018-01-22 16:27 - 000000000 ____D C:\Users\maran\AppData\Roaming\Basecam Electronics
2018-01-22 15:57 - 2018-01-22 15:57 - 000024763 _____ C:\Users\maran\Downloads\changelog.txt
2018-01-22 14:33 - 2018-01-22 14:33 - 001853448 _____ (Simnet Ltd. ) C:\Users\maran\Downloads\Setup_SimpleStickyNotes (3).exe
2018-01-20 12:03 - 2018-01-20 12:03 - 000000000 ____D C:\Users\maran\AppData\Local\DBG
2018-01-19 11:53 - 2018-01-19 11:53 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2763142683-1454455776-2827359566-1001
2018-01-19 11:53 - 2018-01-19 11:53 - 000002367 _____ C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-19 11:17 - 2017-12-22 21:45 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-01-19 11:17 - 2017-12-22 21:45 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-18 01:43 - 2018-01-17 10:41 - 000000000 ____D C:\Windows.old
2018-01-18 01:27 - 2018-01-18 01:43 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-01-18 01:25 - 2018-01-18 01:27 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-01-18 01:25 - 2018-01-18 01:25 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-01-18 01:24 - 2018-01-18 01:24 - 000000000 ____D C:\Program Files\Windows Identity Foundation
2018-01-18 01:24 - 2018-01-18 01:24 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-01-17 11:12 - 2018-01-17 13:13 - 000000000 ____D C:\Users\maran\Desktop\mickey
2018-01-17 10:49 - 2018-01-17 10:49 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-01-17 10:45 - 2018-01-17 10:45 - 000000020 ___SH C:\Users\maran\ntuser.ini
2018-01-17 10:41 - 2018-01-17 10:41 - 000000554 __RSH C:\ProgramData\ntuser.pol
2018-01-17 10:38 - 2018-01-27 15:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-17 10:38 - 2018-01-25 22:39 - 000004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4E89D243-D604-4195-991E-7117DC4CED80}
2018-01-17 10:38 - 2018-01-17 10:39 - 000003584 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-01-17 10:38 - 2018-01-17 10:39 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-01-17 10:38 - 2018-01-17 10:39 - 000003278 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-01-17 10:38 - 2018-01-17 10:39 - 000003108 _____ C:\WINDOWS\System32\Tasks\KMSAutoNet
2018-01-17 10:38 - 2018-01-17 10:39 - 000002688 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_AutoAnalyze
2018-01-17 10:38 - 2018-01-17 10:38 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-01-17 10:38 - 2018-01-17 10:38 - 000002812 _____ C:\WINDOWS\System32\Tasks\[email protected]
2018-01-17 10:38 - 2018-01-17 10:38 - 000002568 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2018-01-17 10:38 - 2018-01-17 10:38 - 000002450 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Startup
2018-01-17 10:38 - 2018-01-17 10:38 - 000002450 _____ C:\WINDOWS\System32\Tasks\IObitSelfCheckTask
2018-01-17 10:38 - 2018-01-17 10:38 - 000002446 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
2018-01-17 10:38 - 2018-01-17 10:38 - 000002354 _____ C:\WINDOWS\System32\Tasks\ASC10_SkipUac_maran
2018-01-17 10:38 - 2018-01-17 10:38 - 000002232 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_maran
2018-01-17 10:38 - 2018-01-17 10:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-01-17 10:34 - 2018-01-17 10:38 - 000019053 _____ C:\WINDOWS\diagwrn.xml
2018-01-17 10:34 - 2018-01-17 10:38 - 000019053 _____ C:\WINDOWS\diagerr.xml
2018-01-17 10:28 - 2018-01-27 15:26 - 001017124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-17 10:26 - 2018-01-17 10:26 - 000000020 ___SH C:\Users\MSSQLFDLauncher\ntuser.ini
2018-01-17 10:23 - 2018-01-17 10:23 - 000000020 ___SH C:\Users\ReportServer\ntuser.ini
2018-01-17 10:23 - 2018-01-17 10:23 - 000000020 ___SH C:\Users\MSSQLSERVER\ntuser.ini
2018-01-17 10:12 - 2018-01-17 10:12 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-01-17 10:11 - 2018-01-17 10:11 - 000000000 ____D C:\ProgramData\USOShared
2018-01-17 10:06 - 2018-01-19 11:17 - 000000000 ____D C:\Users\maran\AppData\Local\Packages
2018-01-17 10:05 - 2018-01-27 15:22 - 000000000 ____D C:\Users\maran
2018-01-17 10:05 - 2018-01-24 22:35 - 000000000 ____D C:\Users\MSSQLFDLauncher
2018-01-17 10:05 - 2018-01-22 14:27 - 000000000 ____D C:\Users\MSSQLSERVER
2018-01-17 10:05 - 2018-01-17 10:27 - 000000000 ____D C:\Users\ReportServer
2018-01-17 10:03 - 2018-01-17 10:03 - 000002006 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beats Audio.lnk
2018-01-17 10:03 - 2017-09-29 21:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-01-17 10:02 - 2018-01-17 10:02 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-01-17 10:02 - 2018-01-16 18:18 - 000541456 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2018-01-17 09:59 - 2018-01-27 15:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-17 09:59 - 2018-01-26 07:19 - 005275744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-17 09:55 - 2018-01-17 09:55 - 000000072 ___SH C:\bootTel.dat
2018-01-16 18:15 - 2018-01-16 18:15 - 036357664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2018-01-16 18:15 - 2018-01-16 18:15 - 029389768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2018-01-16 18:15 - 2018-01-16 18:15 - 017036560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2018-01-16 18:15 - 2018-01-16 18:15 - 000624912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-01-16 18:14 - 2018-01-16 18:14 - 000991736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-01-16 18:14 - 2018-01-16 18:14 - 000942024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-01-16 18:14 - 2018-01-16 18:14 - 000515528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-01-16 18:13 - 2018-01-16 18:13 - 004210536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-01-16 18:13 - 2018-01-16 18:13 - 003624952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-01-16 18:13 - 2018-01-16 18:13 - 001998792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438873.dll
2018-01-16 18:13 - 2018-01-16 18:13 - 001683400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438873.dll
2018-01-16 18:13 - 2018-01-16 18:13 - 001109776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-01-16 18:13 - 2018-01-16 18:13 - 001041352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-01-16 18:12 - 2018-01-16 18:12 - 040246304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-01-16 18:12 - 2018-01-16 18:12 - 035166664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-01-16 18:12 - 2018-01-16 18:12 - 023482944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-01-16 18:12 - 2018-01-16 18:12 - 019218440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-01-16 18:12 - 2018-01-16 18:12 - 013377536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-01-16 18:12 - 2018-01-16 18:12 - 010985720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-01-16 18:11 - 2018-01-16 18:11 - 001341976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-01-16 18:11 - 2018-01-16 18:11 - 001154264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-01-16 18:11 - 2018-01-16 18:11 - 001056504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-01-16 18:11 - 2018-01-16 18:11 - 000902096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-01-16 18:11 - 2018-01-16 18:11 - 000810272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-01-16 18:11 - 2018-01-16 18:11 - 000648696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-01-16 18:10 - 2018-01-16 18:10 - 014000816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-01-16 18:10 - 2018-01-16 18:10 - 011896584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-01-16 18:10 - 2018-01-16 18:10 - 004533664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-01-16 18:10 - 2018-01-16 18:10 - 003859632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-01-16 18:08 - 2018-01-16 18:08 - 000001064 _____ C:\Users\maran\Desktop\Syncios.lnk
2018-01-16 13:50 - 2018-01-16 13:50 - 000048510 _____ C:\WINDOWS\system32\nvinfo.pb
2018-01-16 13:50 - 2018-01-16 13:50 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2018-01-16 13:50 - 2018-01-16 13:50 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2018-01-14 11:21 - 2018-01-22 13:26 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-14 11:20 - 2018-01-14 11:20 - 000000000 ____D C:\Windows.old(1)
2018-01-09 15:51 - 2018-01-09 15:51 - 000000000 ____D C:\Users\maran\Downloads\Before We Go (2014) [YTS.AG]
2018-01-09 15:09 - 2018-01-09 17:44 - 000000000 ____D C:\Users\maran\Downloads\Almost Famous EXTENDED (2000)
2018-01-09 15:08 - 2018-01-09 15:08 - 000000000 ____D C:\Users\maran\Downloads\My Little Pony The Movie (2017) [YTS.AG]
2018-01-09 14:59 - 2018-01-09 14:59 - 000000000 ____D C:\Users\maran\Downloads\Loving Vincent (2017) [YTS.AG]
2018-01-03 17:09 - 2018-01-27 15:26 - 000000000 ____D C:\Users\maran\AppData\LocalLow\BitTorrent
2018-01-02 23:36 - 2018-01-02 23:36 - 078350505 _____ C:\Users\maran\Desktop\papa new id.psd
2018-01-02 13:42 - 2018-01-02 13:42 - 014569895 _____ C:\Users\maran\Desktop\papa id.psd
2017-12-31 22:55 - 2017-12-31 22:56 - 000000000 ____D C:\Users\maran\Downloads\Leon The Professional Extended (1994)
2017-12-31 22:33 - 2017-12-31 23:16 - 064201298 _____ C:\Users\maran\Desktop\Patriots_Day_2016_1080p_BluRay_x264-[YTS_AG]_mp4_Output_3.avi
2017-12-30 20:47 - 2018-01-01 22:58 - 000000000 ____D C:\Users\maran\Desktop\powtoon
2017-12-29 11:57 - 2017-12-29 11:57 - 000616061 _____ C:\Users\maran\Desktop\FireShot Capture 152 - My Balance - SEOClerks - https___www.seoclerks.com_balance_withdraw.pdf
2017-12-29 11:52 - 2017-12-29 11:53 - 000109807 _____ C:\Users\maran\Desktop\FireShot Capture 151 - Transaction details - PayPal_ - https___history.paypal.com_cgi-bin_webscr.pdf
2017-12-29 11:49 - 2017-12-29 11:50 - 000110061 _____ C:\Users\maran\Desktop\FireShot Capture 150 - Transaction details - PayPal_ - https___history.paypal.com_cgi-bin_webscr.pdf
2017-12-29 11:49 - 2017-12-29 11:49 - 000000000 ____D C:\Users\maran\Downloads\FireShot
2017-12-28 17:55 - 2017-12-28 17:55 - 000000000 ____D C:\Users\maran\Desktop\BOOKING

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-27 16:16 - 2016-03-25 22:38 - 000000000 ____D C:\Users\maran\AppData\Roaming\BitTorrent
2018-01-27 15:54 - 2016-09-20 16:59 - 000000000 ____D C:\Users\maran\Downloads\Compressed
2018-01-27 15:35 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-27 15:35 - 2016-11-28 01:02 - 000000000 ____D C:\Users\maran\AppData\LocalLow\Mozilla
2018-01-27 15:30 - 2016-03-25 21:08 - 000000000 ____D C:\Users\maran\AppData\Roaming\Spotify
2018-01-27 15:27 - 2017-08-16 22:26 - 000000000 ____D C:\Users\maran\AppData\Local\Pushbullet
2018-01-27 15:23 - 2016-03-26 00:10 - 000000000 ____D C:\ProgramData\ProductData
2018-01-27 15:23 - 2016-03-25 21:25 - 000000000 __SHD C:\Users\maran\IntelGraphicsProfiles
2018-01-27 15:21 - 2016-11-10 12:34 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-27 00:23 - 2016-03-25 20:24 - 000000000 ____D C:\Users\maran\AppData\Roaming\DMCache
2018-01-26 23:32 - 2017-04-13 23:42 - 000000000 ____D C:\Users\maran\AppData\Roaming\IDM
2018-01-26 22:32 - 2016-03-26 12:41 - 000000000 ____D C:\Users\maran\AppData\Local\Spotify
2018-01-26 12:16 - 2016-05-03 15:01 - 000007891 _____ C:\WINDOWS\BRRBCOM.INI
2018-01-26 11:51 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-26 07:43 - 2017-09-29 21:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-26 07:29 - 2016-03-25 22:20 - 000000000 ____D C:\Users\maran\AppData\Roaming\vlc
2018-01-26 07:21 - 2016-03-26 20:25 - 000000000 ___RD C:\Users\maran\3D Objects
2018-01-26 07:21 - 2016-03-25 18:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-26 07:16 - 2017-09-29 16:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-01-26 07:14 - 2017-09-29 16:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-26 07:14 - 2017-06-13 18:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-26 07:14 - 2017-06-13 18:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-26 02:00 - 2016-03-26 15:55 - 000000000 ____D C:\Users\maran\AppData\Local\Adobe
2018-01-25 17:47 - 2017-09-29 21:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-25 17:47 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-24 22:28 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-24 17:46 - 2017-09-29 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-24 16:51 - 2016-08-30 11:23 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-24 14:10 - 2017-06-13 18:15 - 000001238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-01-23 19:16 - 2016-11-10 12:34 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-01-23 19:15 - 2016-11-10 12:33 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-01-23 19:12 - 2016-03-25 19:04 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-01-23 18:02 - 2017-09-29 16:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-01-23 09:34 - 2017-03-25 12:00 - 000002359 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2018-01-22 16:28 - 2016-03-25 18:35 - 000000000 ____D C:\Users\maran\AppData\Local\VirtualStore
2018-01-22 13:52 - 2017-09-29 21:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-01-22 13:49 - 2016-03-25 20:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-01-19 11:53 - 2016-03-25 18:39 - 000000000 ___RD C:\Users\maran\OneDrive
2018-01-19 10:59 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-01-18 01:46 - 2017-09-29 21:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-01-18 01:43 - 2017-12-08 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacType
2018-01-18 01:43 - 2017-11-27 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-01-18 01:43 - 2017-11-25 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2018-01-18 01:43 - 2017-11-24 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2018-01-18 01:43 - 2017-10-18 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\Help
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-01-18 01:43 - 2017-08-16 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pushbullet
2018-01-18 01:43 - 2017-08-03 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photobook Designer
2018-01-18 01:43 - 2017-07-11 13:22 - 000000000 ____D C:\Program Files\UNP
2018-01-18 01:43 - 2017-04-28 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Secure Mobile Access
2018-01-18 01:43 - 2017-04-13 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-01-18 01:43 - 2017-02-16 00:16 - 000000000 ____D C:\WINDOWS\SysWOW64\SupportAppPBHostless Modem
2018-01-18 01:43 - 2017-02-16 00:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sun Broadband
2018-01-18 01:43 - 2017-01-29 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2018-01-18 01:43 - 2017-01-29 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2018-01-18 01:43 - 2016-11-10 12:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2018-01-18 01:43 - 2016-11-10 12:33 - 000000000 ____D C:\Program Files\Intel
2018-01-18 01:43 - 2016-09-24 16:18 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2018-01-18 01:43 - 2016-09-21 02:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft OLE DB Provider for DB2 Version 5.0
2018-01-18 01:43 - 2016-09-09 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2014
2018-01-18 01:43 - 2016-09-01 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-01-18 01:43 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-01-18 01:43 - 2016-07-08 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-01-18 01:43 - 2016-06-18 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2018-01-18 01:43 - 2016-05-03 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2018-01-18 01:43 - 2016-05-03 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12
2018-01-18 01:43 - 2016-05-01 14:41 - 000000000 ____D C:\WINDOWS\SysWOW64\Hotspot Shield
2018-01-18 01:43 - 2016-04-17 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2018-01-18 01:43 - 2016-04-11 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2018-01-18 01:43 - 2016-03-28 13:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IIS
2018-01-18 01:43 - 2016-03-28 13:52 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2018-01-18 01:43 - 2016-03-28 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2
2018-01-18 01:43 - 2016-03-27 11:55 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-01-18 01:43 - 2016-03-26 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010
2018-01-18 01:43 - 2016-03-26 19:51 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-01-18 01:43 - 2016-03-26 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2018-01-18 01:43 - 2016-03-26 12:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-01-18 01:43 - 2016-03-25 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2018-01-18 01:43 - 2016-03-25 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-18 01:43 - 2016-03-25 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2018-01-18 01:43 - 2016-03-25 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2018-01-18 01:43 - 2016-03-25 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
2018-01-18 01:43 - 2016-03-25 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-01-18 01:43 - 2016-03-25 21:48 - 000000000 ____D C:\Program Files\MSBuild
2018-01-18 01:43 - 2016-03-25 21:45 - 000000000 ____D C:\Program Files\IIS
2018-01-18 01:43 - 2016-03-25 21:19 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2018-01-18 01:43 - 2016-03-25 21:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2018-01-18 01:43 - 2016-03-25 21:15 - 000000000 ____D C:\WINDOWS\system32\1033
2018-01-18 01:43 - 2016-03-25 21:02 - 000000000 ____D C:\WINDOWS\SysWOW64\C2MP
2018-01-18 01:43 - 2016-03-25 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC - Codec Pack
2018-01-18 01:43 - 2016-03-25 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-01-18 01:43 - 2016-03-25 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2018-01-18 01:43 - 2016-03-25 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-01-18 01:43 - 2016-03-25 18:48 - 000000000 ____D C:\Program Files (x86)\HP
2018-01-18 01:43 - 2015-10-30 17:07 - 000000000 ____D C:\WINDOWS\ShellNew
2018-01-18 01:43 - 2015-10-30 15:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-01-18 01:42 - 2017-09-29 21:49 - 000000000 ____D C:\WINDOWS\Setup
2018-01-18 01:42 - 2017-09-29 21:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-01-18 01:28 - 2016-12-28 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremiumSoft
2018-01-18 01:28 - 2016-11-10 12:33 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2018-01-18 01:28 - 2016-09-25 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2018-01-18 01:28 - 2016-04-12 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RandyRants.com
2018-01-18 01:28 - 2016-03-28 13:52 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2018-01-18 01:28 - 2016-03-28 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2018-01-18 01:28 - 2016-03-26 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2018-01-18 01:28 - 2016-03-25 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
2018-01-18 01:28 - 2016-03-25 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simnet
2018-01-18 01:28 - 2016-03-25 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2018-01-18 01:27 - 2016-11-10 12:33 - 000000000 ____D C:\Program Files\Realtek
2018-01-18 01:27 - 2016-03-25 18:47 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2018-01-18 01:24 - 2017-12-14 09:40 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2018-01-18 01:24 - 2017-09-29 21:41 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2018-01-18 01:08 - 2017-06-14 20:28 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2018-01-17 13:12 - 2016-06-16 21:53 - 000000132 _____ C:\Users\maran\AppData\Roaming\Adobe PNG Format CC Prefs
2018-01-17 13:06 - 2017-06-13 17:34 - 000001456 _____ C:\Users\maran\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-01-17 10:48 - 2016-11-10 13:34 - 000000000 ____D C:\Users\maran\AppData\Local\ConnectedDevicesPlatform
2018-01-17 10:46 - 2016-03-25 18:35 - 000000000 ____D C:\Users\maran\AppData\Local\TileDataLayer
2018-01-17 10:39 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-01-17 10:33 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\Registration
2018-01-17 10:32 - 2017-09-29 21:46 - 000000000 __RSD C:\WINDOWS\media
2018-01-17 10:32 - 2016-11-10 13:20 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-01-17 10:26 - 2016-06-21 00:20 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-17 10:26 - 2016-06-21 00:20 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-17 10:12 - 2017-09-29 21:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-01-17 10:11 - 2017-09-29 21:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-01-17 10:08 - 2017-08-31 13:21 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft
2018-01-17 10:08 - 2017-08-04 17:05 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Syncios
2018-01-17 10:08 - 2017-04-13 23:41 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-01-17 10:08 - 2016-08-22 07:09 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iSunshare iOSBoot Genius
2018-01-17 10:08 - 2016-08-18 00:46 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7
2018-01-17 10:08 - 2016-06-21 00:47 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\get_iplayer
2018-01-17 10:08 - 2016-04-11 20:38 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2018-01-17 10:04 - 2017-09-29 16:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-01-17 10:03 - 2016-11-10 12:33 - 000000000 ____D C:\Program Files\Apoint2K
2018-01-17 10:02 - 2016-11-10 12:33 - 000005691 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2018-01-17 10:02 - 2016-11-10 12:33 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-01-16 18:18 - 2017-09-29 22:43 - 000447248 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2018-01-16 18:16 - 2016-03-25 22:52 - 000000000 ____D C:\Users\maran\Documents\Syncios
2018-01-16 18:08 - 2016-11-18 10:20 - 000000000 ____D C:\Program Files (x86)\Syncios
2018-01-14 11:29 - 2017-04-13 23:34 - 000000000 ____D C:\ProgramData\KMSAutoS
2018-01-14 11:28 - 2016-04-14 17:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-14 11:22 - 2017-10-11 21:31 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-14 11:22 - 2016-08-30 11:16 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-12 13:59 - 2017-11-04 12:51 - 000000000 ____D C:\Program Files\rempl
2018-01-01 19:50 - 2016-03-25 22:50 - 000000000 ____D C:\Users\maran\Documents\Simple Sticky Notes

==================== Files in the root of some directories =======

2016-06-16 21:53 - 2018-01-17 13:12 - 000000132 _____ () C:\Users\maran\AppData\Roaming\Adobe PNG Format CC Prefs
2016-03-27 01:15 - 2016-03-27 01:20 - 000351908 _____ () C:\Users\maran\AppData\Roaming\itunesart
2017-08-17 20:23 - 2017-08-17 20:23 - 000003072 _____ () C:\Users\maran\AppData\Roaming\Photobook Designer Prefsv3
2017-01-29 14:05 - 2017-01-29 14:09 - 318912029 _____ () C:\Users\maran\AppData\Local\ACCCx3_9_5_353.zip.aamdownload
2017-01-29 14:05 - 2017-01-29 14:09 - 000003560 _____ () C:\Users\maran\AppData\Local\ACCCx3_9_5_353.zip.aamdownload.aamd
2017-06-13 17:34 - 2018-01-17 13:06 - 000001456 _____ () C:\Users\maran\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-02-22 02:40 - 2017-02-22 02:41 - 000000600 _____ () C:\Users\maran\AppData\Local\PUTTY.RND

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-17 09:58

==================== End of FRST.txt ============================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.01.2018
Ran by maran (27-01-2018 16:16:33)
Running from C:\Users\maran\Desktop
Windows 10 Enterprise Version 1709 16299.192 (X64) (2018-01-17 02:41:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2763142683-1454455776-2827359566-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2763142683-1454455776-2827359566-503 - Limited - Disabled)
Guest (S-1-5-21-2763142683-1454455776-2827359566-501 - Limited - Disabled)
maran (S-1-5-21-2763142683-1454455776-2827359566-1001 - Administrator - Enabled) => C:\Users\maran
WDAGUtilityAccount (S-1-5-21-2763142683-1454455776-2827359566-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: IObit Malware Fighter (Disabled - Out of date) {2C1A27ED-EADF-56B0-8FBA-D38AFF9152A2}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5 64-bit (HKLM\...\{6C1A010F-9108-4162-A26F-9FEC4AC0F0F0}) (Version: 5.0.1 - Adobe)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced SystemCare 10 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 10.3.0 - IObit)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1202.1711.103 - Alps Electric)
Apache Tomcat 7.0 Tomcat7 (remove only) (HKLM\...\Apache Tomcat 7.0 Tomcat7) (Version:  - )
AppHelper (HKLM-x32\...\AppHelper) (Version: 1.0 - AppHelper) <==== ATTENTION
Apple Application Support (32-bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
AzureTools.Notifications (HKLM-x32\...\{3FBFCF2C-392A-4632-9442-14C305B44D5E}) (Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (HKLM-x32\...\{0B5E43C7-965D-4AF4-A33E-5FA35B6660C8}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
BitTorrent (HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
Blend for Visual Studio 2013 (HKLM-x32\...\{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (HKLM-x32\...\{9ED1634C-4E71-4992-A1BA-7C4BE6EE39E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (HKLM-x32\...\{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 7.35.275.0 - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.695 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Build Tools - amd64 (HKLM\...\{F74753A3-C93C-34F5-A199-993CAF602B7D}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{FB3A15FD-FC67-3A2F-892B-6890B0C56EA9}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (HKLM\...\{05198C22-FFCE-374A-B190-9F18CC99DAEA}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (HKLM-x32\...\{9347889B-C22A-3905-901F-C05D8F73C929}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Dell SMA Connect Tunnel (HKLM\...\{C338ACAC-7162-42E3-8B8C-85E5746F4A2E}) (Version: 11.40.363 - Dell Inc.)
Dotfuscator and Analytics Community Edition (HKLM-x32\...\{2386192E-D6DB-4AD2-9564-65586A0AE53E}) (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Driver Booster 4.3 (HKLM-x32\...\Driver Booster_is1) (Version: 4.3.0 - IObit)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Freemake Video Converter version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
get_iplayer 2.94.0 (HKLM-x32\...\get_iplayer) (Version: 2.94.0 - )
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.12.0.84 - NVIDIA Corporation) Hidden
Git version 2.15.0 (HKLM\...\Git_is1) (Version: 2.15.0 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hotspot Shield 6.0.4 Embedded (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925B127E98F}) (Version: 6.0.4.9836 - Buildbot) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP AC Power Control (HKLM\...\{F819C151-FFEE-4F01-BE68-0D1F76574F44}) (Version: 1.0.6 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{6B1ECC61-B581-400D-BFAF-101B1AAEA5AB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{1BDD178E-43DC-4063-B480-BA2BAE03E2A0}) (Version: 1.1.15.1 - HP)
IDM Crack 6.25 build 20 (HKLM-x32\...\IDM Crack 6.25 build 20) (Version: build 21 - Crackingpatching.com Team)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IObit Malware Fighter 5 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 5.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.510 - IObit)
iTunes (HKLM\...\{F2517A28-8CB8-4206-B86C-5EDD4EA26682}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JavaScript Tooling (HKLM\...\{2044FC4C-4EA3-4113-BC1E-962DF568D201}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
LocalESPC Dev12 (HKLM-x32\...\{492498A3-F88C-FE2F-755C-9B1B91724CA5}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (HKLM-x32\...\{B1C38F27-D377-8C98-D98D-29B67C0B978D}) (Version: 8.100.25984 - Microsoft) Hidden
MacType (HKLM\...\{E68951B7-9D7A-4727-9203-34909E3358D1}) (Version: 1.17.0628 - FlyingSnow) Hidden
MacType (HKLM\...\MacType 1.17.0628) (Version: 1.17.0628 - FlyingSnow)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.8827.2148 - Microsoft Corporation)
Microsoft Office Project Professional 2003 (HKLM-x32\...\{903B0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OLE DB Provider for DB2 Version 5.0 (HKLM\...\Microsoft OLE DB Provider for DB2 Version 5.0) (Version: 9.0.2148.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{C3525BF7-3698-4CD3-A8C3-69BD6F57BA3B}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Policies  (HKLM-x32\...\{1C30FE7E-8A8C-4492-89D6-10CB20C3B0EB}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service  (HKLM\...\{1A73AF5D-69EE-4AE0-917C-2429CE593A86}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{E3F613C1-105F-4717-BFE7-007729A95D67}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Mozilla Firefox 58.0 (x64 en-US) (HKLM\...\Mozilla Firefox 58.0 (x64 en-US)) (Version: 58.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Node.js (HKLM\...\{BE0419EB-A814-41F0-8E4B-A94E0BAE1C40}) (Version: 9.2.0 - Node.js Foundation)
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.73 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{D18925CE-5AF9-4394-8EF7-1081FFE7E98B}) (Version: 1.2.0 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 3 (HKLM-x32\...\{F0C70F68-E57F-4D76-A012-E20F8E12946E}) (Version: 1.4.1 - OLYMPUS IMAGING CORP.)
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Photobook Designer (HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Photobook Designer) (Version: Photobook Designer 2016.2.0 - Photobook Worldwide)
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}) (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PremiumSoft Navicat 11.2 for MySQL (HKLM\...\PremiumSoft Navicat for MySQL_is1) (Version: 11.2.15 - PremiumSoft CyberTech Ltd.)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Pushbullet version 338 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc)
Python Tools Redirection Template (HKLM-x32\...\{EE541DCE-3018-4A12-B0A3-7C55D62B3D01}) (Version: 1.1 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8198 - Realtek Semiconductor Corp.)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SharePoint Client Components (HKLM\...\{95150001-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Simple Sticky Notes 4.1 (HKLM-x32\...\Simple Sticky Notes_is1) (Version:  - Simnet Ltd.)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.104 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
SourceTree (HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\SourceTree) (Version: 2.3.5 - Atlassian)
Spotify (HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Spotify) (Version: 1.0.72.117.g6bd7cc73 - Spotify AB)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{51E5BC99-A087-4CFF-8D93-462903EA7E12}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2014 Client Tools (HKLM\...\{2BA1811B-44C0-4C50-8C5A-CE68AB25ED71}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Client Tools (HKLM\...\{B5ECFA5C-AC4F-45A4-A12E-A76ABDD9CCBA}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{C8511A82-E9FD-4B6D-B1B2-378589D2B48A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{D45C3EC4-282E-4798-98C7-E7BF2362F04E}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (HKLM\...\{1D01EDF6-7E93-4FEE-AA09-C5669511100C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (HKLM\...\{5EACF47D-EB70-4FE0-83DE-9FD9693C24B9}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (HKLM\...\{832D6A7D-13F7-42CB-9AC6-5859800269AE}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Full text search (HKLM\...\{B40B7A25-308B-4650-8B42-E51710CDD4D9}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{75A54138-3B98-4705-92E4-F619825B121F}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{839EF29A-3055-43DC-ADCE-8E84893798D5}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (HKLM\...\{026E123D-2160-46C7-A801-87D27D46835E}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (HKLM\...\{700C00BA-E947-4B77-8EF1-588DF210E931}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{BED1EA3D-592D-4305-9D1F-20F03726EFC1}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQLyog Trial 12.2.6 (64 bit) (HKLM\...\SQLyogTrial64) (Version: 12.2.6 (64 bit) - Webyog Inc.)
Sublime Text Build 3103 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Syncios 6.2.8 (HKLM-x32\...\Syncios) (Version: 6.2.8 - Anvsoft)
Team Explorer for Microsoft Visual Studio 2013 (HKLM-x32\...\{C9E7751E-88ED-36CF-B610-71A1D262E906}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1F3E59DD-7DCE-4103-9528-57DA43134312}) (Version: 2.9.0.0 - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
VLC Codec Pack 2.0.5 (HKLM-x32\...\VLC - Codec Pack) (Version: 2.0.5 - VLC Codec Pack)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WCF Data Services 5.6.0 Runtime (HKLM-x32\...\{46910786-E4AC-41E4-A4A0-C086EA85242D}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{BF3E2194-F89B-44FB-A801-464BF787599F}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Driver Package - Silicon Laboratories Inc. (silabser) Ports  (11/15/2017 10.1.1.1951) (HKLM\...\2F76489DEE77636B5480589830C533A6045D8A7A) (Version: 11/15/2017 10.1.1.1951 - Silicon Laboratories Inc.)
WonderFox DVD Video Converter 10.0 (HKLM-x32\...\WonderFox DVD Video Converter) (Version: 10.0 - WonderFox Soft, Inc.)
Wondershare Dr.Fone for iOS v7.0.0.12 (HKLM-x32\...\Wondershare Dr.Fone for iOS v7.0.0.12) (Version: v7.0.0.12 - www.crackingpatching.com)
Workflow Manager Client 1.0 (HKLM\...\{199C6892-5DED-409B-88B2-3BE6421552B2}) (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{E1F79421-EC32-437F-8525-ABE902C85AC5}) (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 7.0.6-0 - Bitnami)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-08-09] (Igor Pavlov)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-08-09] (Igor Pavlov)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-08-09] (Igor Pavlov)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0001F2B3-853B-42CE-AC2C-92E3C6C49A6B} - System32\Tasks\Uninstaller_SkipUac_maran => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-12-15] (IObit)
Task: {297AFDFE-E63B-41F3-9A04-11D354FF6F7B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {369A78B1-F8D4-4332-9AF6-A4379D191260} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {36F9B1D4-A62D-4BC8-ADA6-54BB0CD8BDB0} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {3D982443-182C-48D2-8016-3CE31763262D} - System32\Tasks\ASC10_SkipUac_maran => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2017-03-30] (IObit)
Task: {3DB32C02-B7DA-4076-9D77-9754C0A8706A} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2018-01-16] ()
Task: {535148CE-7F44-49F5-A0CC-302AFEFEF15A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-22] (Microsoft Corporation)
Task: {597E9DA0-2374-4EF8-BA10-6BE103921794} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {5D5DFCEA-E912-47DA-893A-759B6E31E7AB} - System32\Tasks\Driver Booster SkipUAC (maran) => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe [2017-03-16] (IObit)
Task: {6412D68E-CAD5-4C41-A19A-AFFEB5C6BE09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-21] (Google Inc.)
Task: {7C67BF94-5740-462C-B56E-C821F960EE7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-23] (Microsoft Corporation)
Task: {7F933E2D-A0E6-4E43-8BEB-9E6DCE6DF6C8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {8211EF50-E1D3-401E-A126-0EE1BF09B84D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-23] (Microsoft Corporation)
Task: {8EEBEE57-BF84-4411-8274-B19AA0D52E6A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-22] (Microsoft Corporation)
Task: {9F4C2589-0FE5-4EF2-82B4-49304A5615B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-23] (Microsoft Corporation)
Task: {9FF76584-9CB2-4198-9591-6FEED617F969} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {AA18A38A-4E01-4CC9-A54E-87A17FCB6CE3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BD926246-1C95-425E-9DFF-206C6A53C56E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-22] (Microsoft Corporation)
Task: {C95B7C62-13DA-41A7-A8C5-5214B08C477D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-23] (Microsoft Corporation)
Task: {CB34B316-FE5F-4036-9E90-82F95BF61720} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
Task: {CE9A4E38-027B-4845-9FC8-C449DB5C8851} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-21] (Google Inc.)
Task: {D076B46B-7B4F-44D6-A4F7-EAC677EED3C9} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Task: {D198FBE8-CBF5-4E47-98BF-C112A7A87AB6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-22] (Microsoft Corporation)
Task: {D1CFD842-0179-48AA-B5A6-BF8360B2F552} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-11-21] (IObit)
Task: {D3EA0B75-9945-4FBF-8E5A-1599788FA1F5} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\Scheduler.exe [2017-03-10] (IObit)
Task: {F292A3F9-172F-4179-8A1D-52A8F9A7043C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {FEC5FB89-AB0B-4371-9D63-35C8BB478E62} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_maran.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Tomcat Home Page.lnk -> hxxp://tomcat.apache.org
Shortcut: C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Tomcat Manager.lnk -> hxxp://127.0.0.1:8080/manager/htm
Shortcut: C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Welcome.lnk -> hxxp://127.0.0.1:8080

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 21:41 - 2017-09-29 21:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-05-06 03:11 - 2016-05-06 03:11 - 000258016 _____ () C:\WINDOWS\ngmsi.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-25 22:38 - 2015-03-26 01:51 - 011045376 _____ () C:\xampp\mysql\bin\mysqld.exe
2018-01-22 13:47 - 2018-01-22 13:47 - 008934568 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2017-12-14 09:40 - 2017-12-14 09:40 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 09:40 - 2017-12-14 09:40 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-03-25 22:37 - 2013-06-17 19:42 - 002569216 _____ () C:\xampp\xampp-control.exe
2018-01-17 11:41 - 2018-01-17 11:41 - 004698840 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.13.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-19 11:33 - 2018-01-19 11:35 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-19 11:33 - 2018-01-19 11:35 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-19 11:33 - 2018-01-19 11:35 - 024677376 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-03 17:16 - 2018-01-03 17:18 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-19 11:33 - 2018-01-19 11:35 - 000667648 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-03-25 22:37 - 2015-01-29 00:04 - 000404480 _____ () C:\xampp\apache\bin\pcre.dll
2016-03-25 22:39 - 2015-04-16 06:30 - 000129536 _____ () C:\xampp\php\libpq.dll
2016-03-25 22:37 - 2015-04-16 06:30 - 000166912 _____ () C:\xampp\apache\bin\libssh2.dll
2017-01-29 14:01 - 2016-10-13 18:03 - 000624960 _____ () C:\Program Files (x86)\iFunSoft\iFunSoft Updater\ProductStatistics.dll
2017-01-29 13:59 - 2016-06-21 19:30 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2017-01-29 13:59 - 2016-06-21 19:29 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2017-01-29 13:59 - 2016-06-21 19:29 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-12-07 16:23 - 2016-01-11 17:03 - 000899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
2016-12-07 16:22 - 2016-01-11 17:02 - 000630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
2017-04-11 14:31 - 2015-12-28 13:50 - 000899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
2017-04-11 14:31 - 2016-09-26 13:59 - 000631072 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
2018-01-23 19:29 - 2006-09-04 20:26 - 000014336 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\Tracer.dll
2018-01-23 19:29 - 2011-08-09 15:22 - 000450560 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OSLite.dll
2018-01-23 19:29 - 2014-09-26 10:18 - 000118784 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OlyPalm.dll
2016-05-03 14:59 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-11-28 16:45 - 2016-12-12 16:52 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2017-11-28 16:45 - 2016-12-12 16:52 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2017-11-28 16:45 - 2016-12-12 16:52 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2018-01-25 13:40 - 2018-01-25 13:40 - 068214160 _____ () C:\Users\maran\AppData\Roaming\Spotify\libcef.dll
2018-01-25 13:40 - 2018-01-25 13:40 - 003112848 _____ () C:\Users\maran\AppData\Roaming\Spotify\libglesv2.dll
2018-01-25 13:40 - 2018-01-25 13:40 - 000089488 _____ () C:\Users\maran\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\hola.org -> hxxp://hola.org
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 15:24 - 2018-01-23 09:33 - 000005172 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1     3dns-1.adobe.com
127.0.0.1     3dns-2.adobe.com
127.0.0.1     3dns-3.adobe.com
127.0.0.1     3dns-4.adobe.com
127.0.0.1     3dns.adobe.com
127.0.0.1     activate-sea.adobe.com
127.0.0.1     activate-sjc0.adobe.com
127.0.0.1     activate.adobe.com
127.0.0.1     activate.wip.adobe.com
127.0.0.1     activate.wip1.adobe.com
127.0.0.1     activate.wip2.adobe.com
127.0.0.1     activate.wip3.adobe.com
127.0.0.1     activate.wip4.adobe.com
127.0.0.1     adobe-dns-1.adobe.com
127.0.0.1     adobe-dns-2.adobe.com
127.0.0.1     adobe-dns-3.adobe.com
127.0.0.1     adobe-dns-4.adobe.com
127.0.0.1     adobe-dns.adobe.com
127.0.0.1     adobeereg.com
127.0.0.1     crl.verisign.net
127.0.0.1     ereg.adobe.com
127.0.0.1     ereg.wip.adobe.com
127.0.0.1     ereg.wip1.adobe.com
127.0.0.1     ereg.wip2.adobe.com
127.0.0.1     ereg.wip3.adobe.com
127.0.0.1     ereg.wip4.adobe.com
127.0.0.1     hl2rcv.adobe.com
127.0.0.1     hlrcv.stage.adobe.com
127.0.0.1     ims-na1-prprod.adobelogin.com
127.0.0.1     lm.licenses.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\maran\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dad.jpg
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: Syncios device service => c:\program files (x86)\syncios\synciosdeviceservice.exe
HKLM\...\StartupApproved\StartupFolder: => "TrayMenu.lnk"
HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Syncios device service"
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\StartupApproved\Run: => "Pushbullet"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{57393710-3021-4245-BCA9-EB11FD872AB7}] => (Allow) C:\Program Files (x86)\Syncios\pdt_syncios.exe
FirewallRules: [{1FD1EFDD-D78D-464E-88D6-D4B060AFEFFE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5BB10070-D14B-47B3-9982-E2638F9615EC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{7E516584-D755-4CDA-B840-4865758DC227}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\AutoUpdate.exe
FirewallRules: [{A93A6566-5CD5-42A1-B706-BC85A15F3615}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\AutoUpdate.exe
FirewallRules: [{8BD14BE7-CEC1-44E7-AA89-259F264E78FF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DBDownloader.exe
FirewallRules: [{7D166D9A-9C5A-4D69-8B0A-BC94908ABDB0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DBDownloader.exe
FirewallRules: [{8E16AE2C-944D-45C5-A643-F6B509382145}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe
FirewallRules: [{44862849-878F-4D67-9144-BB3D4B0CAE71}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe
FirewallRules: [{2C4196BA-548A-4799-91C0-53BA949B7117}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [UDP Query User{BD88DDAB-51BA-4F81-9C3A-AD5720D9877E}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [TCP Query User{7ECABE6D-D7B6-48FD-A815-F9208C331A62}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [UDP Query User{AC085348-5593-4054-ACDF-A949CD3A2D6D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{0FD33C1A-7604-42DD-B328-462CBBFC39B5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CFF72286-03BF-4C3D-BDEF-66847FB46BBE}] => (Allow) C:\Program Files (x86)\Syncios\pdt_syncios.exe
FirewallRules: [{2CB9412A-AE40-4E38-9654-EF7AF03A4869}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{35461AF4-947F-493E-9677-AF9669A40215}] => (Allow) C:\Program Files (x86)\Syncios\pdt_syncios.exe
FirewallRules: [{64F538A5-195D-4C0A-A4B6-739C0A3BBE11}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{75574EC5-60B3-4312-B73D-CDAAFC76D42F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9E702C6B-CF11-482F-9930-F2776613C1E8}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{C86F38DB-918C-49C4-86B9-0B7E11DD4FB5}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{19655CE5-3F8F-44EF-9EB2-79C9521EE5A4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{31810015-0001-4258-B003-EFA20015DF26}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BA05E808-A5F1-4F49-AC0E-6AFEE789D592}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{71F7CC28-8C4B-4754-A228-E3BB1388E3FA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DDC86EAB-0859-47D0-9640-55654038539C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E2843F4B-554F-4BB1-8142-F1FE9DB9E819}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D4C55736-E214-489C-B797-58A29B7ABBD3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{FBAD376F-4F53-4634-A0AF-65EDA091EFA6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9190FCF5-F1AD-4578-B181-F576FDEC2A2B}] => (Allow) C:\Program Files (x86)\Syncios\pdt_syncios.exe
FirewallRules: [{AD023FA4-F44F-4E4B-8563-88BD1C872E7F}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{D4A03766-45B4-45B0-A785-ACFAF3409D40}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{4AFDD32B-CE60-4EFD-8062-BF0FFFAEE63D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BF10025B-8E48-4AD8-8486-645F40873E3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CC309FE3-C816-4FEA-A024-F8BF895A2B48}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{090A5867-4A25-465C-A80A-9B53B5304653}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F8E28828-D52F-4159-9E46-32CC85D17AB2}C:\users\maran\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maran\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7F86C295-0B9A-49B6-80F0-59E719F96004}C:\users\maran\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maran\appdata\roaming\spotify\spotify.exe
FirewallRules: [{380A6386-6EC6-4312-9BED-8AFF90EF0362}] => (Allow) LPort=12292
FirewallRules: [{8D8E4BBE-1AAE-47CB-A15E-0BAC7C10176A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{FC3F4C55-6A65-43C7-9080-8658338BAE4A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [TCP Query User{A21A474B-5816-479E-B30D-60CD2A6B7C98}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{F2E2B175-6606-40B0-8797-9D1F7F378618}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{CD46974F-53A6-48F8-A7FD-995D08D9CC71}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{56BE1C7A-C1CF-4C73-925A-512A944AB74B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{B9E08E36-E210-4CBD-98C4-38B6A1A35F4C}C:\program files\java\jdk1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_31\bin\java.exe
FirewallRules: [UDP Query User{244F3E17-4B57-4F21-BE3C-03DF5E70EB1B}C:\program files\java\jdk1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_31\bin\java.exe
FirewallRules: [TCP Query User{0C4447D7-619F-4C94-B332-D71B0E4ABF1D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{BBB78EE0-E1DD-47BA-A44A-67111932E564}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{83E8FAEB-9C43-4C19-95A3-2719DE17E063}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{09855D63-FCC2-4B3C-AAA9-97072AF8CA69}] => (Allow) LPort=54925
FirewallRules: [{93052267-2AFE-4375-AE9F-C008DBC369C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1F7C3221-F305-4B17-8D0A-5D10D350DF59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{35AAE72F-480E-4E86-B7F3-6D1846135C04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{74846C1F-652A-462E-B786-FBF77E070793}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{952A3750-5164-4194-8F38-EFFD7C1D7BF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CF1E95CC-D6FB-4227-8A95-A290941BDF81}] => (Allow) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E898EB0B-98DF-434F-AF43-322214F8BEA9}] => (Allow) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{BDD446F0-9725-4DA4-8757-FB56D0EA3540}] => (Allow) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{46353F42-453A-4F44-82F8-0EBACBE1F485}] => (Allow) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{8DE74859-CE98-4410-9738-C05ADB7B55CF}] => (Allow) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{662ADDEB-4220-4701-9CFC-49CA2998B2F2}] => (Allow) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Device
Description: PCI Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/27/2018 03:28:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkQuarantineRetry

Error: (01/27/2018 03:28:19 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/27/2018 03:28:17 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/27/2018 03:28:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=TimerEvent

Error: (01/27/2018 03:25:19 PM) (Source: PHP-5.6.8) (EventID: 4) (User: )
Description: Event-ID 4

Error: (01/27/2018 03:25:18 PM) (Source: PHP-5.6.8) (EventID: 4) (User: )
Description: Event-ID 4

Error: (01/27/2018 03:23:39 PM) (Source: PHP-5.6.8) (EventID: 4) (User: )
Description: Event-ID 4

Error: (01/27/2018 03:23:39 PM) (Source: PHP-5.6.8) (EventID: 4) (User: )
Description: Event-ID 4

Error: (01/27/2018 12:11:07 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=TimerEvent

Error: (01/26/2018 10:10:05 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=TimerEvent


System errors:
=============
Error: (01/27/2018 04:19:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 55 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/27/2018 04:18:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 54 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/27/2018 04:17:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 53 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/27/2018 04:16:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 52 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/27/2018 04:15:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 51 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/27/2018 04:14:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 50 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/27/2018 04:13:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 49 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/27/2018 04:12:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 48 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/27/2018 04:11:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 47 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/27/2018 04:10:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 46 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.


CodeIntegrity:
===================================
  Date: 2018-01-27 15:33:36.525
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-27 15:33:36.523
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-27 15:32:06.710
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-27 15:32:06.709
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-27 15:29:39.123
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-27 15:29:39.120
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-27 15:28:08.314
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-27 15:28:08.311
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-27 15:27:50.773
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-27 15:27:50.771
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 82%
Total physical RAM: 4030.29 MB
Available physical RAM: 694.63 MB
Total Virtual: 7102.29 MB
Available Virtual: 2304.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.95 GB) (Free:2.89 GB) NTFS
Drive d: () (Fixed) (Total:232.86 GB) (Free:36.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1EBF2B18)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=468 MB) - (Type=27)
Partition 4: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

I've been scratching my head because of this error since last year. :/ I couldn't remember what I've installed anymore.


  • 0

Advertisements

#2
zep516
Posted 27 January 2018 - 08:06 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpectedhappens, don't continue Stop and ask! Never be afraid to ask questions! :)

Your host file shows a possible Pirated copy of Adobe photo shop.
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
Uninstall the program Adobe and I'll help you, otherwise no help will be given. It's against forum policy to assist in these type of situations.

If you decide to follow through please re -post log reports directly to forum. Do not enclose logs in code boxes or anything like that.

Thanks
Joe :)
  • 0

#3
bonhiver
Posted 30 January 2018 - 05:57 AM

bonhiver

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpectedhappens, don't continue Stop and ask! Never be afraid to ask questions! :)

Your host file shows a possible Pirated copy of Adobe photo shop.

127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
Uninstall the program Adobe and I'll help you, otherwise no help will be given. It's against forum policy to assist in these type of situations.

If you decide to follow through please re -post log reports directly to forum. Do not enclose logs in code boxes or anything like that.

Thanks
Joe :)

 

Thank you for the willingness to help! I have uninstalled Adobe Photoshop CC and I can still see the error. Do I need to uninstall all Adobe programs?

 

New logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by maran (administrator) on MARANATHA (30-01-2018 19:46:37)
Running from C:\Users\maran\Desktop
Loaded Profiles: maran (Available Profiles: maran & ReportServer & MSSQLFDLauncher & MSSQLSERVER)
Platform: Windows 10 Enterprise Version 1709 16299.192 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(HP) C:\Windows\System32\HP3DDGService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Dell Inc.) C:\Windows\System32\ngvpnmgr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(iFunSoft) C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
() C:\xampp\mysql\bin\mysqld.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\Scheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Simnet Ltd. ) C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(BitTorrent Inc.) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe
(OLYMPUS IMAGING CORP.) C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
() C:\xampp\xampp-control.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(BitTorrent Inc.) C:\Users\maran\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(BitTorrent Inc.) C:\Users\maran\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\slui.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.188_none_16c3dcde323064d9\TiWorker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230304 2017-12-09] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [735544 2015-08-07] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2015-09-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5764384 2017-11-20] (IObit)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [55664 2014-11-19] (OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [SmartRAM] => C:\Program Files (x86)\IObit\Advanced SystemCare\Suo10_SmartRAM.exe [562976 2017-02-10] (IObit)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [Simple Sticky Notes] => C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe [1461768 2018-01-21] (Simnet Ltd. )
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [Advanced SystemCare 10] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3920672 2017-03-30] (IObit)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [Eztion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\maran\AppData\Local\YQPack\dchwypkt.dll <==== ATTENTION
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4019312 2017-03-28] (Tonec Inc.)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [BitTorrent] => C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe [2150088 2017-07-15] (BitTorrent Inc.)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [420208 2014-11-19] (OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [Spotify Web Helper] => C:\Users\maran\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-25] (Spotify Ltd)
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell VPN Connection.lnk [2017-06-18]
ShortcutTarget: Dell VPN Connection.lnk ->  (No File)
Startup: C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XAMPP Control Panel.lnk [2016-09-20]
ShortcutTarget: XAMPP Control Panel.lnk -> C:\xampp\xampp-control.exe ()
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2763142683-1454455776-2827359566-1001] => 170.1.188.133:8080
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{25ebb883-603b-4b94-a76c-207203c47890}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{29f5be8f-0fe6-4823-b582-2fbf60071e3f}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{88dd9597-2871-44ac-aa21-01f8e2713050}: [DhcpNameServer] 192.168.15.1

Internet Explorer:
==================
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-01-22] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-22] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-01-22] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-13] (Oracle Corporation)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2016-08-03] (IObit)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-01-22] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-13] (Oracle Corporation)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: jc83uiyi.default
FF ProfilePath: C:\Users\maran\AppData\Roaming\Mozilla\Firefox\Profiles\jc83uiyi.default [2018-01-30]
FF user.js: detected! => C:\Users\maran\AppData\Roaming\Mozilla\Firefox\Profiles\jc83uiyi.default\user.js [2017-12-13]
FF Extension: (Looking Glass) - C:\Users\maran\AppData\Roaming\Mozilla\Firefox\Profiles\jc83uiyi.default\Extensions\[email protected] [2017-12-13] [Legacy]
FF Extension: (Wildfire) - C:\Users\maran\AppData\Roaming\Mozilla\Firefox\Profiles\jc83uiyi.default\Extensions\[email protected] [2018-01-22]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2016\\antispam32\bdwteff => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2016\\antispam32\bdwteff => not found
FF HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (No Name) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2017-03-28]
FF HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26] [Legacy]
FF HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\maran\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\maran\AppData\Roaming\IDM\idmmzcc5 [2017-04-13] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxp://search.babylon.com/?affID=111015&tt=300511_band1&babsrc=HP_ss&mntrId=e4234abc000000000000000000000000
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR NewTab: Default ->  Active:"chrome-extension://oeiijfgmbaopeehamdhiiepidbpfkcda/index.html"
CHR Profile: C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default [2018-01-30]
CHR Extension: (Adblock Plus) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-29]
CHR Extension: (Pushbullet) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2017-12-11]
CHR Extension: (iMacros for Chrome) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2018-01-22]
CHR Extension: (Grammarly for Chrome) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-01-29]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2018-01-24]
CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-12-21]
CHR Extension: (SessionBox - Free multi login to any website) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\megbklhjamjbcafknkgmokldgolkdfig [2018-01-24]
CHR Extension: (Everliker | Free Bot) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbohdphjekodehfnilakihailcpjcdkm [2018-01-30]
CHR Extension: (IDM Integration Module) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-01-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (FOCUS) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolfchbaajenmoghacolnbilmdfjeabi [2017-12-13]
CHR Extension: (OverTask) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeiijfgmbaopeehamdhiiepidbpfkcda [2017-12-13]
CHR Extension: (Chrome Media Router) - C:\Users\maran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-13]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-04-07]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-04-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2017-03-21] (IObit)
R2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2015-01-29] (Apache Software Foundation) [File not signed]
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [104824 2015-08-07] (Alps Electric Co., Ltd.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2018-01-18] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7780528 2018-01-15] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-26] (NVIDIA Corporation)
R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2015-09-03] (Hewlett-Packard Development Company, L.P.)
S3 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 iFunSoftUpdaterSvc; C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe [2956472 2017-12-25] (iFunSoft)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [359848 2015-09-09] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1769760 2017-11-14] (IObit)
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S4 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
S2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation)
S3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation)
S2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation)
R2 mysql; C:\xampp\mysql\bin\mysqld.exe [11045376 2015-03-26] () [File not signed]
R2 NgVpnMgr; C:\WINDOWS\system32\ngvpnmgr.exe [584160 2016-05-06] (Dell Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-26] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-26] (NVIDIA Corporation)
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2467008 2015-04-20] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-12-09] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Corporation)
S4 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2016-03-27] () [File not signed]
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation)
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 Tomcat7; C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe [103936 2013-10-18] (Apache Software Foundation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-23] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-23] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe [440832 2016-12-15] (Wondershare) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [54296 2017-10-03] (HP)
R3 bcbtums; C:\WINDOWS\system32\DRIVERS\bcbtums.sys [186152 2017-12-09] (Broadcom Corporation.)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11794376 2017-07-13] (Broadcom Corp)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (www.winchiphead.com)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S1 DNE; C:\WINDOWS\system32\DRIVERS\dnelwf64.sys [327976 2015-10-14] (Citrix Systems, Inc.)
S3 ElcMouLFlt; C:\WINDOWS\System32\drivers\ElcMouLFlt.sys [28648 2015-09-10] (ELECOM)
S3 ElcMouUFlt; C:\WINDOWS\System32\drivers\ElcMouUFlt.sys [27624 2015-09-10] (ELECOM)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-12-03] (EldoS Corporation)
S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-12-09] (ELAN Microelectronic Corp.)
R2 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [183576 2016-12-05] (BitDefender LLC)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [40472 2017-10-03] (HP)
S1 HssDRV6; C:\WINDOWS\system32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-03-29] (REALiX™)
R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [44096 2017-03-17] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39288 2017-03-08] (IObit.com)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40440 2017-02-17] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [34080 2017-06-23] (IObit.com)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R1 MpKsl05d0c8ed; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6E075A18-B457-4052-9A2D-4393F473B8CF}\MpKsl05d0c8ed.sys [58120 2018-01-30] (Microsoft Corporation)
S3 NgFilter; C:\WINDOWS\System32\drivers\ngfilter.sys [35088 2016-05-03] (Dell Inc.)
R3 NgLog; C:\WINDOWS\System32\drivers\nglog.sys [39176 2016-05-03] (Dell Inc.)
R3 NgVpn; C:\WINDOWS\System32\drivers\ngvpn.sys [118536 2016-05-03] (Dell Inc.)
R3 NgWfp; C:\WINDOWS\System32\drivers\ngwfp.sys [39688 2016-05-03] (Dell Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_c8a41364c1b3daa8\nvlddmkm.sys [17036560 2018-01-16] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50808 2017-12-09] (NVIDIA Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52792 2017-02-17] (IObit.com)
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation)
S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-09-11] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [259584 2017-09-29] (Microsoft Corporation)
S3 silabser; C:\WINDOWS\System32\DriverStore\FileRepository\silabser.inf_amd64_b0120324baa1f160\silabser.sys [92952 2017-11-16] (Silicon Laboratories Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-03-29] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\TRUFOS.sys [520032 2016-12-05] (BitDefender S.R.L.)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] () [File not signed]
S1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-23] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-23] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-23] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [32832 2017-12-09] (HP)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-30 19:43 - 2018-01-30 19:43 - 000003026 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (maran)
2018-01-30 19:43 - 2018-01-30 19:43 - 000000000 ____D C:\Users\maran\Desktop\FRST-OlderVersion
2018-01-30 19:42 - 2018-01-30 19:43 - 002393088 _____ (Farbar) C:\Users\maran\Desktop\FRST64.exe
2018-01-30 19:39 - 2018-01-30 19:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-01-30 19:38 - 2018-01-30 19:38 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-30 10:30 - 2018-01-30 10:30 - 001618384 _____ (eSupport.com, Inc ) C:\Users\maran\Downloads\drvagentrsplus-4465454813.exe
2018-01-30 10:17 - 2018-01-30 10:18 - 000151557 _____ C:\Users\maran\Downloads\CH341SER_MAC(2).ZIP
2018-01-30 10:16 - 2018-01-30 10:16 - 000151557 _____ C:\Users\maran\Downloads\CH341SER_MAC(1).ZIP
2018-01-30 08:43 - 2018-01-30 08:44 - 000151557 _____ C:\Users\maran\Downloads\CH341SER_MAC.ZIP
2018-01-29 17:39 - 2018-01-29 22:12 - 000000000 ____D C:\Users\maran\Documents\Arduino
2018-01-29 17:39 - 2018-01-29 17:39 - 000000000 ____D C:\Users\maran\AppData\Roaming\Arduino15
2018-01-29 17:39 - 2018-01-29 17:39 - 000000000 ____D C:\Users\maran\.jssc
2018-01-29 17:38 - 2018-01-29 17:38 - 000001076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk
2018-01-29 17:38 - 2018-01-29 17:38 - 000001064 _____ C:\Users\Public\Desktop\Arduino.lnk
2018-01-29 17:32 - 2018-01-29 17:37 - 000000000 ____D C:\Program Files (x86)\Arduino
2018-01-27 16:21 - 2018-01-27 16:21 - 000098753 _____ C:\Users\maran\Desktop\Shortcut.txt
2018-01-27 16:16 - 2018-01-27 16:21 - 000071242 _____ C:\Users\maran\Desktop\Addition.txt
2018-01-27 16:12 - 2018-01-30 19:49 - 000030379 _____ C:\Users\maran\Desktop\FRST.txt
2018-01-27 16:08 - 2018-01-30 19:46 - 000000000 ____D C:\FRST
2018-01-26 00:28 - 2018-01-26 00:28 - 000000000 ____D C:\Users\maran\Downloads\Logan (2017) [YTS.AG]
2018-01-25 23:32 - 2018-01-25 23:32 - 000000000 ____D C:\Users\maran\Downloads\Room (2015) [YTS.AG]
2018-01-25 23:22 - 2018-01-25 23:22 - 000000000 ____D C:\Users\maran\Downloads\Mother! (2017) [YTS.AG]
2018-01-25 23:20 - 2018-01-25 23:20 - 000000000 ____D C:\Users\maran\Downloads\Atomic Blonde (2017) [YTS.AG]
2018-01-25 23:18 - 2018-01-25 23:18 - 000000000 ____D C:\Users\maran\Downloads\American Made (2017) [YTS.AG]
2018-01-25 23:03 - 2018-01-25 23:03 - 000000000 ____D C:\Users\maran\Desktop\test
2018-01-25 16:29 - 2018-01-25 18:09 - 000000000 ____D C:\Users\maran\Downloads\Paddington (2014)
2018-01-25 16:23 - 2018-01-25 16:23 - 000000000 ____D C:\Users\maran\Downloads\Storks (2016) [YTS.AG]
2018-01-25 16:19 - 2018-01-25 16:19 - 000000000 ____D C:\Users\maran\Downloads\Throne Of Elves (2016) [YTS.AG]
2018-01-25 16:11 - 2018-01-25 16:11 - 000000000 ____D C:\Users\maran\Downloads\Bright (2017) [YTS.AG]
2018-01-25 15:23 - 2018-01-25 15:23 - 000000000 ____D C:\Users\maran\Downloads\The LEGO Ninjago Movie (2017) [YTS.AG]
2018-01-25 13:30 - 2018-01-25 13:30 - 000000000 ____D C:\Users\maran\Downloads\The Jungle Book (1967) [YTS.AG]
2018-01-25 13:08 - 2018-01-25 13:08 - 000000000 ____D C:\Users\maran\Downloads\Happy Death Day (2017) [YTS.AG]
2018-01-25 13:05 - 2018-01-25 14:32 - 000000000 ____D C:\Users\maran\Downloads\Tangled (2010)
2018-01-25 13:02 - 2018-01-25 14:45 - 000000000 ____D C:\Users\maran\Downloads\Dinosaur (2000)
2018-01-25 13:02 - 2018-01-25 13:14 - 000000000 ____D C:\Users\maran\Downloads\Wreck-It Ralph (2012)
2018-01-25 13:00 - 2018-01-25 13:12 - 000000000 ____D C:\Users\maran\Downloads\The Boxtrolls (2014)
2018-01-25 12:58 - 2018-01-25 12:58 - 000000000 ____D C:\Users\maran\Downloads\The Iron Giant (1999) [YTS.AG]
2018-01-25 09:32 - 2018-01-25 22:35 - 000000000 ____D C:\Users\maran\Downloads\Omohide Poro Poro (Only Yesterday)
2018-01-24 21:07 - 2018-01-24 21:07 - 000000000 ____D C:\Users\maran\Downloads\Valerian And The City Of A Thousand Planets (2017) [YTS.AG]
2018-01-24 20:25 - 2018-01-25 14:37 - 000000000 ____D C:\Users\maran\Downloads\Geostorm (2017) [YTS.AG]
2018-01-24 20:24 - 2018-01-24 20:25 - 000000000 ____D C:\Users\maran\Downloads\Thor Ragnarok (2017) [YTS.AG]
2018-01-24 17:38 - 2018-01-24 18:28 - 742156461 ____R C:\Users\maran\Downloads\[AnimeRG] Wolf Children (Ookami Kodomo no Ame to Yuki) (Dual Audio) [BD-720p-8bit] [KaMi].mkv
2018-01-24 17:38 - 2018-01-24 17:38 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-24 17:38 - 2018-01-24 17:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-24 17:38 - 2018-01-24 17:38 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-24 17:32 - 2018-01-02 01:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-24 17:32 - 2018-01-01 20:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-24 17:32 - 2018-01-01 20:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-24 17:32 - 2018-01-01 20:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-24 17:32 - 2018-01-01 20:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-24 17:32 - 2018-01-01 20:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-24 17:32 - 2018-01-01 20:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-24 17:32 - 2018-01-01 20:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-24 17:32 - 2018-01-01 20:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-24 17:32 - 2018-01-01 20:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-24 17:32 - 2018-01-01 20:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-24 17:32 - 2018-01-01 20:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-24 17:32 - 2018-01-01 20:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-24 17:32 - 2018-01-01 20:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-24 17:32 - 2018-01-01 20:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-24 17:32 - 2018-01-01 20:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-24 17:32 - 2018-01-01 20:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-24 17:32 - 2018-01-01 20:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-24 17:32 - 2018-01-01 20:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-24 17:32 - 2018-01-01 20:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-24 17:32 - 2018-01-01 20:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-24 17:32 - 2018-01-01 20:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-24 17:32 - 2018-01-01 20:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-24 17:32 - 2018-01-01 20:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-24 17:32 - 2018-01-01 20:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-24 17:32 - 2018-01-01 20:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-24 17:32 - 2018-01-01 20:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-24 17:32 - 2018-01-01 20:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-24 17:32 - 2018-01-01 20:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-24 17:32 - 2018-01-01 20:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-24 17:32 - 2018-01-01 20:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-24 17:32 - 2018-01-01 20:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-24 17:32 - 2018-01-01 20:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-24 17:32 - 2018-01-01 20:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-24 17:32 - 2018-01-01 19:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-24 17:32 - 2018-01-01 19:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-24 17:32 - 2018-01-01 19:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-24 17:32 - 2018-01-01 19:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-24 17:32 - 2018-01-01 19:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-24 17:32 - 2018-01-01 19:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-24 17:32 - 2018-01-01 19:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-24 17:32 - 2018-01-01 19:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-24 17:32 - 2018-01-01 19:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-24 17:32 - 2018-01-01 19:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-24 17:32 - 2018-01-01 19:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-24 17:32 - 2018-01-01 19:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-24 17:32 - 2018-01-01 19:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-24 17:32 - 2018-01-01 19:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-24 17:32 - 2018-01-01 19:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-24 17:32 - 2018-01-01 19:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-24 17:32 - 2018-01-01 19:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-24 17:32 - 2018-01-01 19:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-24 17:32 - 2018-01-01 19:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-24 17:32 - 2018-01-01 19:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-24 17:32 - 2018-01-01 19:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-24 17:32 - 2018-01-01 19:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-24 17:32 - 2018-01-01 19:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-24 17:32 - 2018-01-01 19:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-24 17:32 - 2018-01-01 19:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-24 17:32 - 2018-01-01 19:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-24 17:32 - 2018-01-01 19:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-24 17:32 - 2018-01-01 19:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-24 17:32 - 2018-01-01 19:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-24 17:32 - 2018-01-01 19:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-24 17:32 - 2018-01-01 19:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-24 17:32 - 2018-01-01 19:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-24 17:32 - 2018-01-01 19:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-24 17:32 - 2018-01-01 19:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-24 17:32 - 2018-01-01 19:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-24 17:32 - 2018-01-01 19:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-24 17:32 - 2018-01-01 19:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-24 17:32 - 2018-01-01 19:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-24 17:32 - 2018-01-01 19:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-24 17:32 - 2018-01-01 19:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-24 17:32 - 2018-01-01 19:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-24 17:32 - 2018-01-01 19:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-24 17:32 - 2018-01-01 19:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-24 17:32 - 2018-01-01 19:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-24 17:32 - 2018-01-01 19:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-24 17:32 - 2018-01-01 19:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-24 17:32 - 2018-01-01 19:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-24 17:32 - 2018-01-01 19:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-24 17:32 - 2018-01-01 19:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-24 17:32 - 2018-01-01 19:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-24 17:32 - 2018-01-01 19:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-24 17:32 - 2018-01-01 19:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-24 17:32 - 2018-01-01 19:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-24 17:31 - 2018-01-01 20:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-24 17:31 - 2018-01-01 20:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-24 17:31 - 2018-01-01 20:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-24 17:31 - 2018-01-01 20:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-24 17:31 - 2018-01-01 20:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-24 17:31 - 2018-01-01 20:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-24 17:31 - 2018-01-01 20:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-24 17:31 - 2018-01-01 20:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-24 17:31 - 2018-01-01 20:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-24 17:31 - 2018-01-01 20:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-24 17:31 - 2018-01-01 20:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-24 17:31 - 2018-01-01 20:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-24 17:31 - 2018-01-01 20:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-24 17:31 - 2018-01-01 20:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-01-24 17:31 - 2018-01-01 20:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-01-24 17:31 - 2018-01-01 20:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-24 17:31 - 2018-01-01 20:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-24 17:31 - 2018-01-01 20:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-24 17:31 - 2018-01-01 20:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-01-24 17:31 - 2018-01-01 20:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-24 17:31 - 2018-01-01 20:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-24 17:31 - 2018-01-01 20:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-24 17:31 - 2018-01-01 20:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-24 17:31 - 2018-01-01 20:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-24 17:31 - 2018-01-01 20:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-01-24 17:31 - 2018-01-01 20:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-24 17:31 - 2018-01-01 20:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-24 17:31 - 2018-01-01 20:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-01-24 17:31 - 2018-01-01 20:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-01-24 17:31 - 2018-01-01 20:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-24 17:31 - 2018-01-01 20:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-24 17:31 - 2018-01-01 20:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-24 17:31 - 2018-01-01 20:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-24 17:31 - 2018-01-01 20:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-24 17:31 - 2018-01-01 20:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-24 17:31 - 2018-01-01 20:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-24 17:31 - 2018-01-01 20:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-01-24 17:31 - 2018-01-01 20:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-24 17:31 - 2018-01-01 20:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-24 17:31 - 2018-01-01 20:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-01-24 17:31 - 2018-01-01 20:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-24 17:31 - 2018-01-01 20:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-24 17:31 - 2018-01-01 20:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-24 17:31 - 2018-01-01 20:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-24 17:31 - 2018-01-01 20:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-24 17:31 - 2018-01-01 20:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-24 17:31 - 2018-01-01 20:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-24 17:31 - 2018-01-01 20:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-01-24 17:31 - 2018-01-01 19:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-24 17:31 - 2018-01-01 19:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-24 17:31 - 2018-01-01 19:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-24 17:31 - 2018-01-01 19:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-24 17:31 - 2018-01-01 19:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-24 17:31 - 2018-01-01 19:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-01-24 17:31 - 2018-01-01 19:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-01-24 17:31 - 2018-01-01 19:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-01-24 17:31 - 2018-01-01 19:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-24 17:31 - 2018-01-01 19:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-24 17:31 - 2018-01-01 19:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-24 17:31 - 2018-01-01 19:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-24 17:31 - 2018-01-01 19:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-24 17:31 - 2018-01-01 19:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-24 17:31 - 2018-01-01 19:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-01-24 17:31 - 2018-01-01 19:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-24 17:31 - 2018-01-01 19:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-24 17:31 - 2018-01-01 19:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-24 17:31 - 2018-01-01 19:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-01-24 17:31 - 2018-01-01 19:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-24 17:31 - 2018-01-01 19:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-24 17:31 - 2018-01-01 19:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-24 17:31 - 2018-01-01 19:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-24 17:31 - 2018-01-01 19:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-24 17:31 - 2018-01-01 19:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-24 17:31 - 2018-01-01 19:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-24 17:31 - 2018-01-01 19:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-24 17:31 - 2018-01-01 19:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-24 17:31 - 2018-01-01 19:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-24 17:31 - 2018-01-01 19:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-24 17:31 - 2018-01-01 19:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-01-24 17:31 - 2018-01-01 19:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-24 17:31 - 2018-01-01 19:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-24 17:31 - 2018-01-01 19:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-24 17:31 - 2018-01-01 19:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-24 17:31 - 2018-01-01 19:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-24 17:31 - 2018-01-01 19:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-24 17:31 - 2018-01-01 19:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-01-24 17:31 - 2018-01-01 19:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-01-24 17:31 - 2018-01-01 19:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-24 17:31 - 2018-01-01 19:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-24 17:31 - 2018-01-01 19:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-24 17:31 - 2018-01-01 19:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-24 17:31 - 2018-01-01 19:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-24 17:31 - 2018-01-01 19:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-24 17:31 - 2018-01-01 19:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-24 17:31 - 2018-01-01 19:11 - 001955328 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-24 17:31 - 2018-01-01 19:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-24 17:31 - 2018-01-01 19:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-01-24 17:31 - 2018-01-01 19:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-24 17:31 - 2018-01-01 19:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-01-24 17:31 - 2018-01-01 19:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-24 17:31 - 2018-01-01 19:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-24 17:31 - 2018-01-01 19:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-24 17:31 - 2018-01-01 19:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-24 17:31 - 2018-01-01 19:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-24 17:30 - 2018-01-01 19:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-24 17:30 - 2018-01-01 19:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-24 17:30 - 2018-01-01 19:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-01-24 17:30 - 2018-01-01 19:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-24 17:30 - 2018-01-01 19:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-24 17:30 - 2018-01-01 19:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-24 17:30 - 2018-01-01 19:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2018-01-24 17:30 - 2018-01-01 19:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-24 17:30 - 2018-01-01 19:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-01-24 17:30 - 2018-01-01 19:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-24 17:30 - 2018-01-01 19:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-24 17:30 - 2018-01-01 19:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-24 17:30 - 2018-01-01 19:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-24 17:30 - 2018-01-01 19:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-24 17:30 - 2018-01-01 19:21 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-24 17:30 - 2018-01-01 19:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-24 17:30 - 2018-01-01 19:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-24 17:30 - 2018-01-01 19:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-24 17:30 - 2018-01-01 19:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-24 17:30 - 2018-01-01 19:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-24 17:30 - 2018-01-01 19:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-24 17:30 - 2018-01-01 19:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-01-24 17:30 - 2018-01-01 19:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-24 17:30 - 2018-01-01 19:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-24 17:30 - 2018-01-01 19:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-24 17:30 - 2018-01-01 19:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-24 17:30 - 2018-01-01 19:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-01-24 17:30 - 2018-01-01 19:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-24 17:30 - 2018-01-01 19:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-24 17:30 - 2018-01-01 19:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-24 17:30 - 2018-01-01 19:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-24 17:30 - 2018-01-01 19:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-24 17:30 - 2018-01-01 19:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-24 17:30 - 2018-01-01 19:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-24 17:30 - 2018-01-01 19:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-24 17:30 - 2018-01-01 19:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-24 17:05 - 2018-01-24 19:01 - 000000000 ____D C:\Users\maran\Downloads\Summer Wars (2009)[Dual Audo][720p][MeGaTroN]
2018-01-24 17:01 - 2018-01-24 18:56 - 1001461484 _____ C:\Users\maran\Downloads\The Girl Who Leapt Through Time [BD 1280x720 x264 AAC].mp4
2018-01-24 16:34 - 2018-01-24 16:37 - 000000000 ____D C:\Users\maran\Downloads\Tokyo Godfathers (2003) 720p BRRiP x264 AAC [Team Nanban]
2018-01-24 16:11 - 2018-01-24 16:59 - 000000000 ____D C:\Users\maran\Downloads\Breathe (2017) [YTS.AG]
2018-01-24 16:08 - 2018-01-25 09:31 - 000000000 ____D C:\Users\maran\Downloads\E.T The Extra Terrestrial (1982)
2018-01-24 14:56 - 2018-01-24 18:56 - 000000000 ____D C:\Users\maran\Downloads\It (2017) [YTS.AG]
2018-01-24 14:50 - 2018-01-24 14:50 - 000000000 ____D C:\Users\maran\Downloads\Dunkirk (2017) [YTS.AG]
2018-01-24 14:40 - 2018-01-24 14:40 - 000000000 ____D C:\Users\maran\Downloads\Cars 3 (2017) [YTS.AG]
2018-01-24 14:35 - 2018-01-24 15:13 - 000000000 ____D C:\Users\maran\Downloads\Arrietty (2010)
2018-01-24 14:32 - 2018-01-24 14:32 - 000000000 ____D C:\Users\maran\Downloads\Walking with Dinosaurs 3D
2018-01-24 14:19 - 2018-01-24 16:22 - 000000000 ____D C:\Users\maran\Downloads\Flatliners (2017)
2018-01-23 19:30 - 2018-01-23 19:46 - 000000000 ____D C:\Users\maran\AppData\Local\OLYMPUS
2018-01-23 19:29 - 2018-01-23 19:29 - 000001222 _____ C:\Users\maran\Desktop\OLYMPUS Viewer 3.lnk
2018-01-23 19:29 - 2018-01-23 19:29 - 000001198 _____ C:\Users\maran\Desktop\OLYMPUS Digital Camera Updater.lnk
2018-01-23 19:29 - 2018-01-23 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Viewer 3
2018-01-23 19:29 - 2018-01-23 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Digital Camera Updater
2018-01-23 19:29 - 2018-01-23 19:29 - 000000000 ____D C:\Program Files (x86)\OLYMPUS
2018-01-23 19:26 - 2018-01-23 19:26 - 000000000 ____D C:\OLYMPUS
2018-01-23 19:24 - 2005-09-23 08:16 - 001079808 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc80u.dll
2018-01-23 19:24 - 2005-09-23 06:07 - 000095744 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl80.dll
2018-01-23 19:24 - 2005-09-23 06:05 - 000626688 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2018-01-23 19:24 - 2005-09-23 06:05 - 000548864 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2018-01-23 19:23 - 2018-01-23 19:23 - 000001473 _____ C:\Users\maran\Desktop\E-M10MarkII Instruction Manual.lnk
2018-01-23 19:23 - 2018-01-23 19:23 - 000000000 ____D C:\Users\Public\Documents\OLYMPUS
2018-01-23 19:23 - 2018-01-23 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Camera
2018-01-23 19:15 - 2018-01-23 19:15 - 000003708 _____ C:\WINDOWS\System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-23 19:15 - 2018-01-23 19:15 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-01-23 19:15 - 2017-12-19 10:43 - 000081808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-23 19:15 - 2017-09-14 07:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-01-23 19:15 - 2017-09-14 07:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-01-23 19:15 - 2017-09-14 07:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-01-23 19:15 - 2017-09-14 07:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-01-23 19:14 - 2017-12-19 10:43 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-01-22 18:07 - 2018-01-22 18:07 - 000000000 ___HD C:\Users\maran\MicrosoftEdgeBackups
2018-01-22 16:29 - 2018-01-23 19:29 - 000000000 ____D C:\Program Files\DIFX
2018-01-22 16:27 - 2018-01-22 16:27 - 000000000 ____D C:\Users\maran\AppData\Roaming\Basecam Electronics
2018-01-22 15:57 - 2018-01-22 15:57 - 000024763 _____ C:\Users\maran\Downloads\changelog.txt
2018-01-22 14:33 - 2018-01-22 14:33 - 001853448 _____ (Simnet Ltd. ) C:\Users\maran\Downloads\Setup_SimpleStickyNotes (3).exe
2018-01-20 12:03 - 2018-01-20 12:03 - 000000000 ____D C:\Users\maran\AppData\Local\DBG
2018-01-19 11:53 - 2018-01-19 11:53 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2763142683-1454455776-2827359566-1001
2018-01-19 11:53 - 2018-01-19 11:53 - 000002367 _____ C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-19 11:17 - 2017-12-22 21:45 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-01-19 11:17 - 2017-12-22 21:45 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-18 01:27 - 2018-01-18 01:43 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-01-18 01:25 - 2018-01-18 01:27 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-01-18 01:25 - 2018-01-18 01:25 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-01-18 01:24 - 2018-01-18 01:24 - 000000000 ____D C:\Program Files\Windows Identity Foundation
2018-01-18 01:24 - 2018-01-18 01:24 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-01-17 11:12 - 2018-01-17 13:13 - 000000000 ____D C:\Users\maran\Desktop\mickey
2018-01-17 10:49 - 2018-01-17 10:49 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-01-17 10:45 - 2018-01-17 10:45 - 000000020 ___SH C:\Users\maran\ntuser.ini
2018-01-17 10:41 - 2018-01-17 10:41 - 000000554 __RSH C:\ProgramData\ntuser.pol
2018-01-17 10:38 - 2018-01-30 19:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-17 10:38 - 2018-01-30 16:15 - 000004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4E89D243-D604-4195-991E-7117DC4CED80}
2018-01-17 10:38 - 2018-01-17 10:39 - 000003584 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-01-17 10:38 - 2018-01-17 10:39 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-01-17 10:38 - 2018-01-17 10:39 - 000003278 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-01-17 10:38 - 2018-01-17 10:39 - 000003108 _____ C:\WINDOWS\System32\Tasks\KMSAutoNet
2018-01-17 10:38 - 2018-01-17 10:39 - 000002688 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_AutoAnalyze
2018-01-17 10:38 - 2018-01-17 10:38 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-01-17 10:38 - 2018-01-17 10:38 - 000002812 _____ C:\WINDOWS\System32\Tasks\[email protected]
2018-01-17 10:38 - 2018-01-17 10:38 - 000002568 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2018-01-17 10:38 - 2018-01-17 10:38 - 000002450 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Startup
2018-01-17 10:38 - 2018-01-17 10:38 - 000002450 _____ C:\WINDOWS\System32\Tasks\IObitSelfCheckTask
2018-01-17 10:38 - 2018-01-17 10:38 - 000002446 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
2018-01-17 10:38 - 2018-01-17 10:38 - 000002354 _____ C:\WINDOWS\System32\Tasks\ASC10_SkipUac_maran
2018-01-17 10:38 - 2018-01-17 10:38 - 000002232 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_maran
2018-01-17 10:38 - 2018-01-17 10:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-01-17 10:34 - 2018-01-17 10:38 - 000019053 _____ C:\WINDOWS\diagwrn.xml
2018-01-17 10:34 - 2018-01-17 10:38 - 000019053 _____ C:\WINDOWS\diagerr.xml
2018-01-17 10:28 - 2018-01-30 19:45 - 001095308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-17 10:26 - 2018-01-17 10:26 - 000000020 ___SH C:\Users\MSSQLFDLauncher\ntuser.ini
2018-01-17 10:23 - 2018-01-17 10:23 - 000000020 ___SH C:\Users\ReportServer\ntuser.ini
2018-01-17 10:23 - 2018-01-17 10:23 - 000000020 ___SH C:\Users\MSSQLSERVER\ntuser.ini
2018-01-17 10:12 - 2018-01-17 10:12 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-01-17 10:11 - 2018-01-17 10:11 - 000000000 ____D C:\ProgramData\USOShared
2018-01-17 10:06 - 2018-01-19 11:17 - 000000000 ____D C:\Users\maran\AppData\Local\Packages
2018-01-17 10:05 - 2018-01-29 17:39 - 000000000 ____D C:\Users\maran
2018-01-17 10:05 - 2018-01-24 22:35 - 000000000 ____D C:\Users\MSSQLFDLauncher
2018-01-17 10:05 - 2018-01-22 14:27 - 000000000 ____D C:\Users\MSSQLSERVER
2018-01-17 10:05 - 2018-01-17 10:27 - 000000000 ____D C:\Users\ReportServer
2018-01-17 10:03 - 2018-01-17 10:03 - 000002006 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beats Audio.lnk
2018-01-17 10:03 - 2017-09-29 21:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-01-17 10:02 - 2018-01-17 10:02 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-01-17 10:02 - 2018-01-16 18:18 - 000541456 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2018-01-17 09:59 - 2018-01-30 17:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-17 09:59 - 2018-01-26 07:19 - 005275744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-17 09:55 - 2018-01-17 09:55 - 000000072 ___SH C:\bootTel.dat
2018-01-16 18:15 - 2018-01-16 18:15 - 036357664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2018-01-16 18:15 - 2018-01-16 18:15 - 029389768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2018-01-16 18:15 - 2018-01-16 18:15 - 017036560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2018-01-16 18:15 - 2018-01-16 18:15 - 000624912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-01-16 18:14 - 2018-01-16 18:14 - 000991736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-01-16 18:14 - 2018-01-16 18:14 - 000942024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-01-16 18:14 - 2018-01-16 18:14 - 000515528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-01-16 18:13 - 2018-01-16 18:13 - 004210536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-01-16 18:13 - 2018-01-16 18:13 - 003624952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-01-16 18:13 - 2018-01-16 18:13 - 001998792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438873.dll
2018-01-16 18:13 - 2018-01-16 18:13 - 001683400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438873.dll
2018-01-16 18:13 - 2018-01-16 18:13 - 001109776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-01-16 18:13 - 2018-01-16 18:13 - 001041352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-01-16 18:12 - 2018-01-16 18:12 - 040246304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-01-16 18:12 - 2018-01-16 18:12 - 035166664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-01-16 18:12 - 2018-01-16 18:12 - 023482944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-01-16 18:12 - 2018-01-16 18:12 - 019218440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-01-16 18:12 - 2018-01-16 18:12 - 013377536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-01-16 18:12 - 2018-01-16 18:12 - 010985720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-01-16 18:11 - 2018-01-16 18:11 - 001341976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-01-16 18:11 - 2018-01-16 18:11 - 001154264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-01-16 18:11 - 2018-01-16 18:11 - 001056504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-01-16 18:11 - 2018-01-16 18:11 - 000902096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-01-16 18:11 - 2018-01-16 18:11 - 000810272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-01-16 18:11 - 2018-01-16 18:11 - 000648696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-01-16 18:10 - 2018-01-16 18:10 - 014000816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-01-16 18:10 - 2018-01-16 18:10 - 011896584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-01-16 18:10 - 2018-01-16 18:10 - 004533664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-01-16 18:10 - 2018-01-16 18:10 - 003859632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-01-16 13:50 - 2018-01-16 13:50 - 000048510 _____ C:\WINDOWS\system32\nvinfo.pb
2018-01-16 13:50 - 2018-01-16 13:50 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2018-01-16 13:50 - 2018-01-16 13:50 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2018-01-14 11:21 - 2018-01-22 13:26 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-09 15:51 - 2018-01-09 15:51 - 000000000 ____D C:\Users\maran\Downloads\Before We Go (2014) [YTS.AG]
2018-01-09 15:09 - 2018-01-09 17:44 - 000000000 ____D C:\Users\maran\Downloads\Almost Famous EXTENDED (2000)
2018-01-09 15:08 - 2018-01-09 15:08 - 000000000 ____D C:\Users\maran\Downloads\My Little Pony The Movie (2017) [YTS.AG]
2018-01-09 14:59 - 2018-01-09 14:59 - 000000000 ____D C:\Users\maran\Downloads\Loving Vincent (2017) [YTS.AG]
2018-01-03 17:09 - 2018-01-30 19:40 - 000000000 ____D C:\Users\maran\AppData\LocalLow\BitTorrent
2018-01-02 23:36 - 2018-01-02 23:36 - 078350505 _____ C:\Users\maran\Desktop\papa new id.psd
2018-01-02 13:42 - 2018-01-02 13:42 - 014569895 _____ C:\Users\maran\Desktop\papa id.psd
2017-12-31 22:55 - 2017-12-31 22:56 - 000000000 ____D C:\Users\maran\Downloads\Leon The Professional Extended (1994)
2017-12-31 22:33 - 2017-12-31 23:16 - 064201298 _____ C:\Users\maran\Desktop\Patriots_Day_2016_1080p_BluRay_x264-[YTS_AG]_mp4_Output_3.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-30 19:46 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-30 19:46 - 2016-03-25 22:38 - 000000000 ____D C:\Users\maran\AppData\Roaming\BitTorrent
2018-01-30 19:42 - 2016-11-28 01:02 - 000000000 ____D C:\Users\maran\AppData\LocalLow\Mozilla
2018-01-30 19:39 - 2016-03-26 00:10 - 000000000 ____D C:\ProgramData\ProductData
2018-01-30 19:38 - 2017-06-13 18:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-30 19:38 - 2017-06-13 18:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-30 19:38 - 2016-11-10 12:34 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-30 19:38 - 2016-03-25 21:25 - 000000000 __SHD C:\Users\maran\IntelGraphicsProfiles
2018-01-30 19:37 - 2017-09-29 16:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-01-30 15:06 - 2016-03-26 19:48 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-01-30 15:06 - 2016-03-25 18:35 - 000000000 ____D C:\Users\maran\AppData\Roaming\Adobe
2018-01-30 15:05 - 2016-03-25 21:05 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-01-30 15:04 - 2016-03-26 19:50 - 000000000 ____D C:\Program Files\Adobe
2018-01-30 15:03 - 2016-03-26 19:51 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-01-30 10:21 - 2016-09-20 16:59 - 000000000 ____D C:\Users\maran\Downloads\Compressed
2018-01-30 08:54 - 2017-06-13 18:15 - 000001238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-01-30 07:50 - 2017-09-29 21:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-30 07:50 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-30 07:50 - 2016-03-26 15:55 - 000000000 ____D C:\Users\maran\AppData\Local\Adobe
2018-01-30 07:48 - 2017-09-29 21:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-29 21:21 - 2016-05-03 15:01 - 000007891 _____ C:\WINDOWS\BRRBCOM.INI
2018-01-29 17:31 - 2017-04-13 23:42 - 000000000 ____D C:\Users\maran\AppData\Roaming\IDM
2018-01-29 17:31 - 2016-03-25 20:24 - 000000000 ____D C:\Users\maran\AppData\Roaming\DMCache
2018-01-29 17:07 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-29 17:01 - 2016-11-10 12:38 - 000000000 ____D C:\Users\DefaultAppPool
2018-01-27 21:01 - 2016-03-25 21:08 - 000000000 ____D C:\Users\maran\AppData\Roaming\Spotify
2018-01-27 18:24 - 2016-11-18 10:20 - 000000000 ____D C:\Program Files (x86)\Syncios
2018-01-27 15:27 - 2017-08-16 22:26 - 000000000 ____D C:\Users\maran\AppData\Local\Pushbullet
2018-01-26 22:32 - 2016-03-26 12:41 - 000000000 ____D C:\Users\maran\AppData\Local\Spotify
2018-01-26 11:51 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-26 07:29 - 2016-03-25 22:20 - 000000000 ____D C:\Users\maran\AppData\Roaming\vlc
2018-01-26 07:21 - 2016-03-26 20:25 - 000000000 ___RD C:\Users\maran\3D Objects
2018-01-26 07:21 - 2016-03-25 18:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-26 07:14 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-01-26 07:14 - 2017-09-29 16:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-24 17:46 - 2017-09-29 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-24 16:51 - 2016-08-30 11:23 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-23 19:16 - 2016-11-10 12:34 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-01-23 19:15 - 2016-11-10 12:33 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-01-23 19:12 - 2016-03-25 19:04 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-01-23 18:02 - 2017-09-29 16:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-01-23 09:34 - 2017-03-25 12:00 - 000002359 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2018-01-22 16:28 - 2016-03-25 18:35 - 000000000 ____D C:\Users\maran\AppData\Local\VirtualStore
2018-01-22 13:52 - 2017-09-29 21:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-01-22 13:49 - 2016-03-25 20:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-01-19 11:53 - 2016-03-25 18:39 - 000000000 ___RD C:\Users\maran\OneDrive
2018-01-19 10:59 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-01-18 01:46 - 2017-09-29 21:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-01-18 01:43 - 2017-12-08 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacType
2018-01-18 01:43 - 2017-11-27 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-01-18 01:43 - 2017-11-25 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2018-01-18 01:43 - 2017-11-24 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2018-01-18 01:43 - 2017-10-18 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\Help
2018-01-18 01:43 - 2017-09-29 21:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-01-18 01:43 - 2017-08-16 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pushbullet
2018-01-18 01:43 - 2017-08-03 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photobook Designer
2018-01-18 01:43 - 2017-07-11 13:22 - 000000000 ____D C:\Program Files\UNP
2018-01-18 01:43 - 2017-04-28 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Secure Mobile Access
2018-01-18 01:43 - 2017-04-13 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-01-18 01:43 - 2017-02-16 00:16 - 000000000 ____D C:\WINDOWS\SysWOW64\SupportAppPBHostless Modem
2018-01-18 01:43 - 2017-02-16 00:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sun Broadband
2018-01-18 01:43 - 2017-01-29 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2018-01-18 01:43 - 2017-01-29 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2018-01-18 01:43 - 2016-11-10 12:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2018-01-18 01:43 - 2016-11-10 12:33 - 000000000 ____D C:\Program Files\Intel
2018-01-18 01:43 - 2016-09-24 16:18 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2018-01-18 01:43 - 2016-09-21 02:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft OLE DB Provider for DB2 Version 5.0
2018-01-18 01:43 - 2016-09-09 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2014
2018-01-18 01:43 - 2016-09-01 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-01-18 01:43 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-01-18 01:43 - 2016-07-08 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-01-18 01:43 - 2016-06-18 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2018-01-18 01:43 - 2016-05-03 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2018-01-18 01:43 - 2016-05-03 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12
2018-01-18 01:43 - 2016-05-01 14:41 - 000000000 ____D C:\WINDOWS\SysWOW64\Hotspot Shield
2018-01-18 01:43 - 2016-04-17 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2018-01-18 01:43 - 2016-04-11 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2018-01-18 01:43 - 2016-03-28 13:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IIS
2018-01-18 01:43 - 2016-03-28 13:52 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2018-01-18 01:43 - 2016-03-28 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2
2018-01-18 01:43 - 2016-03-27 11:55 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-01-18 01:43 - 2016-03-26 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010
2018-01-18 01:43 - 2016-03-26 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2018-01-18 01:43 - 2016-03-26 12:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-01-18 01:43 - 2016-03-25 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2018-01-18 01:43 - 2016-03-25 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-18 01:43 - 2016-03-25 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2018-01-18 01:43 - 2016-03-25 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2018-01-18 01:43 - 2016-03-25 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
2018-01-18 01:43 - 2016-03-25 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-01-18 01:43 - 2016-03-25 21:48 - 000000000 ____D C:\Program Files\MSBuild
2018-01-18 01:43 - 2016-03-25 21:45 - 000000000 ____D C:\Program Files\IIS
2018-01-18 01:43 - 2016-03-25 21:19 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2018-01-18 01:43 - 2016-03-25 21:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2018-01-18 01:43 - 2016-03-25 21:15 - 000000000 ____D C:\WINDOWS\system32\1033
2018-01-18 01:43 - 2016-03-25 21:02 - 000000000 ____D C:\WINDOWS\SysWOW64\C2MP
2018-01-18 01:43 - 2016-03-25 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC - Codec Pack
2018-01-18 01:43 - 2016-03-25 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-01-18 01:43 - 2016-03-25 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2018-01-18 01:43 - 2016-03-25 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-01-18 01:43 - 2016-03-25 18:48 - 000000000 ____D C:\Program Files (x86)\HP
2018-01-18 01:43 - 2015-10-30 17:07 - 000000000 ____D C:\WINDOWS\ShellNew
2018-01-18 01:43 - 2015-10-30 15:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-01-18 01:42 - 2017-09-29 21:49 - 000000000 ____D C:\WINDOWS\Setup
2018-01-18 01:42 - 2017-09-29 21:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-01-18 01:28 - 2016-12-28 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremiumSoft
2018-01-18 01:28 - 2016-11-10 12:33 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2018-01-18 01:28 - 2016-09-25 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2018-01-18 01:28 - 2016-04-12 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RandyRants.com
2018-01-18 01:28 - 2016-03-28 13:52 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2018-01-18 01:28 - 2016-03-28 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2018-01-18 01:28 - 2016-03-26 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2018-01-18 01:28 - 2016-03-25 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
2018-01-18 01:28 - 2016-03-25 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simnet
2018-01-18 01:28 - 2016-03-25 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2018-01-18 01:27 - 2016-11-10 12:33 - 000000000 ____D C:\Program Files\Realtek
2018-01-18 01:27 - 2016-03-25 18:47 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2018-01-18 01:24 - 2017-12-14 09:40 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2018-01-18 01:24 - 2017-09-29 21:41 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2018-01-18 01:08 - 2017-06-14 20:28 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2018-01-17 13:12 - 2016-06-16 21:53 - 000000132 _____ C:\Users\maran\AppData\Roaming\Adobe PNG Format CC Prefs
2018-01-17 13:06 - 2017-06-13 17:34 - 000001456 _____ C:\Users\maran\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-01-17 10:48 - 2016-11-10 13:34 - 000000000 ____D C:\Users\maran\AppData\Local\ConnectedDevicesPlatform
2018-01-17 10:46 - 2016-03-25 18:35 - 000000000 ____D C:\Users\maran\AppData\Local\TileDataLayer
2018-01-17 10:39 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-01-17 10:33 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\Registration
2018-01-17 10:32 - 2017-09-29 21:46 - 000000000 __RSD C:\WINDOWS\media
2018-01-17 10:32 - 2016-11-10 13:20 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-01-17 10:26 - 2016-06-21 00:20 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-17 10:26 - 2016-06-21 00:20 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-17 10:12 - 2017-09-29 21:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-01-17 10:11 - 2017-09-29 21:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-01-17 10:08 - 2017-08-31 13:21 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft
2018-01-17 10:08 - 2017-08-04 17:05 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Syncios
2018-01-17 10:08 - 2017-04-13 23:41 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-01-17 10:08 - 2016-08-22 07:09 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iSunshare iOSBoot Genius
2018-01-17 10:08 - 2016-08-18 00:46 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7
2018-01-17 10:08 - 2016-06-21 00:47 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\get_iplayer
2018-01-17 10:08 - 2016-04-11 20:38 - 000000000 ____D C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2018-01-17 10:04 - 2017-09-29 16:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-01-17 10:03 - 2016-11-10 12:33 - 000000000 ____D C:\Program Files\Apoint2K
2018-01-17 10:02 - 2016-11-10 12:33 - 000005691 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2018-01-17 10:02 - 2016-11-10 12:33 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-01-16 18:18 - 2017-09-29 22:43 - 000447248 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2018-01-16 18:16 - 2016-03-25 22:52 - 000000000 ____D C:\Users\maran\Documents\Syncios
2018-01-14 11:29 - 2017-04-13 23:34 - 000000000 ____D C:\ProgramData\KMSAutoS
2018-01-14 11:28 - 2016-04-14 17:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-14 11:22 - 2017-10-11 21:31 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-14 11:22 - 2016-08-30 11:16 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-12 13:59 - 2017-11-04 12:51 - 000000000 ____D C:\Program Files\rempl
2018-01-01 22:58 - 2017-12-30 20:47 - 000000000 ____D C:\Users\maran\Desktop\powtoon
2018-01-01 19:50 - 2016-03-25 22:50 - 000000000 ____D C:\Users\maran\Documents\Simple Sticky Notes

==================== Files in the root of some directories =======

2016-06-16 21:53 - 2018-01-17 13:12 - 000000132 _____ () C:\Users\maran\AppData\Roaming\Adobe PNG Format CC Prefs
2016-03-27 01:15 - 2016-03-27 01:20 - 000351908 _____ () C:\Users\maran\AppData\Roaming\itunesart
2017-08-17 20:23 - 2017-08-17 20:23 - 000003072 _____ () C:\Users\maran\AppData\Roaming\Photobook Designer Prefsv3
2017-01-29 14:05 - 2017-01-29 14:09 - 318912029 _____ () C:\Users\maran\AppData\Local\ACCCx3_9_5_353.zip.aamdownload
2017-01-29 14:05 - 2017-01-29 14:09 - 000003560 _____ () C:\Users\maran\AppData\Local\ACCCx3_9_5_353.zip.aamdownload.aamd
2017-06-13 17:34 - 2018-01-17 13:06 - 000001456 _____ () C:\Users\maran\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-02-22 02:40 - 2017-02-22 02:41 - 000000600 _____ () C:\Users\maran\AppData\Local\PUTTY.RND

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-27 18:36

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by maran (30-01-2018 19:50:16)
Running from C:\Users\maran\Desktop
Windows 10 Enterprise Version 1709 16299.192 (X64) (2018-01-17 02:41:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2763142683-1454455776-2827359566-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2763142683-1454455776-2827359566-503 - Limited - Disabled)
Guest (S-1-5-21-2763142683-1454455776-2827359566-501 - Limited - Disabled)
maran (S-1-5-21-2763142683-1454455776-2827359566-1001 - Administrator - Enabled) => C:\Users\maran
WDAGUtilityAccount (S-1-5-21-2763142683-1454455776-2827359566-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: IObit Malware Fighter (Disabled - Out of date) {2C1A27ED-EADF-56B0-8FBA-D38AFF9152A2}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5 64-bit (HKLM\...\{6C1A010F-9108-4162-A26F-9FEC4AC0F0F0}) (Version: 5.0.1 - Adobe)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced SystemCare 10 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 10.3.0 - IObit)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1202.1711.103 - Alps Electric)
Apache Tomcat 7.0 Tomcat7 (remove only) (HKLM\...\Apache Tomcat 7.0 Tomcat7) (Version:  - )
AppHelper (HKLM-x32\...\AppHelper) (Version: 1.0 - AppHelper) <==== ATTENTION
Apple Application Support (32-bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.5 - Arduino LLC)
AzureTools.Notifications (HKLM-x32\...\{3FBFCF2C-392A-4632-9442-14C305B44D5E}) (Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (HKLM-x32\...\{0B5E43C7-965D-4AF4-A33E-5FA35B6660C8}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
BitTorrent (HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
Blend for Visual Studio 2013 (HKLM-x32\...\{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (HKLM-x32\...\{9ED1634C-4E71-4992-A1BA-7C4BE6EE39E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (HKLM-x32\...\{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 7.35.275.0 - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.695 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Build Tools - amd64 (HKLM\...\{F74753A3-C93C-34F5-A199-993CAF602B7D}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{FB3A15FD-FC67-3A2F-892B-6890B0C56EA9}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (HKLM\...\{05198C22-FFCE-374A-B190-9F18CC99DAEA}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (HKLM-x32\...\{9347889B-C22A-3905-901F-C05D8F73C929}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Dell SMA Connect Tunnel (HKLM\...\{C338ACAC-7162-42E3-8B8C-85E5746F4A2E}) (Version: 11.40.363 - Dell Inc.)
Dotfuscator and Analytics Community Edition (HKLM-x32\...\{2386192E-D6DB-4AD2-9564-65586A0AE53E}) (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Driver Booster 4.3 (HKLM-x32\...\Driver Booster_is1) (Version: 4.3.0 - IObit)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Freemake Video Converter version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
get_iplayer 2.94.0 (HKLM-x32\...\get_iplayer) (Version: 2.94.0 - )
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.12.0.84 - NVIDIA Corporation) Hidden
Git version 2.15.0 (HKLM\...\Git_is1) (Version: 2.15.0 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hotspot Shield 6.0.4 Embedded (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925B127E98F}) (Version: 6.0.4.9836 - Buildbot) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP AC Power Control (HKLM\...\{F819C151-FFEE-4F01-BE68-0D1F76574F44}) (Version: 1.0.6 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{6B1ECC61-B581-400D-BFAF-101B1AAEA5AB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{1BDD178E-43DC-4063-B480-BA2BAE03E2A0}) (Version: 1.1.15.1 - HP)
IDM Crack 6.25 build 20 (HKLM-x32\...\IDM Crack 6.25 build 20) (Version: build 21 - Crackingpatching.com Team)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IObit Malware Fighter 5 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 5.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.510 - IObit)
iTunes (HKLM\...\{F2517A28-8CB8-4206-B86C-5EDD4EA26682}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JavaScript Tooling (HKLM\...\{2044FC4C-4EA3-4113-BC1E-962DF568D201}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
LocalESPC Dev12 (HKLM-x32\...\{492498A3-F88C-FE2F-755C-9B1B91724CA5}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (HKLM-x32\...\{B1C38F27-D377-8C98-D98D-29B67C0B978D}) (Version: 8.100.25984 - Microsoft) Hidden
MacType (HKLM\...\{E68951B7-9D7A-4727-9203-34909E3358D1}) (Version: 1.17.0628 - FlyingSnow) Hidden
MacType (HKLM\...\MacType 1.17.0628) (Version: 1.17.0628 - FlyingSnow)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.8827.2148 - Microsoft Corporation)
Microsoft Office Project Professional 2003 (HKLM-x32\...\{903B0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OLE DB Provider for DB2 Version 5.0 (HKLM\...\Microsoft OLE DB Provider for DB2 Version 5.0) (Version: 9.0.2148.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{C3525BF7-3698-4CD3-A8C3-69BD6F57BA3B}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Policies  (HKLM-x32\...\{1C30FE7E-8A8C-4492-89D6-10CB20C3B0EB}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service  (HKLM\...\{1A73AF5D-69EE-4AE0-917C-2429CE593A86}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{E3F613C1-105F-4717-BFE7-007729A95D67}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Mozilla Firefox 58.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 58.0.1 (x64 en-US)) (Version: 58.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Node.js (HKLM\...\{BE0419EB-A814-41F0-8E4B-A94E0BAE1C40}) (Version: 9.2.0 - Node.js Foundation)
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.73 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{D18925CE-5AF9-4394-8EF7-1081FFE7E98B}) (Version: 1.2.0 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 3 (HKLM-x32\...\{F0C70F68-E57F-4D76-A012-E20F8E12946E}) (Version: 1.4.1 - OLYMPUS IMAGING CORP.)
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Photobook Designer (HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Photobook Designer) (Version: Photobook Designer 2016.2.0 - Photobook Worldwide)
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}) (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PremiumSoft Navicat 11.2 for MySQL (HKLM\...\PremiumSoft Navicat for MySQL_is1) (Version: 11.2.15 - PremiumSoft CyberTech Ltd.)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Pushbullet version 338 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc)
Python Tools Redirection Template (HKLM-x32\...\{EE541DCE-3018-4A12-B0A3-7C55D62B3D01}) (Version: 1.1 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8198 - Realtek Semiconductor Corp.)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SharePoint Client Components (HKLM\...\{95150001-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Simple Sticky Notes 4.1 (HKLM-x32\...\Simple Sticky Notes_is1) (Version:  - Simnet Ltd.)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.104 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
SourceTree (HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\SourceTree) (Version: 2.3.5 - Atlassian)
Spotify (HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Spotify) (Version: 1.0.72.117.g6bd7cc73 - Spotify AB)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{51E5BC99-A087-4CFF-8D93-462903EA7E12}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2014 Client Tools (HKLM\...\{2BA1811B-44C0-4C50-8C5A-CE68AB25ED71}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Client Tools (HKLM\...\{B5ECFA5C-AC4F-45A4-A12E-A76ABDD9CCBA}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{C8511A82-E9FD-4B6D-B1B2-378589D2B48A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{D45C3EC4-282E-4798-98C7-E7BF2362F04E}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (HKLM\...\{1D01EDF6-7E93-4FEE-AA09-C5669511100C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (HKLM\...\{5EACF47D-EB70-4FE0-83DE-9FD9693C24B9}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (HKLM\...\{832D6A7D-13F7-42CB-9AC6-5859800269AE}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Full text search (HKLM\...\{B40B7A25-308B-4650-8B42-E51710CDD4D9}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{75A54138-3B98-4705-92E4-F619825B121F}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{839EF29A-3055-43DC-ADCE-8E84893798D5}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (HKLM\...\{026E123D-2160-46C7-A801-87D27D46835E}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (HKLM\...\{700C00BA-E947-4B77-8EF1-588DF210E931}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{BED1EA3D-592D-4305-9D1F-20F03726EFC1}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQLyog Trial 12.2.6 (64 bit) (HKLM\...\SQLyogTrial64) (Version: 12.2.6 (64 bit) - Webyog Inc.)
Sublime Text Build 3103 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Team Explorer for Microsoft Visual Studio 2013 (HKLM-x32\...\{C9E7751E-88ED-36CF-B610-71A1D262E906}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1F3E59DD-7DCE-4103-9528-57DA43134312}) (Version: 2.9.0.0 - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
VLC Codec Pack 2.0.5 (HKLM-x32\...\VLC - Codec Pack) (Version: 2.0.5 - VLC Codec Pack)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WCF Data Services 5.6.0 Runtime (HKLM-x32\...\{46910786-E4AC-41E4-A4A0-C086EA85242D}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{BF3E2194-F89B-44FB-A801-464BF787599F}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Driver Package - Silicon Laboratories Inc. (silabser) Ports  (11/15/2017 10.1.1.1951) (HKLM\...\2F76489DEE77636B5480589830C533A6045D8A7A) (Version: 11/15/2017 10.1.1.1951 - Silicon Laboratories Inc.)
WonderFox DVD Video Converter 10.0 (HKLM-x32\...\WonderFox DVD Video Converter) (Version: 10.0 - WonderFox Soft, Inc.)
Wondershare Dr.Fone for iOS v7.0.0.12 (HKLM-x32\...\Wondershare Dr.Fone for iOS v7.0.0.12) (Version: v7.0.0.12 - www.crackingpatching.com)
Workflow Manager Client 1.0 (HKLM\...\{199C6892-5DED-409B-88B2-3BE6421552B2}) (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{E1F79421-EC32-437F-8525-ABE902C85AC5}) (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 7.0.6-0 - Bitnami)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-08-09] (Igor Pavlov)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-08-09] (Igor Pavlov)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-08-09] (Igor Pavlov)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0001F2B3-853B-42CE-AC2C-92E3C6C49A6B} - System32\Tasks\Uninstaller_SkipUac_maran => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-12-15] (IObit)
Task: {057903BE-A521-4DF9-8801-5502D620D133} - System32\Tasks\Driver Booster SkipUAC (maran) => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe [2017-03-16] (IObit)
Task: {297AFDFE-E63B-41F3-9A04-11D354FF6F7B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {369A78B1-F8D4-4332-9AF6-A4379D191260} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {36F9B1D4-A62D-4BC8-ADA6-54BB0CD8BDB0} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {3D982443-182C-48D2-8016-3CE31763262D} - System32\Tasks\ASC10_SkipUac_maran => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2017-03-30] (IObit)
Task: {3DB32C02-B7DA-4076-9D77-9754C0A8706A} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2018-01-16] ()
Task: {535148CE-7F44-49F5-A0CC-302AFEFEF15A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-22] (Microsoft Corporation)
Task: {597E9DA0-2374-4EF8-BA10-6BE103921794} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {6412D68E-CAD5-4C41-A19A-AFFEB5C6BE09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-21] (Google Inc.)
Task: {7C67BF94-5740-462C-B56E-C821F960EE7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-23] (Microsoft Corporation)
Task: {7F933E2D-A0E6-4E43-8BEB-9E6DCE6DF6C8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {8211EF50-E1D3-401E-A126-0EE1BF09B84D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-23] (Microsoft Corporation)
Task: {8EEBEE57-BF84-4411-8274-B19AA0D52E6A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-22] (Microsoft Corporation)
Task: {9F4C2589-0FE5-4EF2-82B4-49304A5615B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-23] (Microsoft Corporation)
Task: {9FF76584-9CB2-4198-9591-6FEED617F969} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {AA18A38A-4E01-4CC9-A54E-87A17FCB6CE3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BD926246-1C95-425E-9DFF-206C6A53C56E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-22] (Microsoft Corporation)
Task: {C95B7C62-13DA-41A7-A8C5-5214B08C477D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-23] (Microsoft Corporation)
Task: {CB34B316-FE5F-4036-9E90-82F95BF61720} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
Task: {CE9A4E38-027B-4845-9FC8-C449DB5C8851} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-21] (Google Inc.)
Task: {D076B46B-7B4F-44D6-A4F7-EAC677EED3C9} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Task: {D198FBE8-CBF5-4E47-98BF-C112A7A87AB6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-22] (Microsoft Corporation)
Task: {D1CFD842-0179-48AA-B5A6-BF8360B2F552} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-11-21] (IObit)
Task: {D3EA0B75-9945-4FBF-8E5A-1599788FA1F5} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\Scheduler.exe [2017-03-10] (IObit)
Task: {F292A3F9-172F-4179-8A1D-52A8F9A7043C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {FEC5FB89-AB0B-4371-9D63-35C8BB478E62} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_maran.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Tomcat Home Page.lnk -> hxxp://tomcat.apache.org
Shortcut: C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Tomcat Manager.lnk -> hxxp://127.0.0.1:8080/manager/htm
Shortcut: C:\Users\maran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7\Welcome.lnk -> hxxp://127.0.0.1:8080

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 21:41 - 2017-09-29 21:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-05-06 03:11 - 2016-05-06 03:11 - 000258016 _____ () C:\WINDOWS\ngmsi.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-19 09:11 - 2015-05-19 09:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
2016-03-25 22:38 - 2015-03-26 01:51 - 011045376 _____ () C:\xampp\mysql\bin\mysqld.exe
2018-01-22 13:47 - 2018-01-22 13:47 - 008934568 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2017-12-14 09:40 - 2017-12-14 09:40 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 09:40 - 2017-12-14 09:40 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-03-25 22:37 - 2013-06-17 19:42 - 002569216 _____ () C:\xampp\xampp-control.exe
2018-01-19 11:33 - 2018-01-19 11:35 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-19 11:33 - 2018-01-19 11:35 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-19 11:33 - 2018-01-19 11:35 - 024677376 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-03 17:16 - 2018-01-03 17:18 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-19 11:33 - 2018-01-19 11:35 - 000667648 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-03-25 22:37 - 2015-01-29 00:04 - 000404480 _____ () C:\xampp\apache\bin\pcre.dll
2016-03-25 22:39 - 2015-04-16 06:30 - 000129536 _____ () C:\xampp\php\libpq.dll
2016-03-25 22:37 - 2015-04-16 06:30 - 000166912 _____ () C:\xampp\apache\bin\libssh2.dll
2017-01-29 14:01 - 2016-10-13 18:03 - 000624960 _____ () C:\Program Files (x86)\iFunSoft\iFunSoft Updater\ProductStatistics.dll
2017-01-29 13:59 - 2016-06-21 19:30 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2017-01-29 13:59 - 2016-06-21 19:29 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2017-01-29 13:59 - 2016-06-21 19:29 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-12-07 16:23 - 2016-01-11 17:03 - 000899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
2016-12-07 16:22 - 2016-01-11 17:02 - 000630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
2017-04-11 14:31 - 2015-12-28 13:50 - 000899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
2017-04-11 14:31 - 2016-09-26 13:59 - 000631072 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
2018-01-23 19:29 - 2006-09-04 20:26 - 000014336 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\Tracer.dll
2018-01-23 19:29 - 2011-08-09 15:22 - 000450560 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OSLite.dll
2018-01-23 19:29 - 2014-09-26 10:18 - 000118784 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OlyPalm.dll
2016-05-03 14:59 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-11-28 16:45 - 2016-12-12 16:52 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2017-11-28 16:45 - 2016-12-12 16:52 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2017-11-28 16:45 - 2016-12-12 16:52 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\hola.org -> hxxp://hola.org
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 15:24 - 2018-01-23 09:33 - 000005172 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1     3dns-1.adobe.com
127.0.0.1     3dns-2.adobe.com
127.0.0.1     3dns-3.adobe.com
127.0.0.1     3dns-4.adobe.com
127.0.0.1     3dns.adobe.com
127.0.0.1     activate-sea.adobe.com
127.0.0.1     activate-sjc0.adobe.com
127.0.0.1     activate.adobe.com
127.0.0.1     activate.wip.adobe.com
127.0.0.1     activate.wip1.adobe.com
127.0.0.1     activate.wip2.adobe.com
127.0.0.1     activate.wip3.adobe.com
127.0.0.1     activate.wip4.adobe.com
127.0.0.1     adobe-dns-1.adobe.com
127.0.0.1     adobe-dns-2.adobe.com
127.0.0.1     adobe-dns-3.adobe.com
127.0.0.1     adobe-dns-4.adobe.com
127.0.0.1     adobe-dns.adobe.com
127.0.0.1     adobeereg.com
127.0.0.1     crl.verisign.net
127.0.0.1     ereg.adobe.com
127.0.0.1     ereg.wip.adobe.com
127.0.0.1     ereg.wip1.adobe.com
127.0.0.1     ereg.wip2.adobe.com
127.0.0.1     ereg.wip3.adobe.com
127.0.0.1     ereg.wip4.adobe.com
127.0.0.1     hl2rcv.adobe.com
127.0.0.1     hlrcv.stage.adobe.com
127.0.0.1     ims-na1-prprod.adobelogin.com
127.0.0.1     lm.licenses.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\maran\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dad.jpg
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: Syncios device service => c:\program files (x86)\syncios\synciosdeviceservice.exe
HKLM\...\StartupApproved\StartupFolder: => "TrayMenu.lnk"
HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Syncios device service"
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\StartupApproved\Run: => "Pushbullet"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{57393710-3021-4245-BCA9-EB11FD872AB7}] => (Allow) C:\Program Files (x86)\Syncios\pdt_syncios.exe
FirewallRules: [{1FD1EFDD-D78D-464E-88D6-D4B060AFEFFE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5BB10070-D14B-47B3-9982-E2638F9615EC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{7E516584-D755-4CDA-B840-4865758DC227}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\AutoUpdate.exe
FirewallRules: [{A93A6566-5CD5-42A1-B706-BC85A15F3615}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\AutoUpdate.exe
FirewallRules: [{8BD14BE7-CEC1-44E7-AA89-259F264E78FF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DBDownloader.exe
FirewallRules: [{7D166D9A-9C5A-4D69-8B0A-BC94908ABDB0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DBDownloader.exe
FirewallRules: [{8E16AE2C-944D-45C5-A643-F6B509382145}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe
FirewallRules: [{44862849-878F-4D67-9144-BB3D4B0CAE71}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe
FirewallRules: [{2C4196BA-548A-4799-91C0-53BA949B7117}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [UDP Query User{BD88DDAB-51BA-4F81-9C3A-AD5720D9877E}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [TCP Query User{7ECABE6D-D7B6-48FD-A815-F9208C331A62}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [UDP Query User{AC085348-5593-4054-ACDF-A949CD3A2D6D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{0FD33C1A-7604-42DD-B328-462CBBFC39B5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CFF72286-03BF-4C3D-BDEF-66847FB46BBE}] => (Allow) C:\Program Files (x86)\Syncios\pdt_syncios.exe
FirewallRules: [{2CB9412A-AE40-4E38-9654-EF7AF03A4869}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{35461AF4-947F-493E-9677-AF9669A40215}] => (Allow) C:\Program Files (x86)\Syncios\pdt_syncios.exe
FirewallRules: [{64F538A5-195D-4C0A-A4B6-739C0A3BBE11}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{75574EC5-60B3-4312-B73D-CDAAFC76D42F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9E702C6B-CF11-482F-9930-F2776613C1E8}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{C86F38DB-918C-49C4-86B9-0B7E11DD4FB5}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{19655CE5-3F8F-44EF-9EB2-79C9521EE5A4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{31810015-0001-4258-B003-EFA20015DF26}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BA05E808-A5F1-4F49-AC0E-6AFEE789D592}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{71F7CC28-8C4B-4754-A228-E3BB1388E3FA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DDC86EAB-0859-47D0-9640-55654038539C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E2843F4B-554F-4BB1-8142-F1FE9DB9E819}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D4C55736-E214-489C-B797-58A29B7ABBD3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{FBAD376F-4F53-4634-A0AF-65EDA091EFA6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9190FCF5-F1AD-4578-B181-F576FDEC2A2B}] => (Allow) C:\Program Files (x86)\Syncios\pdt_syncios.exe
FirewallRules: [{AD023FA4-F44F-4E4B-8563-88BD1C872E7F}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{D4A03766-45B4-45B0-A785-ACFAF3409D40}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{4AFDD32B-CE60-4EFD-8062-BF0FFFAEE63D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BF10025B-8E48-4AD8-8486-645F40873E3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CC309FE3-C816-4FEA-A024-F8BF895A2B48}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{090A5867-4A25-465C-A80A-9B53B5304653}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F8E28828-D52F-4159-9E46-32CC85D17AB2}C:\users\maran\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maran\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7F86C295-0B9A-49B6-80F0-59E719F96004}C:\users\maran\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maran\appdata\roaming\spotify\spotify.exe
FirewallRules: [{380A6386-6EC6-4312-9BED-8AFF90EF0362}] => (Allow) LPort=12292
FirewallRules: [{8D8E4BBE-1AAE-47CB-A15E-0BAC7C10176A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{FC3F4C55-6A65-43C7-9080-8658338BAE4A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [TCP Query User{A21A474B-5816-479E-B30D-60CD2A6B7C98}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{F2E2B175-6606-40B0-8797-9D1F7F378618}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{CD46974F-53A6-48F8-A7FD-995D08D9CC71}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{56BE1C7A-C1CF-4C73-925A-512A944AB74B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{B9E08E36-E210-4CBD-98C4-38B6A1A35F4C}C:\program files\java\jdk1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_31\bin\java.exe
FirewallRules: [UDP Query User{244F3E17-4B57-4F21-BE3C-03DF5E70EB1B}C:\program files\java\jdk1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_31\bin\java.exe
FirewallRules: [TCP Query User{0C4447D7-619F-4C94-B332-D71B0E4ABF1D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{BBB78EE0-E1DD-47BA-A44A-67111932E564}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{83E8FAEB-9C43-4C19-95A3-2719DE17E063}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{09855D63-FCC2-4B3C-AAA9-97072AF8CA69}] => (Allow) LPort=54925
FirewallRules: [{93052267-2AFE-4375-AE9F-C008DBC369C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1F7C3221-F305-4B17-8D0A-5D10D350DF59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{35AAE72F-480E-4E86-B7F3-6D1846135C04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{74846C1F-652A-462E-B786-FBF77E070793}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{952A3750-5164-4194-8F38-EFFD7C1D7BF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CF1E95CC-D6FB-4227-8A95-A290941BDF81}] => (Allow) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E898EB0B-98DF-434F-AF43-322214F8BEA9}] => (Allow) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{BDD446F0-9725-4DA4-8757-FB56D0EA3540}] => (Allow) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{46353F42-453A-4F44-82F8-0EBACBE1F485}] => (Allow) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{8DE74859-CE98-4410-9738-C05ADB7B55CF}] => (Allow) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{662ADDEB-4220-4701-9CFC-49CA2998B2F2}] => (Allow) C:\Users\maran\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{C3539F10-D6CC-4370-9318-22BF122CEDFE}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{BD311B23-D9F9-4C48-B70F-045A0DA69513}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{97D3F8E2-C900-4301-BE22-CE04158427CA}C:\users\maran\downloads\programs\arduino-1.6.5-windows\java\bin\javaw.exe] => (Allow) C:\users\maran\downloads\programs\arduino-1.6.5-windows\java\bin\javaw.exe
FirewallRules: [UDP Query User{92D6EC3C-8940-4DAC-975D-CFECB2CEE71E}C:\users\maran\downloads\programs\arduino-1.6.5-windows\java\bin\javaw.exe] => (Allow) C:\users\maran\downloads\programs\arduino-1.6.5-windows\java\bin\javaw.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/30/2018 07:41:46 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=TimerEvent

Error: (01/30/2018 07:41:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/30/2018 07:41:30 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/30/2018 07:38:29 PM) (Source: PHP-5.6.8) (EventID: 4) (User: )
Description: Event-ID 4

Error: (01/30/2018 07:38:29 PM) (Source: PHP-5.6.8) (EventID: 4) (User: )
Description: Event-ID 4

Error: (01/30/2018 07:38:27 PM) (Source: PHP-5.6.8) (EventID: 4) (User: )
Description: Event-ID 4

Error: (01/30/2018 07:38:27 PM) (Source: PHP-5.6.8) (EventID: 4) (User: )
Description: Event-ID 4

Error: (01/30/2018 07:04:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=TimerEvent

Error: (01/30/2018 04:59:26 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=TimerEvent

Error: (01/30/2018 04:58:32 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=TimerEvent


System errors:
=============
Error: (01/30/2018 07:52:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 14 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/30/2018 07:51:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 13 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/30/2018 07:50:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 12 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/30/2018 07:49:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 11 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/30/2018 07:48:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 10 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/30/2018 07:48:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/30/2018 07:47:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 9 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/30/2018 07:46:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 8 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/30/2018 07:45:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 7 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/30/2018 07:44:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Reporting Services (MSSQLSERVER) service terminated unexpectedly.  It has done this 6 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.


CodeIntegrity:
===================================
  Date: 2018-01-30 19:50:01.308
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-30 19:50:01.307
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-30 19:48:59.392
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-30 19:48:59.390
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-30 19:44:56.115
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-30 19:44:56.114
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-30 19:43:40.418
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-30 19:43:40.416
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-30 19:41:30.719
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-30 19:41:30.717
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 75%
Total physical RAM: 4030.29 MB
Available physical RAM: 985.68 MB
Total Virtual: 7230.29 MB
Available Virtual: 3272.49 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.95 GB) (Free:12.13 GB) NTFS
Drive d: () (Fixed) (Total:232.86 GB) (Free:39.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1EBF2B18)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=468 MB) - (Type=27)
Partition 4: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

#4
zep516
Posted 30 January 2018 - 07:11 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
P2P Warning

--------------------
Going over your logs I noticed that you have bitorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.

1.Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
2. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
3. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
4.The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

Next

Please uninstall this program,
AppHelper
Java 8 Update 112

Next

A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [Eztion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\maran\AppData\Local\YQPack\dchwypkt.dll <==== ATTENTION
ShortcutTarget: Dell VPN Connection.lnk ->  (No File)
GroupPolicy: Restriction <==== ATTENTION
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {AA18A38A-4E01-4CC9-A54E-87A17FCB6CE3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
hosts:
Emptytemp:
  • Click Format and ensure Wordwrap is unchecked.
  • Save as Fixlist.txt to your Desktop (Must be in this location)
  • Run FRST/FRST64 and press the Fix button just once and wait.
  • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
  • The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

  • 1

#5
bonhiver
Posted 31 January 2018 - 01:41 AM

bonhiver

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Thank you. I have uninstalled Java 8 Update 112 and Bittorrent. Do you know where I could uninstall this AppHelper? I have searched from Control Panel, Iobit Uninstaller and also Program Files but I couldn't find it. :/


Edited by bonhiver, 31 January 2018 - 01:49 AM.

  • 0

#6
zep516
Posted 31 January 2018 - 06:55 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

Lets run the fix in post 4, then we will get to that later.
  • 0

#7
bonhiver
Posted 01 February 2018 - 09:48 AM

bonhiver

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Here's the Fixlog.txt. The popup error on startup is now gone after the restart. Thank you!

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by maran (01-02-2018 22:56:07) Run:1
Running from C:\Users\maran\Desktop
Loaded Profiles: maran & MSSQLFDLauncher & MSSQLSERVER (Available Profiles: maran & ReportServer & MSSQLFDLauncher & MSSQLSERVER)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\...\Run: [Eztion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\maran\AppData\Local\YQPack\dchwypkt.dll <==== ATTENTION
ShortcutTarget: Dell VPN Connection.lnk ->  (No File)
GroupPolicy: Restriction <==== ATTENTION
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {AA18A38A-4E01-4CC9-A54E-87A17FCB6CE3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
hosts:
Emptytemp:
*****************

Processes closed successfully.
Restore point was successfully created.
"HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Eztion" => removed successfully
"ShortcutTarget: Dell VPN Connection.lnk ->  (No File)" => not found
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt" => removed successfully
HKLM\Software\Classes\CLSID\{430BD134-576D-4E75-87CD-0F5C6221A82B} => key not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA18A38A-4E01-4CC9-A54E-87A17FCB6CE3} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA18A38A-4E01-4CC9-A54E-87A17FCB6CE3}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found

========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34934100 B
Java, Flash, Steam htmlcache => 9203 B
Windows/system/drivers => 3773803 B
Edge => 579087 B
Chrome => 78530701 B
Firefox => 498021849 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 51182 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5764 B
NetworkService => 106448 B
maran => 81629558 B
ReportServer => 51182 B
MSSQLFDLauncher => 51182 B
MSSQLSERVER => 51182 B

RecycleBin => 5068994709 B
EmptyTemp: => 5.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:10:45 ====


  • 0

#8
zep516
Posted 01 February 2018 - 05:59 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

Lets run 1 more scan to check things and I think we will be done here.

Next

Download AdwCleaner from here. Save the file to the desktop.
  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be moved to Quarantine.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C0].txt

  • 1

#9
bonhiver
Posted 02 February 2018 - 06:58 AM

bonhiver

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Here is the report :)

 

# AdwCleaner 7.0.7.0 - Logfile created on Fri Feb 02 12:06:05 2018
# Updated on 2018/18/01 by Malwarebytes
# Running on Windows 10 Enterprise (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: AdvancedSystemCareService10


***** [ Folders ] *****

Deleted: C:\ProgramData\IObit\Advanced SystemCare
Deleted: C:\ProgramData\Application Data\IObit\Advanced SystemCare
Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\All Users\IObit\Advanced SystemCare
Deleted: C:\Users\maran\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Users\maran\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\ProgramData\IObit\Advanced SystemCare
Deleted: C:\ProgramData\Application Data\IObit\Advanced SystemCare
Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\All Users\IObit\Advanced SystemCare
Deleted: C:\Users\maran\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Users\maran\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Program Files\Hola
Deleted: C:\Windows\System32\C2MP
Deleted: C:\Windows\SysWOW64\C2MP
Deleted: C:\ProgramData\IObit\ASCDownloader
Deleted: C:\ProgramData\Application Data\IObit\ASCDownloader
Deleted: C:\Users\All Users\IObit\ASCDownloader
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Deleted: C:\Program Files\TotalSystemCare


***** [ Files ] *****

Deleted: C:\Windows\SysNative\REGISTRYDEFRAGBOOTTIME.EXE
Deleted: C:\END
Deleted: C:\Users\All Users\Desktop\Advanced SystemCare 10.lnk
Deleted: C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
Deleted: C:\Users\All Users\Desktop\\Smart Defrag 5.lnk
Deleted: C:\Users\Public\Desktop\\Smart Defrag 5.lnk
Deleted: C:\Users\maran\AppData\Roaming\Mozilla\Firefox\Profiles\phy5vtyr.default\invalidprefs.js


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: Driver Booster Scheduler
Deleted: ASC10_SkipUac_maran


***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\IOBIT\ASC
Deleted: [Key] - HKLM\SOFTWARE\IObit\Advanced SystemCare
Deleted: [Key] - HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\Software\IObit\Advanced SystemCare
Deleted: [Key] - HKCU\Software\IObit\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\IObit\RealTimeProtector
Deleted: [Key] - HKLM\SOFTWARE\IObit\ASC
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted: [Key] - HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{AD023FA4-F44F-4E4B-8563-88BD1C872E7F}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D4A03766-45B4-45B0-A785-ACFAF3409D40}
Deleted: [Key] - HKLM\SOFTWARE\Hola
Deleted: [Key] - HKU\.DEFAULT\Software\Hola
Deleted: [Key] - HKU\S-1-5-18\Software\Hola
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AppHelper
Deleted: [Key] - HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\Software\INSTALLPATH\STATUS
Deleted: [Key] - HKCU\Software\INSTALLPATH\STATUS
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Deleted: [Value] - HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|eztion
Deleted: [Value] - HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\Software\Microsoft\Windows\CurrentVersion\Run|Advanced SystemCare 10
Deleted: [Value] - HKU\S-1-5-21-2763142683-1454455776-2827359566-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Advanced SystemCare 10
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Advanced SystemCare 10
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC10_SkipUac_maran


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [7744 B] - [2018/2/2 10:47:43]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########


  • 0

#10
zep516
Posted 02 February 2018 - 06:55 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

Lots of junk found better run a Malwarebytes scan to check things out. You can skip the download part if you already have Malwarebytes installed.

Next
  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that that all Threats are selected, and click Remove Selected.
  • Reboot your computer if prompted.
Posting the Malwarebytes log.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • post that saved log to your next reply.

  • 0

#11
bonhiver
Posted 05 February 2018 - 03:26 AM

bonhiver

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Thank you so much for your patience in helping me. Here's my scan log. I noticed that my bootup time is also now much faster.

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 2/3/18
Scan Time: 4:46 PM
Log File: aa14e816-08be-11e8-90bb-6cc2175e9053.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3856
License: Trial

-System Information-
OS: Windows 10 (Build 16299.192)
CPU: x64
File System: NTFS
User: MARANATHA\maran

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 534610
Threats Detected: 8
Threats Quarantined: 7
Time Elapsed: 38 min, 1 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 1
Trojan.Boaxxe, C:\USERS\MARAN\APPDATA\LOCAL\ORICS, Quarantined, [215], [354462],1.0.3856

File: 7
Trojan.Boaxxe, C:\Users\maran\AppData\Local\Orics\jhvnokbw.lck, Quarantined, [215], [354462],1.0.3856
PUP.Optional.InstallCore, C:\PROGRAM FILES (X86)\KMSPICO\KMSPICO_PATCH.EXE, No Action By User, [2], [80770],1.0.3856
PUP.Optional.DriverAgent, C:\USERS\MARAN\DOWNLOADS\DRVAGENTRSPLUS-4465454813.EXE, Quarantined, [2125], [345593],1.0.3856
PUP.Optional.BuenoSearch, C:\USERS\MARAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [3092], [455061],1.0.3856
PUP.Optional.BuenoSearch, C:\USERS\MARAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [3092], [455061],1.0.3856
PUP.Optional.BuenoSearch, C:\USERS\MARAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [3092], [455061],1.0.3856
PUP.Optional.Babylon, C:\USERS\MARAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [1651], [455059],1.0.3856

Physical Sector: 0
(No malicious items detected)


(end)


  • 0

#12
zep516
Posted 05 February 2018 - 02:21 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
I see no signs of malware on your computer, and feel satisfied that our work here is done.


You usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

Safe Computing Practices please read Here


Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Thanks
Joe :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: HELP, frst, regsvr32

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP