Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cannot run or open any .exe (executable) file in Windows normal mode.

Started by MagickMage , Jul 14 2018 06:46 AM

  • Please log in to reply

#1
MagickMage
Posted 14 July 2018 - 06:46 AM

MagickMage

    Member

  • Member
  • PipPip
  • 28 posts
Greetings all.I was advised by SpywareDr to start a new topic here so here goes. Here are the details.
For the past month my computer has not been able to open or run any .exe (executable file).I am running Windows 7 
Professional 64-bit SP1,Intel Core @ 3.10GHz with 4.00GB RAM.
I have tried every known solution that's been discussed and shared on most Internet technical sites and forums on the 
Windows platform, but to date, nothing has worked. I have used the Malwarebytes anti-malware but only in Safe mode to check 
my entire hard drive and it didn't find any thing at all.I am only able to  run exe files in Safe mode and it works the way 
it should. However,I have not been able to run or open any executable in Windows Normal mode.And when ever I try, it comes 
up with this error message,"A required privilege is not held by the client" and now recently, I cannot even run or open the 
Firefox browser and my email platform Thunderbird with this error message,"Can't Open This Item.It might have been moved, 
renamed or deleted.Do you want to remove this item? Like I said I have tried most of the options and "solutions" shared on 
other windows technical websites but to no avail.This is driving me absolutely bonkers and I have to open and run some 
software that is related to my job and it is very cumbersome being able to only use it in Safe Mode without audio.I am 
beginning to realize that I have no choice but to re-image my Windows installation.Please,please help!?  :alarm: 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Home (administrator) on HOME-PC (14-07-2018 19:21:29)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...-to-use-farbar-
 
recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SUPERAntiSpyware.com) C:\Security\SAS\SASCore64.exe
(SecureAge Technology) C:\Program Files\SecureAge\AntiVirus\sascansvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be 
 
moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [Everything] => C:\Program Files\SecureAge\Everything\Everything.exe [2197608 2017-06-07] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 
 
2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 
 
2010-11-17] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] 
 
(Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG
 
\Free Download Manager\fdm.exe [10150912 2018-02-22] (FreeDownloadManager.org)
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\Run: [Download Accelerator Manager] => C:\Program Files\Tensons\Download 
 
Accelerator Manager\DownloadAcceleratorManager.exe [1186304 2017-12-23] (Tensons Corporation)
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\Run: [SUPERAntiSpyware] => C:\Security\SAS\SUPERAntiSpyware.exe [8887216 
 
2018-03-23] (SUPERAntiSpyware)
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\MountPoints2: {455e97d5-b87a-11e5-bb01-1078d2df786a} - K:\LaunchU3.exe -a
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\MountPoints2: {5fcbc350-8578-11e6-b9e6-1078d2df786a} - K:\Setup.exe /s
HKU\S-1-5-18\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe 
 
[10150912 2018-02-22] (FreeDownloadManager.org)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 
 
/errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
SSODL: EldosMountNotificator-cbfs6 - {7CFD46AF-7E92-43EC-951E-0C6DA2E9F3B2} - C:\Windows\system32\cbfsMntNtf6.dll (/n 
 
software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {7CFD46AF-7E92-43EC-951E-0C6DA2E9F3B2} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (/n 
 
software, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.17.5.36 172.17.5.68
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [NameServer] 64.145.73.5,209.107.219.5
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [DhcpNameServer] 172.17.5.36 172.17.5.68
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2713607381-13602913-39778406-1000 -> {C4D576CF-D6A4-4EC3-8536-B0E5AEFF4ABE} URL = 
 
hxxps://sg.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Tensons.Application.DownloadAcceleratorManager.BHO -> {00000003-1118-11da-8cd6-0800200c9888} -> C:\Windows
 
\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller
 
\UninstallExplorer.dll [2018-01-25] (IObit)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll 
 
[2017-09-07] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin
 
\jp2ssv.dll [2017-09-07] (Oracle Corporation)
BHO-x32: Tensons.Application.DownloadAcceleratorManager.BHO -> {00000003-1118-11da-8cd6-0800200c9888} -> C:\Windows
 
\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office
 
\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft 
 
Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
 
FireFox:
========
FF DefaultProfile: anbxvldd.default-1529575451185
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 [2018-07-14]
FF Homepage: Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 -> hxxps://www.google.com/
FF Extension: (download-helper) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-
 
1529575451185\Extensions\[email protected] [2018-06-21]
FF Extension: (Video DownloadHelper) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-
 
1529575451185\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-06-21]
FF Extension: (Adblock Plus) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-
 
1529575451185\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-06-21]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Tensons\Download Accelerator Manager\DamFirefox\old
 
\ex3\dam.zip
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Tensons\Download Accelerator Manager\DamFirefox
 
\old\ex3\dam.zip
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-
 
09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-07] 
 
(Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( 
 
Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe 
 
Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll 
 
[2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update
 
\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update
 
\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe 
 
Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-07-14]
CHR Extension: (Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2018-06-29]
CHR Extension: (Pixlr Editor) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\icmaknaampgiegkcjlimdiidlhopknpk [2016-09-11]
CHR Extension: (AliDropship) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\jlnhdnbbikjkdejminhdpmejldiapdgn [2018-06-13]
CHR Extension: (Video DownloadHelper) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\lmjnegcaeklhafolokijcfjliaokphfk [2018-07-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-06-28]
CHR Extension: (Scribd Downloader Free) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\picjckiempkofneplcbdijedckiollfd [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
R2 !SASCORE; C:\Security\SAS\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
S2 Everything; C:\Program Files\SecureAge\Everything\Everything.exe [2197608 2017-06-07] ()
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S2 SAEverythingServer; C:\Program Files\SecureAge\Everything\EverythingServer.exe [214000 2018-04-19] (SecureAge Technology)
R2 sascansvc; C:\Program Files\SecureAge\AntiVirus\sascansvc.exe [1127616 2018-05-25] (SecureAge Technology)
S2 SAUAVSvc; C:\Program Files\SecureAge\UniversalAV\UniversalAVService.exe [1284152 2018-05-25] (SecureAge Technology)
S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2017-03-29] (The OpenVPN Project)
S1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-09-09] (/n software, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2018-02-12] (Digiarty Software, Inc.)
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-11-19] (REALiX™)
S2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2017-05-16] (Highresolution Enterprises [www.highrez.co.uk])
S3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-06] 
 
(IObit.com)
S3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [22416 2018
 
-01-11] (IObit.com)
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-06-10] (Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-06-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-14] (Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [47104 2016-05-20] ()
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 PCWinSoft; C:\Windows\System32\DRIVERS\scrcamhrdrv_x64.sys [241800 2017-01-16] (Windows ® Server 2003 DDK provider)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7673200 2017-11-16] (Realtek Semiconductor Corporation )
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [420832 2018-01-20] (Realsil Semiconductor Corporation)
R0 SAAppCtl; C:\Windows\System32\DRIVERS\saappctl.sys [280520 2018-05-09] (SecureAge Technology)
R0 sascan; C:\Windows\System32\DRIVERS\sascan.sys [94112 2018-05-01] (SecureAge Technology)
S1 SASDIFSV; C:\Security\SAS\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Security\SAS\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [54840 2017-12-20] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [36792 2017-08-25] (The OpenVPN Project)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-07-31] (Spotflux, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-06-14] ()
R3 vpnpbus; C:\Windows\System32\DRIVERS\vpnpbus.sys [18624 2016-09-09] (/n software, Inc.)
U1 aswbdisk; no ImagePath
S3 clwvd6; system32\DRIVERS\clwvd6.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-14 19:21 - 2018-07-14 19:24 - 000017139 _____ C:\Users\Home\Desktop\FRST.txt
2018-07-14 19:20 - 2018-07-14 19:21 - 000000000 ____D C:\FRST
2018-07-14 19:08 - 2018-07-14 19:08 - 000890320 _____ (Bleeping Computer, LLC) C:\Users\Home\Desktop\FixExec.com
2018-07-14 19:08 - 2018-07-14 19:08 - 000464336 _____ (Bleeping Computer, LLC) C:\Users\Home\Desktop\FixExec.exe
2018-07-14 18:38 - 2018-07-14 18:38 - 002412544 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe
2018-07-14 18:01 - 2018-07-14 18:19 - 000002155 _____ C:\Windows\epplauncher.mif
2018-07-14 17:53 - 2018-07-14 18:19 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft 
 
Security Essentials.lnk
2018-07-14 17:53 - 2018-07-14 18:19 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-07-14 17:53 - 2018-07-14 18:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2018-07-14 17:27 - 2018-07-14 17:27 - 000054141 _____ C:\Users\Home\Downloads\turningpoints-edu (1).rar
2018-07-14 17:15 - 2018-07-14 17:18 - 004406704 _____ C:\Users\Home\Downloads\taskfree.exe
2018-07-14 14:57 - 2018-07-14 14:57 - 002412544 _____ (Farbar) C:\Users\Home\Downloads\FRST64.exe
2018-07-14 14:34 - 2018-07-14 14:34 - 000000000 ____D C:\Users\Home\Downloads\turningpoints-edu
2018-07-13 18:43 - 2018-07-13 18:44 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators 
 
(1).zip
2018-07-13 18:29 - 2018-07-13 18:29 - 000179498 _____ C:\Users\Home\Downloads\Turning_Points_ProgramNT7.zip
2018-07-13 18:29 - 2018-07-13 18:29 - 000072963 _____ C:\Users\Home\Downloads\TPRenko.zip
2018-07-13 17:06 - 2018-07-13 17:06 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7 (1).pdf
2018-07-13 17:06 - 2018-07-13 17:06 - 000041388 _____ C:\Users\Home\Downloads\CoachingRoomTestimonialsV2.pdf
2018-07-13 17:04 - 2018-07-13 17:04 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7.pdf
2018-07-11 20:07 - 2018-07-11 20:08 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators.zip
2018-07-11 17:20 - 2018-06-14 00:23 - 000140992 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-11 17:20 - 2018-06-14 00:18 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-11 17:20 - 2018-06-08 21:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-11 17:19 - 2018-06-21 08:58 - 000398376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-07-11 17:19 - 2018-06-21 08:00 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-07-11 17:19 - 2018-06-17 00:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:46 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 17:19 - 2018-06-17 00:36 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-07-11 17:19 - 2018-06-17 00:33 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-07-11 17:19 - 2018-06-17 00:23 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-07-11 17:19 - 2018-06-17 00:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:19 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-07-11 17:19 - 2018-06-17 00:19 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-07-11 17:19 - 2018-06-17 00:12 - 000969216 _____ (Microsoft Corporation) C:\Windows
 
\system32\MsSpellCheckingFacility.exe
2018-07-11 17:19 - 2018-06-17 00:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-07-11 17:19 - 2018-06-17 00:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-07-11 17:19 - 2018-06-17 00:02 - 000077824 _____ (Microsoft Corporation) C:\Windows
 
\system32\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-17 00:01 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-07-11 17:19 - 2018-06-16 23:57 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-07-11 17:19 - 2018-06-16 23:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-07-11 17:19 - 2018-06-16 23:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-07-11 17:19 - 2018-06-16 23:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-07-11 17:19 - 2018-06-16 23:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-07-11 17:19 - 2018-06-16 23:42 - 000060416 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-16 23:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:39 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-07-11 17:19 - 2018-06-16 23:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-07-11 17:19 - 2018-06-16 23:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-07-11 17:19 - 2018-06-16 23:34 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-07-11 17:19 - 2018-06-16 23:32 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-11 17:19 - 2018-06-16 23:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-07-11 17:19 - 2018-06-16 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:28 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-07-11 17:19 - 2018-06-16 23:16 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-07-11 17:19 - 2018-06-16 23:05 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-07-11 17:19 - 2018-06-14 00:20 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-11 17:19 - 2018-06-14 00:19 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-13 23:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-11 17:19 - 2018-06-13 23:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-07-11 17:19 - 2018-06-09 00:22 - 001665344 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
threadpool-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
rtlsupport-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
namedpipe-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
delayload-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:02 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-07-11 17:19 - 2018-06-09 00:02 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-07-11 17:19 - 2018-06-08 23:57 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
namedpipe-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
rtlsupport-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
delayload-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:44 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 17:19 - 2018-06-08 23:44 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-07-11 17:19 - 2018-06-08 23:44 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 17:19 - 2018-06-08 23:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-07-11 17:19 - 2018-06-08 23:33 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-07-11 17:19 - 2018-06-08 23:33 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-07-11 17:19 - 2018-06-08 23:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-07-11 17:19 - 2018-06-08 23:27 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-07-11 17:19 - 2018-06-08 23:21 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-07-11 17:19 - 2018-06-08 23:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
threadpool-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 00:19 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:49 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-11 17:19 - 2018-06-07 23:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-07-11 17:19 - 2018-06-01 00:28 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-07-11 17:19 - 2018-06-01 00:28 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-07-11 17:19 - 2018-05-15 11:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-07-11 17:19 - 2018-05-15 11:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-07-11 17:19 - 2018-05-15 11:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-07-11 17:19 - 2018-05-15 11:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-07-11 17:19 - 2018-05-12 10:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-07-11 17:19 - 2018-05-12 05:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-07-11 17:19 - 2018-05-12 05:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-
 
filesystem-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-
 
filesystem-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-
 
environment-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-
 
2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-
 
environment-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-
 
2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2
 
-0.dll
2018-07-11 17:19 - 2018-04-26 00:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-07-11 17:19 - 2018-04-25 23:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-07-11 17:19 - 2018-04-23 07:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-07-11 17:19 - 2018-04-19 00:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-07-11 17:19 - 2018-04-19 00:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-07-11 17:19 - 2018-04-18 23:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
2018-07-11 17:19 - 2018-04-18 23:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2018-07-11 17:19 - 2018-04-12 00:38 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-07-11 17:19 - 2018-04-12 00:36 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-07-11 17:19 - 2018-04-11 00:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-07-11 17:19 - 2018-04-11 00:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-07-11 17:19 - 2018-04-10 23:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-07-11 17:19 - 2018-04-08 00:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-07-11 17:19 - 2018-03-15 01:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-07-11 17:19 - 2018-03-15 01:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-07-11 17:19 - 2018-03-15 00:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-07-11 17:19 - 2018-03-10 02:18 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-07-11 17:19 - 2018-03-10 01:31 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-07-11 17:19 - 2018-03-07 02:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-07-11 17:19 - 2018-03-07 02:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-07-11 17:19 - 2018-02-22 11:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-07-11 17:19 - 2018-02-22 11:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-07-11 17:19 - 2018-02-11 02:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-07-11 17:19 - 2018-02-11 02:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 02:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 01:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-11 01:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-03 02:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-07-11 17:19 - 2018-02-03 02:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-07-11 17:19 - 2018-02-03 01:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-07-11 17:19 - 2018-02-03 01:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-07-11 17:19 - 2018-01-13 00:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-13 00:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-12 00:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-07-11 17:19 - 2018-01-12 00:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-07-11 17:19 - 2018-01-01 10:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-07-11 17:19 - 2018-01-01 10:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-07-11 17:19 - 2018-01-01 10:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-07-11 17:19 - 2018-01-01 10:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-07-11 17:19 - 2018-01-01 10:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 09:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 09:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-07-11 17:19 - 2018-01-01 09:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-07-11 17:19 - 2018-01-01 09:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2018-07-11 17:19 - 2018-01-01 09:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 09:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-07-11 17:19 - 2018-01-01 09:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-07-11 17:19 - 2017-12-06 01:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 00:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2018-07-11 17:19 - 2017-12-05 23:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-07-11 17:18 - 2018-06-17 01:07 - 025743872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-07-11 17:18 - 2018-06-17 00:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-07-11 17:18 - 2018-06-17 00:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-07-11 17:18 - 2018-06-17 00:27 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-07-11 17:18 - 2018-06-17 00:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-07-11 17:18 - 2018-06-17 00:20 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-07-11 17:18 - 2018-06-17 00:08 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-07-11 17:18 - 2018-06-17 00:05 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-07-11 17:18 - 2018-06-16 23:58 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-07-11 17:18 - 2018-06-16 23:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-07-11 17:18 - 2018-06-16 23:46 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-11 17:18 - 2018-06-16 23:44 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-07-11 17:18 - 2018-06-16 23:40 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-07-11 17:18 - 2018-06-16 23:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-07-11 17:18 - 2018-06-13 23:40 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-07-11 17:18 - 2018-06-09 00:27 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-11 17:18 - 2018-06-09 00:27 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-11 17:18 - 2018-06-09 00:27 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-07-11 17:18 - 2018-06-09 00:23 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-07-11 17:18 - 2018-06-09 00:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-11 17:18 - 2018-06-08 23:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 23:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 00:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-07-11 17:18 - 2018-06-01 00:28 - 001893568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-07-11 17:18 - 2018-05-30 21:05 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-07-11 17:18 - 2018-05-15 12:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-07-11 17:18 - 2018-05-15 11:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-07-11 17:18 - 2018-05-15 11:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-07-11 17:18 - 2018-05-15 11:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-07-11 17:18 - 2018-05-15 11:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-07-11 17:18 - 2018-05-12 05:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-07-11 17:18 - 2018-05-02 23:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-07-11 17:18 - 2018-04-23 08:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-07-11 17:18 - 2018-04-12 00:38 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-07-11 17:18 - 2018-04-12 00:36 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-07-11 17:18 - 2018-04-11 00:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-07-11 17:18 - 2018-04-07 00:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-07-11 17:18 - 2018-04-07 00:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-07-11 17:18 - 2018-03-15 00:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-07-11 17:18 - 2018-03-11 01:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-07-11 17:18 - 2018-03-07 02:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-07-11 17:18 - 2018-03-07 02:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-07-11 17:18 - 2018-02-11 01:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-07-11 17:18 - 2018-02-11 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-07-11 17:18 - 2018-02-03 02:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-07-11 17:18 - 2018-01-01 10:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-07-11 17:18 - 2018-01-01 10:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 09:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-07-11 16:55 - 2018-07-14 18:50 - 000002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Home)
2018-07-10 20:04 - 2018-07-10 20:04 - 000087650 _____ C:\Users\Home\Downloads\Extras.Txt
2018-07-10 20:03 - 2018-07-10 20:03 - 000122102 _____ C:\Users\Home\Downloads\OTL.Txt
2018-07-10 19:07 - 2018-07-10 19:07 - 000602112 _____ (OldTimer Tools) C:\Users\Home\Downloads\OTL.exe
2018-07-10 18:11 - 2018-07-10 18:12 - 000000414 _____ C:\Users\Home\Downloads\exehelperlog.txt
2018-07-10 17:52 - 2018-07-10 17:53 - 043520264 _____ (Microsoft Corporation) C:\Users\Home\Downloads\Windows-KB890830-x64-
 
V5.61.exe
2018-07-10 15:49 - 2018-07-10 15:49 - 000294400 _____ C:\Users\Home\Downloads\exeHelper.com
2018-07-09 20:36 - 2018-07-09 20:36 - 000031816 _____ (Microsoft Corporation) C:\Users\Home\Downloads
 
\pciclearstalecache_fdc5fc21af7572c604f50e0e7f9f7a6c465835b4.exe
2018-07-09 20:04 - 2018-07-09 20:05 - 015800840 _____ (Dell Inc.) C:\Users\Home\Downloads\Dell-USB-Recovery-
 
Tool_JNDT2_WIN_2.1.2025.0_A00.EXE
2018-07-09 17:53 - 2018-07-09 17:54 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-07-09 17:53 - 2018-07-09 17:53 - 000001205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task 
 
Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001178 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2018-07-09 17:42 - 2018-07-09 17:42 - 002997200 _____ C:\Users\Home\Downloads\SecurityTaskManager_Setup.exe
2018-07-08 00:43 - 2018-07-08 00:44 - 000000000 ____D C:\Reg Utilities
2018-07-05 00:52 - 2018-07-05 00:52 - 000012522 _____ C:\Users\Home\Downloads\Sim22_MacdbbGaplessNT7_1_1.zip
2018-07-05 00:46 - 2018-07-05 00:50 - 168722676 _____ C:\Users\Home\Downloads\6kr
2018-07-05 00:39 - 2018-07-05 00:40 - 008488264 _____ C:\Users\Home\Downloads\6ks
2018-07-04 17:38 - 2018-07-04 17:38 - 000000000 ____D C:\Users\Home\AppData\Local\NinjaTrader_LLC,_http___w
2018-07-04 17:17 - 2018-07-04 17:17 - 000000000 ____D C:\Users\Home\Documents\Epubor VitalSource Downloader
2018-07-04 17:09 - 2018-07-04 18:27 - 000002721 _____ C:\Users\Home\Desktop\EpuborVitalSourceDownloader.lnk
2018-07-04 17:09 - 2018-07-04 17:09 - 000002729 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
 
\EpuborVitalSourceDownloader.lnk
2018-07-04 17:07 - 2018-07-04 17:21 - 000000000 ____D C:\Users\Home\AppData\Roaming\EpuborVitalSourceDownloader
2018-07-04 17:02 - 2018-07-04 17:02 - 000000000 ____D C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr
2018-07-04 17:00 - 2018-07-04 17:00 - 000000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-07-04 14:06 - 2018-07-04 14:07 - 045503432 _____ C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000042727 _____ C:\Users\Home\Downloads\SHARKBAND2.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000005879 _____ C:\Users\Home\Downloads\Sharkband.zip
2018-07-04 01:12 - 2018-07-04 01:12 - 000014678 _____ C:\Users\Home\Downloads\fisherT.xml
2018-07-04 01:12 - 2018-07-04 01:12 - 000008071 _____ C:\Users\Home\Downloads\FisherT.cs
2018-07-04 01:12 - 2018-07-04 01:12 - 000004593 _____ C:\Users\Home\Downloads\TRIX_cory.zip
2018-07-04 01:09 - 2018-07-04 01:09 - 000017136 _____ C:\Users\Home\Downloads\_Lin_Reg_Color_Paint_v01.cs
2018-07-03 21:53 - 2018-07-03 21:53 - 000032071 _____ C:\Users\Home\Downloads\MASlopeBoxMulti.zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope (1).zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000001852 _____ C:\Users\Home\Downloads\TheAboxforRange.zip
2018-07-03 21:26 - 2018-07-03 21:26 - 000031306 _____ C:\Users\Home\Downloads\BasicTemplate Perry.xml
2018-07-03 21:26 - 2018-07-03 21:26 - 000021732 _____ C:\Users\Home\Downloads\AaMA_7_5.zip
2018-07-03 21:22 - 2018-07-03 21:22 - 000063825 _____ C:\Users\Home\Downloads\PERRY_AFFLICTION.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000062969 _____ C:\Users\Home\Downloads\PERRY_ZSHARK_3.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000004555 _____ C:\Users\Home\Downloads\DMPlus_v3aBC.zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003827 _____ C:\Users\Home\Downloads\DMPlus_v3a (1).zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1 (1).zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000068608 _____ C:\Users\Home\Downloads\Perry.dll
2018-07-03 21:20 - 2018-07-03 21:20 - 000010918 _____ C:\Users\Home\Downloads\Force_Index_v02FastBC.zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000004021 _____ C:\Users\Home\Downloads\Perry.cpp
2018-07-03 21:20 - 2018-07-03 21:20 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1.zip
2018-07-03 21:17 - 2018-07-03 21:17 - 000002259 _____ C:\Users\Home\Downloads\PriceLineWH.zip
2018-07-03 21:13 - 2018-07-03 21:13 - 000013617 _____ C:\Users\Home\Downloads\ForceIndex.zip
2018-07-03 21:12 - 2018-07-03 21:12 - 000022004 _____ C:\Users\Home\Downloads\DMPlusSignals_v8_nt7.zip
2018-07-03 21:08 - 2018-07-03 21:08 - 002498706 _____ C:\Users\Home\Downloads\vipul gold 4 range.bmp
2018-07-03 21:06 - 2018-07-03 21:06 - 000021045 _____ C:\Users\Home\Downloads\DMPlusSignals_nt7.zip
2018-07-03 21:06 - 2018-07-03 21:06 - 000019756 _____ C:\Users\Home\Downloads\DM3PlusSignals_nt65.zip
2018-07-03 21:02 - 2018-07-03 21:02 - 000005180 _____ C:\Users\Home\Downloads\DonchianRectangle.zip
2018-07-03 20:55 - 2018-07-03 20:55 - 000029362 _____ C:\Users\Home\Downloads\jhlPerryM1v1.zip
2018-07-03 20:51 - 2018-07-03 20:51 - 000003673 _____ C:\Users\Home\Downloads\DMplus_v3a.zip
2018-07-03 20:50 - 2018-07-03 20:50 - 000036945 _____ C:\Users\Home\Downloads\Perry-04.xml
2018-07-03 20:50 - 2018-07-03 20:50 - 000003020 _____ C:\Users\Home\Downloads\jtrangmaker_nj6_5.zip
2018-07-03 20:48 - 2018-07-03 20:48 - 000007813 _____ C:\Users\Home\Downloads\ECO2PAINTBARSONLY.zip
2018-07-03 20:46 - 2018-07-03 20:46 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3 (1).zip
2018-07-03 20:44 - 2018-07-03 20:44 - 000009645 _____ C:\Users\Home\Downloads\Force_Index_v02.zip
2018-07-03 20:43 - 2018-07-03 20:43 - 000036657 _____ C:\Users\Home\Downloads\Perry-01.xml
2018-07-03 20:43 - 2018-07-03 20:43 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope.zip
2018-07-03 20:40 - 2018-07-03 20:40 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3.zip
2018-07-03 20:38 - 2018-07-03 20:38 - 000034256 _____ C:\Users\Home\Downloads\Perry-02v2.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030586 _____ C:\Users\Home\Downloads\Perry-02.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1 (1).xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000002872 _____ C:\Users\Home\Downloads\DMplus_v2.zip
2018-07-02 17:46 - 2018-07-02 17:46 - 000001531 _____ C:\Users\Home\Downloads\VolumeRiseFallNT8.zip
2018-07-01 19:29 - 2018-07-01 19:29 - 002716964 _____ C:\Users\Home\Downloads\DAMsetup.exe
2018-07-01 15:57 - 2018-07-01 15:57 - 000000207 _____ C:\Windows\tweaking.com-regbackup-HOME-PC-Windows-7-Professional-(64-
 
bit).dat
2018-07-01 15:57 - 2018-07-01 15:57 - 000000000 ____D C:\RegBackup
2018-07-01 15:47 - 2018-07-01 15:48 - 000000000 ____D C:\Tweaking
2018-07-01 15:34 - 2018-07-01 15:34 - 000000796 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-07-01 15:34 - 2018-07-01 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-07-01 15:34 - 2018-07-01 15:34 - 000000000 ____D C:\Program Files\Speccy
2018-07-01 15:17 - 2018-07-01 15:17 - 006889184 _____ (Piriform Ltd) C:\Users\Home\Downloads\spsetup132.exe
2018-07-01 14:30 - 2018-07-01 14:30 - 000002079 _____ C:\Users\Home\Downloads\PriceLineWH-NT8.zip
2018-07-01 14:25 - 2018-07-01 14:25 - 000009848 _____ C:\Users\Home\Downloads\ama_Current_Day_VWAP_v20.zip
2018-07-01 14:19 - 2018-07-01 14:19 - 000049438 _____ C:\Users\Home\Downloads\Download (1).rar
2018-07-01 14:15 - 2018-07-01 14:15 - 000124767 _____ C:\Users\Home\Downloads\Traderretail.rar
2018-07-01 13:53 - 2018-07-01 13:53 - 000091075 _____ C:\Users\Home\Downloads\ama_Super_Trend_U11_v21.zip
2018-07-01 01:00 - 2018-07-01 01:00 - 000009390 _____ C:\Users\Home\Downloads\IndoDemoStrategy.cs
2018-06-30 19:13 - 2018-06-30 19:14 - 000040225 _____ C:\Users\Home\Downloads\MTB.txt
2018-06-30 00:20 - 2018-06-30 00:20 - 000892416 _____ (Farbar) C:\Users\Home\Downloads\MiniToolBox.exe
2018-06-29 18:23 - 2018-06-29 18:23 - 000001003 _____ C:\Users\Public\Desktop\Filedrop.lnk
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Users\Home\AppData\Roaming\com.filedropme.FiledropDesktop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filedrop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Program Files (x86)\Filedrop
2018-06-29 17:39 - 2018-06-29 17:40 - 019130837 _____ (Filedrop ) C:\Users\Home\Downloads\Filedrop.exe
2018-06-29 17:22 - 2018-06-29 17:22 - 000006039 _____ C:\Users\Home\Downloads\April2018SCNT7.zip
2018-06-29 17:22 - 2018-06-29 17:22 - 000004819 _____ C:\Users\Home\Downloads\April2018SCNT8.zip
2018-06-29 17:20 - 2018-06-29 17:20 - 000007242 _____ C:\Users\Home\Downloads\July2012SC.zip
2018-06-28 21:41 - 2018-06-28 21:41 - 025942048 _____ (Samsung Electronics Co., Ltd.) C:\Users\Home\Downloads
 
\SAMSUNG_USB_Driver_for_Mobile_Phones_1.5.63.0.exe
2018-06-28 18:01 - 2018-06-28 18:01 - 000036760 _____ C:\Users\Home\Downloads\DS.rar
2018-06-28 18:00 - 2018-06-28 18:00 - 000022576 _____ C:\Users\Home\Downloads\DeltaScalper2.cs
2018-06-28 13:25 - 2018-06-28 13:25 - 000395709 _____ C:\Users\Home\Downloads\iScalper - Incubator ( iscalper - iRenko - 
 
iBands - iBars ).zip
2018-06-26 19:09 - 2018-06-26 19:09 - 000013664 _____ C:\Users\Home\Downloads\CciBBLinesV4.zip
2018-06-26 19:03 - 2018-07-01 13:57 - 001884785 _____ C:\Users\Home\Downloads\6k7
2018-06-26 18:57 - 2018-06-26 18:57 - 043540480 _____ C:\Users\Home\Downloads\NinjaTrader.Install.msi
2018-06-26 18:28 - 2018-06-26 18:28 - 000437107 _____ C:\Users\Home\Downloads\BrainTrading71.0.zip
2018-06-26 14:52 - 2018-06-26 14:52 - 000000000 ____D C:\Users\Home\AppData\Local\MTPredictor
2018-06-26 12:07 - 2018-06-26 12:07 - 002554515 _____ C:\Users\Home\Downloads\2017_IC3Report.pdf
2018-06-25 20:59 - 2018-06-25 20:59 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2018-06-25 16:47 - 2018-06-25 16:47 - 000181061 _____ C:\Users\Home\Downloads\RLMovingAverageColored.zip
2018-06-25 16:47 - 2018-06-25 16:47 - 000027785 _____ C:\Users\Home\Downloads\RLTMovingAverageColored.zip
2018-06-24 13:38 - 2018-06-24 13:38 - 538859006 _____ C:\Users\Home\Downloads\Trading MarketProfile (1).zip
2018-06-23 19:47 - 2018-06-23 19:48 - 021342732 _____ C:\Users\Home\Downloads\DayTrading_with_Price_Action_-
 
_Course___NinjaTrader_7_Indicators_2.rar
2018-06-22 13:18 - 2018-06-22 13:18 - 000003076 _____ C:\Users\Home\Downloads\Fractal_MikeV2_1.zip
2018-06-21 18:11 - 2018-06-21 18:14 - 000208972 _____ C:\TDSSKiller.3.1.0.17_21.06.2018_18.11.35_log.txt
2018-06-21 18:02 - 2018-07-13 17:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-21 18:02 - 2018-06-21 18:02 - 000000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-21 18:02 - 2018-06-21 18:02 - 000000930 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-06-21 18:02 - 2018-06-21 18:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-06-21 17:16 - 2018-06-21 17:16 - 000382261 _____ C:\unp306732162544469087i-manual.mdmp
2018-06-20 23:50 - 2018-06-20 23:50 - 010015056 _____ (AVAST Software) C:\Users\Home\Downloads\avastclear.exe
2018-06-20 23:37 - 2018-06-20 23:37 - 000000000 ___SD C:\ComboFix
2018-06-20 23:31 - 2018-06-20 23:37 - 000000000 ____D C:\Qoobox
2018-06-20 23:31 - 2018-06-20 23:31 - 000000000 ____D C:\Windows\erdnt
2018-06-20 23:29 - 2018-06-20 23:37 - 000000000 ___SD C:\32788R22FWJFW
2018-06-20 16:22 - 2018-06-20 16:22 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\3422B2DB.sys
2018-06-20 01:05 - 2018-06-20 01:06 - 043077751 _____ C:\Users\Home\Downloads\[Alan_Chapman]_Advanced_Magick_for_Beginners
 
(b-ok.xyz).pdf
2018-06-19 19:13 - 2018-06-19 19:13 - 000138714 _____ C:\Users\Home\Downloads\RelativeVolume (2).zip
2018-06-18 18:55 - 2018-06-18 18:55 - 001681077 _____ C:\Users\Home\Downloads\[Ophiel]
 
_Art_and_Practice_of_Getting_Material_Thin(b-ok.xyz).pdf
2018-06-18 18:45 - 2018-06-18 18:45 - 000207405 _____ C:\Users\Home\Downloads\[Huston_Charlie]
 
_The_Mystic_Arts_of_Erasing_All_Si(b-ok.xyz).fb2
2018-06-18 15:44 - 2018-06-18 15:44 - 014386648 _____ C:\Users\Home\Downloads\2013-breakthrough-strategies-for-predicting-
 
any-market-charting-elliott-wave-lucas-fibonacci-gann-and-time-for-profitmarked.pdf
2018-06-18 15:39 - 2018-06-18 15:39 - 006530027 _____ C:\Users\Home\Downloads
 
\A_Complete_Guide_to_Technical_Trading_Tactics___How_to_Profit_Using_Pivot_Points__Candlesticks.pdf
2018-06-18 15:31 - 2018-06-18 15:31 - 040068881 _____ C:\Users\Home\Downloads\Breakthrough Strategies for Predicting a - 
 
Jeff Greenblatt.pdf
2018-06-17 19:54 - 2018-06-17 19:54 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\1143D6AC.sys
2018-06-17 19:47 - 2018-06-20 16:26 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-06-16 16:18 - 2018-07-14 18:50 - 000003250 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2018-06-16 15:04 - 2018-06-16 15:04 - 000025876 _____ C:\Users\Home\Downloads\ncatFibonacciConfluence.zip
2018-06-16 01:35 - 2018-06-16 01:35 - 000028716 _____ C:\Users\Home\Downloads\MasterfibonacciV33-e.rar
2018-06-14 01:10 - 2018-06-14 01:11 - 037877416 _____ (Tweaking.com) C:\Users\Home\Downloads
 
\tweaking.com_windows_repair_aio_setup.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-14 19:21 - 2016-06-02 13:39 - 190873580 _____ C:\Windows\system32\Drivers\whitelist2.sa
2018-07-14 19:19 - 2018-06-10 12:11 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-07-14 19:19 - 2017-12-11 15:02 - 005102654 _____ C:\Windows\ntbtlog.txt
2018-07-14 19:16 - 2017-07-06 14:45 - 000000000 ____D C:\Users\Home\AppData\Local\Free Download Manager
2018-07-14 18:39 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-
 
1.C7483456-A289-439d-8115-601632D005A0
2018-07-14 18:39 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-
 
0.C7483456-A289-439d-8115-601632D005A0
2018-07-14 18:36 - 2009-07-14 13:13 - 000917584 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-14 18:36 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\inf
2018-07-14 18:27 - 2009-07-14 13:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-14 17:23 - 2016-01-12 02:54 - 000909706 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-07-14 16:40 - 2016-11-29 16:12 - 000000000 ____D C:\Users\Home\AppData\LocalLow\Mozilla
2018-07-14 15:44 - 2016-06-05 18:03 - 000000000 ____D C:\ProgramData\ProductData
2018-07-14 14:35 - 2016-12-27 20:13 - 000000000 ____D C:\Temp
2018-07-13 17:29 - 2016-01-12 04:24 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-13 17:28 - 2016-01-12 04:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 
 
DC.lnk
2018-07-13 16:59 - 2016-11-23 13:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-07-12 10:41 - 2016-03-12 18:31 - 000409520 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-12 10:40 - 2016-06-10 20:19 - 000000000 ____D C:\Program Files (x86)\AnVir Task Manager Free
2018-07-12 10:36 - 2016-01-11 22:58 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-12 10:35 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-07-12 03:12 - 2016-01-11 22:50 - 000000000 ____D C:\Windows\system32\MRT
2018-07-12 03:03 - 2016-01-11 22:50 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-07-11 22:22 - 2016-03-31 22:15 - 000000000 ____D C:\Users\Home\AppData\Roaming\.oit
2018-07-11 00:50 - 2016-01-12 04:30 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-11 00:50 - 2016-01-12 04:30 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-11 00:50 - 2016-01-12 04:30 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-10 23:50 - 2018-03-13 18:50 - 000004458 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-09 14:05 - 2017-01-20 15:07 - 000000222 _____ C:\Windows\SysWOW64\_WKERNEL.SYL
2018-07-09 14:02 - 2016-11-05 03:28 - 000000000 ____D C:\Users\Public\Documents\PT Photo Editor
2018-07-07 15:30 - 2016-03-14 00:28 - 000000000 ____D C:\XP
2018-07-06 23:51 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\system32\NDF
2018-07-05 22:09 - 2016-04-18 16:51 - 000000000 ____D C:\Newnew4
2018-07-05 17:35 - 2016-04-20 15:06 - 000000000 ____D C:\Movies
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\TypeData445.lt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\RemoteReach2.dta
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\mockdata.db
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\funnel2db.arc
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\ffile2_.dat
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\dat6_.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\type2.fnt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\productcode.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\kernalcode.gtd
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Windows\system32\tdt.dds
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Users\Home\AppData\Local\dat51_.dat
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\ProgramData\takesys.dat
2018-07-04 16:59 - 2016-01-12 04:23 - 000000000 ____D C:\Users\Home\AppData\Local\Adobe
2018-07-04 16:55 - 2017-09-23 18:21 - 000000000 ____D C:\Users\Home\Documents\NinjaTrader 7
2018-07-04 16:51 - 2016-12-29 22:19 - 000000000 ____D C:\Users\Home\AppData\Roaming\SharkIndicators
2018-07-01 19:01 - 2016-03-09 01:51 - 000109208 _____ C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-30 19:34 - 2017-07-19 21:54 - 000000000 ____D C:\Program Files\WinSysClean X7 PRO
2018-06-30 19:31 - 2017-07-19 23:50 - 000000000 ____D C:\Program Files (x86)\Wise
2018-06-28 20:43 - 2016-03-31 21:39 - 000000000 ____D C:\Users\Home\Documents\My Digital Editions
2018-06-27 03:53 - 2016-01-12 00:09 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-27 03:53 - 2016-01-12 00:09 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-23 22:01 - 2018-06-11 19:02 - 000000000 ____D C:\New Futures.io downloads
2018-06-22 13:53 - 2018-06-10 12:15 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-06-21 19:50 - 2018-06-11 17:15 - 000000000 ____D C:\Security
2018-06-21 17:21 - 2016-03-08 22:24 - 000000000 ____D C:\ProgramData\AVAST Software
2018-06-19 19:46 - 2016-04-13 19:02 - 000000000 ____D C:\NEW
2018-06-17 19:54 - 2016-04-02 22:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-16 21:08 - 2016-06-05 18:03 - 000000000 ____D C:\Users\Home\AppData\Roaming\IObit
2018-06-16 20:28 - 2016-01-10 14:16 - 000000000 ____D C:\Users\Home
2018-06-16 20:25 - 2016-11-26 01:20 - 000000000 ____D C:\Temp2
2018-06-16 17:34 - 2017-03-15 00:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2018-06-16 17:34 - 2017-03-15 00:32 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2018-06-16 17:13 - 2016-12-22 23:48 - 000000000 ____D C:\Users\Home\AppData\Roaming\ebook_convert
2018-06-16 17:13 - 2016-12-22 23:48 - 000000000 ____D C:\Users\Home\AppData\Roaming\.Ultimate
2018-06-16 17:07 - 2016-12-26 21:06 - 000000000 ____D C:\Program Files (x86)\DoYourData
2018-06-16 16:43 - 2017-09-27 15:50 - 000000000 ____D C:\Users\Home\AppData\Roaming\fxgen
2018-06-16 16:37 - 2016-07-26 02:02 - 000000000 ____D C:\ProgramData\Avira
2018-06-16 16:28 - 2016-03-23 16:15 - 000000000 ____D C:\Users\Home\AppData\Local\Citrix
2018-06-16 16:25 - 2017-07-17 19:33 - 000000000 ____D C:\Program Files (x86)\GoToMeeting
2018-06-16 16:19 - 2018-01-20 23:28 - 000002268 _____ C:\Users\Public\Desktop\Driver Booster 5.lnk
2018-06-16 16:19 - 2016-06-05 18:03 - 000000000 ____D C:\ProgramData\IObit
2018-06-15 13:22 - 2016-01-10 14:16 - 000000000 ____D C:\Users\Home\AppData\Local\VirtualStore
2018-06-14 21:23 - 2017-10-18 13:02 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-14 11:40 - 2018-06-10 19:00 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-06-14 11:38 - 2018-06-10 18:58 - 000000864 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-06-14 11:38 - 2018-06-10 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-06-14 11:38 - 2018-06-10 18:58 - 000000000 ____D C:\Program Files\RogueKiller
 
==================== Files in the root of some directories =======
 
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\ProgramData\enginesys.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\ProgramData\takesys.dat
2017-02-03 21:18 - 2017-02-16 19:21 - 000001728 _____ () C:\Users\Home\AppData\Roaming\.starmoon_kst.cfg
2016-12-16 19:35 - 2017-10-04 15:34 - 000000126 _____ () C:\Users\Home\AppData\Roaming\default.rss
2017-07-04 20:59 - 2017-07-04 21:00 - 000000010 _____ () C:\Users\Home\AppData\Roaming\pdfdrawcodec.dll
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\Users\Home\AppData\Local\dat48_.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\Users\Home\AppData\Local\dat51_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\dat6_.xml
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\ffile2_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\funnel2db.arc
2008-02-05 13:28 - 2008-02-05 13:28 - 000000051 _____ () C:\Users\Home\AppData\Local\setup.txt
2017-12-08 19:08 - 2017-12-30 21:05 - 000005780 _____ () C:\Users\Home\AppData\Local\supFix.dtt
 
Some files in TEMP:
====================
2016-05-15 18:42 - 2016-05-15 18:42 - 003064176 _____ (AnVir Software) C:\Users\Home\AppData\Local\Temp\anvir.exe
2018-06-13 18:50 - 2018-06-13 18:50 - 000625816 ____T (Auslogics) C:\Users\Home\AppData\Local\Temp
 
\boost_speed_stub_installer.exe
2018-06-13 21:27 - 2017-09-13 23:31 - 001732864 _____ (Microsoft Corporation) C:\Users\Home\AppData\Local\Temp
 
\dllnt_dump.dll
2018-06-13 18:50 - 2018-06-13 18:50 - 000384664 ____T (Auslogics) C:\Users\Home\AppData\Local\Temp
 
\driver_updater_stub_installer.exe
2018-06-27 21:19 - 2018-06-27 21:19 - 000012800 _____ () C:\Users\Home\AppData\Local\Temp\rrlb0owb.dll
2018-06-13 18:50 - 2018-06-13 18:50 - 001292400 ____T (Novnify) C:\Users\Home\AppData\Local\Temp\StopAd Installer.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-01-08 04:09
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Home (14-07-2018 19:25:25)
Running from C:\Users\Home\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-10 06:16:41)
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2713607381-13602913-39778406-500 - Administrator - Disabled)
Guest (S-1-5-21-2713607381-13602913-39778406-501 - Limited - Disabled)
Home (S-1-5-21-2713607381-13602913-39778406-1000 - Administrator - Enabled) => C:\Users\Home
HomeGroupUser$ (S-1-5-21-2713607381-13602913-39778406-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be 
 
uninstalled manually.)
 
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Absolute Uninstaller 5.3.1.21 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.21 - Glarysoft Ltd)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems 
 
Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.7 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden
BurnAware Premium 11.0 GAOTD (HKLM-x32\...\BurnAware Premium_is1) (Version:  - Burnaware)
calibre 64bit (HKLM\...\{0224350E-9A3E-4932-8FC8-5D0590F1AF8A}) (Version: 2.55.0 - Kovid Goyal)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
DocX Reader 2.0 (HKLM-x32\...\DocX Reader 2.0) (Version:  - )
DolbyFiles (HKLM-x32\...\{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}) (Version: 0.1 - Nero AG) Hidden
Download Accelerator Manager (HKLM-x32\...\Download Accelerator Manager) (Version: 5.2.5 - )
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.2.0 - IObit)
Duplicate Photo Finder Plus 7.0 (HKLM-x32\...\Duplicate Photo Finder Plus_is1) (Version:  - TriSun Software Limited)
EditPad Lite 7.4.1 (HKLM\...\EditPad Lite) (Version: 7.4.1 - Just Great Software)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.8.1129 - Epubor Inc.)
EpuborVitalSourceDownloader 1.0.6 (only current user) (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\0d87c151-55a2-
 
503a-ba5c-83eaa9103f25) (Version: 1.0.6 - epubor)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron Technology) 
 
Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron 
 
Technology)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fibozachi Elite Trader Package (www.forex-warez.com) version 7.31 (HKLM-x32\...\Fibozachi Elite Trader Package (www.forex-
 
warez.com)_is1) (Version: 7.31 - [email protected])
Filedrop version 1.1.5 (HKLM-x32\...\{3A309583-1B4A-4C90-85EA-124EB8DB331A}_is1) (Version: 1.1.5 - Filedrop)
Forex EA Generator 6.x (HKLM-x32\...\Forex EA Generator 6.x_is1) (Version:  - )
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: 5.1.34.6924 - 
 
FreeDownloadManager.ORG)
FXDD - MetaTrader (HKLM-x32\...\FXDD - MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
GoldenZone BarCloseMarker (HKLM-x32\...\{7B8F38FE-8CDF-4B26-A119-5388CAFEE98E}) (Version: 36.9.260.16 - GoldenZone Trading)
GoldenZone FullRangeBar (HKLM-x32\...\{3CE11A64-02C5-4B95-B0C0-C0CF94A82883}) (Version: 36.6.260.16 - GoldenZone Trading)
GoldenZone Leaders and Laggers (HKLM-x32\...\{40C302EF-A5A4-4EC3-A513-A0E2D441E93D}) (Version: 36.5.50.16 - GoldenZone 
 
Trading)
GoldenZone RolloversGuide (HKLM-x32\...\{991F9121-83AE-4309-8E54-95924F756A03}) (Version: 36.6.260.16 - GoldenZone Trading)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.26.5283 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
IDTA Indicators (HKLM-x32\...\IDTA Indicators 2.1.4) (Version: 2.1.4 - The International Day Trading Academy)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Inpaint 7.1 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version:  - Teorex)
Installer (HKLM-x32\...\{9F563251-4B7B-4449-B8D5-B3EC520EE837}) (Version: 1.233.6717.19680 - SharkIndicators) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel 
 
Corporation)
Intel® Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel 
 
Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel 
 
Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.4.0.8 - IObit)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Lucky Days 2.3 (HKLM-x32\...\{3EAC2150-F274-4568-A03C-F52E549589EB}_is1) (Version:  - www.luckydays.tv)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft 
 
Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-
 
48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - 
 
Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - 
 
Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 
 
9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 
 
9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 
 
9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) 
 
(Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 
 
10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 
 
10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 
 
11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 
 
12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 
 
12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 
 
12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 
 
12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) 
 
(Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) 
 
(Version: 14.13.26020.0 - Microsoft Corporation)
MicroTrends DoubleShot Foundation 7.2018.03.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{EFDE0166-797F-
 
4CDF-82C2-4F5CAA827B28}) (Version: 7.2018.03.20 - MicroTrends)
MicroTrends NinjaTrader Framework 7 7.0.1.68 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{6B84A934-9323-4998
 
-B4AC-22D2B0905215}) (Version: 7.0.1.68 - MicroTrends)
MicroTrends Ultimate 7 Pro ATS 7.2018.3.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{E20EB602-68D1-4EA6-
 
860A-48535E867650}) (Version: 7.2018.3.20 - MicroTrends)
Mozilla Firefox 60.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.2 (x64 en-US)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 en-US)) (Version: 52.9.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft 
 
Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft 
 
Corporation)
MultiView Inpaint 1.2 (HKLM\...\{8188F7D9-812D-417D-B502-BE0D34ABFD81}_is1) (Version:  - Teorex)
Nero 9 Essentials (HKLM-x32\...\{61e0bd34-02fb-46f2-97c9-5813e346768c}) (Version:  - Nero AG)
NinjaTrader 7 (HKLM-x32\...\{94A2EF87-0F5B-4DC8-98DE-FD569674C05F}) (Version: 7.0.1037 - NinjaTrader)
NinjaTrader 8 (HKLM-x32\...\{2DAF98A0-9C96-4362-8AEB-5C548C01351E}) (Version: 8.0.13.1 - NinjaTrader, LLC)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
pCloud Drive (HKLM-x32\...\{5824F8F8-E59E-42CB-98FA-B1F329A58BB9}) (Version: 3.5.7 - pCloud AG) Hidden
PDFdu PDF Password Remover version 2.3 (HKLM-x32\...\{4412D3E1-E5ED-4EEA-B631-427FB9F31F48}_is1) (Version: 2.3 - PDFdu.com)
PhotoScissors 4.0 (HKLM\...\{664FCCAE-8187-4EC5-B191-758C040C999C}_is1) (Version:  - teorex)
PT Photo Editor - Pro Edition 3.7 (HKLM\...\{5C65692A-A64B-4B54-8E1E-429A56979DB0}_is1) (Version: 3.7 - PHOTO-TOOLBOX.COM)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek 
 
Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 
 
- Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) 
 
(Version: 2.0.20.0 - Renesas Electronics Corporation)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RogueKiller version 12.12.21.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.21.0 - Adlice Software)
ScanMyReg 3.0 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-A9D60D18D757}_is1) (Version:  - YL Computing, Inc)
Security Task Manager 2.1k (HKLM-x32\...\Security Task Manager) (Version: 2.1k - Neuber Software)
SharkIndicators Software (HKLM-x32\...\Installer 1.233.6717.19680) (Version: 1.233.6717.19680 - SharkIndicators)
Sketch Drawer 4.2 (HKLM-x32\...\Sketch Drawer_is1) (Version: 4.2 - SoftOrbits)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
StartEd Lite (HKLM-x32\...\StartEd Lite) (Version: 5.60 - Outertech)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1258 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TOM Products version 3.7.0.1 (HKLM-x32\...\{BDD96956-F4E4-4498-B82A-C9E143C3ACA3}_is1) (Version: 3.7.0.1 - TheOilMoney)
TopDogTrading Indicators (HKLM-x32\...\{7A8B0366-82AB-4711-A99C-66E32B62CBAF}) (Version: 1.00.0000 - TopDogTrading)
Trading123AutoTraderV5j (HKLM-x32\...\{2BBB7785-61E5-4FD1-807E-9046FEC6AA63}) (Version: 1.0.5.10 - Trading123.Net)
UltraSearch V2.1.2 (64 bit) (HKLM\...\UltraSearch_is1) (Version: 2.1.2 - JAM Software)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_
 
{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Video to GIF 5.3 (HKLM-x32\...\Video to GIF) (Version: 5.3 - AoaoPhoto Digital Studio.)
WinPDFEditor V3.4 (HKLM-x32\...\WinPDFEditor_is1) (Version:  - hxxp://www.WinPDFEditor.com)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinSysClean X7 PRO (HKLM\...\{1A4E6757-4428-4422-80A3-9B5D28B1AD43}) (Version: 17.20 - Ultimate Systems, Inc.) Hidden
WinSysClean X7 PRO (HKLM-x32\...\WinSysClean X7 PRO) (Version: 17.20 - Ultimate Systems, Inc.)
WinUtilities Professional Edition 13.23 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043009}_is1) (Version: 13.23 - YL 
 
Computing, Inc)
WowTron PDF Restriction Remover (HKLM-x32\...\{7D68F994-CCD6-4C09-8127-E3E1A0333DA0}) (Version: 1.1.1 - WowTron Software Co. 
 
Ltd.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
CustomCLSID: HKU\S-1-5-21-2713607381-13602913-39778406-1000_Classes\CLSID\{F09690BD-582D-4439-B6ED-
 
5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [    pCloudINPROGRESS] -> {D8BFAFBD-B670-4252-9C17-9CF1C64C2BAF} => C:\Program Files 
 
(x86)\pCloud Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudINSYNC] -> {8D0C0582-552A-4A6B-9455-DA63E1F329C0} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudNOSYNC] -> {3858ED1B-8F1C-42ED-A8A9-FDBF591E3C6B} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {CB7E9D62-75C5-4121-BBD4-C6DF0AD8C262} => C:\Windows
 
\system32\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {CB7E9D62-75C5-4121-BBD4-C6DF0AD8C262} => C:\Windows
 
\system32\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Security\7-Zip\7-zip.dll [2018-04-30] (Igor 
 
Pavlov)
ContextMenuHandlers1: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll 
 
[2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 
 
9\Nero CoverDesigner\CoverEdExtension.dll [2009-10-15] (Nero AG)
ContextMenuHandlers1-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1-x32: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers1-x32: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit 
 
Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers1-x32: [SAScanShlExt] -> {94243EC1-AEE5-4d44-A6CF-6407ED967FED} => C:\Program Files\SecureAge\AntiVirus
 
\SAScanCtx.dll [2017-10-17] (SecureAge Technology)
ContextMenuHandlers1-x32: [SATrustCtxMenuExt] -> {E748C929-2F5A-475d-AB81-0632B725425C} =>  -> No File
ContextMenuHandlers1-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows
 
\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll 
 
[2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR
 
\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware
 
\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Security\7-Zip\7-zip.dll [2018-04-30] (Igor 
 
Pavlov)
ContextMenuHandlers4: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll 
 
[2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit 
 
Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-10-08] 
 
(Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Security\7-Zip\7-zip.dll [2018-04-30] (Igor 
 
Pavlov)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit 
 
Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware
 
\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [SAScanShlExt] -> {94243EC1-AEE5-4d44-A6CF-6407ED967FED} => C:\Program Files\SecureAge\AntiVirus
 
\SAScanCtx.dll [2017-10-17] (SecureAge Technology)
ContextMenuHandlers6: [SATrustCtxMenuExt] -> {E748C929-2F5A-475d-AB81-0632B725425C} =>  -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows
 
\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll 
 
[2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll 
 
[2017-08-11] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
Task: {0A39D710-ED40-41DA-AE01-9A7EDD149DD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google
 
\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {1A160C0D-87F6-406B-BAEE-1DC99C55D7B0} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program 
 
Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {1C906D8C-89DC-4569-BD1C-52E30CFB919E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google
 
\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {2797DECE-4DB4-4663-85F6-38093DB6480A} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 
 
5\Initialize.exe
Task: {2CEFA448-F019-4939-829F-AD682569DB18} - \FreeDownloadManagerNetworkMonitor -> No File <==== ATTENTION
Task: {303E9C82-51CF-475C-B2AE-94E2C34F3D1A} - System32\Tasks\WinSysCleanUAC => C:\Program Files\WinSysClean X7 PRO
 
\WinSysClean.exe [2015-11-12] (Ultimate Systems, SRL)
Task: {376EA01D-8C90-442E-B726-EE162F7E3492} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software
 
\Avast Cleanup\TUNEUpdate.exe
Task: {38D86C7F-FBBE-477D-AF4C-DC7DC5F61065} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2713607381-13602913-
 
39778406-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe
Task: {3D92964E-8641-4995-AC35-96D4FD794603} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common 
 
Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {3F9D01E6-E71D-4FEB-A7D1-9FA224420603} - System32\Tasks\{58C71681-469A-4115-AEFB-A802B144C489} => C:\Windows
 
\system32\pcalua.exe -a C:\Users\Home\Downloads\startuplite-setup-1.07.exe -d C:\Users\Home\Downloads
Task: {5B81B046-0304-410C-9814-2DDE8C821681} - System32\Tasks\{8B9D165C-4439-4062-A97E-B3A5E82D3863} => C:\Windows
 
\system32\pcalua.exe -a "C:\Program Files (x86)\DoYourData\DoYourData Uninstaller\DoYourData Uninstaller.exe" -d "C:\Program 
 
Files (x86)\DoYourData\DoYourData Uninstaller"
Task: {5F19CC23-DCF2-4FA5-901F-F3120DF99857} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit
 
\Driver Booster\5.2.0\Scheduler.exe [2017-12-11] (IObit)
Task: {6B5CE91C-079C-4CD4-BFE1-468927BD81C2} - System32\Tasks\{C8711FB9-019D-4C47-838B-F12CC1688B8F} => C:\Program Files 
 
(x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {7360257D-DC15-41CD-8018-4500BA372DC1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software
 
\Avast\AvEmUpdate.exe
Task: {748C92AF-9BBD-49AB-B264-03D53C7ADCCD} - System32\Tasks\Driver Booster SkipUAC (Home) => C:\Program Files (x86)\IObit
 
\Driver Booster\5.2.0\DriverBooster.exe [2018-01-11] (IObit)
Task: {799B9794-46ED-4EC7-850A-4CF405578D83} - System32\Tasks\{1ED0BF14-3668-4D2F-A138-6736505F4125} => C:\Windows
 
\system32\pcalua.exe -a C:\Users\Home\Downloads\0008-32bit_Win7_Win8_Win81_Win10_R281.exe -d C:\Users\Home\Downloads
Task: {7A0F7913-AA56-4B18-A7DF-A1A2268C3B89} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast 
 
Software\Overseer\overseer.exe
Task: {8C4E924F-91C5-4C09-A345-A54B084AF143} - System32\Tasks\Kerish Doctor => C:\Program Files (x86)\Kerish Doctor
 
\KerishDoctor.exe
Task: {8D8AA493-22D2-4E40-A919-BA976371C1C8} - System32\Tasks\{C6F6B540-D3E0-42FC-9AC5-AA01D6242EA2} => C:\Windows
 
\system32\pcalua.exe -a C:\Users\Home\Downloads\InfinityATSetup.exe -d C:\Users\Home\Downloads
Task: {ADF1FDAD-D7F8-461D-8B32-9B7EE15C03C7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows
 
\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe
Task: {B0C7E356-1F24-4531-A628-6E47F545994D} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware 
 
Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {B37ACB3C-BA1A-4627-9F9F-3DEA763FA5AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed
 
\Flash\FlashPlayerUpdateService.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {CB884459-DA3A-4C13-AE18-17E988200584} - System32\Tasks\{70246310-F5CD-4ED0-8288-48C3617AA540} => C:\Windows
 
\system32\pcalua.exe -a C:\Users\Home\Downloads\setup1000.32.exe -d C:\Users\Home\Downloads
Task: {E92CDCDA-CF02-45E4-8806-78514BEF718B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files
 
\Common Files\AV\avast! Antivirus\backup.exe
Task: {EE7A4FEB-9E17-4400-B1FA-E1F313272337} - System32\Tasks\{CEBE9F60-2E2E-4BF0-AEAE-325E6ADDDF40} => C:\Program Files 
 
(x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {F03B2B28-03E5-418A-9206-93E4B862CB69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows
 
\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-10] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not 
 
be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash
 
\FlashUtil32_30_0_0_113_pepper.exe
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Home\Downloads\AdwCleaner.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 38d80c74-dc6b-4170-8f26-ec3cb9765d82.job => C:\Security\SAS
 
\SASTask.exe C:\Security\SAS\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9c9e56e1-19a1-4b5c-8e24-af95c4bf47e2.job => C:\Security\SAS
 
\SASTask.exe C:\Security\SAS\SUPERAntiSpyware.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 
 
7\MicroTrends Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT 
 
Blog.lnk -> hxxp://blog.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT 
 
Forum.lnk -> hxxp://forum.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Help 
 
Desk.lnk -> hxxp://microtrends.zendesk.com
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Squawk 
 
Box.lnk -> hxxp://downloads.microtrends.co/squawkbox/install.ht
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MicroTrends 
 
Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MT Help 
 
Desk.lnk -> hxxp://microtrends.zendesk.com
 
ShortcutWithArgument: C:\Users\Home\Desktop\Online File Converter.lnk -> C:\Program Files (x86)\Office-Converter.com
 
\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3G2.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-3G2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3GP.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-3GP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 7z.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-7Z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AAC.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-AAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AC3.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-AC3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AIFF.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-AIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AVI.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-AVI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AZW3.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-AZW3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to BMP.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-BMP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPS.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-EPS
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPUB.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-ePub
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Excel.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-Xls
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FB2.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-FB2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLAC.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-FLAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Flash.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-Flash
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLV.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-FLV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to GIF.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-GIF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Html.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-HTML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to iPhone.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-iPhone
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to JPG.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-JPG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to LRF.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-LRF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to M4A.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-M4A
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MKV.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-MKV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MOBI.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-MOBI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Mov.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-MOV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP2.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-MP2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP3.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-MP3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP4.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-MP4
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ODF.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OGG.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-OGG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OpenOffice.lnk -> 
 
C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-ODT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDB.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-PDB
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDF.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-PDF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PhotoShop.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-PSD
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PNG.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-PNG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PowerPoint.lnk -> 
 
C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-PPT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to RM.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-RM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Rtf.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.bz2.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-Tar-bz2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.gz.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-Tar-gz
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.z.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-Tar-z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TCR.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-TCR
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TIFF.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-TIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Txt.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-TXT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W1V.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-M1V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W2V.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-M2V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WAV.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-WAV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WebM.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-WebM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMA.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-WMA
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMV.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-WMV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Word.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-Doc
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xbox 360.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-Xbox360
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xml.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-XML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to YouTube.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-YouTube
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ZIP.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-
 
converter.com/Convert-to-ZIP
ShortcutWithArgument: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Online File Converter.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-06-10 12:10 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system.ini:c10_encryption_d [14]
AlternateDataStreams: C:\Windows\VIREG32.EXE:$CmdTcID [64]
AlternateDataStreams: C:\Windows\VIXUNIN.EXE:$CmdTcID [64]
AlternateDataStreams: C:\Windows\win.ini:c10_encryption_d [14]
AlternateDataStreams: C:\Windows\system32\ambakdrv.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ammntdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amwrtdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tbs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01009.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinUSBCoInstaller2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtpUS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\anim.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COMCTL32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gdiplus.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSINET.OCX:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msvcr70.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioEditor2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioFile2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioInformation2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioPlayer2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioRecord2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioTransform2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioVisualization2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTWMAFile2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tbs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\unicows.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\W95INF16.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\W95INF32.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wbhelp2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wbocx.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMEncEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmesrcwp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmex.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMexfmwp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMEXres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\aswTap.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\monitor.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\scrcamhrdrv_x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ScreamingBAudio64.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\tap0901.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\USBSTOR.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\winusb.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [135]
AlternateDataStreams: C:\ProgramData\Temp:84098FD3 [133]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sascansvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2018-07-14 18:29 - 000001314 _____ C:\Windows\system32\Drivers\etc\hosts
 
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft
 
\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 64.145.73.5 - 209.107.219.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) 
 
(ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E0F10DD9-5871-40A5-8C94-CBBBA5118DA0}] => (Allow) LPort=80
FirewallRules: [TCP Query User{26303190-3DA5-4505-82FE-FA4C8E64E6DB}C:\program files (x86)\ninjatrader 7\bin
 
\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [UDP Query User{0835F49C-2F7A-4578-8AF1-4C2FC1C6F50A}C:\program files (x86)\ninjatrader 7\bin
 
\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [{979902AF-DFE2-49CB-B3D3-22E0138C3E3C}] => (Allow) C:\Program Files (x86)\pCloud Drive\pCloud.exe
FirewallRules: [TCP Query User{3A0A0771-7500-48C2-B773-5D3D6ECC8544}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{6CC3C934-9C22-4507-859C-9D9B09B201A1}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [{2C44943A-6AC4-4E4E-98EA-6F552AC241E4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster
 
\5.2.0\DriverBooster.exe
FirewallRules: [{6F160512-3958-4BAA-89CB-8153F9B6522F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster
 
\5.2.0\DriverBooster.exe
FirewallRules: [{DBEA4B4C-E32F-4CF9-AF37-24A7A5B3447D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster
 
\5.2.0\DBDownloader.exe
FirewallRules: [{7EDC762C-5152-43D6-A729-8B0F9455EB0A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster
 
\5.2.0\DBDownloader.exe
FirewallRules: [{4BD9531E-E105-40C9-9C82-D1A1CE0FBCF7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster
 
\5.2.0\AutoUpdate.exe
FirewallRules: [{ED1FB322-39B3-4E79-94A4-F7B17AC2A0DD}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster
 
\5.2.0\AutoUpdate.exe
FirewallRules: [TCP Query User{66781602-1EEF-4160-A7F9-28A5422FDD62}C:\program files (x86)\ninjatrader 
 
8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{C2756435-D0AE-467C-9907-834F2AAE75B6}C:\program files (x86)\ninjatrader 
 
8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{8C300CD9-195C-4FB7-BA39-B2981DBAC6F4}C:\program files (x86)\ninjatrader 8\bin
 
\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [UDP Query User{240E47F2-B98E-4409-9433-A2753201F861}C:\program files (x86)\ninjatrader 8\bin
 
\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [{05F0B4ED-258F-433E-B5FC-C93A9A568964}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download 
 
Manager\fdm.exe
FirewallRules: [{E1800ABC-69E5-4668-A7F4-26E462199BA9}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download 
 
Manager\fdm.exe
FirewallRules: [{BB25DF2E-E071-4E74-89FE-EFF71BB46E05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FCF3E1A5-3B13-4082-ABF3-2CE340C9F017}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{76EEFDB5-90CB-494D-B277-1D699744AF9C}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{D3F505DC-CF8C-462A-8AB8-6D2E062CF20C}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [{5C618650-B412-47C0-84A2-FC32B61999E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application
 
\chrome.exe
FirewallRules: [TCP Query User{88049983-F4CE-4EB1-BBD2-4F0BAF0A9FA7}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) 
 
C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [UDP Query User{F82D738E-1254-4EEE-97EF-E09D70001824}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) 
 
C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [TCP Query User{11A84D1D-09E8-45A8-A01E-C075142339B3}C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
FirewallRules: [UDP Query User{A2C5E8EF-6E22-4E1F-9FD0-7B8A5988EEA8}C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
FirewallRules: [TCP Query User{B73487F2-5F08-4510-AE26-24A99CBDB915}C:\program files\freedownloadmanager.org\free download 
 
manager\fdm.exe] => (Block) C:\program files\freedownloadmanager.org\free download manager\fdm.exe
FirewallRules: [UDP Query User{138EA674-EDA4-4802-A6E9-087E90F7558A}C:\program files\freedownloadmanager.org\free download 
 
manager\fdm.exe] => (Block) C:\program files\freedownloadmanager.org\free download manager\fdm.exe
 
==================== Restore Points =========================
 
11-07-2018 03:00:19 Windows Update
11-07-2018 15:27:42 Windows Update
12-07-2018 03:00:41 Windows Update
14-07-2018 17:12:16 Windows Update
14-07-2018 17:51:31 Windows Update
14-07-2018 18:14:54 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow 
 
the instructions.
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/14/2018 07:18:43 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest 
 
or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/14/2018 07:18:43 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest 
 
or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/14/2018 07:18:43 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest 
 
or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/14/2018 07:18:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest 
 
or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/14/2018 07:18:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest 
 
or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/14/2018 07:15:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest 
 
or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/14/2018 07:15:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest 
 
or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/14/2018 07:15:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest 
 
or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
 
System errors:
=============
Error: (07/14/2018 07:18:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start 
 
because of the following error: 
The dependency service or group failed to start.
 
Error: (07/14/2018 07:18:54 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (07/14/2018 07:18:54 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (07/14/2018 07:18:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 21
 
Error: (07/14/2018 07:18:41 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (07/14/2018 07:18:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cbfs6
discache
HWiNFO32
MpFilter
SASDIFSV
SASKUTIL
spldr
Wanarpv6
 
Error: (07/14/2018 06:29:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Malwarebytes Service service failed to start due to the following error: 
A required privilege is not held by the client.
 
Error: (07/14/2018 06:27:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
 
 
Windows Defender:
===================================
Date: 2018-07-14 18:07:44.647
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{D6B9AEC8-141B-473F-8FF5-278818E80989}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
 
Date: 2016-04-02 23:42:03.466
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:SettingsModifier:Win32/PossibleHostsFileHijack
ID:14994
Severity:Medium
Category:Settings Modifier
Path Found:file:C:\Windows\System32\drivers\etc\hosts
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:
 
Date: 2016-04-02 23:09:53.846
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:SettingsModifier:Win32/PossibleHostsFileHijack
ID:14994
Severity:Medium
Category:Settings Modifier
Path Found:file:C:\Windows\System32\drivers\etc\hosts
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:
 
Date: 2016-04-02 22:59:48.877
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:SettingsModifier:Win32/PossibleHostsFileHijack
ID:14994
Severity:Medium
Category:Settings Modifier
Path Found:file:C:\Windows\System32\drivers\etc\hosts;process:pid:3512
Detection Type:Concrete
Detection Source:Real-Time Protection
Status:Unknown
Process Name:
 
Date: 2018-07-07 00:35:04.759
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.271.442.0
Previous Signature Version:1.269.1961.0
Update Source:User
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:1.1.14901.4
Previous Engine Version:1.1.14901.4
Error code:0x80070666
Error description:Another version of this product is already installed. Installation of this version cannot continue. To 
 
configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2018-07-07 00:20:02.855
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.271.442.0
Previous Signature Version:1.269.1961.0
Update Source:User
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Error code:0x80070666
Error description:Another version of this product is already installed. Installation of this version cannot continue. To 
 
configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2018-07-07 00:20:02.854
Description: 
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Update Source:User
Error Code:0x80070666
Error description:Another version of this product is already installed. Installation of this version cannot continue. To 
 
configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2018-06-10 00:41:14.968
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of 
 
signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0
 
Date: 2018-06-10 00:41:14.610
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source:Signature Update Folder
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:
Previous Engine Version:
Error code:0x80070002
Error description:The system cannot find the file specified. 
 
CodeIntegrity:
===================================
 
Date: 2017-09-30 14:27:15.471
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Home\AppData\Local\Temp
 
\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have 
 
installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-09-30 14:27:15.376
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Home\AppData\Local\Temp
 
\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have 
 
installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-09-30 14:27:14.276
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home 
 
Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have 
 
installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-09-30 14:27:14.182
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home 
 
Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have 
 
installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-05-17 19:23:31.325
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Home\AppData\Local\Temp
 
\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have 
 
installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-05-17 19:23:31.257
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Home\AppData\Local\Temp
 
\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have 
 
installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-05-17 19:23:30.595
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home 
 
Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have 
 
installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-05-17 19:23:30.531
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home 
 
Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have 
 
installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 28%
Total physical RAM: 4012.97 MB
Available physical RAM: 2852.6 MB
Total Virtual: 8024.11 MB
Available Virtual: 6929.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:220.7 GB) (Free:10.17 GB) NTFS
Drive d: () (Fixed) (Total:244.96 GB) (Free:43.44 GB) NTFS
Drive e: () (CDROM) (Total:4.38 GB) (Free:0.01 GB) UDF
 
\\?\Volume{192deb17-b7e7-11e5-8856-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AACEA11C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=245 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220.7 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

Advertisements

#2
RKinner
Posted 14 July 2018 - 07:46 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Since it works in Safe Mode let's try to turn off as much as possible with msconfig:

 

Search for

msconfig

hit Enter

 

Go to Services tab and click on the box to hide Microsoft Services then uncheck
everything that remains.  Go to Startup tab and uncheck everything.  OK but don't reboot yet.

 

Search for

 

task scheduler

 

hit Enter

 

click on Task Scheduler Library then in the pane to the right, right click on each item and Disable.

 

Now Reboot into Regular mode

 

Do you still have the same problem?


  • 0

#3
MagickMage
Posted 15 July 2018 - 12:05 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

Thank you for your prompt reply RKinner. I did as you instructed, and closed the Microsoft services and unchecked everything else and also disabled all tasks in Task Scheduler.After that, I rebooted into Windows Regular mode, but unfortunately the problem remains. I still cannot open or run any .exe file and Firefox and Thunderbird email client will not open and run.


  • 0

#4
RKinner
Posted 15 July 2018 - 09:05 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Go into Control Panel, (View By: Large Icons), User Accounts, Change User Account Settings.  Slide it down to the bottom where it says Never Notify then OK and reboot into regular mode.  Any change?

 

If not: 

Go back into Safe Mode and

Go into Control Panel, (View By: Large Icons), User Accounts and Manage Another Account, Add a new User.  Create the new user with any name you want, make sure it has admin rights and a password then OK and reboot into regular mode but login as the new user you just created.  Any difference?

 

If not let's check your system files - probably have to do it in Safe Mode with or without Networking:

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).


sfc  /scannow

Copy the next two lines:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt
notepad %UserProfile%\desktop\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
 

 

If that doesn't help then:

 

We can try a fixlist.  Probably won't help but there are several programs running which are supposed to be safe but I don't see in the list of Installed programs plus I want to have FRST look at some registry values.

 

Download the attached fixlist.txt to the same location as FRST



Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.

 

 


  • 1

#5
MagickMage
Posted 16 July 2018 - 08:37 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Thank you again RKinner for your reply. As instructed, I went into Control Panel, User Accounts, Change User Account Settings.
I then slid it down to the very bottom where it says Never Notify.I then rebooted into Windows regular mode and tried my .exe 
files and as usual it couldn't start and run with the same error messages.
 
I then went back into Safe mode, and into Control Panel,User Accounts,and Manage Another Account,then to Add a new User and 
created a new Administrator with admin rights with a new password,and after that I rebooted into Regular mode and logged in as 
the new Administrator. Unfortunately,I still had the same issues as before. Couldn't run any executable file with the same 
error messages,including still unable to run or start my Thunderbird email client and Firefox browser.
 
Now I rebooted into Safe mode and went to Start, All Programs,Accessories and right clicked on Command Prompt and ran as 
 
Administrator, your commands
 
sfc  /scannow.
 
It gave the following output
Verification 100% complete.
Windows Resource Protection found corrupt files but was unable to fix some of them.
Details are included in the CBS log. Log windir\Logs\CBS\CBS.log.
 
I then copy and pasted your following command
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt
notepad %UserProfile%\desktop\junk.txt 
 
 
Here are the contents of junk txt
 
2018-07-16 15:49:08, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:08, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:09, Info                  CSI    0000000c [SR] Verify complete
2018-07-16 15:49:10, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:10, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:12, Info                  CSI    00000010 [SR] Verify complete
2018-07-16 15:49:14, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:14, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:16, Info                  CSI    00000014 [SR] Verify complete
2018-07-16 15:49:17, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:17, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:18, Info                  CSI    00000018 [SR] Verify complete
2018-07-16 15:49:20, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:20, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:22, Info                  CSI    0000001c [SR] Verify complete
2018-07-16 15:49:22, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:22, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:24, Info                  CSI    00000020 [SR] Verify complete
2018-07-16 15:49:25, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:25, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:27, Info                  CSI    00000024 [SR] Verify complete
2018-07-16 15:49:28, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:28, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:30, Info                  CSI    00000028 [SR] Verify complete
2018-07-16 15:49:31, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:31, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:33, Info                  CSI    0000002c [SR] Verify complete
2018-07-16 15:49:34, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:34, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:36, Info                  CSI    00000030 [SR] Verify complete
2018-07-16 15:49:37, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:37, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:39, Info                  CSI    00000034 [SR] Verify complete
2018-07-16 15:49:40, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:40, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:42, Info                  CSI    00000038 [SR] Verify complete
2018-07-16 15:49:43, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:43, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:44, Info                  CSI    0000003c [SR] Verify complete
2018-07-16 15:49:45, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:45, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:47, Info                  CSI    00000040 [SR] Verify complete
2018-07-16 15:49:48, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:48, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:49, Info                  CSI    00000044 [SR] Verify complete
2018-07-16 15:49:50, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:50, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:51, Info                  CSI    00000048 [SR] Verify complete
2018-07-16 15:49:52, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:52, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:53, Info                  CSI    0000004c [SR] Verify complete
2018-07-16 15:49:54, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:54, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:56, Info                  CSI    00000050 [SR] Verify complete
2018-07-16 15:49:57, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:57, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:01, Info                  CSI    00000054 [SR] Verify complete
2018-07-16 15:50:02, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:02, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:03, Info                  CSI    00000058 [SR] Verify complete
2018-07-16 15:50:04, Info                  CSI    00000059 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:04, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:07, Info                  CSI    0000005c [SR] Verify complete
2018-07-16 15:50:08, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:08, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:10, Info                  CSI    00000060 [SR] Verify complete
2018-07-16 15:50:10, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:10, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:13, Info                  CSI    00000064 [SR] Verify complete
2018-07-16 15:50:13, Info                  CSI    00000065 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:13, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:15, Info                  CSI    00000068 [SR] Verify complete
2018-07-16 15:50:15, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:15, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:18, Info                  CSI    0000006c [SR] Verify complete
2018-07-16 15:50:18, Info                  CSI    0000006d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:18, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:20, Info                  CSI    00000070 [SR] Verify complete
2018-07-16 15:50:21, Info                  CSI    00000071 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:21, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:22, Info                  CSI    00000074 [SR] Verify complete
2018-07-16 15:50:23, Info                  CSI    00000075 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:23, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:25, Info                  CSI    00000078 [SR] Verify complete
2018-07-16 15:50:26, Info                  CSI    00000079 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:26, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:31, Info                  CSI    0000007c [SR] Verify complete
2018-07-16 15:50:31, Info                  CSI    0000007d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:31, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:36, Info                  CSI    00000080 [SR] Verify complete
2018-07-16 15:50:36, Info                  CSI    00000081 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:36, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:39, Info                  CSI    00000084 [SR] Verify complete
2018-07-16 15:50:39, Info                  CSI    00000085 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:39, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:45, Info                  CSI    00000088 [SR] Verify complete
2018-07-16 15:50:45, Info                  CSI    00000089 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:45, Info                  CSI    0000008a [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:55, Info                  CSI    0000008e [SR] Verify complete
2018-07-16 15:50:56, Info                  CSI    0000008f [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:56, Info                  CSI    00000090 [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:02, Info                  CSI    00000094 [SR] Verify complete
2018-07-16 15:51:02, Info                  CSI    00000095 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:02, Info                  CSI    00000096 [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:07, Info                  CSI    00000099 [SR] Verify complete
2018-07-16 15:51:07, Info                  CSI    0000009a [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:07, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:13, Info                  CSI    0000009d [SR] Verify complete
2018-07-16 15:51:14, Info                  CSI    0000009e [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:14, Info                  CSI    0000009f [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:21, Info                  CSI    000000c1 [SR] Verify complete
2018-07-16 15:51:22, Info                  CSI    000000c2 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:22, Info                  CSI    000000c3 [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:29, Info                  CSI    000000c8 [SR] Verify complete
2018-07-16 15:51:29, Info                  CSI    000000c9 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:29, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:35, Info                  CSI    000000cc [SR] Verify complete
2018-07-16 15:51:36, Info                  CSI    000000cd [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:36, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:41, Info                  CSI    000000d0 [SR] Verify complete
2018-07-16 15:51:42, Info                  CSI    000000d1 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:42, Info                  CSI    000000d2 [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:47, Info                  CSI    000000d4 [SR] Verify complete
2018-07-16 15:51:47, Info                  CSI    000000d5 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:47, Info                  CSI    000000d6 [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:53, Info                  CSI    000000d8 [SR] Verify complete
2018-07-16 15:51:53, Info                  CSI    000000d9 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:53, Info                  CSI    000000da [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:59, Info                  CSI    000000dc [SR] Verify complete
2018-07-16 15:52:00, Info                  CSI    000000dd [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:00, Info                  CSI    000000de [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:08, Info                  CSI    000000e2 [SR] Verify complete
2018-07-16 15:52:08, Info                  CSI    000000e3 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:08, Info                  CSI    000000e4 [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:16, Info                  CSI    00000105 [SR] Verify complete
2018-07-16 15:52:17, Info                  CSI    00000106 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:17, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:29, Info                  CSI    00000109 [SR] Verify complete
2018-07-16 15:52:29, Info                  CSI    0000010a [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:29, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:40, Info                  CSI    0000010d [SR] Verify complete
2018-07-16 15:52:40, Info                  CSI    0000010e [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:40, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:44, Info                  CSI    00000113 [SR] Verify complete
2018-07-16 15:52:44, Info                  CSI    00000114 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:44, Info                  CSI    00000115 [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:48, Info                  CSI    00000117 [SR] Verify complete
2018-07-16 15:52:48, Info                  CSI    00000118 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:48, Info                  CSI    00000119 [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:50, Info                  CSI    0000011b [SR] Verify complete
2018-07-16 15:52:51, Info                  CSI    0000011c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:51, Info                  CSI    0000011d [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:57, Info                  CSI    0000011f [SR] Verify complete
2018-07-16 15:52:57, Info                  CSI    00000120 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:57, Info                  CSI    00000121 [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:03, Info                  CSI    00000134 [SR] Verify complete
2018-07-16 15:53:03, Info                  CSI    00000135 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:03, Info                  CSI    00000136 [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:06, Info                  CSI    00000138 [SR] Verify complete
2018-07-16 15:53:07, Info                  CSI    00000139 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:07, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:12, Info                  CSI    0000013c [SR] Verify complete
2018-07-16 15:53:12, Info                  CSI    0000013d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:12, Info                  CSI    0000013e [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:16, Info                  CSI    00000140 [SR] Verify complete
2018-07-16 15:53:16, Info                  CSI    00000141 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:16, Info                  CSI    00000142 [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:25, Info                  CSI    00000145 [SR] Verify complete
2018-07-16 15:53:26, Info                  CSI    00000146 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:26, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:36, Info                  CSI    0000014a [SR] Verify complete
2018-07-16 15:53:36, Info                  CSI    0000014b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:36, Info                  CSI    0000014c [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:39, Info                  CSI    0000014e [SR] Verify complete
2018-07-16 15:53:39, Info                  CSI    0000014f [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:39, Info                  CSI    00000150 [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:42, Info                  CSI    00000152 [SR] Verify complete
2018-07-16 15:53:42, Info                  CSI    00000153 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:42, Info                  CSI    00000154 [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:52, Info                  CSI    00000156 [SR] Verify complete
2018-07-16 15:53:52, Info                  CSI    00000157 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:52, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2018-07-16 15:54:00, Info                  CSI    0000015a [SR] Verify complete
2018-07-16 15:54:00, Info                  CSI    0000015b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:54:00, Info                  CSI    0000015c [SR] Beginning Verify and Repair transaction
2018-07-16 15:54:06, Info                  CSI    0000015e [SR] Verify complete
2018-07-16 15:54:06, Info                  CSI    0000015f [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:54:06, Info                  CSI    00000160 [SR] Beginning Verify and Repair transaction
2018-07-16 15:54:19, Info                  CSI    00000178 [SR] Verify complete
2018-07-16 15:54:20, Info                  CSI    00000179 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:54:20, Info                  CSI    0000017a [SR] Beginning Verify and Repair transaction
2018-07-16 15:54:25, Info                  CSI    0000017c [SR] Verify complete
2018-07-16 15:54:25, Info                  CSI    0000017d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:54:25, Info                  CSI    0000017e [SR] Beginning Verify and Repair transaction
2018-07-16 15:54:42, Info                  CSI    00000180 [SR] Verify complete
2018-07-16 15:54:42, Info                  CSI    00000181 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:54:42, Info                  CSI    00000182 [SR] Beginning Verify and Repair transaction
2018-07-16 15:54:49, Info                  CSI    00000185 [SR] Verify complete
2018-07-16 15:54:50, Info                  CSI    00000186 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:54:50, Info                  CSI    00000187 [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:02, Info                  CSI    00000189 [SR] Verify complete
2018-07-16 15:55:02, Info                  CSI    0000018a [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:02, Info                  CSI    0000018b [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:11, Info                  CSI    0000018d [SR] Verify complete
2018-07-16 15:55:11, Info                  CSI    0000018e [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:11, Info                  CSI    0000018f [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:18, Info                  CSI    00000191 [SR] Verify complete
2018-07-16 15:55:18, Info                  CSI    00000192 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:18, Info                  CSI    00000193 [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:24, Info                  CSI    00000195 [SR] Verify complete
2018-07-16 15:55:25, Info                  CSI    00000196 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:25, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:30, Info                  CSI    0000019b [SR] Verify complete
2018-07-16 15:55:30, Info                  CSI    0000019c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:30, Info                  CSI    0000019d [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:36, Info                  CSI    0000019f [SR] Verify complete
2018-07-16 15:55:37, Info                  CSI    000001a0 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:37, Info                  CSI    000001a1 [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:42, Info                  CSI    000001a3 [SR] Cannot repair member file [l:34{17}]"windeploy.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:42, Info                  CSI    000001a5 [SR] Cannot repair member file [l:32{16}]"WinLGDep.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:42, Info                  CSI    000001a7 [SR] Cannot repair member file [l:26{13}]"audit.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:42, Info                  CSI    000001a9 [SR] Cannot repair member file [l:26{13}]"setup.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:43, Info                  CSI    000001ab [SR] Cannot repair member file [l:32{16}]"W32UIRes.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:43, Info                  CSI    000001ad [SR] Cannot repair member file [l:30{15}]"oobeldr.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001af [SR] Cannot repair member file [l:34{17}]"windeploy.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001b0 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 15:55:45, Info                  CSI    000001b2 [SR] Cannot repair member file [l:32{16}]"WinLGDep.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001b3 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 15:55:45, Info                  CSI    000001b5 [SR] Cannot repair member file [l:26{13}]"audit.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001b6 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 15:55:45, Info                  CSI    000001b8 [SR] Cannot repair member file [l:26{13}]"setup.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001b9 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 15:55:45, Info                  CSI    000001bb [SR] Cannot repair member file [l:32{16}]"W32UIRes.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001bc [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 15:55:45, Info                  CSI    000001be [SR] Cannot repair member file [l:30{15}]"oobeldr.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001bf [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 15:55:45, Info                  CSI    000001c2 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:34{17}]"windeploy.exe.mui"; source file in store is also corrupted
2018-07-16 15:55:45, Info                  CSI    000001c5 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:32{16}]"WinLGDep.dll.mui"; source file in store is also corrupted
2018-07-16 15:55:45, Info                  CSI    000001c8 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:26{13}]"audit.exe.mui"; source file in store is also corrupted
2018-07-16 15:55:45, Info                  CSI    000001cb [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:26{13}]"setup.exe.mui"; source file in store is also corrupted
2018-07-16 15:55:45, Info                  CSI    000001ce [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:32{16}]"W32UIRes.dll.mui"; source file in store is also corrupted
2018-07-16 15:55:45, Info                  CSI    000001d1 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:30{15}]"oobeldr.exe.mui"; source file in store is also corrupted
2018-07-16 15:55:51, Info                  CSI    000001d3 [SR] Verify complete
2018-07-16 15:55:52, Info                  CSI    000001d4 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:52, Info                  CSI    000001d5 [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:57, Info                  CSI    000001d7 [SR] Cannot repair member file [l:24{12}]"spwizimg.dll" of 
 
Microsoft-Windows-Setup-Navigation-Wizard-Framework, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture 
 
neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral 
 
in the store, hash mismatch
2018-07-16 15:55:59, Info                  CSI    000001d9 [SR] Cannot repair member file [l:24{12}]"spwizimg.dll" of 
 
Microsoft-Windows-Setup-Navigation-Wizard-Framework, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture 
 
neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral 
 
in the store, hash mismatch
2018-07-16 15:55:59, Info                  CSI    000001da [SR] This component was referenced by [l:202{101}]"Microsoft-
 
Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2018-07-16 15:55:59, Info                  CSI    000001dd [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??
 
\C:\Windows\System32"\[l:24{12}]"spwizimg.dll"; source file in store is also corrupted
2018-07-16 15:56:01, Info                  CSI    000001e0 [SR] Verify complete
2018-07-16 15:56:01, Info                  CSI    000001e1 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:01, Info                  CSI    000001e2 [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:08, Info                  CSI    000001e5 [SR] Verify complete
2018-07-16 15:56:08, Info                  CSI    000001e6 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:08, Info                  CSI    000001e7 [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:14, Info                  CSI    000001e9 [SR] Cannot repair member file [l:24{12}]"W32UIRes.dll" of 
 
Microsoft-Windows-Setup-Component, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, 
 
VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the 
 
store, hash mismatch
2018-07-16 15:56:14, Info                  CSI    000001eb [SR] Cannot repair member file [l:24{12}]"W32UIRes.dll" of 
 
Microsoft-Windows-Setup-Component, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, 
 
VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the 
 
store, hash mismatch
2018-07-16 15:56:14, Info                  CSI    000001ec [SR] This component was referenced by [l:202{101}]"Microsoft-
 
Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2018-07-16 15:56:14, Info                  CSI    000001ef [SR] Could not reproject corrupted file [ml:520{260},l:56{28}]"\??
 
\C:\Windows\System32\oobe"\[l:24{12}]"W32UIRes.dll"; source file in store is also corrupted
2018-07-16 15:56:15, Info                  CSI    000001f1 [SR] Verify complete
2018-07-16 15:56:16, Info                  CSI    000001f2 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:16, Info                  CSI    000001f3 [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:26, Info                  CSI    000001f6 [SR] Verify complete
2018-07-16 15:56:26, Info                  CSI    000001f7 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:26, Info                  CSI    000001f8 [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:33, Info                  CSI    000001fa [SR] Verify complete
2018-07-16 15:56:34, Info                  CSI    000001fb [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:34, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:39, Info                  CSI    000001fe [SR] Verify complete
2018-07-16 15:56:40, Info                  CSI    000001ff [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:40, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:48, Info                  CSI    00000202 [SR] Verify complete
2018-07-16 15:56:48, Info                  CSI    00000203 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:48, Info                  CSI    00000204 [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:56, Info                  CSI    00000207 [SR] Verify complete
2018-07-16 15:56:57, Info                  CSI    00000208 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:57, Info                  CSI    00000209 [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:04, Info                  CSI    0000020c [SR] Verify complete
2018-07-16 15:57:04, Info                  CSI    0000020d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:04, Info                  CSI    0000020e [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:09, Info                  CSI    00000210 [SR] Verify complete
2018-07-16 15:57:10, Info                  CSI    00000211 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:10, Info                  CSI    00000212 [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:16, Info                  CSI    00000215 [SR] Verify complete
2018-07-16 15:57:16, Info                  CSI    00000216 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:16, Info                  CSI    00000217 [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:23, Info                  CSI    0000021a [SR] Verify complete
2018-07-16 15:57:24, Info                  CSI    0000021b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:24, Info                  CSI    0000021c [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:30, Info                  CSI    0000021f [SR] Verify complete
2018-07-16 15:57:31, Info                  CSI    00000220 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:31, Info                  CSI    00000221 [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:39, Info                  CSI    00000223 [SR] Verify complete
2018-07-16 15:57:40, Info                  CSI    00000224 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:40, Info                  CSI    00000225 [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:48, Info                  CSI    00000228 [SR] Verify complete
2018-07-16 15:57:48, Info                  CSI    00000229 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:48, Info                  CSI    0000022a [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:52, Info                  CSI    0000022c [SR] Verify complete
2018-07-16 15:57:52, Info                  CSI    0000022d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:52, Info                  CSI    0000022e [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:55, Info                  CSI    00000230 [SR] Verify complete
2018-07-16 15:57:55, Info                  CSI    00000231 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:55, Info                  CSI    00000232 [SR] Beginning Verify and Repair transaction
2018-07-16 15:58:01, Info                  CSI    00000234 [SR] Verify complete
2018-07-16 15:58:01, Info                  CSI    00000235 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:58:01, Info                  CSI    00000236 [SR] Beginning Verify and Repair transaction
2018-07-16 15:58:07, Info                  CSI    00000238 [SR] Verify complete
2018-07-16 15:58:08, Info                  CSI    00000239 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:58:08, Info                  CSI    0000023a [SR] Beginning Verify and Repair transaction
2018-07-16 15:58:15, Info                  CSI    0000023c [SR] Verify complete
2018-07-16 15:58:15, Info                  CSI    0000023d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:58:15, Info                  CSI    0000023e [SR] Beginning Verify and Repair transaction
2018-07-16 15:58:19, Info                  CSI    00000240 [SR] Verify complete
2018-07-16 15:58:19, Info                  CSI    00000241 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:58:19, Info                  CSI    00000242 [SR] Beginning Verify and Repair transaction
2018-07-16 15:58:27, Info                  CSI    00000244 [SR] Verify complete
2018-07-16 15:58:27, Info                  CSI    00000245 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:58:27, Info                  CSI    00000246 [SR] Beginning Verify and Repair transaction
2018-07-16 15:58:45, Info                  CSI    00000248 [SR] Verify complete
2018-07-16 15:58:45, Info                  CSI    00000249 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:58:45, Info                  CSI    0000024a [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:08, Info                  CSI    0000024c [SR] Verify complete
2018-07-16 15:59:08, Info                  CSI    0000024d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:08, Info                  CSI    0000024e [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:20, Info                  CSI    00000250 [SR] Verify complete
2018-07-16 15:59:20, Info                  CSI    00000251 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:20, Info                  CSI    00000252 [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:27, Info                  CSI    00000254 [SR] Verify complete
2018-07-16 15:59:27, Info                  CSI    00000255 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:27, Info                  CSI    00000256 [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:30, Info                  CSI    00000258 [SR] Verify complete
2018-07-16 15:59:30, Info                  CSI    00000259 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:30, Info                  CSI    0000025a [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:38, Info                  CSI    0000025c [SR] Verify complete
2018-07-16 15:59:38, Info                  CSI    0000025d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:38, Info                  CSI    0000025e [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:44, Info                  CSI    00000260 [SR] Verify complete
2018-07-16 15:59:44, Info                  CSI    00000261 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:44, Info                  CSI    00000262 [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:46, Info                  CSI    00000264 [SR] Verify complete
2018-07-16 15:59:47, Info                  CSI    00000265 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:47, Info                  CSI    00000266 [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:48, Info                  CSI    00000268 [SR] Verify complete
2018-07-16 15:59:48, Info                  CSI    00000269 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:48, Info                  CSI    0000026a [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:53, Info                  CSI    00000272 [SR] Verify complete
2018-07-16 15:59:54, Info                  CSI    00000273 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:54, Info                  CSI    00000274 [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:00, Info                  CSI    00000276 [SR] Verify complete
2018-07-16 16:00:00, Info                  CSI    00000277 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:00, Info                  CSI    00000278 [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:04, Info                  CSI    0000027a [SR] Verify complete
2018-07-16 16:00:05, Info                  CSI    0000027b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:05, Info                  CSI    0000027c [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:09, Info                  CSI    0000027e [SR] Verify complete
2018-07-16 16:00:10, Info                  CSI    0000027f [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:10, Info                  CSI    00000280 [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:16, Info                  CSI    00000282 [SR] Verify complete
2018-07-16 16:00:16, Info                  CSI    00000283 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:16, Info                  CSI    00000284 [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:24, Info                  CSI    00000287 [SR] Verify complete
2018-07-16 16:00:25, Info                  CSI    00000288 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:25, Info                  CSI    00000289 [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:32, Info                  CSI    0000028b [SR] Verify complete
2018-07-16 16:00:32, Info                  CSI    0000028c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:32, Info                  CSI    0000028d [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:37, Info                  CSI    0000028f [SR] Verify complete
2018-07-16 16:00:38, Info                  CSI    00000290 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:38, Info                  CSI    00000291 [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:47, Info                  CSI    00000293 [SR] Verify complete
2018-07-16 16:00:47, Info                  CSI    00000294 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:47, Info                  CSI    00000295 [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:01, Info                  CSI    0000029a [SR] Verify complete
2018-07-16 16:01:02, Info                  CSI    0000029b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:02, Info                  CSI    0000029c [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:11, Info                  CSI    000002a1 [SR] Verify complete
2018-07-16 16:01:11, Info                  CSI    000002a2 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:11, Info                  CSI    000002a3 [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:19, Info                  CSI    000002a6 [SR] Verify complete
2018-07-16 16:01:19, Info                  CSI    000002a7 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:19, Info                  CSI    000002a8 [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:26, Info                  CSI    000002b5 [SR] Verify complete
2018-07-16 16:01:27, Info                  CSI    000002b6 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:27, Info                  CSI    000002b7 [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:36, Info                  CSI    000002bd [SR] Verify complete
2018-07-16 16:01:36, Info                  CSI    000002be [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:36, Info                  CSI    000002bf [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:43, Info                  CSI    000002c1 [SR] Verify complete
2018-07-16 16:01:43, Info                  CSI    000002c2 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:43, Info                  CSI    000002c3 [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:48, Info                  CSI    000002c7 [SR] Verify complete
2018-07-16 16:01:48, Info                  CSI    000002c8 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:48, Info                  CSI    000002c9 [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:57, Info                  CSI    000002cc [SR] Verify complete
2018-07-16 16:01:57, Info                  CSI    000002cd [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:57, Info                  CSI    000002ce [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:04, Info                  CSI    000002f2 [SR] Verify complete
2018-07-16 16:02:05, Info                  CSI    000002f3 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:05, Info                  CSI    000002f4 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:10, Info                  CSI    000002f6 [SR] Verify complete
2018-07-16 16:02:10, Info                  CSI    000002f7 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:10, Info                  CSI    000002f8 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:14, Info                  CSI    000002fa [SR] Verify complete
2018-07-16 16:02:15, Info                  CSI    000002fb [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:15, Info                  CSI    000002fc [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:20, Info                  CSI    000002fe [SR] Verify complete
2018-07-16 16:02:20, Info                  CSI    000002ff [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:20, Info                  CSI    00000300 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:28, Info                  CSI    0000030e [SR] Verify complete
2018-07-16 16:02:28, Info                  CSI    0000030f [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:28, Info                  CSI    00000310 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:38, Info                  CSI    00000312 [SR] Verify complete
2018-07-16 16:02:38, Info                  CSI    00000313 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:38, Info                  CSI    00000314 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:45, Info                  CSI    00000322 [SR] Verify complete
2018-07-16 16:02:45, Info                  CSI    00000323 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:45, Info                  CSI    00000324 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:48, Info                  CSI    00000326 [SR] Verify complete
2018-07-16 16:02:48, Info                  CSI    00000327 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:48, Info                  CSI    00000328 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:54, Info                  CSI    0000032a [SR] Verify complete
2018-07-16 16:02:54, Info                  CSI    0000032b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:54, Info                  CSI    0000032c [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:00, Info                  CSI    0000032f [SR] Verify complete
2018-07-16 16:03:00, Info                  CSI    00000330 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:00, Info                  CSI    00000331 [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:03, Info                  CSI    00000333 [SR] Verify complete
2018-07-16 16:03:03, Info                  CSI    00000334 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:03, Info                  CSI    00000335 [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:13, Info                  CSI    00000337 [SR] Verify complete
2018-07-16 16:03:13, Info                  CSI    00000338 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:13, Info                  CSI    00000339 [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:19, Info                  CSI    0000033b [SR] Verify complete
2018-07-16 16:03:19, Info                  CSI    0000033c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:19, Info                  CSI    0000033d [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:28, Info                  CSI    0000034c [SR] Verify complete
2018-07-16 16:03:28, Info                  CSI    0000034d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:28, Info                  CSI    0000034e [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:36, Info                  CSI    0000035b [SR] Verify complete
2018-07-16 16:03:36, Info                  CSI    0000035c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:36, Info                  CSI    0000035d [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:50, Info                  CSI    0000035f [SR] Cannot repair member file [l:30{15}]"notepad.exe.mui" of 
 
Microsoft-Windows-notepad.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-
 
US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in 
 
the store, hash mismatch
2018-07-16 16:03:50, Info                  CSI    00000361 [SR] Cannot repair member file [l:30{15}]"notepad.exe.mui" of 
 
Microsoft-Windows-notepad.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-
 
US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in 
 
the store, hash mismatch
2018-07-16 16:03:50, Info                  CSI    00000362 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:03:50, Info                  CSI    00000365 [SR] Could not reproject corrupted file [ml:60{30},l:58{29}]"\??
 
\C:\Windows\SysWOW64\en-US"\[l:30{15}]"notepad.exe.mui"; source file in store is also corrupted
2018-07-16 16:03:55, Info                  CSI    00000367 [SR] Verify complete
2018-07-16 16:03:56, Info                  CSI    00000368 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:56, Info                  CSI    00000369 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:00, Info                  CSI    0000036b [SR] Verify complete
2018-07-16 16:04:01, Info                  CSI    0000036c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:01, Info                  CSI    0000036d [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:05, Info                  CSI    0000036f [SR] Verify complete
2018-07-16 16:04:06, Info                  CSI    00000370 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:06, Info                  CSI    00000371 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:10, Info                  CSI    00000375 [SR] Verify complete
2018-07-16 16:04:10, Info                  CSI    00000376 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:10, Info                  CSI    00000377 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:14, Info                  CSI    00000379 [SR] Verify complete
2018-07-16 16:04:14, Info                  CSI    0000037a [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:14, Info                  CSI    0000037b [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:19, Info                  CSI    0000037d [SR] Verify complete
2018-07-16 16:04:20, Info                  CSI    0000037e [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:20, Info                  CSI    0000037f [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:24, Info                  CSI    00000381 [SR] Verify complete
2018-07-16 16:04:24, Info                  CSI    00000382 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:24, Info                  CSI    00000383 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:30, Info                  CSI    00000386 [SR] Verify complete
2018-07-16 16:04:31, Info                  CSI    00000387 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:31, Info                  CSI    00000388 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:36, Info                  CSI    0000038a [SR] Verify complete
2018-07-16 16:04:36, Info                  CSI    0000038b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:36, Info                  CSI    0000038c [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:41, Info                  CSI    0000038e [SR] Verify complete
2018-07-16 16:04:42, Info                  CSI    0000038f [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:42, Info                  CSI    00000390 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:47, Info                  CSI    00000392 [SR] Verify complete
2018-07-16 16:04:47, Info                  CSI    00000393 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:47, Info                  CSI    00000394 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:52, Info                  CSI    00000397 [SR] Verify complete
2018-07-16 16:04:52, Info                  CSI    00000398 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:52, Info                  CSI    00000399 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:58, Info                  CSI    0000039b [SR] Verify complete
2018-07-16 16:04:58, Info                  CSI    0000039c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:58, Info                  CSI    0000039d [SR] Beginning Verify and Repair transaction
2018-07-16 16:05:05, Info                  CSI    0000039f [SR] Verify complete
2018-07-16 16:05:05, Info                  CSI    000003a0 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:05:05, Info                  CSI    000003a1 [SR] Beginning Verify and Repair transaction
2018-07-16 16:05:11, Info                  CSI    000003a3 [SR] Verify complete
2018-07-16 16:05:11, Info                  CSI    000003a4 [SR] Verifying 71 (0x0000000000000047) components
2018-07-16 16:05:11, Info                  CSI    000003a5 [SR] Beginning Verify and Repair transaction
2018-07-16 16:05:14, Info                  CSI    000003a7 [SR] Verify complete
2018-07-16 16:05:14, Info                  CSI    000003a8 [SR] Repairing 4 components
2018-07-16 16:05:14, Info                  CSI    000003a9 [SR] Beginning Verify and Repair transaction
2018-07-16 16:05:14, Info                  CSI    000003ab [SR] Cannot repair member file [l:34{17}]"windeploy.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003ad [SR] Cannot repair member file [l:32{16}]"WinLGDep.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003af [SR] Cannot repair member file [l:26{13}]"audit.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003b1 [SR] Cannot repair member file [l:26{13}]"setup.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003b3 [SR] Cannot repair member file [l:32{16}]"W32UIRes.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003b5 [SR] Cannot repair member file [l:30{15}]"oobeldr.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003b7 [SR] Cannot repair member file [l:24{12}]"spwizimg.dll" of 
 
Microsoft-Windows-Setup-Navigation-Wizard-Framework, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture 
 
neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral 
 
in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003b9 [SR] Cannot repair member file [l:24{12}]"W32UIRes.dll" of 
 
Microsoft-Windows-Setup-Component, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, 
 
VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the 
 
store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003bb [SR] Cannot repair member file [l:30{15}]"notepad.exe.mui" of 
 
Microsoft-Windows-notepad.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-
 
US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in 
 
the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003bd [SR] Cannot repair member file [l:34{17}]"windeploy.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003be [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003c0 [SR] Cannot repair member file [l:32{16}]"WinLGDep.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003c1 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003c3 [SR] Cannot repair member file [l:26{13}]"audit.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003c4 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003c6 [SR] Cannot repair member file [l:26{13}]"setup.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003c7 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003c9 [SR] Cannot repair member file [l:32{16}]"W32UIRes.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003ca [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003cc [SR] Cannot repair member file [l:30{15}]"oobeldr.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003cd [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003d0 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:34{17}]"windeploy.exe.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003d3 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:32{16}]"WinLGDep.dll.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003d6 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:26{13}]"audit.exe.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003d9 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:26{13}]"setup.exe.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003dc [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:32{16}]"W32UIRes.dll.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003df [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:30{15}]"oobeldr.exe.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003e1 [SR] Cannot repair member file [l:24{12}]"spwizimg.dll" of 
 
Microsoft-Windows-Setup-Navigation-Wizard-Framework, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture 
 
neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral 
 
in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003e2 [SR] This component was referenced by [l:202{101}]"Microsoft-
 
Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2018-07-16 16:05:15, Info                  CSI    000003e5 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??
 
\C:\Windows\System32"\[l:24{12}]"spwizimg.dll"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003e7 [SR] Cannot repair member file [l:30{15}]"notepad.exe.mui" of 
 
Microsoft-Windows-notepad.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-
 
US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in 
 
the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003e8 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003eb [SR] Could not reproject corrupted file [ml:60{30},l:58{29}]"\??
 
\C:\Windows\SysWOW64\en-US"\[l:30{15}]"notepad.exe.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003ed [SR] Cannot repair member file [l:24{12}]"W32UIRes.dll" of 
 
Microsoft-Windows-Setup-Component, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, 
 
VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the 
 
store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003ee [SR] This component was referenced by [l:202{101}]"Microsoft-
 
Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2018-07-16 16:05:16, Info                  CSI    000003f1 [SR] Could not reproject corrupted file [ml:520{260},l:56{28}]"\??
 
\C:\Windows\System32\oobe"\[l:24{12}]"W32UIRes.dll"; source file in store is also corrupted
2018-07-16 16:05:16, Info                  CSI    000003f3 [SR] Repair complete
2018-07-16 16:05:16, Info                  CSI    000003f4 [SR] Committing transaction
2018-07-16 16:05:16, Info                  CSI    000003f8 [SR] Verify and Repair Transaction completed. All files and 
 
registry keys listed in this transaction  have been successfully repaired
 
 
 
Next I tried the important fixlist that you supplied me.Downloaded it to where Farbar was and rebooted again to Safe mode. In 
 
Safe mode I ran FRST and with your fixlist I pressed on Fix.
A fix log was generated.Here is the fixlog
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Home (16-07-2018 18:15:09) Run:1
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home & HomeTester)
Boot Mode: Safe Mode (with Networking)
==============================================
 
fixlist content:
*****************
HKLM\...\Run: [Everything] => C:\Program Files\SecureAge\Everything\Everything.exe [2197608 2017-06-07] ()
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG
 
\Free Download Manager\fdm.exe [10150912 2018-02-22] (FreeDownloadManager.org)
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\Run: [Download Accelerator Manager] => C:\Program Files\Tensons\Download 
 
Accelerator Manager\DownloadAcceleratorManager.exe [1186304 2017-12-23] (Tensons Corporation)
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\Run: [SUPERAntiSpyware] => C:\Security\SAS\SUPERAntiSpyware.exe [8887216 
 
2018-03-23] (SUPERAntiSpyware)
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\MountPoints2: {455e97d5-b87a-11e5-bb01-1078d2df786a} - K:\LaunchU3.exe -a
HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\MountPoints2: {5fcbc350-8578-11e6-b9e6-1078d2df786a} - K:\Setup.exe /s
HKU\S-1-5-18\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe 
 
[10150912 2018-02-22] (FreeDownloadManager.org)
S3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [36792 2017-08-25] (The OpenVPN Project)
S3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [36792 2017-08-25] (The OpenVPN Project)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO: Tensons.Application.DownloadAcceleratorManager.BHO -> {00000003-1118-11da-8cd6-0800200c9888} -> C:\Windows
 
\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller
 
\UninstallExplorer.dll [2018-01-25] (IObit)
BHO-x32: Tensons.Application.DownloadAcceleratorManager.BHO -> {00000003-1118-11da-8cd6-0800200c9888} -> C:\Windows
 
\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
FF Extension: (download-helper) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-
 
1529575451185\Extensions\[email protected] [2018-06-21]
FF Extension: (Video DownloadHelper) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-
 
1529575451185\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-06-21]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Tensons\Download Accelerator Manager\DamFirefox\old
 
\ex3\dam.zip
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Tensons\Download Accelerator Manager\DamFirefox\old
 
\ex3\dam.zip 
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] 
 
(Microsoft Corporation) 
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2018-06-29]
CHR Extension: (Video DownloadHelper) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\lmjnegcaeklhafolokijcfjliaokphfk [2018-07-11]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-06-28]
CHR Extension: (Scribd Downloader Free) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\picjckiempkofneplcbdijedckiollfd [2017-01-20]
R2 !SASCORE; C:\Security\SAS\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
S2 Everything; C:\Program Files\SecureAge\Everything\Everything.exe [2197608 2017-06-07] ()
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit)
S2 SAEverythingServer; C:\Program Files\SecureAge\Everything\EverythingServer.exe [214000 2018-04-19] (SecureAge Technology)
R2 sascansvc; C:\Program Files\SecureAge\AntiVirus\sascansvc.exe [1127616 2018-05-25] (SecureAge Technology)
S2 SAUAVSvc; C:\Program Files\SecureAge\UniversalAV\UniversalAVService.exe [1284152 2018-05-25] (SecureAge Technology)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2017-03-29] (The OpenVPN Project)
S3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-06]
 
(IObit.com)
S3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [22416 2018-
 
01-11] (IObit.com)
S3 PCWinSoft; C:\Windows\System32\DRIVERS\scrcamhrdrv_x64.sys [241800 2017-01-16] (Windows ® Server 2003 DDK provider)
R0 SAAppCtl; C:\Windows\System32\DRIVERS\saappctl.sys [280520 2018-05-09] (SecureAge Technology)
R0 sascan; C:\Windows\System32\DRIVERS\sascan.sys [94112 2018-05-01] (SecureAge Technology)
S1 SASDIFSV; C:\Security\SAS\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Security\SAS\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [36792 2017-08-25] (The OpenVPN Project)
R3 vpnpbus; C:\Windows\System32\DRIVERS\vpnpbus.sys [18624 2016-09-09] (/n software, Inc.)
U1 aswbdisk; no ImagePath
S3 clwvd6; system32\DRIVERS\clwvd6.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ContextMenuHandlers1-x32: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers1-x32: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit 
Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers1-x32: [SAScanShlExt] -> {94243EC1-AEE5-4d44-A6CF-6407ED967FED} => C:\Program Files\SecureAge\AntiVirus
 
\SAScanCtx.dll [2017-10-17] (SecureAge Technology)
ContextMenuHandlers1-x32: [SATrustCtxMenuExt] -> {E748C929-2F5A-475d-AB81-0632B725425C} =>  -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit 
 
Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit 
 
Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit) 
ContextMenuHandlers6: [SAScanShlExt] -> {94243EC1-AEE5-4d44-A6CF-6407ED967FED} => C:\Program Files\SecureAge\AntiVirus
 
\SAScanCtx.dll [2017-10-17] (SecureAge Technology)
ContextMenuHandlers6: [SATrustCtxMenuExt] -> {E748C929-2F5A-475d-AB81-0632B725425C} =>  -> No File
ask: {2CEFA448-F019-4939-829F-AD682569DB18} - \FreeDownloadManagerNetworkMonitor -> No File <==== ATTENTION
Task: {303E9C82-51CF-475C-B2AE-94E2C34F3D1A} - System32\Tasks\WinSysCleanUAC => C:\Program Files\WinSysClean X7 PRO
 
\WinSysClean.exe [2015-11-12] (Ultimate Systems, SRL)
Task: {376EA01D-8C90-442E-B726-EE162F7E3492} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software
 
\Avast Cleanup\TUNEUpdate.exe
Task: {38D86C7F-FBBE-477D-AF4C-DC7DC5F61065} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2713607381-13602913-39778406
 
-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe
Task: {3F9D01E6-E71D-4FEB-A7D1-9FA224420603} - System32\Tasks\{58C71681-469A-4115-AEFB-A802B144C489} => C:\Windows
 
\system32\pcalua.exe -a C:\Users\Home\Downloads\startuplite-setup-1.07.exe -d C:\Users\Home\Downloads
Task: {5B81B046-0304-410C-9814-2DDE8C821681} - System32\Tasks\{8B9D165C-4439-4062-A97E-B3A5E82D3863} => C:\Windows
 
\system32\pcalua.exe -a "C:\Program Files (x86)\DoYourData\DoYourData Uninstaller\DoYourData Uninstaller.exe" -d "C:\Program 
 
Files (x86)\DoYourData\DoYourData Uninstaller"
Task: {5F19CC23-DCF2-4FA5-901F-F3120DF99857} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver 
 
Booster\5.2.0\Scheduler.exe [2017-12-11] (IObit)
Task: {748C92AF-9BBD-49AB-B264-03D53C7ADCCD} - System32\Tasks\Driver Booster SkipUAC (Home) => C:\Program Files (x86)\IObit
 
\Driver Booster\5.2.0\DriverBooster.exe [2018-01-11] (IObit)
Task: {799B9794-46ED-4EC7-850A-4CF405578D83} - System32\Tasks\{1ED0BF14-3668-4D2F-A138-6736505F4125} => C:\Windows
 
\system32\pcalua.exe -a C:\Users\Home\Downloads\0008-32bit_Win7_Win8_Win81_Win10_R281.exe -d C:\Users\Home\Downloads
Task: {7A0F7913-AA56-4B18-A7DF-A1A2268C3B89} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast 
 
Software\Overseer\overseer.exe
Task: {8C4E924F-91C5-4C09-A345-A54B084AF143} - System32\Tasks\Kerish Doctor => C:\Program Files (x86)\Kerish Doctor
 
\KerishDoctor.exe
Task: {8D8AA493-22D2-4E40-A919-BA976371C1C8} - System32\Tasks\{C6F6B540-D3E0-42FC-9AC5-AA01D6242EA2} => C:\Windows
 
\system32\pcalua.exe -a C:\Users\Home\Downloads\InfinityATSetup.exe -d C:\Users\Home\Downloads
Task: {CB884459-DA3A-4C13-AE18-17E988200584} - System32\Tasks\{70246310-F5CD-4ED0-8288-48C3617AA540} => C:\Windows
 
\system32\pcalua.exe -a C:\Users\Home\Downloads\setup1000.32.exe -d C:\Users\Home\Downloads
Task: {E92CDCDA-CF02-45E4-8806-78514BEF718B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common 
 
Files\AV\avast! Antivirus\backup.exe
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Home\Downloads\AdwCleaner.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 38d80c74-dc6b-4170-8f26-ec3cb9765d82.job => C:\Security\SAS\SASTask.exe 
 
C:\Security\SAS\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9c9e56e1-19a1-4b5c-8e24-af95c4bf47e2.job => C:\Security\SAS\SASTask.exe 
 
C:\Security\SAS\SUPERAntiSpyware.exe
AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system.ini:c10_encryption_d [14]
AlternateDataStreams: C:\Windows\VIREG32.EXE:$CmdTcID [64]
AlternateDataStreams: C:\Windows\VIXUNIN.EXE:$CmdTcID [64]
AlternateDataStreams: C:\Windows\win.ini:c10_encryption_d [14]
AlternateDataStreams: C:\Windows\system32\ambakdrv.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ammntdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amwrtdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tbs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01009.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinUSBCoInstaller2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtpUS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\anim.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COMCTL32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gdiplus.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSINET.OCX:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msvcr70.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioEditor2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioFile2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioInformation2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioPlayer2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioRecord2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioTransform2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTAudioVisualization2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\NCTWMAFile2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tbs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\unicows.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\W95INF16.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\W95INF32.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wbhelp2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wbocx.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMEncEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmesrcwp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmex.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMexfmwp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMEXres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\aswTap.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\monitor.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\scrcamhrdrv_x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ScreamingBAudio64.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\tap0901.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\USBSTOR.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\winusb.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [135]
AlternateDataStreams: C:\ProgramData\Temp:84098FD3 [133]
FirewallRules: [{2C44943A-6AC4-4E4E-98EA-6F552AC241E4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster
 
\5.2.0\DriverBooster.exe
FirewallRules: [{6F160512-3958-4BAA-89CB-8153F9B6522F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster
 
\5.2.0\DriverBooster.exe
FirewallRules: [{DBEA4B4C-E32F-4CF9-AF37-24A7A5B3447D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster
 
\5.2.0\DBDownloader.exe
FirewallRules: [{7EDC762C-5152-43D6-A729-8B0F9455EB0A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster
 
\5.2.0\DBDownloader.exe
FirewallRules: [{4BD9531E-E105-40C9-9C82-D1A1CE0FBCF7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster
 
\5.2.0\AutoUpdate.exe
FirewallRules: [{ED1FB322-39B3-4E79-94A4-F7B17AC2A0DD}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster
 
\5.2.0\AutoUpdate.exe 
REG: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system" /s
REG: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\system" /s
Hosts:
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
 
 
 
 
 
 
 
 
 
 
 
 
 
*****************
 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Everything" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetActiveDesktop" => removed successfully
"HKU\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Free Download Manager" => not 
 
found
"HKU\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Download Accelerator Manager" 
 
=> removed successfully
"HKU\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware" => removed 
 
successfully
"HKU\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableCMD" => 
 
removed successfully
"HKU\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings" 
 
=> removed successfully
"HKU\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
 
\NoSetActiveDesktop" => removed successfully
"HKU\S-1-5-21-2713607381-13602913-39778406-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K" => removed 
 
successfully
"HKU\S-1-5-21-2713607381-13602913-39778406-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{455e97d5-
 
b87a-11e5-bb01-1078d2df786a}" => removed successfully
HKLM\Software\Classes\CLSID\{455e97d5-b87a-11e5-bb01-1078d2df786a} => not found
"HKU\S-1-5-21-2713607381-13602913-39778406-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5fcbc350-
 
8578-11e6-b9e6-1078d2df786a}" => removed successfully
HKLM\Software\Classes\CLSID\{5fcbc350-8578-11e6-b9e6-1078d2df786a} => not found
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Free Download Manager" => removed successfully
"HKLM\System\CurrentControlSet\Services\tapprotonvpn" => removed successfully
tapprotonvpn => service removed successfully
tapprotonvpn => service not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000003-1118-11da-8cd6-0800200c9888}" => 
 
removed successfully
"HKLM\Software\Classes\CLSID\{00000003-1118-11da-8cd6-0800200c9888}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => 
 
removed successfully
"HKLM\Software\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000003-1118-11da-8cd6-
 
0800200c9888}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{00000003-1118-11da-8cd6-0800200c9888}" => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => not found
HKLM\Software\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => not found
C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185\Extensions\jid1-
 
[email protected] => moved successfully
C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185\Extensions\{b9db16a4-6edc-47ec-a1f4-
 
b86292ed211d}.xpi => moved successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
"HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0" => removed successfully
C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6" => removed successfully
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2018-06-29] => Error: No automatic fix found for this entry.
CHR Extension: (Video DownloadHelper) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\lmjnegcaeklhafolokijcfjliaokphfk [2018-07-11] => Error: No automatic fix found for this entry.
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-06-28] => Error: No automatic fix found for this entry.
CHR Extension: (Scribd Downloader Free) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\picjckiempkofneplcbdijedckiollfd [2017-01-20] => Error: No automatic fix found for this entry.
!SASCORE => Service stopped successfully.
"HKLM\System\CurrentControlSet\Services\!SASCORE" => removed successfully
!SASCORE => service removed successfully
"HKLM\System\CurrentControlSet\Services\Everything" => removed successfully
Everything => service removed successfully
"HKLM\System\CurrentControlSet\Services\IObitUnSvr" => removed successfully
IObitUnSvr => service removed successfully
"HKLM\System\CurrentControlSet\Services\SAEverythingServer" => removed successfully
SAEverythingServer => service removed successfully
sascansvc => Service stopped successfully.
"HKLM\System\CurrentControlSet\Services\sascansvc" => removed successfully
sascansvc => service removed successfully
"HKLM\System\CurrentControlSet\Services\SAUAVSvc" => removed successfully
SAUAVSvc => service removed successfully
"HKLM\System\CurrentControlSet\Services\aswTap" => removed successfully
aswTap => service removed successfully
"HKLM\System\CurrentControlSet\Services\IUFileFilter" => removed successfully
IUFileFilter => service removed successfully
"HKLM\System\CurrentControlSet\Services\IURegProcessFilter" => removed successfully
IURegProcessFilter => service removed successfully
"HKLM\System\CurrentControlSet\Services\PCWinSoft" => removed successfully
PCWinSoft => service removed successfully
SAAppCtl => Unable to stop service.
"HKLM\System\CurrentControlSet\Services\SAAppCtl" => removed successfully
SAAppCtl => service removed successfully
sascan => Service stopped successfully.
"HKLM\System\CurrentControlSet\Services\sascan" => removed successfully
sascan => service removed successfully
"HKLM\System\CurrentControlSet\Services\SASDIFSV" => removed successfully
SASDIFSV => service removed successfully
"HKLM\System\CurrentControlSet\Services\SASKUTIL" => removed successfully
SASKUTIL => service removed successfully
tapprotonvpn => service not found.
vpnpbus => Unable to stop service.
"HKLM\System\CurrentControlSet\Services\vpnpbus" => removed successfully
vpnpbus => service removed successfully
"HKLM\System\CurrentControlSet\Services\aswbdisk" => removed successfully
aswbdisk => service removed successfully
"HKLM\System\CurrentControlSet\Services\clwvd6" => removed successfully
clwvd6 => service removed successfully
"HKLM\System\CurrentControlSet\Services\Partizan" => removed successfully
Partizan => service removed successfully
"HKLM\System\CurrentControlSet\Services\ZAM" => removed successfully
ZAM => service removed successfully
"HKLM\System\CurrentControlSet\Services\ZAM_Guard" => removed successfully
ZAM_Guard => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid 
 
subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid 
 
subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid 
 
subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B19ED566-D419-470b-B111-3C89040BC027} => not found
Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit) => Error: No automatic fix found for this entry.
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu)" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SAScanShlExt" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{94243EC1-AEE5-4d44-A6CF-6407ED967FED} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SATrustCtxMenuExt" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{E748C929-2F5A-475d-AB81-0632B725425C} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler" => removed successfully
"HKLM\Software\Classes\CLSID\{B19ED566-D419-470b-B111-3C89040BC027}" => removed successfully
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler" => removed successfully
HKLM\Software\Classes\CLSID\{B19ED566-D419-470b-B111-3C89040BC027} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SAScanShlExt" => removed successfully
"HKLM\Software\Classes\CLSID\{94243EC1-AEE5-4d44-A6CF-6407ED967FED}" => removed successfully
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SATrustCtxMenuExt" => removed successfully
HKLM\Software\Classes\CLSID\{E748C929-2F5A-475d-AB81-0632B725425C} => not found
ask: {2CEFA448-F019-4939-829F-AD682569DB18} - \FreeDownloadManagerNetworkMonitor -> No File <==== ATTENTION => Error: No 
 
automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{303E9C82-51CF-475C-B2AE-94E2C34F3D1A}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{303E9C82-51CF-475C-B2AE-94E2C34F3D1A}" => removed 
 
successfully
C:\Windows\System32\Tasks\WinSysCleanUAC => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinSysCleanUAC" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{376EA01D-8C90-442E-B726-EE162F7E3492}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{376EA01D-8C90-442E-B726-EE162F7E3492}" => removed 
 
successfully
C:\Windows\System32\Tasks\Avast TUNEUP Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast TUNEUP Update" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38D86C7F-FBBE-477D-AF4C-DC7DC5F61065}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38D86C7F-FBBE-477D-AF4C-DC7DC5F61065}" => removed 
 
successfully
C:\Windows\System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2713607381-13602913-39778406-1000 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MEGA\MEGAsync Update Task S-1-5-21-2713607381-
 
13602913-39778406-1000" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F9D01E6-E71D-4FEB-A7D1-9FA224420603}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F9D01E6-E71D-4FEB-A7D1-9FA224420603}" => removed 
 
successfully
C:\Windows\System32\Tasks\{58C71681-469A-4115-AEFB-A802B144C489} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{58C71681-469A-4115-AEFB-A802B144C489}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B81B046-0304-410C-9814-2DDE8C821681}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B81B046-0304-410C-9814-2DDE8C821681}" => removed 
 
successfully
C:\Windows\System32\Tasks\{8B9D165C-4439-4062-A97E-B3A5E82D3863} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8B9D165C-4439-4062-A97E-B3A5E82D3863}" => removed 
 
successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F19CC23-DCF2-4FA5-901F-F3120DF99857} => not found
C:\Windows\System32\Tasks\Driver Booster Scheduler => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{748C92AF-9BBD-49AB-B264-03D53C7ADCCD} => not found
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Home) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Home)" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{799B9794-46ED-4EC7-850A-4CF405578D83}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{799B9794-46ED-4EC7-850A-4CF405578D83}" => removed 
 
successfully
C:\Windows\System32\Tasks\{1ED0BF14-3668-4D2F-A138-6736505F4125} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1ED0BF14-3668-4D2F-A138-6736505F4125}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{7A0F7913-AA56-4B18-A7DF-A1A2268C3B89}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A0F7913-AA56-4B18-A7DF-A1A2268C3B89}" => removed 
 
successfully
C:\Windows\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8C4E924F-91C5-4C09-A345-A54B084AF143}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C4E924F-91C5-4C09-A345-A54B084AF143}" => removed 
 
successfully
C:\Windows\System32\Tasks\Kerish Doctor => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Kerish Doctor" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D8AA493-22D2-4E40-A919-BA976371C1C8}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D8AA493-22D2-4E40-A919-BA976371C1C8}" => removed 
 
successfully
C:\Windows\System32\Tasks\{C6F6B540-D3E0-42FC-9AC5-AA01D6242EA2} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C6F6B540-D3E0-42FC-9AC5-AA01D6242EA2}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB884459-DA3A-4C13-AE18-17E988200584}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB884459-DA3A-4C13-AE18-17E988200584}" => removed 
 
successfully
C:\Windows\System32\Tasks\{70246310-F5CD-4ED0-8288-48C3617AA540} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{70246310-F5CD-4ED0-8288-48C3617AA540}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{E92CDCDA-CF02-45E4-8806-78514BEF718B}" => removed 
 
successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E92CDCDA-CF02-45E4-8806-78514BEF718B}" => removed 
 
successfully
C:\Windows\System32\Tasks\AVAST Software\Avast settings backup => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup" => removed 
 
successfully
C:\Windows\Tasks\AdwCleaner_onReboot.job => moved successfully
C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 38d80c74-dc6b-4170-8f26-ec3cb9765d82.job => moved successfully
C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9c9e56e1-19a1-4b5c-8e24-af95c4bf47e2.job => moved successfully
C:\Windows\avastSS.scr => ":$CmdTcID" ADS removed successfully
C:\Windows\system.ini => ":c10_encryption_d" ADS removed successfully
C:\Windows\VIREG32.EXE => ":$CmdTcID" ADS removed successfully
C:\Windows\VIXUNIN.EXE => ":$CmdTcID" ADS removed successfully
C:\Windows\win.ini => ":c10_encryption_d" ADS removed successfully
C:\Windows\system32\ambakdrv.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\ammntdrv.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\amwrtdrv.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\fveapi.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\fveapibase.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\InkEd.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\KBDAZE.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\kbdgeoqw.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\tbs.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WdfCoInstaller01009.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WinUSBCoInstaller2.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WpdMtp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WpdMtpUS.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\anim.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\COMCTL32.OCX => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\gdiplus.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\InkEd.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\KBDAZE.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\KBDAZEL.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\kbdgeoqw.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\mfds.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\MSINET.OCX => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\msvcr70.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\NCTAudioEditor2.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\NCTAudioFile2.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\NCTAudioInformation2.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\NCTAudioPlayer2.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\NCTAudioRecord2.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\NCTAudioTransform2.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\NCTAudioVisualization2.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\NCTWMAFile2.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\tbs.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\unicows.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\W95INF16.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\W95INF32.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\wbhelp2.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\wbocx.ocx => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WindowsCodecs.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WMEncEng.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\wmesrcwp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\wmex.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WMexfmwp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WMEXres.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\ws2_32.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\aswTap.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\monitor.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\scrcamhrdrv_x64.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\ScreamingBAudio64.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\tap0901.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\tcpipreg.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\USBSTOR.SYS => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\winusb.sys => ":$CmdTcID" ADS removed successfully
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully
C:\ProgramData\Temp => ":84098FD3" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C44943A-6AC4-4E4E-98EA-
 
6F552AC241E4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F160512-3958-4BAA-89CB-
 
8153F9B6522F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DBEA4B4C-E32F-4CF9-AF37-
 
24A7A5B3447D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7EDC762C-5152-43D6-A729-
 
8B0F9455EB0A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BD9531E-E105-40C9-9C82-
 
D1A1CE0FBCF7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ED1FB322-39B3-4E79-94A4-
 
F7B17AC2A0DD}" => removed successfully
 
========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system" /s =========
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
    ConsentPromptBehaviorAdmin    REG_DWORD    0x0
    ConsentPromptBehaviorUser    REG_DWORD    0x3
    EnableInstallerDetection    REG_DWORD    0x1
    EnableLUA    REG_DWORD    0x0
    EnableSecureUIAPaths    REG_DWORD    0x1
    EnableUIADesktopToggle    REG_DWORD    0x0
    EnableVirtualization    REG_DWORD    0x1
    PromptOnSecureDesktop    REG_DWORD    0x0
    ValidateAdminCodeSignatures    REG_DWORD    0x0
    dontdisplaylastusername    REG_DWORD    0x0
    legalnoticecaption    REG_SZ    
    legalnoticetext    REG_SZ    
    scforceoption    REG_DWORD    0x0
    shutdownwithoutlogon    REG_DWORD    0x1
    undockwithoutlogon    REG_DWORD    0x1
    FilterAdministratorToken    REG_DWORD    0x0
    SoftwareSASGeneration    REG_DWORD    0x1
    EnableLinkedConnections    REG_DWORD    0x1
    DisableTaskMgr    REG_DWORD    0x0
    DisableRegistryTools    REG_DWORD    0x0
    DisableCMD    REG_DWORD    0x0
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\Audit
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\UIPI
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\UIPI\Clipboard
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\UIPI\Clipboard\ExceptionFormats
    CF_TEXT    REG_DWORD    0x1
    CF_BITMAP    REG_DWORD    0x2
    CF_OEMTEXT    REG_DWORD    0x7
    CF_DIB    REG_DWORD    0x8
    CF_PALETTE    REG_DWORD    0x9
    CF_UNICODETEXT    REG_DWORD    0xd
    CF_DIBV5    REG_DWORD    0x11
 
 
 
========= End of Reg: =========
 
 
========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\system" /s =========
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\system
    ConsentPromptBehaviorAdmin    REG_DWORD    0x0
    ConsentPromptBehaviorUser    REG_DWORD    0x3
    EnableInstallerDetection    REG_DWORD    0x1
    EnableLUA    REG_DWORD    0x0
    EnableSecureUIAPaths    REG_DWORD    0x1
    EnableUIADesktopToggle    REG_DWORD    0x0
    EnableVirtualization    REG_DWORD    0x1
    PromptOnSecureDesktop    REG_DWORD    0x0
    ValidateAdminCodeSignatures    REG_DWORD    0x0
    dontdisplaylastusername    REG_DWORD    0x0
    legalnoticecaption    REG_SZ    
    legalnoticetext    REG_SZ    
    scforceoption    REG_DWORD    0x0
    shutdownwithoutlogon    REG_DWORD    0x1
    undockwithoutlogon    REG_DWORD    0x1
    FilterAdministratorToken    REG_DWORD    0x0
    SoftwareSASGeneration    REG_DWORD    0x1
    EnableLinkedConnections    REG_DWORD    0x1
    DisableTaskMgr    REG_DWORD    0x0
    DisableRegistryTools    REG_DWORD    0x0
    DisableCMD    REG_DWORD    0x0
 
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\system\Audit
 
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\system\UIPI
 
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\system\UIPI\Clipboard
 
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\system\UIPI\Clipboard\ExceptionFormats
    CF_TEXT    REG_DWORD    0x1
    CF_BITMAP    REG_DWORD    0x2
    CF_OEMTEXT    REG_DWORD    0x7
    CF_DIB    REG_DWORD    0x8
    CF_PALETTE    REG_DWORD    0x9
    CF_UNICODETEXT    REG_DWORD    0xd
    CF_DIBV5    REG_DWORD    0x11
 
 
 
========= End of Reg: =========
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 18:17:22 ====
 
 
And now you asked me to run FRST again as before and to post the logs
 
Here is the FRST.txt
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by Home (administrator) on HOME-PC (16-07-2018 18:47:45)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home & HomeTester)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...arbar-recovery-
 
scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be 
 
moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-
 
11-05] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 
 
2010-11-17] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] 
 
(Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 
 
/errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
SSODL: EldosMountNotificator-cbfs6 - {7CFD46AF-7E92-43EC-951E-0C6DA2E9F3B2} - C:\Windows\system32\cbfsMntNtf6.dll (/n 
 
software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {7CFD46AF-7E92-43EC-951E-0C6DA2E9F3B2} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (/n 
 
software, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.17.5.36 172.17.5.68
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [NameServer] 64.145.73.5,209.107.219.5
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [DhcpNameServer] 172.17.5.36 172.17.5.68
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2713607381-13602913-39778406-1000 -> {C4D576CF-D6A4-4EC3-8536-B0E5AEFF4ABE} URL = 
 
hxxps://sg.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll 
 
[2017-09-07] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin
 
\jp2ssv.dll [2017-09-07] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office
 
\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft 
 
Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
 
FireFox:
========
FF DefaultProfile: anbxvldd.default-1529575451185
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 [2018-07-16]
FF Homepage: Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 -> hxxps://www.google.com/
FF Extension: (Adblock Plus) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-
 
1529575451185\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-06-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-
 
07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-07] 
 
(Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe 
 
Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017
 
-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll 
 
[2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll 
 
[2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe 
 
Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-07-16]
CHR Extension: (Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2018-06-29]
CHR Extension: (Pixlr Editor) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\icmaknaampgiegkcjlimdiidlhopknpk [2016-09-11]
CHR Extension: (AliDropship) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\jlnhdnbbikjkdejminhdpmejldiapdgn [2018-06-13]
CHR Extension: (Video DownloadHelper) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\lmjnegcaeklhafolokijcfjliaokphfk [2018-07-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-06-28]
CHR Extension: (Scribd Downloader Free) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\picjckiempkofneplcbdijedckiollfd [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
S1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-09-09] (/n software, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2018-02-12] (Digiarty Software, Inc.)
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-11-19] (REALiX™)
S2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2017-05-16] (Highresolution Enterprises [www.highrez.co.uk])
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-06-10] (Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-06-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-16] (Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [47104 2016-05-20] ()
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7673200 2017-11-16] (Realtek Semiconductor Corporation )
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [420832 2018-01-20] (Realsil Semiconductor Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [54840 2017-12-20] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-07-31] (Spotflux, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-06-14] ()
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\AnVir Task Manager Free\OpenHardwareMonitor\OpenHardwareMonitorLib.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-16 18:47 - 2018-07-16 18:49 - 000011778 _____ C:\Users\Home\Desktop\FRST.txt
2018-07-16 18:15 - 2018-07-16 18:17 - 000044494 _____ C:\Users\Home\Desktop\Fixlog.txt
2018-07-16 18:14 - 2018-07-16 18:14 - 000000000 ____D C:\Users\Home\Desktop\FRST-OlderVersion
2018-07-16 17:25 - 2018-07-16 17:25 - 000109208 _____ C:\Users\HomeTester\AppData\Local\GDIPFONTCACHEV1.DAT
2018-07-16 17:25 - 2018-07-16 17:25 - 000000000 ____D C:\Users\HomeTester\AppData\Roaming\Intel Corporation
2018-07-16 17:23 - 2018-07-16 17:23 - 000001444 _____ C:\Users\HomeTester\AppData\Roaming\Microsoft\Windows\Start Menu
 
\Programs\Internet Explorer.lnk
2018-07-16 17:23 - 2018-07-16 17:23 - 000000000 ____D C:\Users\HomeTester\AppData\Roaming\IObit
2018-07-16 17:23 - 2018-07-16 17:23 - 000000000 ____D C:\Users\HomeTester\AppData\Roaming\Adobe
2018-07-16 17:23 - 2018-07-16 17:23 - 000000000 ____D C:\Users\HomeTester\AppData\Local\Google
2018-07-16 17:22 - 2018-07-16 17:22 - 000000020 ___SH C:\Users\HomeTester\ntuser.ini
2018-07-16 17:22 - 2018-07-16 17:22 - 000000000 ____D C:\Users\HomeTester
2018-07-16 17:22 - 2016-01-12 04:31 - 000000000 ____D C:\Users\HomeTester\AppData\Roaming\Macromedia
2018-07-16 17:22 - 2016-01-12 01:44 - 000000000 ____D C:\Users\HomeTester\AppData\Local\Microsoft Help
2018-07-16 17:22 - 2009-07-14 15:45 - 000000000 ____D C:\Users\HomeTester\AppData\Roaming\Media Center Programs
2018-07-16 16:12 - 2018-07-16 16:38 - 000068489 _____ C:\Users\Home\Desktop\junk.txt
2018-07-15 21:24 - 2018-07-15 21:24 - 006889184 _____ (Piriform Ltd) C:\Users\Home\Desktop\spsetup132.exe
2018-07-15 21:09 - 2018-07-15 21:10 - 038186512 _____ (Tweaking.com) C:\Users\Home\Desktop
 
\tweaking.com_windows_repair_aio_setup.exe
2018-07-15 00:40 - 2018-07-15 00:48 - 000000286 _____ C:\Windows\Tasks\AnVir Task Manager.job
2018-07-15 00:40 - 2018-07-15 00:41 - 000000000 ____D C:\Users\Home\AppData\Local\AnVir
2018-07-15 00:40 - 2018-07-15 00:40 - 000001148 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task 
 
Manager Free.lnk
2018-07-15 00:40 - 2018-07-15 00:40 - 000001124 _____ C:\Users\Home\Desktop\AnVir Task Manager Free.lnk
2018-07-15 00:40 - 2018-07-15 00:40 - 000000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
 
\AnVir Task Manager Free
2018-07-14 19:20 - 2018-07-16 18:47 - 000000000 ____D C:\FRST
2018-07-14 18:38 - 2018-07-16 18:14 - 002412544 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe
2018-07-14 18:01 - 2018-07-14 18:19 - 000002155 _____ C:\Windows\epplauncher.mif
2018-07-14 17:53 - 2018-07-14 18:19 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security 
 
Essentials.lnk
2018-07-14 17:53 - 2018-07-14 18:19 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-07-14 17:53 - 2018-07-14 18:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2018-07-14 17:27 - 2018-07-14 17:27 - 000054141 _____ C:\Users\Home\Downloads\turningpoints-edu (1).rar
2018-07-14 17:15 - 2018-07-14 17:18 - 004406704 _____ C:\Users\Home\Downloads\taskfree.exe
2018-07-14 14:57 - 2018-07-14 14:57 - 002412544 _____ (Farbar) C:\Users\Home\Downloads\FRST64.exe
2018-07-14 14:34 - 2018-07-14 14:34 - 000000000 ____D C:\Users\Home\Downloads\turningpoints-edu
2018-07-13 18:43 - 2018-07-13 18:44 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators (1).zip
2018-07-13 18:29 - 2018-07-13 18:29 - 000072963 _____ C:\Users\Home\Downloads\TPRenko.zip
2018-07-13 17:06 - 2018-07-13 17:06 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7 (1).pdf
2018-07-13 17:06 - 2018-07-13 17:06 - 000041388 _____ C:\Users\Home\Downloads\CoachingRoomTestimonialsV2.pdf
2018-07-13 17:04 - 2018-07-13 17:04 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7.pdf
2018-07-11 20:07 - 2018-07-11 20:08 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators.zip
2018-07-11 17:20 - 2018-06-14 00:23 - 000140992 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-11 17:20 - 2018-06-14 00:18 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-11 17:20 - 2018-06-08 21:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-11 17:19 - 2018-06-21 08:58 - 000398376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-07-11 17:19 - 2018-06-21 08:00 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-07-11 17:19 - 2018-06-17 00:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:46 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 17:19 - 2018-06-17 00:36 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-07-11 17:19 - 2018-06-17 00:33 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-07-11 17:19 - 2018-06-17 00:23 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-07-11 17:19 - 2018-06-17 00:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:19 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-07-11 17:19 - 2018-06-17 00:19 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-07-11 17:19 - 2018-06-17 00:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 17:19 - 2018-06-17 00:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-07-11 17:19 - 2018-06-17 00:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-07-11 17:19 - 2018-06-17 00:02 - 000077824 _____ (Microsoft Corporation) C:\Windows
 
\system32\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-17 00:01 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-07-11 17:19 - 2018-06-16 23:57 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-07-11 17:19 - 2018-06-16 23:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-07-11 17:19 - 2018-06-16 23:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-07-11 17:19 - 2018-06-16 23:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-07-11 17:19 - 2018-06-16 23:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-07-11 17:19 - 2018-06-16 23:42 - 000060416 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-16 23:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:39 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-07-11 17:19 - 2018-06-16 23:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-07-11 17:19 - 2018-06-16 23:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-07-11 17:19 - 2018-06-16 23:34 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-07-11 17:19 - 2018-06-16 23:32 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-11 17:19 - 2018-06-16 23:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-07-11 17:19 - 2018-06-16 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:28 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-07-11 17:19 - 2018-06-16 23:16 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-07-11 17:19 - 2018-06-16 23:05 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-07-11 17:19 - 2018-06-14 00:20 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-11 17:19 - 2018-06-14 00:19 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-13 23:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-11 17:19 - 2018-06-13 23:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-07-11 17:19 - 2018-06-09 00:22 - 001665344 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:02 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-07-11 17:19 - 2018-06-09 00:02 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-07-11 17:19 - 2018-06-08 23:57 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:44 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 17:19 - 2018-06-08 23:44 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-07-11 17:19 - 2018-06-08 23:44 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 17:19 - 2018-06-08 23:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-07-11 17:19 - 2018-06-08 23:33 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-07-11 17:19 - 2018-06-08 23:33 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-07-11 17:19 - 2018-06-08 23:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-07-11 17:19 - 2018-06-08 23:27 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-07-11 17:19 - 2018-06-08 23:21 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-07-11 17:19 - 2018-06-08 23:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 00:19 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:49 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-11 17:19 - 2018-06-07 23:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-07-11 17:19 - 2018-06-01 00:28 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-07-11 17:19 - 2018-06-01 00:28 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-07-11 17:19 - 2018-05-15 11:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-07-11 17:19 - 2018-05-15 11:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-07-11 17:19 - 2018-05-15 11:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-07-11 17:19 - 2018-05-15 11:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-07-11 17:19 - 2018-05-12 10:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-07-11 17:19 - 2018-05-12 05:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-07-11 17:19 - 2018-05-12 05:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 00:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-07-11 17:19 - 2018-04-25 23:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-07-11 17:19 - 2018-04-23 07:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-07-11 17:19 - 2018-04-19 00:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-07-11 17:19 - 2018-04-19 00:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-07-11 17:19 - 2018-04-18 23:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
2018-07-11 17:19 - 2018-04-18 23:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2018-07-11 17:19 - 2018-04-12 00:38 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-07-11 17:19 - 2018-04-12 00:36 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-07-11 17:19 - 2018-04-11 00:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-07-11 17:19 - 2018-04-11 00:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-07-11 17:19 - 2018-04-10 23:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-07-11 17:19 - 2018-04-08 00:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-07-11 17:19 - 2018-03-15 01:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-07-11 17:19 - 2018-03-15 01:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-07-11 17:19 - 2018-03-15 00:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-07-11 17:19 - 2018-03-10 02:18 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-07-11 17:19 - 2018-03-10 01:31 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-07-11 17:19 - 2018-03-07 02:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-07-11 17:19 - 2018-03-07 02:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-07-11 17:19 - 2018-02-22 11:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-07-11 17:19 - 2018-02-22 11:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-07-11 17:19 - 2018-02-11 02:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-07-11 17:19 - 2018-02-11 02:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 02:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 01:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-11 01:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-03 02:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-07-11 17:19 - 2018-02-03 02:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-07-11 17:19 - 2018-02-03 01:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-07-11 17:19 - 2018-02-03 01:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-07-11 17:19 - 2018-01-13 00:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-13 00:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-12 00:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-07-11 17:19 - 2018-01-12 00:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-07-11 17:19 - 2018-01-01 10:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-07-11 17:19 - 2018-01-01 10:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-07-11 17:19 - 2018-01-01 10:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-07-11 17:19 - 2018-01-01 10:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-07-11 17:19 - 2018-01-01 10:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 09:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 09:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-07-11 17:19 - 2018-01-01 09:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-07-11 17:19 - 2018-01-01 09:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2018-07-11 17:19 - 2018-01-01 09:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 09:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-07-11 17:19 - 2018-01-01 09:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-07-11 17:19 - 2017-12-06 01:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 00:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2018-07-11 17:19 - 2017-12-05 23:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-07-11 17:18 - 2018-06-17 01:07 - 025743872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-07-11 17:18 - 2018-06-17 00:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-07-11 17:18 - 2018-06-17 00:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-07-11 17:18 - 2018-06-17 00:27 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-07-11 17:18 - 2018-06-17 00:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-07-11 17:18 - 2018-06-17 00:20 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-07-11 17:18 - 2018-06-17 00:08 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-07-11 17:18 - 2018-06-17 00:05 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-07-11 17:18 - 2018-06-16 23:58 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-07-11 17:18 - 2018-06-16 23:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-07-11 17:18 - 2018-06-16 23:46 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-11 17:18 - 2018-06-16 23:44 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-07-11 17:18 - 2018-06-16 23:40 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-07-11 17:18 - 2018-06-16 23:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-07-11 17:18 - 2018-06-13 23:40 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-07-11 17:18 - 2018-06-09 00:27 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-11 17:18 - 2018-06-09 00:27 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-11 17:18 - 2018-06-09 00:27 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-07-11 17:18 - 2018-06-09 00:23 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-07-11 17:18 - 2018-06-09 00:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-11 17:18 - 2018-06-08 23:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 23:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 00:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-07-11 17:18 - 2018-06-01 00:28 - 001893568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-07-11 17:18 - 2018-05-30 21:05 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-07-11 17:18 - 2018-05-15 12:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-07-11 17:18 - 2018-05-15 11:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-07-11 17:18 - 2018-05-15 11:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-07-11 17:18 - 2018-05-15 11:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-07-11 17:18 - 2018-05-15 11:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-07-11 17:18 - 2018-05-12 05:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-07-11 17:18 - 2018-05-02 23:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-07-11 17:18 - 2018-04-23 08:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-07-11 17:18 - 2018-04-12 00:38 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-07-11 17:18 - 2018-04-12 00:36 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-07-11 17:18 - 2018-04-11 00:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-07-11 17:18 - 2018-04-07 00:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-07-11 17:18 - 2018-04-07 00:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-07-11 17:18 - 2018-03-15 00:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-07-11 17:18 - 2018-03-11 01:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-07-11 17:18 - 2018-03-07 02:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-07-11 17:18 - 2018-03-07 02:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-07-11 17:18 - 2018-02-11 01:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-07-11 17:18 - 2018-02-11 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-07-11 17:18 - 2018-02-03 02:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-07-11 17:18 - 2018-01-01 10:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-07-11 17:18 - 2018-01-01 10:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 09:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-07-10 20:04 - 2018-07-10 20:04 - 000087650 _____ C:\Users\Home\Downloads\Extras.Txt
2018-07-10 20:03 - 2018-07-10 20:03 - 000122102 _____ C:\Users\Home\Downloads\OTL.Txt
2018-07-10 19:07 - 2018-07-10 19:07 - 000602112 _____ (OldTimer Tools) C:\Users\Home\Downloads\OTL.exe
2018-07-10 18:11 - 2018-07-10 18:12 - 000000414 _____ C:\Users\Home\Downloads\exehelperlog.txt
2018-07-10 17:52 - 2018-07-10 17:53 - 043520264 _____ (Microsoft Corporation) C:\Users\Home\Downloads\Windows-KB890830-x64-
 
V5.61.exe
2018-07-10 15:49 - 2018-07-10 15:49 - 000294400 _____ C:\Users\Home\Downloads\exeHelper.com
2018-07-09 20:36 - 2018-07-09 20:36 - 000031816 _____ (Microsoft Corporation) C:\Users\Home\Downloads
 
\pciclearstalecache_fdc5fc21af7572c604f50e0e7f9f7a6c465835b4.exe
2018-07-09 20:04 - 2018-07-09 20:05 - 015800840 _____ (Dell Inc.) C:\Users\Home\Downloads\Dell-USB-Recovery-
 
Tool_JNDT2_WIN_2.1.2025.0_A00.EXE
2018-07-09 17:53 - 2018-07-09 17:54 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-07-09 17:53 - 2018-07-09 17:53 - 000001205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task 
 
Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001178 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2018-07-09 17:42 - 2018-07-09 17:42 - 002997200 _____ C:\Users\Home\Downloads\SecurityTaskManager_Setup.exe
2018-07-08 00:43 - 2018-07-08 00:44 - 000000000 ____D C:\Reg Utilities
2018-07-05 00:52 - 2018-07-05 00:52 - 000012522 _____ C:\Users\Home\Downloads\Sim22_MacdbbGaplessNT7_1_1.zip
2018-07-05 00:46 - 2018-07-05 00:50 - 168722676 _____ C:\Users\Home\Downloads\6kr
2018-07-05 00:39 - 2018-07-05 00:40 - 008488264 _____ C:\Users\Home\Downloads\6ks
2018-07-04 17:38 - 2018-07-04 17:38 - 000000000 ____D C:\Users\Home\AppData\Local\NinjaTrader_LLC,_http___w
2018-07-04 17:17 - 2018-07-04 17:17 - 000000000 ____D C:\Users\Home\Documents\Epubor VitalSource Downloader
2018-07-04 17:09 - 2018-07-04 18:27 - 000002721 _____ C:\Users\Home\Desktop\EpuborVitalSourceDownloader.lnk
2018-07-04 17:09 - 2018-07-04 17:09 - 000002729 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
 
\EpuborVitalSourceDownloader.lnk
2018-07-04 17:07 - 2018-07-04 17:21 - 000000000 ____D C:\Users\Home\AppData\Roaming\EpuborVitalSourceDownloader
2018-07-04 17:02 - 2018-07-04 17:02 - 000000000 ____D C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr
2018-07-04 17:00 - 2018-07-04 17:00 - 000000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-07-04 14:06 - 2018-07-04 14:07 - 045503432 _____ C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000042727 _____ C:\Users\Home\Downloads\SHARKBAND2.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000005879 _____ C:\Users\Home\Downloads\Sharkband.zip
2018-07-04 01:12 - 2018-07-04 01:12 - 000014678 _____ C:\Users\Home\Downloads\fisherT.xml
2018-07-04 01:12 - 2018-07-04 01:12 - 000008071 _____ C:\Users\Home\Downloads\FisherT.cs
2018-07-04 01:12 - 2018-07-04 01:12 - 000004593 _____ C:\Users\Home\Downloads\TRIX_cory.zip
2018-07-04 01:09 - 2018-07-04 01:09 - 000017136 _____ C:\Users\Home\Downloads\_Lin_Reg_Color_Paint_v01.cs
2018-07-03 21:53 - 2018-07-03 21:53 - 000032071 _____ C:\Users\Home\Downloads\MASlopeBoxMulti.zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope (1).zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000001852 _____ C:\Users\Home\Downloads\TheAboxforRange.zip
2018-07-03 21:26 - 2018-07-03 21:26 - 000031306 _____ C:\Users\Home\Downloads\BasicTemplate Perry.xml
2018-07-03 21:26 - 2018-07-03 21:26 - 000021732 _____ C:\Users\Home\Downloads\AaMA_7_5.zip
2018-07-03 21:22 - 2018-07-03 21:22 - 000063825 _____ C:\Users\Home\Downloads\PERRY_AFFLICTION.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000062969 _____ C:\Users\Home\Downloads\PERRY_ZSHARK_3.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000004555 _____ C:\Users\Home\Downloads\DMPlus_v3aBC.zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003827 _____ C:\Users\Home\Downloads\DMPlus_v3a (1).zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1 (1).zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000068608 _____ C:\Users\Home\Downloads\Perry.dll
2018-07-03 21:20 - 2018-07-03 21:20 - 000010918 _____ C:\Users\Home\Downloads\Force_Index_v02FastBC.zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000004021 _____ C:\Users\Home\Downloads\Perry.cpp
2018-07-03 21:20 - 2018-07-03 21:20 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1.zip
2018-07-03 21:17 - 2018-07-03 21:17 - 000002259 _____ C:\Users\Home\Downloads\PriceLineWH.zip
2018-07-03 21:13 - 2018-07-03 21:13 - 000013617 _____ C:\Users\Home\Downloads\ForceIndex.zip
2018-07-03 21:12 - 2018-07-03 21:12 - 000022004 _____ C:\Users\Home\Downloads\DMPlusSignals_v8_nt7.zip
2018-07-03 21:08 - 2018-07-03 21:08 - 002498706 _____ C:\Users\Home\Downloads\vipul gold 4 range.bmp
2018-07-03 21:06 - 2018-07-03 21:06 - 000021045 _____ C:\Users\Home\Downloads\DMPlusSignals_nt7.zip
2018-07-03 21:06 - 2018-07-03 21:06 - 000019756 _____ C:\Users\Home\Downloads\DM3PlusSignals_nt65.zip
2018-07-03 21:02 - 2018-07-03 21:02 - 000005180 _____ C:\Users\Home\Downloads\DonchianRectangle.zip
2018-07-03 20:55 - 2018-07-03 20:55 - 000029362 _____ C:\Users\Home\Downloads\jhlPerryM1v1.zip
2018-07-03 20:51 - 2018-07-03 20:51 - 000003673 _____ C:\Users\Home\Downloads\DMplus_v3a.zip
2018-07-03 20:50 - 2018-07-03 20:50 - 000036945 _____ C:\Users\Home\Downloads\Perry-04.xml
2018-07-03 20:50 - 2018-07-03 20:50 - 000003020 _____ C:\Users\Home\Downloads\jtrangmaker_nj6_5.zip
2018-07-03 20:48 - 2018-07-03 20:48 - 000007813 _____ C:\Users\Home\Downloads\ECO2PAINTBARSONLY.zip
2018-07-03 20:46 - 2018-07-03 20:46 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3 (1).zip
2018-07-03 20:44 - 2018-07-03 20:44 - 000009645 _____ C:\Users\Home\Downloads\Force_Index_v02.zip
2018-07-03 20:43 - 2018-07-03 20:43 - 000036657 _____ C:\Users\Home\Downloads\Perry-01.xml
2018-07-03 20:43 - 2018-07-03 20:43 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope.zip
2018-07-03 20:40 - 2018-07-03 20:40 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3.zip
2018-07-03 20:38 - 2018-07-03 20:38 - 000034256 _____ C:\Users\Home\Downloads\Perry-02v2.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030586 _____ C:\Users\Home\Downloads\Perry-02.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1 (1).xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000002872 _____ C:\Users\Home\Downloads\DMplus_v2.zip
2018-07-02 17:46 - 2018-07-02 17:46 - 000001531 _____ C:\Users\Home\Downloads\VolumeRiseFallNT8.zip
2018-07-01 19:29 - 2018-07-01 19:29 - 002716964 _____ C:\Users\Home\Downloads\DAMsetup.exe
2018-07-01 15:57 - 2018-07-01 15:57 - 000000207 _____ C:\Windows\tweaking.com-regbackup-HOME-PC-Windows-7-Professional-(64-
 
bit).dat
2018-07-01 15:57 - 2018-07-01 15:57 - 000000000 ____D C:\RegBackup
2018-07-01 15:47 - 2018-07-01 15:48 - 000000000 ____D C:\Tweaking
2018-07-01 15:34 - 2018-07-01 15:34 - 000000796 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-07-01 15:34 - 2018-07-01 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-07-01 15:34 - 2018-07-01 15:34 - 000000000 ____D C:\Program Files\Speccy
2018-07-01 15:17 - 2018-07-01 15:17 - 006889184 _____ (Piriform Ltd) C:\Users\Home\Downloads\spsetup132.exe
2018-07-01 14:30 - 2018-07-01 14:30 - 000002079 _____ C:\Users\Home\Downloads\PriceLineWH-NT8.zip
2018-07-01 14:25 - 2018-07-01 14:25 - 000009848 _____ C:\Users\Home\Downloads\ama_Current_Day_VWAP_v20.zip
2018-07-01 14:19 - 2018-07-01 14:19 - 000049438 _____ C:\Users\Home\Downloads\Download (1).rar
2018-07-01 14:15 - 2018-07-01 14:15 - 000124767 _____ C:\Users\Home\Downloads\Traderretail.rar
2018-07-01 13:53 - 2018-07-01 13:53 - 000091075 _____ C:\Users\Home\Downloads\ama_Super_Trend_U11_v21.zip
2018-07-01 01:00 - 2018-07-01 01:00 - 000009390 _____ C:\Users\Home\Downloads\IndoDemoStrategy.cs
2018-06-30 19:13 - 2018-06-30 19:14 - 000040225 _____ C:\Users\Home\Downloads\MTB.txt
2018-06-30 00:20 - 2018-06-30 00:20 - 000892416 _____ (Farbar) C:\Users\Home\Downloads\MiniToolBox.exe
2018-06-29 18:23 - 2018-06-29 18:23 - 000001003 _____ C:\Users\Public\Desktop\Filedrop.lnk
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Users\Home\AppData\Roaming\com.filedropme.FiledropDesktop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filedrop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Program Files (x86)\Filedrop
2018-06-29 17:39 - 2018-06-29 17:40 - 019130837 _____ (Filedrop ) C:\Users\Home\Downloads\Filedrop.exe
2018-06-29 17:22 - 2018-06-29 17:22 - 000006039 _____ C:\Users\Home\Downloads\April2018SCNT7.zip
2018-06-29 17:22 - 2018-06-29 17:22 - 000004819 _____ C:\Users\Home\Downloads\April2018SCNT8.zip
2018-06-29 17:20 - 2018-06-29 17:20 - 000007242 _____ C:\Users\Home\Downloads\July2012SC.zip
2018-06-28 21:41 - 2018-06-28 21:41 - 025942048 _____ (Samsung Electronics Co., Ltd.) C:\Users\Home\Downloads
 
\SAMSUNG_USB_Driver_for_Mobile_Phones_1.5.63.0.exe
2018-06-28 18:01 - 2018-06-28 18:01 - 000036760 _____ C:\Users\Home\Downloads\DS.rar
2018-06-28 18:00 - 2018-06-28 18:00 - 000022576 _____ C:\Users\Home\Downloads\DeltaScalper2.cs
2018-06-28 13:25 - 2018-06-28 13:25 - 000395709 _____ C:\Users\Home\Downloads\iScalper - Incubator ( iscalper - iRenko - 
 
iBands - iBars ).zip
2018-06-26 19:09 - 2018-06-26 19:09 - 000013664 _____ C:\Users\Home\Downloads\CciBBLinesV4.zip
2018-06-26 19:03 - 2018-07-01 13:57 - 001884785 _____ C:\Users\Home\Downloads\6k7
2018-06-26 18:57 - 2018-06-26 18:57 - 043540480 _____ C:\Users\Home\Downloads\NinjaTrader.Install.msi
2018-06-26 18:28 - 2018-06-26 18:28 - 000437107 _____ C:\Users\Home\Downloads\BrainTrading71.0.zip
2018-06-26 14:52 - 2018-06-26 14:52 - 000000000 ____D C:\Users\Home\AppData\Local\MTPredictor
2018-06-26 12:07 - 2018-06-26 12:07 - 002554515 _____ C:\Users\Home\Downloads\2017_IC3Report.pdf
2018-06-25 20:59 - 2018-06-25 20:59 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2018-06-25 16:47 - 2018-06-25 16:47 - 000181061 _____ C:\Users\Home\Downloads\RLMovingAverageColored.zip
2018-06-25 16:47 - 2018-06-25 16:47 - 000027785 _____ C:\Users\Home\Downloads\RLTMovingAverageColored.zip
2018-06-24 13:38 - 2018-06-24 13:38 - 538859006 _____ C:\Users\Home\Downloads\Trading MarketProfile (1).zip
2018-06-23 19:47 - 2018-06-23 19:48 - 021342732 _____ C:\Users\Home\Downloads\DayTrading_with_Price_Action_-
 
_Course___NinjaTrader_7_Indicators_2.rar
2018-06-22 13:18 - 2018-06-22 13:18 - 000003076 _____ C:\Users\Home\Downloads\Fractal_MikeV2_1.zip
2018-06-21 18:11 - 2018-06-21 18:14 - 000208972 _____ C:\TDSSKiller.3.1.0.17_21.06.2018_18.11.35_log.txt
2018-06-21 18:02 - 2018-07-16 17:36 - 000001107 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-06-21 18:02 - 2018-07-13 17:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-21 18:02 - 2018-06-21 18:02 - 000000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-21 18:02 - 2018-06-21 18:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-06-21 17:16 - 2018-06-21 17:16 - 000382261 _____ C:\unp306732162544469087i-manual.mdmp
2018-06-20 23:50 - 2018-06-20 23:50 - 010015056 _____ (AVAST Software) C:\Users\Home\Downloads\avastclear.exe
2018-06-20 23:37 - 2018-06-20 23:37 - 000000000 ___SD C:\ComboFix
2018-06-20 23:31 - 2018-06-20 23:37 - 000000000 ____D C:\Qoobox
2018-06-20 23:31 - 2018-06-20 23:31 - 000000000 ____D C:\Windows\erdnt
2018-06-20 23:29 - 2018-06-20 23:37 - 000000000 ___SD C:\32788R22FWJFW
2018-06-20 16:22 - 2018-06-20 16:22 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\3422B2DB.sys
2018-06-20 01:05 - 2018-06-20 01:06 - 043077751 _____ C:\Users\Home\Downloads\[Alan_Chapman]_Advanced_Magick_for_Beginners(b-
 
ok.xyz).pdf
2018-06-19 19:13 - 2018-06-19 19:13 - 000138714 _____ C:\Users\Home\Downloads\RelativeVolume (2).zip
2018-06-18 18:55 - 2018-06-18 18:55 - 001681077 _____ C:\Users\Home\Downloads\[Ophiel]
 
_Art_and_Practice_of_Getting_Material_Thin(b-ok.xyz).pdf
2018-06-18 18:45 - 2018-06-18 18:45 - 000207405 _____ C:\Users\Home\Downloads\[Huston_Charlie]
 
_The_Mystic_Arts_of_Erasing_All_Si(b-ok.xyz).fb2
2018-06-18 15:44 - 2018-06-18 15:44 - 014386648 _____ C:\Users\Home\Downloads\2013-breakthrough-strategies-for-predicting-
 
any-market-charting-elliott-wave-lucas-fibonacci-gann-and-time-for-profitmarked.pdf
2018-06-18 15:39 - 2018-06-18 15:39 - 006530027 _____ C:\Users\Home\Downloads
 
\A_Complete_Guide_to_Technical_Trading_Tactics___How_to_Profit_Using_Pivot_Points__Candlesticks.pdf
2018-06-18 15:31 - 2018-06-18 15:31 - 040068881 _____ C:\Users\Home\Downloads\Breakthrough Strategies for Predicting a - Jeff 
 
Greenblatt.pdf
2018-06-17 19:54 - 2018-06-17 19:54 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\1143D6AC.sys
2018-06-17 19:47 - 2018-06-20 16:26 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-06-16 15:04 - 2018-06-16 15:04 - 000025876 _____ C:\Users\Home\Downloads\ncatFibonacciConfluence.zip
2018-06-16 01:35 - 2018-06-16 01:35 - 000028716 _____ C:\Users\Home\Downloads\MasterfibonacciV33-e.rar
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-16 18:46 - 2018-06-10 12:11 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-07-16 18:46 - 2017-12-11 15:02 - 006074156 _____ C:\Windows\ntbtlog.txt
2018-07-16 18:33 - 2016-12-27 20:13 - 000000000 ____D C:\Temp
2018-07-16 18:27 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-
 
A289-439d-8115-601632D005A0
2018-07-16 18:27 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-
 
A289-439d-8115-601632D005A0
2018-07-16 18:19 - 2009-07-14 13:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-16 18:16 - 2017-12-23 20:39 - 000000000 ____D C:\Windows\System32\Tasks\MEGA
2018-07-16 18:16 - 2016-03-08 22:27 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-07-16 18:15 - 2016-06-02 13:39 - 191336811 _____ C:\Windows\system32\Drivers\whitelist2.sa
2018-07-16 17:23 - 2009-07-14 12:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media 
 
Player.lnk
2018-07-16 17:20 - 2016-11-29 16:12 - 000000000 ____D C:\Users\Home\AppData\LocalLow\Mozilla
2018-07-15 13:41 - 2018-03-13 18:50 - 000004460 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-15 13:41 - 2017-06-22 18:30 - 000003310 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2018-07-15 13:41 - 2017-06-19 21:36 - 000002980 _____ C:\Windows\System32\Tasks\{CEBE9F60-2E2E-4BF0-AEAE-325E6ADDDF40}
2018-07-15 13:41 - 2017-06-19 21:36 - 000002980 _____ C:\Windows\System32\Tasks\{C8711FB9-019D-4C47-838B-F12CC1688B8F}
2018-07-15 13:41 - 2017-03-18 08:32 - 000004174 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-07-15 13:41 - 2016-01-12 04:30 - 000004314 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-07-15 13:41 - 2016-01-12 04:24 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-15 13:41 - 2016-01-12 00:08 - 000003334 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-15 13:41 - 2016-01-12 00:08 - 000003206 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-15 00:40 - 2016-06-10 20:19 - 000000000 ____D C:\Program Files (x86)\AnVir Task Manager Free
2018-07-14 18:36 - 2009-07-14 13:13 - 000917584 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-14 18:36 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\inf
2018-07-14 17:23 - 2016-01-12 02:54 - 000909706 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-07-14 15:44 - 2016-06-05 18:03 - 000000000 ____D C:\ProgramData\ProductData
2018-07-13 17:28 - 2016-01-12 04:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 
 
DC.lnk
2018-07-13 16:59 - 2016-11-23 13:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-07-12 10:41 - 2016-03-12 18:31 - 000409520 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-12 10:36 - 2016-01-11 22:58 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-12 10:35 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-07-12 03:12 - 2016-01-11 22:50 - 000000000 ____D C:\Windows\system32\MRT
2018-07-12 03:03 - 2016-01-11 22:50 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-07-11 22:22 - 2016-03-31 22:15 - 000000000 ____D C:\Users\Home\AppData\Roaming\.oit
2018-07-11 00:50 - 2016-01-12 04:30 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-11 00:50 - 2016-01-12 04:30 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-09 14:05 - 2017-01-20 15:07 - 000000222 _____ C:\Windows\SysWOW64\_WKERNEL.SYL
2018-07-09 14:02 - 2016-11-05 03:28 - 000000000 ____D C:\Users\Public\Documents\PT Photo Editor
2018-07-07 15:30 - 2016-03-14 00:28 - 000000000 ____D C:\XP
2018-07-06 23:51 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\system32\NDF
2018-07-05 22:09 - 2016-04-18 16:51 - 000000000 ____D C:\Newnew4
2018-07-05 17:35 - 2016-04-20 15:06 - 000000000 ____D C:\Movies
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\TypeData445.lt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\RemoteReach2.dta
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\mockdata.db
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\funnel2db.arc
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\ffile2_.dat
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\dat6_.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\type2.fnt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\productcode.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\kernalcode.gtd
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Windows\system32\tdt.dds
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Users\Home\AppData\Local\dat51_.dat
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\ProgramData\takesys.dat
2018-07-04 16:59 - 2016-01-12 04:23 - 000000000 ____D C:\Users\Home\AppData\Local\Adobe
2018-07-04 16:55 - 2017-09-23 18:21 - 000000000 ____D C:\Users\Home\Documents\NinjaTrader 7
2018-07-04 16:51 - 2016-12-29 22:19 - 000000000 ____D C:\Users\Home\AppData\Roaming\SharkIndicators
2018-07-01 19:01 - 2016-03-09 01:51 - 000109208 _____ C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-30 19:34 - 2017-07-19 21:54 - 000000000 ____D C:\Program Files\WinSysClean X7 PRO
2018-06-30 19:31 - 2017-07-19 23:50 - 000000000 ____D C:\Program Files (x86)\Wise
2018-06-28 20:43 - 2016-03-31 21:39 - 000000000 ____D C:\Users\Home\Documents\My Digital Editions
2018-06-27 03:53 - 2016-01-12 00:09 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-27 03:53 - 2016-01-12 00:09 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-23 22:01 - 2018-06-11 19:02 - 000000000 ____D C:\New Futures.io downloads
2018-06-22 13:53 - 2018-06-10 12:15 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-06-21 19:50 - 2018-06-11 17:15 - 000000000 ____D C:\Security
2018-06-21 17:21 - 2016-03-08 22:24 - 000000000 ____D C:\ProgramData\AVAST Software
2018-06-19 19:46 - 2016-04-13 19:02 - 000000000 ____D C:\NEW
2018-06-17 19:54 - 2016-04-02 22:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-16 21:08 - 2016-06-05 18:03 - 000000000 ____D C:\Users\Home\AppData\Roaming\IObit
2018-06-16 20:28 - 2016-01-10 14:16 - 000000000 ____D C:\Users\Home
2018-06-16 20:25 - 2016-11-26 01:20 - 000000000 ____D C:\Temp2
2018-06-16 17:34 - 2017-03-15 00:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2018-06-16 17:34 - 2017-03-15 00:32 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2018-06-16 17:13 - 2016-12-22 23:48 - 000000000 ____D C:\Users\Home\AppData\Roaming\ebook_convert
2018-06-16 17:13 - 2016-12-22 23:48 - 000000000 ____D C:\Users\Home\AppData\Roaming\.Ultimate
2018-06-16 17:07 - 2016-12-26 21:06 - 000000000 ____D C:\Program Files (x86)\DoYourData
2018-06-16 16:43 - 2017-09-27 15:50 - 000000000 ____D C:\Users\Home\AppData\Roaming\fxgen
2018-06-16 16:37 - 2016-07-26 02:02 - 000000000 ____D C:\ProgramData\Avira
2018-06-16 16:28 - 2016-03-23 16:15 - 000000000 ____D C:\Users\Home\AppData\Local\Citrix
2018-06-16 16:25 - 2017-07-17 19:33 - 000000000 ____D C:\Program Files (x86)\GoToMeeting
2018-06-16 16:19 - 2018-01-20 23:28 - 000002268 _____ C:\Users\Public\Desktop\Driver Booster 5.lnk
2018-06-16 16:19 - 2016-06-05 18:03 - 000000000 ____D C:\ProgramData\IObit
 
==================== Files in the root of some directories =======
 
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\ProgramData\enginesys.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\ProgramData\takesys.dat
2017-02-03 21:18 - 2017-02-16 19:21 - 000001728 _____ () C:\Users\Home\AppData\Roaming\.starmoon_kst.cfg
2016-12-16 19:35 - 2017-10-04 15:34 - 000000126 _____ () C:\Users\Home\AppData\Roaming\default.rss
2017-07-04 20:59 - 2017-07-04 21:00 - 000000010 _____ () C:\Users\Home\AppData\Roaming\pdfdrawcodec.dll
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\Users\Home\AppData\Local\dat48_.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\Users\Home\AppData\Local\dat51_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\dat6_.xml
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\ffile2_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\funnel2db.arc
2008-02-05 13:28 - 2008-02-05 13:28 - 000000051 _____ () C:\Users\Home\AppData\Local\setup.txt
2017-12-08 19:08 - 2017-12-30 21:05 - 000005780 _____ () C:\Users\Home\AppData\Local\supFix.dtt
 
Some files in TEMP:
====================
2018-01-12 12:24 - 2018-01-12 12:24 - 011397488 _____ (AnVir Software) C:\Users\Home\AppData\Local\Temp\anvir.exe
2018-06-13 18:50 - 2018-06-13 18:50 - 000625816 ____T (Auslogics) C:\Users\Home\AppData\Local\Temp
 
\boost_speed_stub_installer.exe
2018-06-13 21:27 - 2017-09-13 23:31 - 001732864 _____ (Microsoft Corporation) C:\Users\Home\AppData\Local\Temp\dllnt_dump.dll
2018-06-13 18:50 - 2018-06-13 18:50 - 000384664 ____T (Auslogics) C:\Users\Home\AppData\Local\Temp
 
\driver_updater_stub_installer.exe
2018-06-27 21:19 - 2018-06-27 21:19 - 000012800 _____ () C:\Users\Home\AppData\Local\Temp\rrlb0owb.dll
2018-06-13 18:50 - 2018-06-13 18:50 - 001292400 ____T (Novnify) C:\Users\Home\AppData\Local\Temp\StopAd Installer.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-01-08 04:09
 
==================== End of FRST.txt ============================
 
 
And here is the attendant Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Home (16-07-2018 18:50:04)
Running from C:\Users\Home\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-10 06:16:41)
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2713607381-13602913-39778406-500 - Administrator - Disabled)
Guest (S-1-5-21-2713607381-13602913-39778406-501 - Limited - Disabled)
Home (S-1-5-21-2713607381-13602913-39778406-1000 - Administrator - Enabled) => C:\Users\Home
HomeGroupUser$ (S-1-5-21-2713607381-13602913-39778406-1002 - Limited - Enabled)
HomeTester (S-1-5-21-2713607381-13602913-39778406-1003 - Administrator - Enabled) => C:\Users\HomeTester
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be 
 
uninstalled manually.)
 
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Absolute Uninstaller 5.3.1.21 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.21 - Glarysoft Ltd)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems 
 
Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.7 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden
AnVir Task Manager Free (HKLM-x32\...\AnVir Task Manager Free) (Version: 9.2.3 - AnVir Software)
BurnAware Premium 11.0 GAOTD (HKLM-x32\...\BurnAware Premium_is1) (Version:  - Burnaware)
calibre 64bit (HKLM\...\{0224350E-9A3E-4932-8FC8-5D0590F1AF8A}) (Version: 2.55.0 - Kovid Goyal)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
DocX Reader 2.0 (HKLM-x32\...\DocX Reader 2.0) (Version:  - )
DolbyFiles (HKLM-x32\...\{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}) (Version: 0.1 - Nero AG) Hidden
Download Accelerator Manager (HKLM-x32\...\Download Accelerator Manager) (Version: 5.2.5 - )
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.2.0 - IObit)
Duplicate Photo Finder Plus 7.0 (HKLM-x32\...\Duplicate Photo Finder Plus_is1) (Version:  - TriSun Software Limited)
EditPad Lite 7.4.1 (HKLM\...\EditPad Lite) (Version: 7.4.1 - Just Great Software)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.8.1129 - Epubor Inc.)
EpuborVitalSourceDownloader 1.0.6 (only current user) (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\0d87c151-55a2-503a-
 
ba5c-83eaa9103f25) (Version: 1.0.6 - epubor)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron 
 
Technology)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fibozachi Elite Trader Package (www.forex-warez.com) version 7.31 (HKLM-x32\...\Fibozachi Elite Trader Package (www.forex-
 
warez.com)_is1) (Version: 7.31 - [email protected])
Filedrop version 1.1.5 (HKLM-x32\...\{3A309583-1B4A-4C90-85EA-124EB8DB331A}_is1) (Version: 1.1.5 - Filedrop)
Forex EA Generator 6.x (HKLM-x32\...\Forex EA Generator 6.x_is1) (Version:  - )
FXDD - MetaTrader (HKLM-x32\...\FXDD - MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
GoldenZone BarCloseMarker (HKLM-x32\...\{7B8F38FE-8CDF-4B26-A119-5388CAFEE98E}) (Version: 36.9.260.16 - GoldenZone Trading)
GoldenZone FullRangeBar (HKLM-x32\...\{3CE11A64-02C5-4B95-B0C0-C0CF94A82883}) (Version: 36.6.260.16 - GoldenZone Trading)
GoldenZone Leaders and Laggers (HKLM-x32\...\{40C302EF-A5A4-4EC3-A513-A0E2D441E93D}) (Version: 36.5.50.16 - GoldenZone 
 
Trading)
GoldenZone RolloversGuide (HKLM-x32\...\{991F9121-83AE-4309-8E54-95924F756A03}) (Version: 36.6.260.16 - GoldenZone Trading)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.26.5283 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
IDTA Indicators (HKLM-x32\...\IDTA Indicators 2.1.4) (Version: 2.1.4 - The International Day Trading Academy)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Inpaint 7.1 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version:  - Teorex)
Installer (HKLM-x32\...\{9F563251-4B7B-4449-B8D5-B3EC520EE837}) (Version: 1.233.6717.19680 - SharkIndicators) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel 
 
Corporation)
Intel® Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel 
 
Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.4.0.8 - IObit)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Lucky Days 2.3 (HKLM-x32\...\{3EAC2150-F274-4568-A03C-F52E549589EB}_is1) (Version:  - www.luckydays.tv)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft 
 
Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-
 
48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - 
 
Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - 
 
Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 
 
9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 
 
9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 
 
9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 
 
9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 
 
10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 
 
10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 
 
11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 
 
12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 
 
12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 
 
12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 
 
12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 
 
14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 
 
14.13.26020.0 - Microsoft Corporation)
MicroTrends DoubleShot Foundation 7.2018.03.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{EFDE0166-797F-
 
4CDF-82C2-4F5CAA827B28}) (Version: 7.2018.03.20 - MicroTrends)
MicroTrends NinjaTrader Framework 7 7.0.1.68 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{6B84A934-9323-4998-
 
B4AC-22D2B0905215}) (Version: 7.0.1.68 - MicroTrends)
MicroTrends Ultimate 7 Pro ATS 7.2018.3.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{E20EB602-68D1-4EA6-
 
860A-48535E867650}) (Version: 7.2018.3.20 - MicroTrends)
Mozilla Firefox 60.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.2 (x64 en-US)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 en-US)) (Version: 52.9.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiView Inpaint 1.2 (HKLM\...\{8188F7D9-812D-417D-B502-BE0D34ABFD81}_is1) (Version:  - Teorex)
Nero 9 Essentials (HKLM-x32\...\{61e0bd34-02fb-46f2-97c9-5813e346768c}) (Version:  - Nero AG)
NinjaTrader 7 (HKLM-x32\...\{94A2EF87-0F5B-4DC8-98DE-FD569674C05F}) (Version: 7.0.1037 - NinjaTrader)
NinjaTrader 8 (HKLM-x32\...\{2DAF98A0-9C96-4362-8AEB-5C548C01351E}) (Version: 8.0.13.1 - NinjaTrader, LLC)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
pCloud Drive (HKLM-x32\...\{5824F8F8-E59E-42CB-98FA-B1F329A58BB9}) (Version: 3.5.7 - pCloud AG) Hidden
PDFdu PDF Password Remover version 2.3 (HKLM-x32\...\{4412D3E1-E5ED-4EEA-B631-427FB9F31F48}_is1) (Version: 2.3 - PDFdu.com)
PhotoScissors 4.0 (HKLM\...\{664FCCAE-8187-4EC5-B191-758C040C999C}_is1) (Version:  - teorex)
PT Photo Editor - Pro Edition 3.7 (HKLM\...\{5C65692A-A64B-4B54-8E1E-429A56979DB0}_is1) (Version: 3.7 - PHOTO-TOOLBOX.COM)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek 
 
Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - 
 
Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) 
 
(Version: 2.0.20.0 - Renesas Electronics Corporation)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RogueKiller version 12.12.21.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.21.0 - Adlice Software)
ScanMyReg 3.0 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-A9D60D18D757}_is1) (Version:  - YL Computing, Inc)
Security Task Manager 2.1k (HKLM-x32\...\Security Task Manager) (Version: 2.1k - Neuber Software)
SharkIndicators Software (HKLM-x32\...\Installer 1.233.6717.19680) (Version: 1.233.6717.19680 - SharkIndicators)
Sketch Drawer 4.2 (HKLM-x32\...\Sketch Drawer_is1) (Version: 4.2 - SoftOrbits)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
StartEd Lite (HKLM-x32\...\StartEd Lite) (Version: 5.60 - Outertech)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1258 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TOM Products version 3.7.0.1 (HKLM-x32\...\{BDD96956-F4E4-4498-B82A-C9E143C3ACA3}_is1) (Version: 3.7.0.1 - TheOilMoney)
TopDogTrading Indicators (HKLM-x32\...\{7A8B0366-82AB-4711-A99C-66E32B62CBAF}) (Version: 1.00.0000 - TopDogTrading)
Trading123AutoTraderV5j (HKLM-x32\...\{2BBB7785-61E5-4FD1-807E-9046FEC6AA63}) (Version: 1.0.5.10 - Trading123.Net)
UltraSearch V2.1.2 (64 bit) (HKLM\...\UltraSearch_is1) (Version: 2.1.2 - JAM Software)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-
 
5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Video to GIF 5.3 (HKLM-x32\...\Video to GIF) (Version: 5.3 - AoaoPhoto Digital Studio.)
WinPDFEditor V3.4 (HKLM-x32\...\WinPDFEditor_is1) (Version:  - hxxp://www.WinPDFEditor.com)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinSysClean X7 PRO (HKLM\...\{1A4E6757-4428-4422-80A3-9B5D28B1AD43}) (Version: 17.20 - Ultimate Systems, Inc.) Hidden
WinSysClean X7 PRO (HKLM-x32\...\WinSysClean X7 PRO) (Version: 17.20 - Ultimate Systems, Inc.)
WinUtilities Professional Edition 13.23 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043009}_is1) (Version: 13.23 - YL 
 
Computing, Inc)
WowTron PDF Restriction Remover (HKLM-x32\...\{7D68F994-CCD6-4C09-8127-E3E1A0333DA0}) (Version: 1.1.1 - WowTron Software Co. 
 
Ltd.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
CustomCLSID: HKU\S-1-5-21-2713607381-13602913-39778406-1000_Classes\CLSID\{F09690BD-582D-4439-B6ED-
 
5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    pCloudINPROGRESS] -> {D8BFAFBD-B670-4252-9C17-9CF1C64C2BAF} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudINSYNC] -> {8D0C0582-552A-4A6B-9455-DA63E1F329C0} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudNOSYNC] -> {3858ED1B-8F1C-42ED-A8A9-FDBF591E3C6B} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {CB7E9D62-75C5-4121-BBD4-C6DF0AD8C262} => C:\Windows
 
\system32\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {CB7E9D62-75C5-4121-BBD4-C6DF0AD8C262} => C:\Windows
 
\system32\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Security\7-Zip\7-zip.dll [2018-04-30] (Igor 
 
Pavlov)
ContextMenuHandlers1: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll 
 
[2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 
 
9\Nero CoverDesigner\CoverEdExtension.dll [2009-10-15] (Nero AG)
ContextMenuHandlers1-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows
 
\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll 
 
[2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll 
 
[2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware
 
\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Security\7-Zip\7-zip.dll [2018-04-30] (Igor 
 
Pavlov)
ContextMenuHandlers4: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll 
 
[2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-10-08] 
 
(Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Security\7-Zip\7-zip.dll [2018-04-30] (Igor 
 
Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware
 
\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows
 
\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-
 
08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll 
 
[2017-08-11] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
Task: {0A39D710-ED40-41DA-AE01-9A7EDD149DD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google
 
\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {1C906D8C-89DC-4569-BD1C-52E30CFB919E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google
 
\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {2797DECE-4DB4-4663-85F6-38093DB6480A} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 
 
5\Initialize.exe
Task: {2CEFA448-F019-4939-829F-AD682569DB18} - \FreeDownloadManagerNetworkMonitor -> No File <==== ATTENTION
Task: {3D92964E-8641-4995-AC35-96D4FD794603} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common 
 
Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {6B5CE91C-079C-4CD4-BFE1-468927BD81C2} - System32\Tasks\{C8711FB9-019D-4C47-838B-F12CC1688B8F} => C:\Program Files 
 
(x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {70ADD8E1-75DA-4DCC-A4AA-858CB64A701D} - \Driver Booster Scheduler -> No File <==== ATTENTION
Task: {7360257D-DC15-41CD-8018-4500BA372DC1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast
 
\AvEmUpdate.exe
Task: {A7D30F61-117E-4C4B-AD3F-AA0C3B26BFFF} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled 
 
Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {ADF1FDAD-D7F8-461D-8B32-9B7EE15C03C7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows
 
\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe
Task: {B2DF534A-8484-4D15-83EA-E88CF2CF3002} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files
 
\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {B37ACB3C-BA1A-4627-9F9F-3DEA763FA5AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed
 
\Flash\FlashPlayerUpdateService.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {EE7A4FEB-9E17-4400-B1FA-E1F313272337} - System32\Tasks\{CEBE9F60-2E2E-4BF0-AEAE-325E6ADDDF40} => C:\Program Files 
 
(x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {F03B2B28-03E5-418A-9206-93E4B862CB69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows
 
\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-10] (Adobe Systems Incorporated)
Task: {F2655F5D-64E3-48A9-AFCF-96C15C415576} - \Driver Booster SkipUAC (Home) -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be 
 
moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash
 
\FlashUtil32_30_0_0_113_pepper.exe
Task: C:\Windows\Tasks\AnVir Task Manager.job => C:\Program Files (x86)\AnVir Task Manager Free\AnVir.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MicroTrends 
 
Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Blog.lnk 
 
-> hxxp://blog.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Forum.lnk 
 
-> hxxp://forum.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Help 
 
Desk.lnk -> hxxp://microtrends.zendesk.com
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Squawk 
 
Box.lnk -> hxxp://downloads.microtrends.co/squawkbox/install.ht
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MicroTrends 
 
Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MT Help 
 
Desk.lnk -> hxxp://microtrends.zendesk.com
 
ShortcutWithArgument: C:\Users\Home\Desktop\Online File Converter.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-
 
Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3G2.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-3G2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3GP.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-3GP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 7z.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-7Z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AAC.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AC3.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AC3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AIFF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AVI.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AVI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AZW3.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AZW3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to BMP.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-BMP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPS.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-EPS
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPUB.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ePub
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Excel.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Xls
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FB2.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FB2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLAC.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FLAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Flash.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Flash
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FLV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to GIF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-GIF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Html.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-HTML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to iPhone.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-iPhone
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to JPG.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-JPG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to LRF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-LRF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to M4A.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M4A
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MKV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MKV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MOBI.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MOBI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Mov.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MOV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP2.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP3.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP4.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP4
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ODF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OGG.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-OGG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OpenOffice.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-ODT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDB.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PDB
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PDF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PhotoShop.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-PSD
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PNG.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PNG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PowerPoint.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-PPT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to RM.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-RM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Rtf.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.bz2.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Tar-bz2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.gz.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Tar-gz
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.z.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Tar-z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TCR.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TCR
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TIFF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Txt.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TXT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W1V.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M1V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W2V.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M2V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WAV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WAV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WebM.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WebM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMA.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WMA
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WMV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Word.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Doc
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xbox 360.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Xbox360
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xml.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-XML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to YouTube.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-YouTube
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ZIP.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ZIP
ShortcutWithArgument: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Online File Converter.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-06-10 12:10 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sascansvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2018-07-16 18:19 - 000001314 _____ C:\Windows\system32\Drivers\etc\hosts
 
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft
 
\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 64.145.73.5 - 209.107.219.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 
 
3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E0F10DD9-5871-40A5-8C94-CBBBA5118DA0}] => (Allow) LPort=80
FirewallRules: [TCP Query User{26303190-3DA5-4505-82FE-FA4C8E64E6DB}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [UDP Query User{0835F49C-2F7A-4578-8AF1-4C2FC1C6F50A}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [{979902AF-DFE2-49CB-B3D3-22E0138C3E3C}] => (Allow) C:\Program Files (x86)\pCloud Drive\pCloud.exe
FirewallRules: [TCP Query User{3A0A0771-7500-48C2-B773-5D3D6ECC8544}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{6CC3C934-9C22-4507-859C-9D9B09B201A1}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{66781602-1EEF-4160-A7F9-28A5422FDD62}C:\program files (x86)\ninjatrader 
 
8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{C2756435-D0AE-467C-9907-834F2AAE75B6}C:\program files (x86)\ninjatrader 
 
8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{8C300CD9-195C-4FB7-BA39-B2981DBAC6F4}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [UDP Query User{240E47F2-B98E-4409-9433-A2753201F861}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [{BB25DF2E-E071-4E74-89FE-EFF71BB46E05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FCF3E1A5-3B13-4082-ABF3-2CE340C9F017}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{76EEFDB5-90CB-494D-B277-1D699744AF9C}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{D3F505DC-CF8C-462A-8AB8-6D2E062CF20C}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [{5C618650-B412-47C0-84A2-FC32B61999E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{88049983-F4CE-4EB1-BBD2-4F0BAF0A9FA7}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) 
 
C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [UDP Query User{F82D738E-1254-4EEE-97EF-E09D70001824}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) 
 
C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [TCP Query User{11A84D1D-09E8-45A8-A01E-C075142339B3}C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
FirewallRules: [UDP Query User{A2C5E8EF-6E22-4E1F-9FD0-7B8A5988EEA8}C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
 
==================== Restore Points =========================
 
11-07-2018 03:00:19 Windows Update
11-07-2018 15:27:42 Windows Update
12-07-2018 03:00:41 Windows Update
14-07-2018 17:12:16 Windows Update
14-07-2018 17:51:31 Windows Update
14-07-2018 18:14:54 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow 
 
the instructions.
 
Name: EldoS PnP virtual bus
Description: EldoS PnP virtual bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: EldoS Corporation
Service: vpnpbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or 
 
damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if 
 
the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/16/2018 06:47:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/16/2018 06:46:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/16/2018 06:46:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/16/2018 06:39:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/16/2018 06:39:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/16/2018 06:39:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/16/2018 06:19:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/16/2018 06:19:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
 
System errors:
=============
Error: (07/16/2018 06:46:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start 
 
because of the following error: 
The dependency service or group failed to start.
 
Error: (07/16/2018 06:46:57 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (07/16/2018 06:46:57 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (07/16/2018 06:46:49 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (07/16/2018 06:46:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 21
 
Error: (07/16/2018 06:46:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cbfs6
discache
HWiNFO32
MpFilter
spldr
Wanarpv6
 
Error: (07/16/2018 06:46:17 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.
 
Feature: On Access
 
Error Code: 0x8007043c
 
Error description: This service cannot be started in Safe Mode 
 
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the 
 
service may resolve the problem.
 
Error: (07/16/2018 06:19:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 22%
Total physical RAM: 4012.97 MB
Available physical RAM: 3117.21 MB
Total Virtual: 8024.11 MB
Available Virtual: 7193.79 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:220.7 GB) (Free:8.1 GB) NTFS
Drive d: () (Fixed) (Total:244.96 GB) (Free:45.1 GB) NTFS
Drive e: () (CDROM) (Total:4.38 GB) (Free:0.01 GB) UDF
 
\\?\Volume{192deb17-b7e7-11e5-8856-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AACEA11C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=245 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220.7 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
I have excellent news RKinner! When I rebooted into Windows Regular mode after all your troubleshooting advice, something happened like never before,when I logged 
in as the original Administrator, I noticed the Malwarebytes icon sitting in the Taskbar! It was never there ever since my PC 
was hit with these issues.My heart skipped a beat, and I felt something  was up.
When I tried to start,and open my executable files and run as Admin, they worked! I tried various files and they all 
worked.
Then I tried to open and run my Thunderbird email client and Firefox browser.And both are now working! You've done it RKinner!
You are every bit the Microsoft MVP that you are! Thank you so very much!  :geek:  :spoton:  :D  :yes: 
 
Btw, I do have a couple of questions for you.What do I do now with the creation of the new Administrator? Is it safe to just 
delete it?
What do you conclude was wrong with my computer and what can I do to prevent a future recurrence?
Once again,thank you very much RKinner, you have saved me from further complications and the hassle of re-imaging my Windows installation.

  • 0

#6
RKinner
Posted 16 July 2018 - 01:33 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

I'm not sure.  The fixlist took out a bunch of stuff.  Expect it was the Everything from SecureAge.  I didn't see it in your Installed list.  Supposed to be a legit search engine but perhaps not.  Also took out S A S  and iobit both of which I just personally don't like.  

 

Your Gom Player is not happy.  Best to uninstall it.

 

You can just go in to User Accounts and remove the new account.

 

I am working on an old laptop today.  My office is being painted.  The laptop doesn't have my library of canned fixes so can't really do much.  I would rerun sfc /scannow and create the text file again and see if things are any better.  Sometimes things get fixed after a reboot.

 

I would also like to see a FRST scan in regular mode.


  • 0

#7
MagickMage
Posted 17 July 2018 - 06:18 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Greetings RKinner.Thank you for your immense help.You have suggested that I rerun the Command Prompt command lines again but this time in Windows Regular mode.The command sfc  /scannow
It gave the following output
Verification 100% complete.
Windows Resource Protection found corrupt files but was unable to fix some of them.
Details are included in the CBS log. Log windir\Logs\CBS\CBS.log.For example C:\Windows\Logs\CBS\CBS.log
 
and the command findstr  /c:"[SR]"  \windows\logs\cbs
 
\cbs.log  >  %UserProfile%\desktop\junk.txt    produced the file junk.txt
 
 
Here are the contents of Junk.txt
 
 
 
2018-07-16 15:49:08, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:08, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:09, Info                  CSI    0000000c [SR] Verify complete
2018-07-16 15:49:10, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:10, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:12, Info                  CSI    00000010 [SR] Verify complete
2018-07-16 15:49:14, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:14, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:16, Info                  CSI    00000014 [SR] Verify complete
2018-07-16 15:49:17, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:17, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:18, Info                  CSI    00000018 [SR] Verify complete
2018-07-16 15:49:20, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:20, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:22, Info                  CSI    0000001c [SR] Verify complete
2018-07-16 15:49:22, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:22, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:24, Info                  CSI    00000020 [SR] Verify complete
2018-07-16 15:49:25, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:25, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:27, Info                  CSI    00000024 [SR] Verify complete
2018-07-16 15:49:28, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:28, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:30, Info                  CSI    00000028 [SR] Verify complete
2018-07-16 15:49:31, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:31, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:33, Info                  CSI    0000002c [SR] Verify complete
2018-07-16 15:49:34, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:34, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:36, Info                  CSI    00000030 [SR] Verify complete
2018-07-16 15:49:37, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:37, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:39, Info                  CSI    00000034 [SR] Verify complete
2018-07-16 15:49:40, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:40, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:42, Info                  CSI    00000038 [SR] Verify complete
2018-07-16 15:49:43, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:43, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:44, Info                  CSI    0000003c [SR] Verify complete
2018-07-16 15:49:45, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:45, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:47, Info                  CSI    00000040 [SR] Verify complete
2018-07-16 15:49:48, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:48, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:49, Info                  CSI    00000044 [SR] Verify complete
2018-07-16 15:49:50, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:50, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:51, Info                  CSI    00000048 [SR] Verify complete
2018-07-16 15:49:52, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:52, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:53, Info                  CSI    0000004c [SR] Verify complete
2018-07-16 15:49:54, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:54, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2018-07-16 15:49:56, Info                  CSI    00000050 [SR] Verify complete
2018-07-16 15:49:57, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:49:57, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:01, Info                  CSI    00000054 [SR] Verify complete
2018-07-16 15:50:02, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:02, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:03, Info                  CSI    00000058 [SR] Verify complete
2018-07-16 15:50:04, Info                  CSI    00000059 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:04, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:07, Info                  CSI    0000005c [SR] Verify complete
2018-07-16 15:50:08, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:08, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:10, Info                  CSI    00000060 [SR] Verify complete
2018-07-16 15:50:10, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:10, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:13, Info                  CSI    00000064 [SR] Verify complete
2018-07-16 15:50:13, Info                  CSI    00000065 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:13, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:15, Info                  CSI    00000068 [SR] Verify complete
2018-07-16 15:50:15, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:15, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:18, Info                  CSI    0000006c [SR] Verify complete
2018-07-16 15:50:18, Info                  CSI    0000006d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:18, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:20, Info                  CSI    00000070 [SR] Verify complete
2018-07-16 15:50:21, Info                  CSI    00000071 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:21, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:22, Info                  CSI    00000074 [SR] Verify complete
2018-07-16 15:50:23, Info                  CSI    00000075 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:23, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:25, Info                  CSI    00000078 [SR] Verify complete
2018-07-16 15:50:26, Info                  CSI    00000079 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:26, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:31, Info                  CSI    0000007c [SR] Verify complete
2018-07-16 15:50:31, Info                  CSI    0000007d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:31, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:36, Info                  CSI    00000080 [SR] Verify complete
2018-07-16 15:50:36, Info                  CSI    00000081 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:36, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:39, Info                  CSI    00000084 [SR] Verify complete
2018-07-16 15:50:39, Info                  CSI    00000085 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:39, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:45, Info                  CSI    00000088 [SR] Verify complete
2018-07-16 15:50:45, Info                  CSI    00000089 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:45, Info                  CSI    0000008a [SR] Beginning Verify and Repair transaction
2018-07-16 15:50:55, Info                  CSI    0000008e [SR] Verify complete
2018-07-16 15:50:56, Info                  CSI    0000008f [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:50:56, Info                  CSI    00000090 [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:02, Info                  CSI    00000094 [SR] Verify complete
2018-07-16 15:51:02, Info                  CSI    00000095 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:02, Info                  CSI    00000096 [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:07, Info                  CSI    00000099 [SR] Verify complete
2018-07-16 15:51:07, Info                  CSI    0000009a [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:07, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:13, Info                  CSI    0000009d [SR] Verify complete
2018-07-16 15:51:14, Info                  CSI    0000009e [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:14, Info                  CSI    0000009f [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:21, Info                  CSI    000000c1 [SR] Verify complete
2018-07-16 15:51:22, Info                  CSI    000000c2 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:22, Info                  CSI    000000c3 [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:29, Info                  CSI    000000c8 [SR] Verify complete
2018-07-16 15:51:29, Info                  CSI    000000c9 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:29, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:35, Info                  CSI    000000cc [SR] Verify complete
2018-07-16 15:51:36, Info                  CSI    000000cd [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:36, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:41, Info                  CSI    000000d0 [SR] Verify complete
2018-07-16 15:51:42, Info                  CSI    000000d1 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:42, Info                  CSI    000000d2 [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:47, Info                  CSI    000000d4 [SR] Verify complete
2018-07-16 15:51:47, Info                  CSI    000000d5 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:47, Info                  CSI    000000d6 [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:53, Info                  CSI    000000d8 [SR] Verify complete
2018-07-16 15:51:53, Info                  CSI    000000d9 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:51:53, Info                  CSI    000000da [SR] Beginning Verify and Repair transaction
2018-07-16 15:51:59, Info                  CSI    000000dc [SR] Verify complete
2018-07-16 15:52:00, Info                  CSI    000000dd [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:00, Info                  CSI    000000de [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:08, Info                  CSI    000000e2 [SR] Verify complete
2018-07-16 15:52:08, Info                  CSI    000000e3 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:08, Info                  CSI    000000e4 [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:16, Info                  CSI    00000105 [SR] Verify complete
2018-07-16 15:52:17, Info                  CSI    00000106 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:17, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:29, Info                  CSI    00000109 [SR] Verify complete
2018-07-16 15:52:29, Info                  CSI    0000010a [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:29, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:40, Info                  CSI    0000010d [SR] Verify complete
2018-07-16 15:52:40, Info                  CSI    0000010e [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:40, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:44, Info                  CSI    00000113 [SR] Verify complete
2018-07-16 15:52:44, Info                  CSI    00000114 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:44, Info                  CSI    00000115 [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:48, Info                  CSI    00000117 [SR] Verify complete
2018-07-16 15:52:48, Info                  CSI    00000118 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:48, Info                  CSI    00000119 [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:50, Info                  CSI    0000011b [SR] Verify complete
2018-07-16 15:52:51, Info                  CSI    0000011c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:51, Info                  CSI    0000011d [SR] Beginning Verify and Repair transaction
2018-07-16 15:52:57, Info                  CSI    0000011f [SR] Verify complete
2018-07-16 15:52:57, Info                  CSI    00000120 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:52:57, Info                  CSI    00000121 [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:03, Info                  CSI    00000134 [SR] Verify complete
2018-07-16 15:53:03, Info                  CSI    00000135 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:03, Info                  CSI    00000136 [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:06, Info                  CSI    00000138 [SR] Verify complete
2018-07-16 15:53:07, Info                  CSI    00000139 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:07, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:12, Info                  CSI    0000013c [SR] Verify complete
2018-07-16 15:53:12, Info                  CSI    0000013d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:12, Info                  CSI    0000013e [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:16, Info                  CSI    00000140 [SR] Verify complete
2018-07-16 15:53:16, Info                  CSI    00000141 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:16, Info                  CSI    00000142 [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:25, Info                  CSI    00000145 [SR] Verify complete
2018-07-16 15:53:26, Info                  CSI    00000146 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:26, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:36, Info                  CSI    0000014a [SR] Verify complete
2018-07-16 15:53:36, Info                  CSI    0000014b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:36, Info                  CSI    0000014c [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:39, Info                  CSI    0000014e [SR] Verify complete
2018-07-16 15:53:39, Info                  CSI    0000014f [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:39, Info                  CSI    00000150 [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:42, Info                  CSI    00000152 [SR] Verify complete
2018-07-16 15:53:42, Info                  CSI    00000153 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:42, Info                  CSI    00000154 [SR] Beginning Verify and Repair transaction
2018-07-16 15:53:52, Info                  CSI    00000156 [SR] Verify complete
2018-07-16 15:53:52, Info                  CSI    00000157 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:53:52, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2018-07-16 15:54:00, Info                  CSI    0000015a [SR] Verify complete
2018-07-16 15:54:00, Info                  CSI    0000015b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:54:00, Info                  CSI    0000015c [SR] Beginning Verify and Repair transaction
2018-07-16 15:54:06, Info                  CSI    0000015e [SR] Verify complete
2018-07-16 15:54:06, Info                  CSI    0000015f [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:54:06, Info                  CSI    00000160 [SR] Beginning Verify and Repair transaction
2018-07-16 15:54:19, Info                  CSI    00000178 [SR] Verify complete
2018-07-16 15:54:20, Info                  CSI    00000179 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:54:20, Info                  CSI    0000017a [SR] Beginning Verify and Repair transaction
2018-07-16 15:54:25, Info                  CSI    0000017c [SR] Verify complete
2018-07-16 15:54:25, Info                  CSI    0000017d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:54:25, Info                  CSI    0000017e [SR] Beginning Verify and Repair transaction
2018-07-16 15:54:42, Info                  CSI    00000180 [SR] Verify complete
2018-07-16 15:54:42, Info                  CSI    00000181 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:54:42, Info                  CSI    00000182 [SR] Beginning Verify and Repair transaction
2018-07-16 15:54:49, Info                  CSI    00000185 [SR] Verify complete
2018-07-16 15:54:50, Info                  CSI    00000186 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:54:50, Info                  CSI    00000187 [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:02, Info                  CSI    00000189 [SR] Verify complete
2018-07-16 15:55:02, Info                  CSI    0000018a [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:02, Info                  CSI    0000018b [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:11, Info                  CSI    0000018d [SR] Verify complete
2018-07-16 15:55:11, Info                  CSI    0000018e [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:11, Info                  CSI    0000018f [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:18, Info                  CSI    00000191 [SR] Verify complete
2018-07-16 15:55:18, Info                  CSI    00000192 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:18, Info                  CSI    00000193 [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:24, Info                  CSI    00000195 [SR] Verify complete
2018-07-16 15:55:25, Info                  CSI    00000196 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:25, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:30, Info                  CSI    0000019b [SR] Verify complete
2018-07-16 15:55:30, Info                  CSI    0000019c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:30, Info                  CSI    0000019d [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:36, Info                  CSI    0000019f [SR] Verify complete
2018-07-16 15:55:37, Info                  CSI    000001a0 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:37, Info                  CSI    000001a1 [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:42, Info                  CSI    000001a3 [SR] Cannot repair member file [l:34{17}]"windeploy.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:42, Info                  CSI    000001a5 [SR] Cannot repair member file [l:32{16}]"WinLGDep.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:42, Info                  CSI    000001a7 [SR] Cannot repair member file [l:26{13}]"audit.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:42, Info                  CSI    000001a9 [SR] Cannot repair member file [l:26{13}]"setup.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:43, Info                  CSI    000001ab [SR] Cannot repair member file [l:32{16}]"W32UIRes.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:43, Info                  CSI    000001ad [SR] Cannot repair member file [l:30{15}]"oobeldr.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001af [SR] Cannot repair member file [l:34{17}]"windeploy.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001b0 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 15:55:45, Info                  CSI    000001b2 [SR] Cannot repair member file [l:32{16}]"WinLGDep.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001b3 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 15:55:45, Info                  CSI    000001b5 [SR] Cannot repair member file [l:26{13}]"audit.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001b6 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 15:55:45, Info                  CSI    000001b8 [SR] Cannot repair member file [l:26{13}]"setup.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001b9 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 15:55:45, Info                  CSI    000001bb [SR] Cannot repair member file [l:32{16}]"W32UIRes.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001bc [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 15:55:45, Info                  CSI    000001be [SR] Cannot repair member file [l:30{15}]"oobeldr.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 15:55:45, Info                  CSI    000001bf [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 15:55:45, Info                  CSI    000001c2 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:34{17}]"windeploy.exe.mui"; source file in store is also corrupted
2018-07-16 15:55:45, Info                  CSI    000001c5 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:32{16}]"WinLGDep.dll.mui"; source file in store is also corrupted
2018-07-16 15:55:45, Info                  CSI    000001c8 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:26{13}]"audit.exe.mui"; source file in store is also corrupted
2018-07-16 15:55:45, Info                  CSI    000001cb [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:26{13}]"setup.exe.mui"; source file in store is also corrupted
2018-07-16 15:55:45, Info                  CSI    000001ce [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:32{16}]"W32UIRes.dll.mui"; source file in store is also corrupted
2018-07-16 15:55:45, Info                  CSI    000001d1 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:30{15}]"oobeldr.exe.mui"; source file in store is also corrupted
2018-07-16 15:55:51, Info                  CSI    000001d3 [SR] Verify complete
2018-07-16 15:55:52, Info                  CSI    000001d4 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:55:52, Info                  CSI    000001d5 [SR] Beginning Verify and Repair transaction
2018-07-16 15:55:57, Info                  CSI    000001d7 [SR] Cannot repair member file [l:24{12}]"spwizimg.dll" of 
 
Microsoft-Windows-Setup-Navigation-Wizard-Framework, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture 
 
neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral 
 
in the store, hash mismatch
2018-07-16 15:55:59, Info                  CSI    000001d9 [SR] Cannot repair member file [l:24{12}]"spwizimg.dll" of 
 
Microsoft-Windows-Setup-Navigation-Wizard-Framework, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture 
 
neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral 
 
in the store, hash mismatch
2018-07-16 15:55:59, Info                  CSI    000001da [SR] This component was referenced by [l:202{101}]"Microsoft-
 
Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2018-07-16 15:55:59, Info                  CSI    000001dd [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??
 
\C:\Windows\System32"\[l:24{12}]"spwizimg.dll"; source file in store is also corrupted
2018-07-16 15:56:01, Info                  CSI    000001e0 [SR] Verify complete
2018-07-16 15:56:01, Info                  CSI    000001e1 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:01, Info                  CSI    000001e2 [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:08, Info                  CSI    000001e5 [SR] Verify complete
2018-07-16 15:56:08, Info                  CSI    000001e6 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:08, Info                  CSI    000001e7 [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:14, Info                  CSI    000001e9 [SR] Cannot repair member file [l:24{12}]"W32UIRes.dll" of 
 
Microsoft-Windows-Setup-Component, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, 
 
VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the 
 
store, hash mismatch
2018-07-16 15:56:14, Info                  CSI    000001eb [SR] Cannot repair member file [l:24{12}]"W32UIRes.dll" of 
 
Microsoft-Windows-Setup-Component, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, 
 
VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the 
 
store, hash mismatch
2018-07-16 15:56:14, Info                  CSI    000001ec [SR] This component was referenced by [l:202{101}]"Microsoft-
 
Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2018-07-16 15:56:14, Info                  CSI    000001ef [SR] Could not reproject corrupted file [ml:520{260},l:56{28}]"\??
 
\C:\Windows\System32\oobe"\[l:24{12}]"W32UIRes.dll"; source file in store is also corrupted
2018-07-16 15:56:15, Info                  CSI    000001f1 [SR] Verify complete
2018-07-16 15:56:16, Info                  CSI    000001f2 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:16, Info                  CSI    000001f3 [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:26, Info                  CSI    000001f6 [SR] Verify complete
2018-07-16 15:56:26, Info                  CSI    000001f7 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:26, Info                  CSI    000001f8 [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:33, Info                  CSI    000001fa [SR] Verify complete
2018-07-16 15:56:34, Info                  CSI    000001fb [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:34, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:39, Info                  CSI    000001fe [SR] Verify complete
2018-07-16 15:56:40, Info                  CSI    000001ff [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:40, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:48, Info                  CSI    00000202 [SR] Verify complete
2018-07-16 15:56:48, Info                  CSI    00000203 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:48, Info                  CSI    00000204 [SR] Beginning Verify and Repair transaction
2018-07-16 15:56:56, Info                  CSI    00000207 [SR] Verify complete
2018-07-16 15:56:57, Info                  CSI    00000208 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:56:57, Info                  CSI    00000209 [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:04, Info                  CSI    0000020c [SR] Verify complete
2018-07-16 15:57:04, Info                  CSI    0000020d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:04, Info                  CSI    0000020e [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:09, Info                  CSI    00000210 [SR] Verify complete
2018-07-16 15:57:10, Info                  CSI    00000211 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:10, Info                  CSI    00000212 [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:16, Info                  CSI    00000215 [SR] Verify complete
2018-07-16 15:57:16, Info                  CSI    00000216 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:16, Info                  CSI    00000217 [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:23, Info                  CSI    0000021a [SR] Verify complete
2018-07-16 15:57:24, Info                  CSI    0000021b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:24, Info                  CSI    0000021c [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:30, Info                  CSI    0000021f [SR] Verify complete
2018-07-16 15:57:31, Info                  CSI    00000220 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:31, Info                  CSI    00000221 [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:39, Info                  CSI    00000223 [SR] Verify complete
2018-07-16 15:57:40, Info                  CSI    00000224 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:40, Info                  CSI    00000225 [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:48, Info                  CSI    00000228 [SR] Verify complete
2018-07-16 15:57:48, Info                  CSI    00000229 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:48, Info                  CSI    0000022a [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:52, Info                  CSI    0000022c [SR] Verify complete
2018-07-16 15:57:52, Info                  CSI    0000022d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:52, Info                  CSI    0000022e [SR] Beginning Verify and Repair transaction
2018-07-16 15:57:55, Info                  CSI    00000230 [SR] Verify complete
2018-07-16 15:57:55, Info                  CSI    00000231 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:57:55, Info                  CSI    00000232 [SR] Beginning Verify and Repair transaction
2018-07-16 15:58:01, Info                  CSI    00000234 [SR] Verify complete
2018-07-16 15:58:01, Info                  CSI    00000235 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:58:01, Info                  CSI    00000236 [SR] Beginning Verify and Repair transaction
2018-07-16 15:58:07, Info                  CSI    00000238 [SR] Verify complete
2018-07-16 15:58:08, Info                  CSI    00000239 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:58:08, Info                  CSI    0000023a [SR] Beginning Verify and Repair transaction
2018-07-16 15:58:15, Info                  CSI    0000023c [SR] Verify complete
2018-07-16 15:58:15, Info                  CSI    0000023d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:58:15, Info                  CSI    0000023e [SR] Beginning Verify and Repair transaction
2018-07-16 15:58:19, Info                  CSI    00000240 [SR] Verify complete
2018-07-16 15:58:19, Info                  CSI    00000241 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:58:19, Info                  CSI    00000242 [SR] Beginning Verify and Repair transaction
2018-07-16 15:58:27, Info                  CSI    00000244 [SR] Verify complete
2018-07-16 15:58:27, Info                  CSI    00000245 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:58:27, Info                  CSI    00000246 [SR] Beginning Verify and Repair transaction
2018-07-16 15:58:45, Info                  CSI    00000248 [SR] Verify complete
2018-07-16 15:58:45, Info                  CSI    00000249 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:58:45, Info                  CSI    0000024a [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:08, Info                  CSI    0000024c [SR] Verify complete
2018-07-16 15:59:08, Info                  CSI    0000024d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:08, Info                  CSI    0000024e [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:20, Info                  CSI    00000250 [SR] Verify complete
2018-07-16 15:59:20, Info                  CSI    00000251 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:20, Info                  CSI    00000252 [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:27, Info                  CSI    00000254 [SR] Verify complete
2018-07-16 15:59:27, Info                  CSI    00000255 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:27, Info                  CSI    00000256 [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:30, Info                  CSI    00000258 [SR] Verify complete
2018-07-16 15:59:30, Info                  CSI    00000259 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:30, Info                  CSI    0000025a [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:38, Info                  CSI    0000025c [SR] Verify complete
2018-07-16 15:59:38, Info                  CSI    0000025d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:38, Info                  CSI    0000025e [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:44, Info                  CSI    00000260 [SR] Verify complete
2018-07-16 15:59:44, Info                  CSI    00000261 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:44, Info                  CSI    00000262 [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:46, Info                  CSI    00000264 [SR] Verify complete
2018-07-16 15:59:47, Info                  CSI    00000265 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:47, Info                  CSI    00000266 [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:48, Info                  CSI    00000268 [SR] Verify complete
2018-07-16 15:59:48, Info                  CSI    00000269 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:48, Info                  CSI    0000026a [SR] Beginning Verify and Repair transaction
2018-07-16 15:59:53, Info                  CSI    00000272 [SR] Verify complete
2018-07-16 15:59:54, Info                  CSI    00000273 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 15:59:54, Info                  CSI    00000274 [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:00, Info                  CSI    00000276 [SR] Verify complete
2018-07-16 16:00:00, Info                  CSI    00000277 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:00, Info                  CSI    00000278 [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:04, Info                  CSI    0000027a [SR] Verify complete
2018-07-16 16:00:05, Info                  CSI    0000027b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:05, Info                  CSI    0000027c [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:09, Info                  CSI    0000027e [SR] Verify complete
2018-07-16 16:00:10, Info                  CSI    0000027f [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:10, Info                  CSI    00000280 [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:16, Info                  CSI    00000282 [SR] Verify complete
2018-07-16 16:00:16, Info                  CSI    00000283 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:16, Info                  CSI    00000284 [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:24, Info                  CSI    00000287 [SR] Verify complete
2018-07-16 16:00:25, Info                  CSI    00000288 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:25, Info                  CSI    00000289 [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:32, Info                  CSI    0000028b [SR] Verify complete
2018-07-16 16:00:32, Info                  CSI    0000028c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:32, Info                  CSI    0000028d [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:37, Info                  CSI    0000028f [SR] Verify complete
2018-07-16 16:00:38, Info                  CSI    00000290 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:38, Info                  CSI    00000291 [SR] Beginning Verify and Repair transaction
2018-07-16 16:00:47, Info                  CSI    00000293 [SR] Verify complete
2018-07-16 16:00:47, Info                  CSI    00000294 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:00:47, Info                  CSI    00000295 [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:01, Info                  CSI    0000029a [SR] Verify complete
2018-07-16 16:01:02, Info                  CSI    0000029b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:02, Info                  CSI    0000029c [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:11, Info                  CSI    000002a1 [SR] Verify complete
2018-07-16 16:01:11, Info                  CSI    000002a2 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:11, Info                  CSI    000002a3 [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:19, Info                  CSI    000002a6 [SR] Verify complete
2018-07-16 16:01:19, Info                  CSI    000002a7 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:19, Info                  CSI    000002a8 [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:26, Info                  CSI    000002b5 [SR] Verify complete
2018-07-16 16:01:27, Info                  CSI    000002b6 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:27, Info                  CSI    000002b7 [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:36, Info                  CSI    000002bd [SR] Verify complete
2018-07-16 16:01:36, Info                  CSI    000002be [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:36, Info                  CSI    000002bf [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:43, Info                  CSI    000002c1 [SR] Verify complete
2018-07-16 16:01:43, Info                  CSI    000002c2 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:43, Info                  CSI    000002c3 [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:48, Info                  CSI    000002c7 [SR] Verify complete
2018-07-16 16:01:48, Info                  CSI    000002c8 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:48, Info                  CSI    000002c9 [SR] Beginning Verify and Repair transaction
2018-07-16 16:01:57, Info                  CSI    000002cc [SR] Verify complete
2018-07-16 16:01:57, Info                  CSI    000002cd [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:01:57, Info                  CSI    000002ce [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:04, Info                  CSI    000002f2 [SR] Verify complete
2018-07-16 16:02:05, Info                  CSI    000002f3 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:05, Info                  CSI    000002f4 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:10, Info                  CSI    000002f6 [SR] Verify complete
2018-07-16 16:02:10, Info                  CSI    000002f7 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:10, Info                  CSI    000002f8 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:14, Info                  CSI    000002fa [SR] Verify complete
2018-07-16 16:02:15, Info                  CSI    000002fb [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:15, Info                  CSI    000002fc [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:20, Info                  CSI    000002fe [SR] Verify complete
2018-07-16 16:02:20, Info                  CSI    000002ff [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:20, Info                  CSI    00000300 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:28, Info                  CSI    0000030e [SR] Verify complete
2018-07-16 16:02:28, Info                  CSI    0000030f [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:28, Info                  CSI    00000310 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:38, Info                  CSI    00000312 [SR] Verify complete
2018-07-16 16:02:38, Info                  CSI    00000313 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:38, Info                  CSI    00000314 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:45, Info                  CSI    00000322 [SR] Verify complete
2018-07-16 16:02:45, Info                  CSI    00000323 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:45, Info                  CSI    00000324 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:48, Info                  CSI    00000326 [SR] Verify complete
2018-07-16 16:02:48, Info                  CSI    00000327 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:48, Info                  CSI    00000328 [SR] Beginning Verify and Repair transaction
2018-07-16 16:02:54, Info                  CSI    0000032a [SR] Verify complete
2018-07-16 16:02:54, Info                  CSI    0000032b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:02:54, Info                  CSI    0000032c [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:00, Info                  CSI    0000032f [SR] Verify complete
2018-07-16 16:03:00, Info                  CSI    00000330 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:00, Info                  CSI    00000331 [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:03, Info                  CSI    00000333 [SR] Verify complete
2018-07-16 16:03:03, Info                  CSI    00000334 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:03, Info                  CSI    00000335 [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:13, Info                  CSI    00000337 [SR] Verify complete
2018-07-16 16:03:13, Info                  CSI    00000338 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:13, Info                  CSI    00000339 [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:19, Info                  CSI    0000033b [SR] Verify complete
2018-07-16 16:03:19, Info                  CSI    0000033c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:19, Info                  CSI    0000033d [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:28, Info                  CSI    0000034c [SR] Verify complete
2018-07-16 16:03:28, Info                  CSI    0000034d [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:28, Info                  CSI    0000034e [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:36, Info                  CSI    0000035b [SR] Verify complete
2018-07-16 16:03:36, Info                  CSI    0000035c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:36, Info                  CSI    0000035d [SR] Beginning Verify and Repair transaction
2018-07-16 16:03:50, Info                  CSI    0000035f [SR] Cannot repair member file [l:30{15}]"notepad.exe.mui" of 
 
Microsoft-Windows-notepad.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-
 
US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in 
 
the store, hash mismatch
2018-07-16 16:03:50, Info                  CSI    00000361 [SR] Cannot repair member file [l:30{15}]"notepad.exe.mui" of 
 
Microsoft-Windows-notepad.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-
 
US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in 
 
the store, hash mismatch
2018-07-16 16:03:50, Info                  CSI    00000362 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:03:50, Info                  CSI    00000365 [SR] Could not reproject corrupted file [ml:60{30},l:58{29}]"\??
 
\C:\Windows\SysWOW64\en-US"\[l:30{15}]"notepad.exe.mui"; source file in store is also corrupted
2018-07-16 16:03:55, Info                  CSI    00000367 [SR] Verify complete
2018-07-16 16:03:56, Info                  CSI    00000368 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:03:56, Info                  CSI    00000369 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:00, Info                  CSI    0000036b [SR] Verify complete
2018-07-16 16:04:01, Info                  CSI    0000036c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:01, Info                  CSI    0000036d [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:05, Info                  CSI    0000036f [SR] Verify complete
2018-07-16 16:04:06, Info                  CSI    00000370 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:06, Info                  CSI    00000371 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:10, Info                  CSI    00000375 [SR] Verify complete
2018-07-16 16:04:10, Info                  CSI    00000376 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:10, Info                  CSI    00000377 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:14, Info                  CSI    00000379 [SR] Verify complete
2018-07-16 16:04:14, Info                  CSI    0000037a [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:14, Info                  CSI    0000037b [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:19, Info                  CSI    0000037d [SR] Verify complete
2018-07-16 16:04:20, Info                  CSI    0000037e [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:20, Info                  CSI    0000037f [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:24, Info                  CSI    00000381 [SR] Verify complete
2018-07-16 16:04:24, Info                  CSI    00000382 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:24, Info                  CSI    00000383 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:30, Info                  CSI    00000386 [SR] Verify complete
2018-07-16 16:04:31, Info                  CSI    00000387 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:31, Info                  CSI    00000388 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:36, Info                  CSI    0000038a [SR] Verify complete
2018-07-16 16:04:36, Info                  CSI    0000038b [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:36, Info                  CSI    0000038c [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:41, Info                  CSI    0000038e [SR] Verify complete
2018-07-16 16:04:42, Info                  CSI    0000038f [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:42, Info                  CSI    00000390 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:47, Info                  CSI    00000392 [SR] Verify complete
2018-07-16 16:04:47, Info                  CSI    00000393 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:47, Info                  CSI    00000394 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:52, Info                  CSI    00000397 [SR] Verify complete
2018-07-16 16:04:52, Info                  CSI    00000398 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:52, Info                  CSI    00000399 [SR] Beginning Verify and Repair transaction
2018-07-16 16:04:58, Info                  CSI    0000039b [SR] Verify complete
2018-07-16 16:04:58, Info                  CSI    0000039c [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:04:58, Info                  CSI    0000039d [SR] Beginning Verify and Repair transaction
2018-07-16 16:05:05, Info                  CSI    0000039f [SR] Verify complete
2018-07-16 16:05:05, Info                  CSI    000003a0 [SR] Verifying 100 (0x0000000000000064) components
2018-07-16 16:05:05, Info                  CSI    000003a1 [SR] Beginning Verify and Repair transaction
2018-07-16 16:05:11, Info                  CSI    000003a3 [SR] Verify complete
2018-07-16 16:05:11, Info                  CSI    000003a4 [SR] Verifying 71 (0x0000000000000047) components
2018-07-16 16:05:11, Info                  CSI    000003a5 [SR] Beginning Verify and Repair transaction
2018-07-16 16:05:14, Info                  CSI    000003a7 [SR] Verify complete
2018-07-16 16:05:14, Info                  CSI    000003a8 [SR] Repairing 4 components
2018-07-16 16:05:14, Info                  CSI    000003a9 [SR] Beginning Verify and Repair transaction
2018-07-16 16:05:14, Info                  CSI    000003ab [SR] Cannot repair member file [l:34{17}]"windeploy.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003ad [SR] Cannot repair member file [l:32{16}]"WinLGDep.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003af [SR] Cannot repair member file [l:26{13}]"audit.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003b1 [SR] Cannot repair member file [l:26{13}]"setup.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003b3 [SR] Cannot repair member file [l:32{16}]"W32UIRes.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003b5 [SR] Cannot repair member file [l:30{15}]"oobeldr.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003b7 [SR] Cannot repair member file [l:24{12}]"spwizimg.dll" of 
 
Microsoft-Windows-Setup-Navigation-Wizard-Framework, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture 
 
neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral 
 
in the store, hash mismatch
2018-07-16 16:05:14, Info                  CSI    000003b9 [SR] Cannot repair member file [l:24{12}]"W32UIRes.dll" of 
 
Microsoft-Windows-Setup-Component, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, 
 
VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the 
 
store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003bb [SR] Cannot repair member file [l:30{15}]"notepad.exe.mui" of 
 
Microsoft-Windows-notepad.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-
 
US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in 
 
the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003bd [SR] Cannot repair member file [l:34{17}]"windeploy.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003be [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003c0 [SR] Cannot repair member file [l:32{16}]"WinLGDep.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003c1 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003c3 [SR] Cannot repair member file [l:26{13}]"audit.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003c4 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003c6 [SR] Cannot repair member file [l:26{13}]"setup.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003c7 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003c9 [SR] Cannot repair member file [l:32{16}]"W32UIRes.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003ca [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003cc [SR] Cannot repair member file [l:30{15}]"oobeldr.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003cd [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003d0 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:34{17}]"windeploy.exe.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003d3 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:32{16}]"WinLGDep.dll.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003d6 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:26{13}]"audit.exe.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003d9 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:26{13}]"setup.exe.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003dc [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:32{16}]"W32UIRes.dll.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003df [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:30{15}]"oobeldr.exe.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003e1 [SR] Cannot repair member file [l:24{12}]"spwizimg.dll" of 
 
Microsoft-Windows-Setup-Navigation-Wizard-Framework, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture 
 
neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral 
 
in the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003e2 [SR] This component was referenced by [l:202{101}]"Microsoft-
 
Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2018-07-16 16:05:15, Info                  CSI    000003e5 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??
 
\C:\Windows\System32"\[l:24{12}]"spwizimg.dll"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003e7 [SR] Cannot repair member file [l:30{15}]"notepad.exe.mui" of 
 
Microsoft-Windows-notepad.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-
 
US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in 
 
the store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003e8 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-16 16:05:15, Info                  CSI    000003eb [SR] Could not reproject corrupted file [ml:60{30},l:58{29}]"\??
 
\C:\Windows\SysWOW64\en-US"\[l:30{15}]"notepad.exe.mui"; source file in store is also corrupted
2018-07-16 16:05:15, Info                  CSI    000003ed [SR] Cannot repair member file [l:24{12}]"W32UIRes.dll" of 
 
Microsoft-Windows-Setup-Component, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, 
 
VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the 
 
store, hash mismatch
2018-07-16 16:05:15, Info                  CSI    000003ee [SR] This component was referenced by [l:202{101}]"Microsoft-
 
Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2018-07-16 16:05:16, Info                  CSI    000003f1 [SR] Could not reproject corrupted file [ml:520{260},l:56{28}]"\??
 
\C:\Windows\System32\oobe"\[l:24{12}]"W32UIRes.dll"; source file in store is also corrupted
2018-07-16 16:05:16, Info                  CSI    000003f3 [SR] Repair complete
2018-07-16 16:05:16, Info                  CSI    000003f4 [SR] Committing transaction
2018-07-16 16:05:16, Info                  CSI    000003f8 [SR] Verify and Repair Transaction completed. All files and 
 
registry keys listed in this transaction  have been successfully repaired
2018-07-17 18:52:47, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:52:47, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2018-07-17 18:52:50, Info                  CSI    0000000c [SR] Verify complete
2018-07-17 18:52:50, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:52:50, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2018-07-17 18:52:53, Info                  CSI    00000010 [SR] Verify complete
2018-07-17 18:52:54, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:52:54, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2018-07-17 18:52:57, Info                  CSI    00000014 [SR] Verify complete
2018-07-17 18:52:57, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:52:57, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2018-07-17 18:52:59, Info                  CSI    00000018 [SR] Verify complete
2018-07-17 18:53:00, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:00, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:03, Info                  CSI    0000001c [SR] Verify complete
2018-07-17 18:53:03, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:03, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:06, Info                  CSI    00000020 [SR] Verify complete
2018-07-17 18:53:07, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:07, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:09, Info                  CSI    00000024 [SR] Verify complete
2018-07-17 18:53:10, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:10, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:13, Info                  CSI    00000028 [SR] Verify complete
2018-07-17 18:53:13, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:13, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:15, Info                  CSI    0000002c [SR] Verify complete
2018-07-17 18:53:16, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:16, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:18, Info                  CSI    00000030 [SR] Verify complete
2018-07-17 18:53:19, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:19, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:21, Info                  CSI    00000034 [SR] Verify complete
2018-07-17 18:53:22, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:22, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:24, Info                  CSI    00000038 [SR] Verify complete
2018-07-17 18:53:25, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:25, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:27, Info                  CSI    0000003c [SR] Verify complete
2018-07-17 18:53:28, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:28, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:30, Info                  CSI    00000040 [SR] Verify complete
2018-07-17 18:53:31, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:31, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:33, Info                  CSI    00000044 [SR] Verify complete
2018-07-17 18:53:33, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:33, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:36, Info                  CSI    00000048 [SR] Verify complete
2018-07-17 18:53:36, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:36, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:38, Info                  CSI    0000004c [SR] Verify complete
2018-07-17 18:53:39, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:39, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:42, Info                  CSI    00000050 [SR] Verify complete
2018-07-17 18:53:42, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:42, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:48, Info                  CSI    00000054 [SR] Verify complete
2018-07-17 18:53:49, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:49, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:51, Info                  CSI    00000058 [SR] Verify complete
2018-07-17 18:53:51, Info                  CSI    00000059 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:51, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:56, Info                  CSI    0000005c [SR] Verify complete
2018-07-17 18:53:56, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:56, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2018-07-17 18:53:58, Info                  CSI    00000060 [SR] Verify complete
2018-07-17 18:53:59, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:53:59, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2018-07-17 18:54:02, Info                  CSI    00000064 [SR] Verify complete
2018-07-17 18:54:03, Info                  CSI    00000065 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:54:03, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2018-07-17 18:54:05, Info                  CSI    00000068 [SR] Verify complete
2018-07-17 18:54:05, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:54:05, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2018-07-17 18:54:09, Info                  CSI    0000006c [SR] Verify complete
2018-07-17 18:54:09, Info                  CSI    0000006d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:54:09, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2018-07-17 18:54:11, Info                  CSI    00000070 [SR] Verify complete
2018-07-17 18:54:12, Info                  CSI    00000071 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:54:12, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2018-07-17 18:54:15, Info                  CSI    00000074 [SR] Verify complete
2018-07-17 18:54:15, Info                  CSI    00000075 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:54:15, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2018-07-17 18:54:18, Info                  CSI    00000078 [SR] Verify complete
2018-07-17 18:54:18, Info                  CSI    00000079 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:54:18, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2018-07-17 18:54:26, Info                  CSI    0000007c [SR] Verify complete
2018-07-17 18:54:26, Info                  CSI    0000007d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:54:26, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2018-07-17 18:54:33, Info                  CSI    00000080 [SR] Verify complete
2018-07-17 18:54:33, Info                  CSI    00000081 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:54:33, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
2018-07-17 18:54:38, Info                  CSI    00000084 [SR] Verify complete
2018-07-17 18:54:38, Info                  CSI    00000085 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:54:38, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2018-07-17 18:54:45, Info                  CSI    00000088 [SR] Verify complete
2018-07-17 18:54:45, Info                  CSI    00000089 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:54:45, Info                  CSI    0000008a [SR] Beginning Verify and Repair transaction
2018-07-17 18:54:56, Info                  CSI    0000008e [SR] Verify complete
2018-07-17 18:54:57, Info                  CSI    0000008f [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:54:57, Info                  CSI    00000090 [SR] Beginning Verify and Repair transaction
2018-07-17 18:55:06, Info                  CSI    00000094 [SR] Verify complete
2018-07-17 18:55:06, Info                  CSI    00000095 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:55:06, Info                  CSI    00000096 [SR] Beginning Verify and Repair transaction
2018-07-17 18:55:12, Info                  CSI    00000099 [SR] Verify complete
2018-07-17 18:55:13, Info                  CSI    0000009a [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:55:13, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2018-07-17 18:55:20, Info                  CSI    0000009d [SR] Verify complete
2018-07-17 18:55:20, Info                  CSI    0000009e [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:55:20, Info                  CSI    0000009f [SR] Beginning Verify and Repair transaction
2018-07-17 18:55:30, Info                  CSI    000000c1 [SR] Verify complete
2018-07-17 18:55:30, Info                  CSI    000000c2 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:55:30, Info                  CSI    000000c3 [SR] Beginning Verify and Repair transaction
2018-07-17 18:55:38, Info                  CSI    000000c8 [SR] Verify complete
2018-07-17 18:55:38, Info                  CSI    000000c9 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:55:38, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
2018-07-17 18:55:47, Info                  CSI    000000cc [SR] Verify complete
2018-07-17 18:55:47, Info                  CSI    000000cd [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:55:47, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2018-07-17 18:55:55, Info                  CSI    000000d0 [SR] Verify complete
2018-07-17 18:55:55, Info                  CSI    000000d1 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:55:55, Info                  CSI    000000d2 [SR] Beginning Verify and Repair transaction
2018-07-17 18:56:02, Info                  CSI    000000d4 [SR] Verify complete
2018-07-17 18:56:02, Info                  CSI    000000d5 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:56:02, Info                  CSI    000000d6 [SR] Beginning Verify and Repair transaction
2018-07-17 18:56:10, Info                  CSI    000000d8 [SR] Verify complete
2018-07-17 18:56:11, Info                  CSI    000000d9 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:56:11, Info                  CSI    000000da [SR] Beginning Verify and Repair transaction
2018-07-17 18:56:19, Info                  CSI    000000dc [SR] Verify complete
2018-07-17 18:56:19, Info                  CSI    000000dd [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:56:19, Info                  CSI    000000de [SR] Beginning Verify and Repair transaction
2018-07-17 18:56:29, Info                  CSI    000000e2 [SR] Verify complete
2018-07-17 18:56:29, Info                  CSI    000000e3 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:56:29, Info                  CSI    000000e4 [SR] Beginning Verify and Repair transaction
2018-07-17 18:56:39, Info                  CSI    00000105 [SR] Verify complete
2018-07-17 18:56:39, Info                  CSI    00000106 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:56:39, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2018-07-17 18:56:51, Info                  CSI    00000109 [SR] Verify complete
2018-07-17 18:56:52, Info                  CSI    0000010a [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:56:52, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
2018-07-17 18:57:04, Info                  CSI    0000010d [SR] Verify complete
2018-07-17 18:57:05, Info                  CSI    0000010e [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:57:05, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2018-07-17 18:57:11, Info                  CSI    00000113 [SR] Verify complete
2018-07-17 18:57:11, Info                  CSI    00000114 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:57:11, Info                  CSI    00000115 [SR] Beginning Verify and Repair transaction
2018-07-17 18:57:15, Info                  CSI    00000117 [SR] Verify complete
2018-07-17 18:57:15, Info                  CSI    00000118 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:57:15, Info                  CSI    00000119 [SR] Beginning Verify and Repair transaction
2018-07-17 18:57:18, Info                  CSI    0000011b [SR] Verify complete
2018-07-17 18:57:18, Info                  CSI    0000011c [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:57:18, Info                  CSI    0000011d [SR] Beginning Verify and Repair transaction
2018-07-17 18:57:24, Info                  CSI    0000011f [SR] Verify complete
2018-07-17 18:57:25, Info                  CSI    00000120 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:57:25, Info                  CSI    00000121 [SR] Beginning Verify and Repair transaction
2018-07-17 18:57:31, Info                  CSI    00000134 [SR] Verify complete
2018-07-17 18:57:32, Info                  CSI    00000135 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:57:32, Info                  CSI    00000136 [SR] Beginning Verify and Repair transaction
2018-07-17 18:57:35, Info                  CSI    00000138 [SR] Verify complete
2018-07-17 18:57:36, Info                  CSI    00000139 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:57:36, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
2018-07-17 18:57:42, Info                  CSI    0000013c [SR] Verify complete
2018-07-17 18:57:42, Info                  CSI    0000013d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:57:42, Info                  CSI    0000013e [SR] Beginning Verify and Repair transaction
2018-07-17 18:57:46, Info                  CSI    00000140 [SR] Verify complete
2018-07-17 18:57:47, Info                  CSI    00000141 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:57:47, Info                  CSI    00000142 [SR] Beginning Verify and Repair transaction
2018-07-17 18:57:55, Info                  CSI    00000145 [SR] Verify complete
2018-07-17 18:57:56, Info                  CSI    00000146 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:57:56, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2018-07-17 18:58:08, Info                  CSI    0000014a [SR] Verify complete
2018-07-17 18:58:08, Info                  CSI    0000014b [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:58:08, Info                  CSI    0000014c [SR] Beginning Verify and Repair transaction
2018-07-17 18:58:13, Info                  CSI    0000014e [SR] Verify complete
2018-07-17 18:58:14, Info                  CSI    0000014f [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:58:14, Info                  CSI    00000150 [SR] Beginning Verify and Repair transaction
2018-07-17 18:58:17, Info                  CSI    00000152 [SR] Verify complete
2018-07-17 18:58:17, Info                  CSI    00000153 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:58:17, Info                  CSI    00000154 [SR] Beginning Verify and Repair transaction
2018-07-17 18:58:30, Info                  CSI    00000156 [SR] Verify complete
2018-07-17 18:58:30, Info                  CSI    00000157 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:58:30, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2018-07-17 18:58:39, Info                  CSI    0000015a [SR] Verify complete
2018-07-17 18:58:39, Info                  CSI    0000015b [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:58:39, Info                  CSI    0000015c [SR] Beginning Verify and Repair transaction
2018-07-17 18:58:47, Info                  CSI    0000015e [SR] Verify complete
2018-07-17 18:58:48, Info                  CSI    0000015f [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:58:48, Info                  CSI    00000160 [SR] Beginning Verify and Repair transaction
2018-07-17 18:59:00, Info                  CSI    00000178 [SR] Verify complete
2018-07-17 18:59:00, Info                  CSI    00000179 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:59:00, Info                  CSI    0000017a [SR] Beginning Verify and Repair transaction
2018-07-17 18:59:08, Info                  CSI    0000017c [SR] Verify complete
2018-07-17 18:59:09, Info                  CSI    0000017d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:59:09, Info                  CSI    0000017e [SR] Beginning Verify and Repair transaction
2018-07-17 18:59:26, Info                  CSI    00000180 [SR] Verify complete
2018-07-17 18:59:26, Info                  CSI    00000181 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:59:26, Info                  CSI    00000182 [SR] Beginning Verify and Repair transaction
2018-07-17 18:59:35, Info                  CSI    00000185 [SR] Verify complete
2018-07-17 18:59:35, Info                  CSI    00000186 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:59:35, Info                  CSI    00000187 [SR] Beginning Verify and Repair transaction
2018-07-17 18:59:50, Info                  CSI    00000189 [SR] Verify complete
2018-07-17 18:59:50, Info                  CSI    0000018a [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 18:59:50, Info                  CSI    0000018b [SR] Beginning Verify and Repair transaction
2018-07-17 19:00:01, Info                  CSI    0000018d [SR] Verify complete
2018-07-17 19:00:01, Info                  CSI    0000018e [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:00:01, Info                  CSI    0000018f [SR] Beginning Verify and Repair transaction
2018-07-17 19:00:09, Info                  CSI    00000191 [SR] Verify complete
2018-07-17 19:00:09, Info                  CSI    00000192 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:00:09, Info                  CSI    00000193 [SR] Beginning Verify and Repair transaction
2018-07-17 19:00:18, Info                  CSI    00000195 [SR] Verify complete
2018-07-17 19:00:18, Info                  CSI    00000196 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:00:18, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2018-07-17 19:00:26, Info                  CSI    0000019b [SR] Verify complete
2018-07-17 19:00:26, Info                  CSI    0000019c [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:00:26, Info                  CSI    0000019d [SR] Beginning Verify and Repair transaction
2018-07-17 19:00:34, Info                  CSI    0000019f [SR] Verify complete
2018-07-17 19:00:34, Info                  CSI    000001a0 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:00:34, Info                  CSI    000001a1 [SR] Beginning Verify and Repair transaction
2018-07-17 19:00:41, Info                  CSI    000001a3 [SR] Cannot repair member file [l:34{17}]"windeploy.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:00:41, Info                  CSI    000001a5 [SR] Cannot repair member file [l:32{16}]"WinLGDep.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:00:41, Info                  CSI    000001a7 [SR] Cannot repair member file [l:26{13}]"audit.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:00:41, Info                  CSI    000001a9 [SR] Cannot repair member file [l:26{13}]"setup.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:00:41, Info                  CSI    000001ab [SR] Cannot repair member file [l:32{16}]"W32UIRes.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:00:41, Info                  CSI    000001ad [SR] Cannot repair member file [l:30{15}]"oobeldr.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:00:44, Info                  CSI    000001af [SR] Cannot repair member file [l:34{17}]"windeploy.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:00:44, Info                  CSI    000001b0 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:00:44, Info                  CSI    000001b2 [SR] Cannot repair member file [l:32{16}]"WinLGDep.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:00:44, Info                  CSI    000001b3 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:00:44, Info                  CSI    000001b5 [SR] Cannot repair member file [l:26{13}]"audit.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:00:44, Info                  CSI    000001b6 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:00:44, Info                  CSI    000001b8 [SR] Cannot repair member file [l:26{13}]"setup.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:00:44, Info                  CSI    000001b9 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:00:44, Info                  CSI    000001bb [SR] Cannot repair member file [l:32{16}]"W32UIRes.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:00:44, Info                  CSI    000001bc [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:00:44, Info                  CSI    000001be [SR] Cannot repair member file [l:30{15}]"oobeldr.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:00:44, Info                  CSI    000001bf [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:00:44, Info                  CSI    000001c2 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:34{17}]"windeploy.exe.mui"; source file in store is also corrupted
2018-07-17 19:00:44, Info                  CSI    000001c5 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:32{16}]"WinLGDep.dll.mui"; source file in store is also corrupted
2018-07-17 19:00:44, Info                  CSI    000001c8 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:26{13}]"audit.exe.mui"; source file in store is also corrupted
2018-07-17 19:00:44, Info                  CSI    000001cb [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:26{13}]"setup.exe.mui"; source file in store is also corrupted
2018-07-17 19:00:44, Info                  CSI    000001ce [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:32{16}]"W32UIRes.dll.mui"; source file in store is also corrupted
2018-07-17 19:00:44, Info                  CSI    000001d1 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:30{15}]"oobeldr.exe.mui"; source file in store is also corrupted
2018-07-17 19:00:47, Info                  CSI    000001d3 [SR] Verify complete
2018-07-17 19:00:48, Info                  CSI    000001d4 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:00:48, Info                  CSI    000001d5 [SR] Beginning Verify and Repair transaction
2018-07-17 19:00:54, Info                  CSI    000001d7 [SR] Cannot repair member file [l:24{12}]"spwizimg.dll" of 
 
Microsoft-Windows-Setup-Navigation-Wizard-Framework, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture 
 
neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral 
 
in the store, hash mismatch
2018-07-17 19:00:57, Info                  CSI    000001d9 [SR] Cannot repair member file [l:24{12}]"spwizimg.dll" of 
 
Microsoft-Windows-Setup-Navigation-Wizard-Framework, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture 
 
neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral 
 
in the store, hash mismatch
2018-07-17 19:00:57, Info                  CSI    000001da [SR] This component was referenced by [l:202{101}]"Microsoft-
 
Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2018-07-17 19:00:57, Info                  CSI    000001dd [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??
 
\C:\Windows\System32"\[l:24{12}]"spwizimg.dll"; source file in store is also corrupted
2018-07-17 19:00:57, Info                  CSI    000001e0 [SR] Verify complete
2018-07-17 19:00:58, Info                  CSI    000001e1 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:00:58, Info                  CSI    000001e2 [SR] Beginning Verify and Repair transaction
2018-07-17 19:01:05, Info                  CSI    000001e5 [SR] Verify complete
2018-07-17 19:01:06, Info                  CSI    000001e6 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:01:06, Info                  CSI    000001e7 [SR] Beginning Verify and Repair transaction
2018-07-17 19:01:14, Info                  CSI    000001e9 [SR] Cannot repair member file [l:24{12}]"W32UIRes.dll" of 
 
Microsoft-Windows-Setup-Component, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, 
 
VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the 
 
store, hash mismatch
2018-07-17 19:01:15, Info                  CSI    000001eb [SR] Cannot repair member file [l:24{12}]"W32UIRes.dll" of 
 
Microsoft-Windows-Setup-Component, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, 
 
VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the 
 
store, hash mismatch
2018-07-17 19:01:15, Info                  CSI    000001ec [SR] This component was referenced by [l:202{101}]"Microsoft-
 
Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2018-07-17 19:01:15, Info                  CSI    000001ef [SR] Could not reproject corrupted file [ml:520{260},l:56{28}]"\??
 
\C:\Windows\System32\oobe"\[l:24{12}]"W32UIRes.dll"; source file in store is also corrupted
2018-07-17 19:01:15, Info                  CSI    000001f1 [SR] Verify complete
2018-07-17 19:01:16, Info                  CSI    000001f2 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:01:16, Info                  CSI    000001f3 [SR] Beginning Verify and Repair transaction
2018-07-17 19:01:27, Info                  CSI    000001f6 [SR] Verify complete
2018-07-17 19:01:28, Info                  CSI    000001f7 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:01:28, Info                  CSI    000001f8 [SR] Beginning Verify and Repair transaction
2018-07-17 19:01:34, Info                  CSI    000001fa [SR] Verify complete
2018-07-17 19:01:35, Info                  CSI    000001fb [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:01:35, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2018-07-17 19:01:42, Info                  CSI    000001fe [SR] Verify complete
2018-07-17 19:01:42, Info                  CSI    000001ff [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:01:42, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2018-07-17 19:01:51, Info                  CSI    00000202 [SR] Verify complete
2018-07-17 19:01:51, Info                  CSI    00000203 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:01:51, Info                  CSI    00000204 [SR] Beginning Verify and Repair transaction
2018-07-17 19:01:59, Info                  CSI    00000207 [SR] Verify complete
2018-07-17 19:01:59, Info                  CSI    00000208 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:01:59, Info                  CSI    00000209 [SR] Beginning Verify and Repair transaction
2018-07-17 19:02:07, Info                  CSI    0000020c [SR] Verify complete
2018-07-17 19:02:07, Info                  CSI    0000020d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:02:07, Info                  CSI    0000020e [SR] Beginning Verify and Repair transaction
2018-07-17 19:02:12, Info                  CSI    00000210 [SR] Verify complete
2018-07-17 19:02:13, Info                  CSI    00000211 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:02:13, Info                  CSI    00000212 [SR] Beginning Verify and Repair transaction
2018-07-17 19:02:20, Info                  CSI    00000215 [SR] Verify complete
2018-07-17 19:02:20, Info                  CSI    00000216 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:02:20, Info                  CSI    00000217 [SR] Beginning Verify and Repair transaction
2018-07-17 19:02:28, Info                  CSI    0000021a [SR] Verify complete
2018-07-17 19:02:29, Info                  CSI    0000021b [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:02:29, Info                  CSI    0000021c [SR] Beginning Verify and Repair transaction
2018-07-17 19:02:36, Info                  CSI    0000021f [SR] Verify complete
2018-07-17 19:02:36, Info                  CSI    00000220 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:02:36, Info                  CSI    00000221 [SR] Beginning Verify and Repair transaction
2018-07-17 19:02:46, Info                  CSI    00000223 [SR] Verify complete
2018-07-17 19:02:46, Info                  CSI    00000224 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:02:46, Info                  CSI    00000225 [SR] Beginning Verify and Repair transaction
2018-07-17 19:02:55, Info                  CSI    00000228 [SR] Verify complete
2018-07-17 19:02:56, Info                  CSI    00000229 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:02:56, Info                  CSI    0000022a [SR] Beginning Verify and Repair transaction
2018-07-17 19:03:02, Info                  CSI    0000022c [SR] Verify complete
2018-07-17 19:03:02, Info                  CSI    0000022d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:03:02, Info                  CSI    0000022e [SR] Beginning Verify and Repair transaction
2018-07-17 19:03:06, Info                  CSI    00000230 [SR] Verify complete
2018-07-17 19:03:06, Info                  CSI    00000231 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:03:06, Info                  CSI    00000232 [SR] Beginning Verify and Repair transaction
2018-07-17 19:03:18, Info                  CSI    00000234 [SR] Verify complete
2018-07-17 19:03:19, Info                  CSI    00000235 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:03:19, Info                  CSI    00000236 [SR] Beginning Verify and Repair transaction
2018-07-17 19:03:28, Info                  CSI    00000238 [SR] Verify complete
2018-07-17 19:03:30, Info                  CSI    00000239 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:03:30, Info                  CSI    0000023a [SR] Beginning Verify and Repair transaction
2018-07-17 19:03:39, Info                  CSI    0000023c [SR] Verify complete
2018-07-17 19:03:39, Info                  CSI    0000023d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:03:39, Info                  CSI    0000023e [SR] Beginning Verify and Repair transaction
2018-07-17 19:03:45, Info                  CSI    00000240 [SR] Verify complete
2018-07-17 19:03:45, Info                  CSI    00000241 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:03:45, Info                  CSI    00000242 [SR] Beginning Verify and Repair transaction
2018-07-17 19:03:53, Info                  CSI    00000244 [SR] Verify complete
2018-07-17 19:03:53, Info                  CSI    00000245 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:03:53, Info                  CSI    00000246 [SR] Beginning Verify and Repair transaction
2018-07-17 19:04:16, Info                  CSI    00000248 [SR] Verify complete
2018-07-17 19:04:16, Info                  CSI    00000249 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:04:16, Info                  CSI    0000024a [SR] Beginning Verify and Repair transaction
2018-07-17 19:04:48, Info                  CSI    0000024c [SR] Verify complete
2018-07-17 19:04:48, Info                  CSI    0000024d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:04:48, Info                  CSI    0000024e [SR] Beginning Verify and Repair transaction
2018-07-17 19:04:57, Info                  CSI    00000250 [SR] Verify complete
2018-07-17 19:04:58, Info                  CSI    00000251 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:04:58, Info                  CSI    00000252 [SR] Beginning Verify and Repair transaction
2018-07-17 19:05:05, Info                  CSI    00000254 [SR] Verify complete
2018-07-17 19:05:06, Info                  CSI    00000255 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:05:06, Info                  CSI    00000256 [SR] Beginning Verify and Repair transaction
2018-07-17 19:05:09, Info                  CSI    00000258 [SR] Verify complete
2018-07-17 19:05:09, Info                  CSI    00000259 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:05:09, Info                  CSI    0000025a [SR] Beginning Verify and Repair transaction
2018-07-17 19:05:15, Info                  CSI    0000025c [SR] Verify complete
2018-07-17 19:05:15, Info                  CSI    0000025d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:05:15, Info                  CSI    0000025e [SR] Beginning Verify and Repair transaction
2018-07-17 19:05:24, Info                  CSI    00000260 [SR] Verify complete
2018-07-17 19:05:24, Info                  CSI    00000261 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:05:24, Info                  CSI    00000262 [SR] Beginning Verify and Repair transaction
2018-07-17 19:05:27, Info                  CSI    00000264 [SR] Verify complete
2018-07-17 19:05:28, Info                  CSI    00000265 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:05:28, Info                  CSI    00000266 [SR] Beginning Verify and Repair transaction
2018-07-17 19:05:29, Info                  CSI    00000268 [SR] Verify complete
2018-07-17 19:05:29, Info                  CSI    00000269 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:05:29, Info                  CSI    0000026a [SR] Beginning Verify and Repair transaction
2018-07-17 19:05:36, Info                  CSI    00000272 [SR] Verify complete
2018-07-17 19:05:36, Info                  CSI    00000273 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:05:36, Info                  CSI    00000274 [SR] Beginning Verify and Repair transaction
2018-07-17 19:05:44, Info                  CSI    00000276 [SR] Verify complete
2018-07-17 19:05:44, Info                  CSI    00000277 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:05:44, Info                  CSI    00000278 [SR] Beginning Verify and Repair transaction
2018-07-17 19:05:51, Info                  CSI    0000027a [SR] Verify complete
2018-07-17 19:05:51, Info                  CSI    0000027b [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:05:51, Info                  CSI    0000027c [SR] Beginning Verify and Repair transaction
2018-07-17 19:05:57, Info                  CSI    0000027e [SR] Verify complete
2018-07-17 19:05:57, Info                  CSI    0000027f [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:05:57, Info                  CSI    00000280 [SR] Beginning Verify and Repair transaction
2018-07-17 19:06:05, Info                  CSI    00000282 [SR] Verify complete
2018-07-17 19:06:05, Info                  CSI    00000283 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:06:05, Info                  CSI    00000284 [SR] Beginning Verify and Repair transaction
2018-07-17 19:06:15, Info                  CSI    00000287 [SR] Verify complete
2018-07-17 19:06:15, Info                  CSI    00000288 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:06:15, Info                  CSI    00000289 [SR] Beginning Verify and Repair transaction
2018-07-17 19:06:22, Info                  CSI    0000028b [SR] Verify complete
2018-07-17 19:06:23, Info                  CSI    0000028c [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:06:23, Info                  CSI    0000028d [SR] Beginning Verify and Repair transaction
2018-07-17 19:06:27, Info                  CSI    0000028f [SR] Verify complete
2018-07-17 19:06:27, Info                  CSI    00000290 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:06:27, Info                  CSI    00000291 [SR] Beginning Verify and Repair transaction
2018-07-17 19:06:37, Info                  CSI    00000293 [SR] Verify complete
2018-07-17 19:06:38, Info                  CSI    00000294 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:06:38, Info                  CSI    00000295 [SR] Beginning Verify and Repair transaction
2018-07-17 19:06:51, Info                  CSI    0000029a [SR] Verify complete
2018-07-17 19:06:51, Info                  CSI    0000029b [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:06:51, Info                  CSI    0000029c [SR] Beginning Verify and Repair transaction
2018-07-17 19:07:05, Info                  CSI    000002a1 [SR] Verify complete
2018-07-17 19:07:05, Info                  CSI    000002a2 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:07:05, Info                  CSI    000002a3 [SR] Beginning Verify and Repair transaction
2018-07-17 19:07:13, Info                  CSI    000002a6 [SR] Verify complete
2018-07-17 19:07:13, Info                  CSI    000002a7 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:07:13, Info                  CSI    000002a8 [SR] Beginning Verify and Repair transaction
2018-07-17 19:07:22, Info                  CSI    000002b5 [SR] Verify complete
2018-07-17 19:07:22, Info                  CSI    000002b6 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:07:22, Info                  CSI    000002b7 [SR] Beginning Verify and Repair transaction
2018-07-17 19:07:33, Info                  CSI    000002bd [SR] Verify complete
2018-07-17 19:07:34, Info                  CSI    000002be [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:07:34, Info                  CSI    000002bf [SR] Beginning Verify and Repair transaction
2018-07-17 19:07:42, Info                  CSI    000002c1 [SR] Verify complete
2018-07-17 19:07:42, Info                  CSI    000002c2 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:07:42, Info                  CSI    000002c3 [SR] Beginning Verify and Repair transaction
2018-07-17 19:07:48, Info                  CSI    000002c7 [SR] Verify complete
2018-07-17 19:07:48, Info                  CSI    000002c8 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:07:48, Info                  CSI    000002c9 [SR] Beginning Verify and Repair transaction
2018-07-17 19:07:55, Info                  CSI    000002cc [SR] Verify complete
2018-07-17 19:07:55, Info                  CSI    000002cd [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:07:55, Info                  CSI    000002ce [SR] Beginning Verify and Repair transaction
2018-07-17 19:08:05, Info                  CSI    000002f2 [SR] Verify complete
2018-07-17 19:08:05, Info                  CSI    000002f3 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:08:05, Info                  CSI    000002f4 [SR] Beginning Verify and Repair transaction
2018-07-17 19:08:12, Info                  CSI    000002f6 [SR] Verify complete
2018-07-17 19:08:12, Info                  CSI    000002f7 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:08:12, Info                  CSI    000002f8 [SR] Beginning Verify and Repair transaction
2018-07-17 19:08:18, Info                  CSI    000002fa [SR] Verify complete
2018-07-17 19:08:19, Info                  CSI    000002fb [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:08:19, Info                  CSI    000002fc [SR] Beginning Verify and Repair transaction
2018-07-17 19:08:27, Info                  CSI    000002fe [SR] Verify complete
2018-07-17 19:08:27, Info                  CSI    000002ff [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:08:27, Info                  CSI    00000300 [SR] Beginning Verify and Repair transaction
2018-07-17 19:08:33, Info                  CSI    0000030e [SR] Verify complete
2018-07-17 19:08:33, Info                  CSI    0000030f [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:08:33, Info                  CSI    00000310 [SR] Beginning Verify and Repair transaction
2018-07-17 19:08:48, Info                  CSI    00000312 [SR] Verify complete
2018-07-17 19:08:48, Info                  CSI    00000313 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:08:48, Info                  CSI    00000314 [SR] Beginning Verify and Repair transaction
2018-07-17 19:08:54, Info                  CSI    00000322 [SR] Verify complete
2018-07-17 19:08:54, Info                  CSI    00000323 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:08:54, Info                  CSI    00000324 [SR] Beginning Verify and Repair transaction
2018-07-17 19:08:57, Info                  CSI    00000326 [SR] Verify complete
2018-07-17 19:08:58, Info                  CSI    00000327 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:08:58, Info                  CSI    00000328 [SR] Beginning Verify and Repair transaction
2018-07-17 19:09:03, Info                  CSI    0000032a [SR] Verify complete
2018-07-17 19:09:04, Info                  CSI    0000032b [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:09:04, Info                  CSI    0000032c [SR] Beginning Verify and Repair transaction
2018-07-17 19:09:10, Info                  CSI    0000032f [SR] Verify complete
2018-07-17 19:09:11, Info                  CSI    00000330 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:09:11, Info                  CSI    00000331 [SR] Beginning Verify and Repair transaction
2018-07-17 19:09:14, Info                  CSI    00000333 [SR] Verify complete
2018-07-17 19:09:14, Info                  CSI    00000334 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:09:14, Info                  CSI    00000335 [SR] Beginning Verify and Repair transaction
2018-07-17 19:09:24, Info                  CSI    00000337 [SR] Verify complete
2018-07-17 19:09:25, Info                  CSI    00000338 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:09:25, Info                  CSI    00000339 [SR] Beginning Verify and Repair transaction
2018-07-17 19:09:34, Info                  CSI    0000033b [SR] Verify complete
2018-07-17 19:09:34, Info                  CSI    0000033c [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:09:34, Info                  CSI    0000033d [SR] Beginning Verify and Repair transaction
2018-07-17 19:09:44, Info                  CSI    0000034c [SR] Verify complete
2018-07-17 19:09:45, Info                  CSI    0000034d [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:09:45, Info                  CSI    0000034e [SR] Beginning Verify and Repair transaction
2018-07-17 19:09:51, Info                  CSI    0000035b [SR] Verify complete
2018-07-17 19:09:51, Info                  CSI    0000035c [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:09:51, Info                  CSI    0000035d [SR] Beginning Verify and Repair transaction
2018-07-17 19:10:07, Info                  CSI    0000035f [SR] Cannot repair member file [l:30{15}]"notepad.exe.mui" of 
 
Microsoft-Windows-notepad.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-
 
US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in 
 
the store, hash mismatch
2018-07-17 19:10:08, Info                  CSI    00000361 [SR] Cannot repair member file [l:30{15}]"notepad.exe.mui" of 
 
Microsoft-Windows-notepad.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-
 
US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in 
 
the store, hash mismatch
2018-07-17 19:10:08, Info                  CSI    00000362 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:10:08, Info                  CSI    00000365 [SR] Could not reproject corrupted file [ml:60{30},l:58{29}]"\??
 
\C:\Windows\SysWOW64\en-US"\[l:30{15}]"notepad.exe.mui"; source file in store is also corrupted
2018-07-17 19:10:10, Info                  CSI    00000367 [SR] Verify complete
2018-07-17 19:10:11, Info                  CSI    00000368 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:10:11, Info                  CSI    00000369 [SR] Beginning Verify and Repair transaction
2018-07-17 19:10:17, Info                  CSI    0000036b [SR] Verify complete
2018-07-17 19:10:17, Info                  CSI    0000036c [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:10:17, Info                  CSI    0000036d [SR] Beginning Verify and Repair transaction
2018-07-17 19:10:22, Info                  CSI    0000036f [SR] Verify complete
2018-07-17 19:10:22, Info                  CSI    00000370 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:10:22, Info                  CSI    00000371 [SR] Beginning Verify and Repair transaction
2018-07-17 19:10:28, Info                  CSI    00000375 [SR] Verify complete
2018-07-17 19:10:28, Info                  CSI    00000376 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:10:28, Info                  CSI    00000377 [SR] Beginning Verify and Repair transaction
2018-07-17 19:10:34, Info                  CSI    00000379 [SR] Verify complete
2018-07-17 19:10:35, Info                  CSI    0000037a [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:10:35, Info                  CSI    0000037b [SR] Beginning Verify and Repair transaction
2018-07-17 19:10:43, Info                  CSI    0000037d [SR] Verify complete
2018-07-17 19:10:43, Info                  CSI    0000037e [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:10:43, Info                  CSI    0000037f [SR] Beginning Verify and Repair transaction
2018-07-17 19:10:49, Info                  CSI    00000381 [SR] Verify complete
2018-07-17 19:10:49, Info                  CSI    00000382 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:10:49, Info                  CSI    00000383 [SR] Beginning Verify and Repair transaction
2018-07-17 19:10:56, Info                  CSI    00000386 [SR] Verify complete
2018-07-17 19:10:56, Info                  CSI    00000387 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:10:56, Info                  CSI    00000388 [SR] Beginning Verify and Repair transaction
2018-07-17 19:11:03, Info                  CSI    0000038a [SR] Verify complete
2018-07-17 19:11:03, Info                  CSI    0000038b [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:11:03, Info                  CSI    0000038c [SR] Beginning Verify and Repair transaction
2018-07-17 19:11:09, Info                  CSI    0000038e [SR] Verify complete
2018-07-17 19:11:10, Info                  CSI    0000038f [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:11:10, Info                  CSI    00000390 [SR] Beginning Verify and Repair transaction
2018-07-17 19:11:16, Info                  CSI    00000392 [SR] Verify complete
2018-07-17 19:11:17, Info                  CSI    00000393 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:11:17, Info                  CSI    00000394 [SR] Beginning Verify and Repair transaction
2018-07-17 19:11:24, Info                  CSI    00000397 [SR] Verify complete
2018-07-17 19:11:24, Info                  CSI    00000398 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:11:24, Info                  CSI    00000399 [SR] Beginning Verify and Repair transaction
2018-07-17 19:11:32, Info                  CSI    0000039b [SR] Verify complete
2018-07-17 19:11:32, Info                  CSI    0000039c [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:11:32, Info                  CSI    0000039d [SR] Beginning Verify and Repair transaction
2018-07-17 19:11:38, Info                  CSI    0000039f [SR] Verify complete
2018-07-17 19:11:38, Info                  CSI    000003a0 [SR] Verifying 100 (0x0000000000000064) components
2018-07-17 19:11:38, Info                  CSI    000003a1 [SR] Beginning Verify and Repair transaction
2018-07-17 19:11:45, Info                  CSI    000003a3 [SR] Verify complete
2018-07-17 19:11:45, Info                  CSI    000003a4 [SR] Verifying 71 (0x0000000000000047) components
2018-07-17 19:11:45, Info                  CSI    000003a5 [SR] Beginning Verify and Repair transaction
2018-07-17 19:11:48, Info                  CSI    000003a7 [SR] Verify complete
2018-07-17 19:11:48, Info                  CSI    000003a8 [SR] Repairing 4 components
2018-07-17 19:11:48, Info                  CSI    000003a9 [SR] Beginning Verify and Repair transaction
2018-07-17 19:11:48, Info                  CSI    000003ab [SR] Cannot repair member file [l:34{17}]"windeploy.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:11:48, Info                  CSI    000003ad [SR] Cannot repair member file [l:32{16}]"WinLGDep.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:11:48, Info                  CSI    000003af [SR] Cannot repair member file [l:26{13}]"audit.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:11:49, Info                  CSI    000003b1 [SR] Cannot repair member file [l:26{13}]"setup.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:11:49, Info                  CSI    000003b3 [SR] Cannot repair member file [l:32{16}]"W32UIRes.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:11:49, Info                  CSI    000003b5 [SR] Cannot repair member file [l:30{15}]"oobeldr.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:11:49, Info                  CSI    000003b7 [SR] Cannot repair member file [l:24{12}]"spwizimg.dll" of 
 
Microsoft-Windows-Setup-Navigation-Wizard-Framework, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture 
 
neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral 
 
in the store, hash mismatch
2018-07-17 19:11:49, Info                  CSI    000003b9 [SR] Cannot repair member file [l:24{12}]"W32UIRes.dll" of 
 
Microsoft-Windows-Setup-Component, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, 
 
VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the 
 
store, hash mismatch
2018-07-17 19:11:49, Info                  CSI    000003bb [SR] Cannot repair member file [l:30{15}]"notepad.exe.mui" of 
 
Microsoft-Windows-notepad.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-
 
US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in 
 
the store, hash mismatch
2018-07-17 19:11:49, Info                  CSI    000003bd [SR] Cannot repair member file [l:34{17}]"windeploy.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:11:49, Info                  CSI    000003be [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:11:49, Info                  CSI    000003c0 [SR] Cannot repair member file [l:32{16}]"WinLGDep.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:11:49, Info                  CSI    000003c1 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:11:49, Info                  CSI    000003c3 [SR] Cannot repair member file [l:26{13}]"audit.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:11:49, Info                  CSI    000003c4 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:11:49, Info                  CSI    000003c6 [SR] Cannot repair member file [l:26{13}]"setup.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:11:49, Info                  CSI    000003c7 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:11:49, Info                  CSI    000003c9 [SR] Cannot repair member file [l:32{16}]"W32UIRes.dll.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:11:49, Info                  CSI    000003ca [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:11:49, Info                  CSI    000003cc [SR] Cannot repair member file [l:30{15}]"oobeldr.exe.mui" of 
 
Microsoft-Windows-Setup-Component.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10
 
{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey 
 
neutral in the store, hash mismatch
2018-07-17 19:11:49, Info                  CSI    000003cd [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:11:49, Info                  CSI    000003d0 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:34{17}]"windeploy.exe.mui"; source file in store is also corrupted
2018-07-17 19:11:49, Info                  CSI    000003d3 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:32{16}]"WinLGDep.dll.mui"; source file in store is also corrupted
2018-07-17 19:11:49, Info                  CSI    000003d6 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:26{13}]"audit.exe.mui"; source file in store is also corrupted
2018-07-17 19:11:49, Info                  CSI    000003d9 [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:26{13}]"setup.exe.mui"; source file in store is also corrupted
2018-07-17 19:11:49, Info                  CSI    000003dc [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:32{16}]"W32UIRes.dll.mui"; source file in store is also corrupted
2018-07-17 19:11:49, Info                  CSI    000003df [SR] Could not reproject corrupted file [ml:520{260},l:68{34}]"\??
 
\C:\Windows\System32\oobe\en-US"\[l:30{15}]"oobeldr.exe.mui"; source file in store is also corrupted
2018-07-17 19:11:50, Info                  CSI    000003e1 [SR] Cannot repair member file [l:24{12}]"spwizimg.dll" of 
 
Microsoft-Windows-Setup-Navigation-Wizard-Framework, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture 
 
neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral 
 
in the store, hash mismatch
2018-07-17 19:11:50, Info                  CSI    000003e2 [SR] This component was referenced by [l:202{101}]"Microsoft-
 
Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2018-07-17 19:11:50, Info                  CSI    000003e5 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??
 
\C:\Windows\System32"\[l:24{12}]"spwizimg.dll"; source file in store is also corrupted
2018-07-17 19:11:50, Info                  CSI    000003e7 [SR] Cannot repair member file [l:30{15}]"notepad.exe.mui" of 
 
Microsoft-Windows-notepad.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture = [l:10{5}]"en-
 
US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in 
 
the store, hash mismatch
2018-07-17 19:11:50, Info                  CSI    000003e8 [SR] This component was referenced by [l:266{133}]"Microsoft-
 
Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2018-07-17 19:11:50, Info                  CSI    000003eb [SR] Could not reproject corrupted file [ml:60{30},l:58{29}]"\??
 
\C:\Windows\SysWOW64\en-US"\[l:30{15}]"notepad.exe.mui"; source file in store is also corrupted
2018-07-17 19:11:50, Info                  CSI    000003ed [SR] Cannot repair member file [l:24{12}]"W32UIRes.dll" of 
 
Microsoft-Windows-Setup-Component, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, 
 
VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the 
 
store, hash mismatch
2018-07-17 19:11:50, Info                  CSI    000003ee [SR] This component was referenced by [l:202{101}]"Microsoft-
 
Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2018-07-17 19:11:50, Info                  CSI    000003f1 [SR] Could not reproject corrupted file [ml:520{260},l:56{28}]"\??
 
\C:\Windows\System32\oobe"\[l:24{12}]"W32UIRes.dll"; source file in store is also corrupted
2018-07-17 19:11:50, Info                  CSI    000003f3 [SR] Repair complete
2018-07-17 19:11:50, Info                  CSI    000003f4 [SR] Committing transaction
2018-07-17 19:11:50, Info                  CSI    000003f8 [SR] Verify and Repair Transaction completed. All files and 
 
registry keys listed in this transaction  have been successfully repaired
 
---------------------------------------------------------------------------------------------------------------------------
 
And now I again ran FRST, but this time from Windows Regular mode.
Here is FRST.txt
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by Home (administrator) on HOME-PC (17-07-2018 19:21:57)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home & HomeTester)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...arbar-recovery-
 
scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be 
 
moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-
 
11-05] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 
 
2010-11-17] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] 
 
(Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 
 
/errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
SSODL: EldosMountNotificator-cbfs6 - {7CFD46AF-7E92-43EC-951E-0C6DA2E9F3B2} - C:\Windows\system32\cbfsMntNtf6.dll (/n 
 
software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {7CFD46AF-7E92-43EC-951E-0C6DA2E9F3B2} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (/n 
 
software, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.17.5.36 172.17.5.68
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [NameServer] 64.145.73.5,209.107.219.5
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [DhcpNameServer] 172.17.5.36 172.17.5.68
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2713607381-13602913-39778406-1000 -> {C4D576CF-D6A4-4EC3-8536-B0E5AEFF4ABE} URL = 
 
hxxps://sg.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll 
 
[2017-09-07] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin
 
\jp2ssv.dll [2017-09-07] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office
 
\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft 
 
Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
 
FireFox:
========
FF DefaultProfile: anbxvldd.default-1529575451185
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 [2018-07-17]
FF Homepage: Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 -> hxxps://www.google.com/
FF Extension: (Adblock Plus) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-
 
1529575451185\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-06-21]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\[email protected] 
 
[2018-07-16] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-
 
07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-07] 
 
(Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe 
 
Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017
 
-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll 
 
[2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll 
 
[2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe 
 
Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-07-17]
CHR Extension: (Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2018-06-29]
CHR Extension: (Pixlr Editor) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\icmaknaampgiegkcjlimdiidlhopknpk [2016-09-11]
CHR Extension: (AliDropship) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\jlnhdnbbikjkdejminhdpmejldiapdgn [2018-06-13]
CHR Extension: (Video DownloadHelper) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\lmjnegcaeklhafolokijcfjliaokphfk [2018-07-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-06-28]
CHR Extension: (Scribd Downloader Free) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\picjckiempkofneplcbdijedckiollfd [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
R1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-09-09] (/n software, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2018-02-12] (Digiarty Software, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-11-19] (REALiX™)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2017-05-16] (Highresolution Enterprises [www.highrez.co.uk])
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-06-10] (Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-06-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-17] (Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [47104 2016-05-20] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7673200 2017-11-16] (Realtek Semiconductor Corporation )
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [420832 2018-01-20] (Realsil Semiconductor Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [54840 2017-12-20] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-07-31] (Spotflux, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-06-14] ()
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\AnVir Task Manager Free\OpenHardwareMonitor\OpenHardwareMonitorLib.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-17 19:21 - 2018-07-17 19:23 - 000013025 _____ C:\Users\Home\Desktop\FRST.txt
2018-07-17 19:17 - 2018-07-17 19:17 - 000136978 _____ C:\Users\Home\Desktop\junk.txt
2018-07-16 20:05 - 2018-07-16 20:06 - 000033592 _____ C:\Users\Home\Desktop\fixlist.txt
2018-07-16 18:14 - 2018-07-16 18:14 - 000000000 ____D C:\Users\Home\Desktop\FRST-OlderVersion
2018-07-16 17:25 - 2018-07-16 17:25 - 000109208 _____ C:\Users\HomeTester\AppData\Local\GDIPFONTCACHEV1.DAT
2018-07-16 17:25 - 2018-07-16 17:25 - 000000000 ____D C:\Users\HomeTester\AppData\Roaming\Intel Corporation
2018-07-16 17:23 - 2018-07-16 17:23 - 000001444 _____ C:\Users\HomeTester\AppData\Roaming\Microsoft\Windows\Start Menu
 
\Programs\Internet Explorer.lnk
2018-07-16 17:23 - 2018-07-16 17:23 - 000000000 ____D C:\Users\HomeTester\AppData\Roaming\IObit
2018-07-16 17:23 - 2018-07-16 17:23 - 000000000 ____D C:\Users\HomeTester\AppData\Roaming\Adobe
2018-07-16 17:23 - 2018-07-16 17:23 - 000000000 ____D C:\Users\HomeTester\AppData\Local\Google
2018-07-16 17:22 - 2018-07-16 17:22 - 000000020 ___SH C:\Users\HomeTester\ntuser.ini
2018-07-16 17:22 - 2018-07-16 17:22 - 000000000 ____D C:\Users\HomeTester
2018-07-16 17:22 - 2016-01-12 04:31 - 000000000 ____D C:\Users\HomeTester\AppData\Roaming\Macromedia
2018-07-16 17:22 - 2016-01-12 01:44 - 000000000 ____D C:\Users\HomeTester\AppData\Local\Microsoft Help
2018-07-16 17:22 - 2009-07-14 15:45 - 000000000 ____D C:\Users\HomeTester\AppData\Roaming\Media Center Programs
2018-07-15 21:24 - 2018-07-15 21:24 - 006889184 _____ (Piriform Ltd) C:\Users\Home\Desktop\spsetup132.exe
2018-07-15 21:09 - 2018-07-15 21:10 - 038186512 _____ (Tweaking.com) C:\Users\Home\Desktop
 
\tweaking.com_windows_repair_aio_setup.exe
2018-07-15 00:40 - 2018-07-15 00:48 - 000000286 _____ C:\Windows\Tasks\AnVir Task Manager.job
2018-07-15 00:40 - 2018-07-15 00:41 - 000000000 ____D C:\Users\Home\AppData\Local\AnVir
2018-07-15 00:40 - 2018-07-15 00:40 - 000001148 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task 
 
Manager Free.lnk
2018-07-15 00:40 - 2018-07-15 00:40 - 000001124 _____ C:\Users\Home\Desktop\AnVir Task Manager Free.lnk
2018-07-15 00:40 - 2018-07-15 00:40 - 000000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
 
\AnVir Task Manager Free
2018-07-14 19:20 - 2018-07-17 19:21 - 000000000 ____D C:\FRST
2018-07-14 18:38 - 2018-07-16 18:14 - 002412544 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe
2018-07-14 18:01 - 2018-07-14 18:19 - 000002155 _____ C:\Windows\epplauncher.mif
2018-07-14 17:53 - 2018-07-14 18:19 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security 
 
Essentials.lnk
2018-07-14 17:53 - 2018-07-14 18:19 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-07-14 17:53 - 2018-07-14 18:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2018-07-14 17:27 - 2018-07-14 17:27 - 000054141 _____ C:\Users\Home\Downloads\turningpoints-edu (1).rar
2018-07-14 17:15 - 2018-07-14 17:18 - 004406704 _____ C:\Users\Home\Downloads\taskfree.exe
2018-07-14 14:57 - 2018-07-14 14:57 - 002412544 _____ (Farbar) C:\Users\Home\Downloads\FRST64.exe
2018-07-14 14:34 - 2018-07-14 14:34 - 000000000 ____D C:\Users\Home\Downloads\turningpoints-edu
2018-07-13 18:43 - 2018-07-13 18:44 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators (1).zip
2018-07-13 18:29 - 2018-07-13 18:29 - 000072963 _____ C:\Users\Home\Downloads\TPRenko.zip
2018-07-13 17:06 - 2018-07-13 17:06 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7 (1).pdf
2018-07-13 17:06 - 2018-07-13 17:06 - 000041388 _____ C:\Users\Home\Downloads\CoachingRoomTestimonialsV2.pdf
2018-07-13 17:04 - 2018-07-13 17:04 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7.pdf
2018-07-11 20:07 - 2018-07-11 20:08 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators.zip
2018-07-11 17:20 - 2018-06-14 00:23 - 000140992 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-11 17:20 - 2018-06-14 00:18 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-11 17:20 - 2018-06-08 21:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-11 17:19 - 2018-06-21 08:58 - 000398376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-07-11 17:19 - 2018-06-21 08:00 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-07-11 17:19 - 2018-06-17 00:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:46 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 17:19 - 2018-06-17 00:36 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-07-11 17:19 - 2018-06-17 00:33 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-07-11 17:19 - 2018-06-17 00:23 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-07-11 17:19 - 2018-06-17 00:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:19 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-07-11 17:19 - 2018-06-17 00:19 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-07-11 17:19 - 2018-06-17 00:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 17:19 - 2018-06-17 00:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-07-11 17:19 - 2018-06-17 00:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-07-11 17:19 - 2018-06-17 00:02 - 000077824 _____ (Microsoft Corporation) C:\Windows
 
\system32\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-17 00:01 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-07-11 17:19 - 2018-06-16 23:57 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-07-11 17:19 - 2018-06-16 23:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-07-11 17:19 - 2018-06-16 23:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-07-11 17:19 - 2018-06-16 23:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-07-11 17:19 - 2018-06-16 23:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-07-11 17:19 - 2018-06-16 23:42 - 000060416 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-16 23:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:39 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-07-11 17:19 - 2018-06-16 23:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-07-11 17:19 - 2018-06-16 23:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-07-11 17:19 - 2018-06-16 23:34 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-07-11 17:19 - 2018-06-16 23:32 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-11 17:19 - 2018-06-16 23:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-07-11 17:19 - 2018-06-16 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:28 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-07-11 17:19 - 2018-06-16 23:16 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-07-11 17:19 - 2018-06-16 23:05 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-07-11 17:19 - 2018-06-14 00:20 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-11 17:19 - 2018-06-14 00:19 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-13 23:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-11 17:19 - 2018-06-13 23:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-07-11 17:19 - 2018-06-09 00:22 - 001665344 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:02 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-07-11 17:19 - 2018-06-09 00:02 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-07-11 17:19 - 2018-06-08 23:57 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:44 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 17:19 - 2018-06-08 23:44 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-07-11 17:19 - 2018-06-08 23:44 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 17:19 - 2018-06-08 23:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-07-11 17:19 - 2018-06-08 23:33 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-07-11 17:19 - 2018-06-08 23:33 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-07-11 17:19 - 2018-06-08 23:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-07-11 17:19 - 2018-06-08 23:27 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-07-11 17:19 - 2018-06-08 23:21 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-07-11 17:19 - 2018-06-08 23:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 00:19 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:49 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-11 17:19 - 2018-06-07 23:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-07-11 17:19 - 2018-06-01 00:28 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-07-11 17:19 - 2018-06-01 00:28 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-07-11 17:19 - 2018-05-15 11:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-07-11 17:19 - 2018-05-15 11:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-07-11 17:19 - 2018-05-15 11:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-07-11 17:19 - 2018-05-15 11:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-07-11 17:19 - 2018-05-12 10:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-07-11 17:19 - 2018-05-12 05:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-07-11 17:19 - 2018-05-12 05:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 00:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-07-11 17:19 - 2018-04-25 23:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-07-11 17:19 - 2018-04-23 07:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-07-11 17:19 - 2018-04-19 00:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-07-11 17:19 - 2018-04-19 00:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-07-11 17:19 - 2018-04-18 23:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
2018-07-11 17:19 - 2018-04-18 23:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2018-07-11 17:19 - 2018-04-12 00:38 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-07-11 17:19 - 2018-04-12 00:36 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-07-11 17:19 - 2018-04-11 00:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-07-11 17:19 - 2018-04-11 00:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-07-11 17:19 - 2018-04-10 23:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-07-11 17:19 - 2018-04-08 00:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-07-11 17:19 - 2018-03-15 01:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-07-11 17:19 - 2018-03-15 01:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-07-11 17:19 - 2018-03-15 00:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-07-11 17:19 - 2018-03-10 02:18 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-07-11 17:19 - 2018-03-10 01:31 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-07-11 17:19 - 2018-03-07 02:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-07-11 17:19 - 2018-03-07 02:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-07-11 17:19 - 2018-02-22 11:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-07-11 17:19 - 2018-02-22 11:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-07-11 17:19 - 2018-02-11 02:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-07-11 17:19 - 2018-02-11 02:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 02:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 01:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-11 01:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-03 02:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-07-11 17:19 - 2018-02-03 02:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-07-11 17:19 - 2018-02-03 01:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-07-11 17:19 - 2018-02-03 01:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-07-11 17:19 - 2018-01-13 00:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-13 00:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-12 00:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-07-11 17:19 - 2018-01-12 00:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-07-11 17:19 - 2018-01-01 10:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-07-11 17:19 - 2018-01-01 10:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-07-11 17:19 - 2018-01-01 10:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-07-11 17:19 - 2018-01-01 10:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-07-11 17:19 - 2018-01-01 10:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 09:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 09:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-07-11 17:19 - 2018-01-01 09:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-07-11 17:19 - 2018-01-01 09:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2018-07-11 17:19 - 2018-01-01 09:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 09:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-07-11 17:19 - 2018-01-01 09:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-07-11 17:19 - 2017-12-06 01:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 00:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2018-07-11 17:19 - 2017-12-05 23:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-07-11 17:18 - 2018-06-17 01:07 - 025743872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-07-11 17:18 - 2018-06-17 00:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-07-11 17:18 - 2018-06-17 00:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-07-11 17:18 - 2018-06-17 00:27 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-07-11 17:18 - 2018-06-17 00:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-07-11 17:18 - 2018-06-17 00:20 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-07-11 17:18 - 2018-06-17 00:08 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-07-11 17:18 - 2018-06-17 00:05 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-07-11 17:18 - 2018-06-16 23:58 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-07-11 17:18 - 2018-06-16 23:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-07-11 17:18 - 2018-06-16 23:46 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-11 17:18 - 2018-06-16 23:44 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-07-11 17:18 - 2018-06-16 23:40 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-07-11 17:18 - 2018-06-16 23:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-07-11 17:18 - 2018-06-13 23:40 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-07-11 17:18 - 2018-06-09 00:27 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-11 17:18 - 2018-06-09 00:27 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-11 17:18 - 2018-06-09 00:27 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-07-11 17:18 - 2018-06-09 00:23 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-07-11 17:18 - 2018-06-09 00:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-11 17:18 - 2018-06-08 23:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 23:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 00:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-07-11 17:18 - 2018-06-01 00:28 - 001893568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-07-11 17:18 - 2018-05-30 21:05 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-07-11 17:18 - 2018-05-15 12:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-07-11 17:18 - 2018-05-15 11:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-07-11 17:18 - 2018-05-15 11:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-07-11 17:18 - 2018-05-15 11:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-07-11 17:18 - 2018-05-15 11:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-07-11 17:18 - 2018-05-12 05:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-07-11 17:18 - 2018-05-02 23:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-07-11 17:18 - 2018-04-23 08:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-07-11 17:18 - 2018-04-12 00:38 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-07-11 17:18 - 2018-04-12 00:36 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-07-11 17:18 - 2018-04-11 00:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-07-11 17:18 - 2018-04-07 00:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-07-11 17:18 - 2018-04-07 00:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-07-11 17:18 - 2018-03-15 00:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-07-11 17:18 - 2018-03-11 01:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-07-11 17:18 - 2018-03-07 02:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-07-11 17:18 - 2018-03-07 02:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-07-11 17:18 - 2018-02-11 01:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-07-11 17:18 - 2018-02-11 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-07-11 17:18 - 2018-02-03 02:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-07-11 17:18 - 2018-01-01 10:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-07-11 17:18 - 2018-01-01 10:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 09:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-07-10 20:04 - 2018-07-10 20:04 - 000087650 _____ C:\Users\Home\Downloads\Extras.Txt
2018-07-10 20:03 - 2018-07-10 20:03 - 000122102 _____ C:\Users\Home\Downloads\OTL.Txt
2018-07-10 19:07 - 2018-07-10 19:07 - 000602112 _____ (OldTimer Tools) C:\Users\Home\Downloads\OTL.exe
2018-07-10 18:11 - 2018-07-10 18:12 - 000000414 _____ C:\Users\Home\Downloads\exehelperlog.txt
2018-07-10 17:52 - 2018-07-10 17:53 - 043520264 _____ (Microsoft Corporation) C:\Users\Home\Downloads\Windows-KB890830-x64-
 
V5.61.exe
2018-07-10 15:49 - 2018-07-10 15:49 - 000294400 _____ C:\Users\Home\Downloads\exeHelper.com
2018-07-09 20:36 - 2018-07-09 20:36 - 000031816 _____ (Microsoft Corporation) C:\Users\Home\Downloads
 
\pciclearstalecache_fdc5fc21af7572c604f50e0e7f9f7a6c465835b4.exe
2018-07-09 20:04 - 2018-07-09 20:05 - 015800840 _____ (Dell Inc.) C:\Users\Home\Downloads\Dell-USB-Recovery-
 
Tool_JNDT2_WIN_2.1.2025.0_A00.EXE
2018-07-09 17:53 - 2018-07-09 17:54 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-07-09 17:53 - 2018-07-09 17:53 - 000001205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task 
 
Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001178 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2018-07-09 17:42 - 2018-07-09 17:42 - 002997200 _____ C:\Users\Home\Downloads\SecurityTaskManager_Setup.exe
2018-07-08 00:43 - 2018-07-08 00:44 - 000000000 ____D C:\Reg Utilities
2018-07-05 00:52 - 2018-07-05 00:52 - 000012522 _____ C:\Users\Home\Downloads\Sim22_MacdbbGaplessNT7_1_1.zip
2018-07-05 00:46 - 2018-07-05 00:50 - 168722676 _____ C:\Users\Home\Downloads\6kr
2018-07-05 00:39 - 2018-07-05 00:40 - 008488264 _____ C:\Users\Home\Downloads\6ks
2018-07-04 17:38 - 2018-07-04 17:38 - 000000000 ____D C:\Users\Home\AppData\Local\NinjaTrader_LLC,_http___w
2018-07-04 17:17 - 2018-07-04 17:17 - 000000000 ____D C:\Users\Home\Documents\Epubor VitalSource Downloader
2018-07-04 17:09 - 2018-07-04 18:27 - 000002721 _____ C:\Users\Home\Desktop\EpuborVitalSourceDownloader.lnk
2018-07-04 17:09 - 2018-07-04 17:09 - 000002729 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
 
\EpuborVitalSourceDownloader.lnk
2018-07-04 17:07 - 2018-07-04 17:21 - 000000000 ____D C:\Users\Home\AppData\Roaming\EpuborVitalSourceDownloader
2018-07-04 17:02 - 2018-07-04 17:02 - 000000000 ____D C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr
2018-07-04 17:00 - 2018-07-04 17:00 - 000000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-07-04 14:06 - 2018-07-04 14:07 - 045503432 _____ C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000042727 _____ C:\Users\Home\Downloads\SHARKBAND2.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000005879 _____ C:\Users\Home\Downloads\Sharkband.zip
2018-07-04 01:12 - 2018-07-04 01:12 - 000014678 _____ C:\Users\Home\Downloads\fisherT.xml
2018-07-04 01:12 - 2018-07-04 01:12 - 000008071 _____ C:\Users\Home\Downloads\FisherT.cs
2018-07-04 01:12 - 2018-07-04 01:12 - 000004593 _____ C:\Users\Home\Downloads\TRIX_cory.zip
2018-07-04 01:09 - 2018-07-04 01:09 - 000017136 _____ C:\Users\Home\Downloads\_Lin_Reg_Color_Paint_v01.cs
2018-07-03 21:53 - 2018-07-03 21:53 - 000032071 _____ C:\Users\Home\Downloads\MASlopeBoxMulti.zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope (1).zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000001852 _____ C:\Users\Home\Downloads\TheAboxforRange.zip
2018-07-03 21:26 - 2018-07-03 21:26 - 000031306 _____ C:\Users\Home\Downloads\BasicTemplate Perry.xml
2018-07-03 21:26 - 2018-07-03 21:26 - 000021732 _____ C:\Users\Home\Downloads\AaMA_7_5.zip
2018-07-03 21:22 - 2018-07-03 21:22 - 000063825 _____ C:\Users\Home\Downloads\PERRY_AFFLICTION.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000062969 _____ C:\Users\Home\Downloads\PERRY_ZSHARK_3.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000004555 _____ C:\Users\Home\Downloads\DMPlus_v3aBC.zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003827 _____ C:\Users\Home\Downloads\DMPlus_v3a (1).zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1 (1).zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000068608 _____ C:\Users\Home\Downloads\Perry.dll
2018-07-03 21:20 - 2018-07-03 21:20 - 000010918 _____ C:\Users\Home\Downloads\Force_Index_v02FastBC.zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000004021 _____ C:\Users\Home\Downloads\Perry.cpp
2018-07-03 21:20 - 2018-07-03 21:20 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1.zip
2018-07-03 21:17 - 2018-07-03 21:17 - 000002259 _____ C:\Users\Home\Downloads\PriceLineWH.zip
2018-07-03 21:13 - 2018-07-03 21:13 - 000013617 _____ C:\Users\Home\Downloads\ForceIndex.zip
2018-07-03 21:12 - 2018-07-03 21:12 - 000022004 _____ C:\Users\Home\Downloads\DMPlusSignals_v8_nt7.zip
2018-07-03 21:08 - 2018-07-03 21:08 - 002498706 _____ C:\Users\Home\Downloads\vipul gold 4 range.bmp
2018-07-03 21:06 - 2018-07-03 21:06 - 000021045 _____ C:\Users\Home\Downloads\DMPlusSignals_nt7.zip
2018-07-03 21:06 - 2018-07-03 21:06 - 000019756 _____ C:\Users\Home\Downloads\DM3PlusSignals_nt65.zip
2018-07-03 21:02 - 2018-07-03 21:02 - 000005180 _____ C:\Users\Home\Downloads\DonchianRectangle.zip
2018-07-03 20:55 - 2018-07-03 20:55 - 000029362 _____ C:\Users\Home\Downloads\jhlPerryM1v1.zip
2018-07-03 20:51 - 2018-07-03 20:51 - 000003673 _____ C:\Users\Home\Downloads\DMplus_v3a.zip
2018-07-03 20:50 - 2018-07-03 20:50 - 000036945 _____ C:\Users\Home\Downloads\Perry-04.xml
2018-07-03 20:50 - 2018-07-03 20:50 - 000003020 _____ C:\Users\Home\Downloads\jtrangmaker_nj6_5.zip
2018-07-03 20:48 - 2018-07-03 20:48 - 000007813 _____ C:\Users\Home\Downloads\ECO2PAINTBARSONLY.zip
2018-07-03 20:46 - 2018-07-03 20:46 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3 (1).zip
2018-07-03 20:44 - 2018-07-03 20:44 - 000009645 _____ C:\Users\Home\Downloads\Force_Index_v02.zip
2018-07-03 20:43 - 2018-07-03 20:43 - 000036657 _____ C:\Users\Home\Downloads\Perry-01.xml
2018-07-03 20:43 - 2018-07-03 20:43 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope.zip
2018-07-03 20:40 - 2018-07-03 20:40 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3.zip
2018-07-03 20:38 - 2018-07-03 20:38 - 000034256 _____ C:\Users\Home\Downloads\Perry-02v2.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030586 _____ C:\Users\Home\Downloads\Perry-02.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1 (1).xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000002872 _____ C:\Users\Home\Downloads\DMplus_v2.zip
2018-07-02 17:46 - 2018-07-02 17:46 - 000001531 _____ C:\Users\Home\Downloads\VolumeRiseFallNT8.zip
2018-07-01 19:29 - 2018-07-01 19:29 - 002716964 _____ C:\Users\Home\Downloads\DAMsetup.exe
2018-07-01 15:57 - 2018-07-01 15:57 - 000000207 _____ C:\Windows\tweaking.com-regbackup-HOME-PC-Windows-7-Professional-(64-
 
bit).dat
2018-07-01 15:57 - 2018-07-01 15:57 - 000000000 ____D C:\RegBackup
2018-07-01 15:47 - 2018-07-01 15:48 - 000000000 ____D C:\Tweaking
2018-07-01 15:34 - 2018-07-01 15:34 - 000000796 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-07-01 15:34 - 2018-07-01 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-07-01 15:34 - 2018-07-01 15:34 - 000000000 ____D C:\Program Files\Speccy
2018-07-01 15:17 - 2018-07-01 15:17 - 006889184 _____ (Piriform Ltd) C:\Users\Home\Downloads\spsetup132.exe
2018-07-01 14:30 - 2018-07-01 14:30 - 000002079 _____ C:\Users\Home\Downloads\PriceLineWH-NT8.zip
2018-07-01 14:25 - 2018-07-01 14:25 - 000009848 _____ C:\Users\Home\Downloads\ama_Current_Day_VWAP_v20.zip
2018-07-01 14:19 - 2018-07-01 14:19 - 000049438 _____ C:\Users\Home\Downloads\Download (1).rar
2018-07-01 14:15 - 2018-07-01 14:15 - 000124767 _____ C:\Users\Home\Downloads\Traderretail.rar
2018-07-01 13:53 - 2018-07-01 13:53 - 000091075 _____ C:\Users\Home\Downloads\ama_Super_Trend_U11_v21.zip
2018-07-01 01:00 - 2018-07-01 01:00 - 000009390 _____ C:\Users\Home\Downloads\IndoDemoStrategy.cs
2018-06-30 19:13 - 2018-06-30 19:14 - 000040225 _____ C:\Users\Home\Downloads\MTB.txt
2018-06-30 00:20 - 2018-06-30 00:20 - 000892416 _____ (Farbar) C:\Users\Home\Downloads\MiniToolBox.exe
2018-06-29 18:23 - 2018-06-29 18:23 - 000001003 _____ C:\Users\Public\Desktop\Filedrop.lnk
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Users\Home\AppData\Roaming\com.filedropme.FiledropDesktop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filedrop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Program Files (x86)\Filedrop
2018-06-29 17:39 - 2018-06-29 17:40 - 019130837 _____ (Filedrop ) C:\Users\Home\Downloads\Filedrop.exe
2018-06-29 17:22 - 2018-06-29 17:22 - 000006039 _____ C:\Users\Home\Downloads\April2018SCNT7.zip
2018-06-29 17:22 - 2018-06-29 17:22 - 000004819 _____ C:\Users\Home\Downloads\April2018SCNT8.zip
2018-06-29 17:20 - 2018-06-29 17:20 - 000007242 _____ C:\Users\Home\Downloads\July2012SC.zip
2018-06-28 21:41 - 2018-06-28 21:41 - 025942048 _____ (Samsung Electronics Co., Ltd.) C:\Users\Home\Downloads
 
\SAMSUNG_USB_Driver_for_Mobile_Phones_1.5.63.0.exe
2018-06-28 18:01 - 2018-06-28 18:01 - 000036760 _____ C:\Users\Home\Downloads\DS.rar
2018-06-28 18:00 - 2018-06-28 18:00 - 000022576 _____ C:\Users\Home\Downloads\DeltaScalper2.cs
2018-06-28 13:25 - 2018-06-28 13:25 - 000395709 _____ C:\Users\Home\Downloads\iScalper - Incubator ( iscalper - iRenko - 
 
iBands - iBars ).zip
2018-06-26 19:09 - 2018-06-26 19:09 - 000013664 _____ C:\Users\Home\Downloads\CciBBLinesV4.zip
2018-06-26 19:03 - 2018-07-01 13:57 - 001884785 _____ C:\Users\Home\Downloads\6k7
2018-06-26 18:57 - 2018-06-26 18:57 - 043540480 _____ C:\Users\Home\Downloads\NinjaTrader.Install.msi
2018-06-26 18:28 - 2018-06-26 18:28 - 000437107 _____ C:\Users\Home\Downloads\BrainTrading71.0.zip
2018-06-26 14:52 - 2018-06-26 14:52 - 000000000 ____D C:\Users\Home\AppData\Local\MTPredictor
2018-06-26 12:07 - 2018-06-26 12:07 - 002554515 _____ C:\Users\Home\Downloads\2017_IC3Report.pdf
2018-06-25 20:59 - 2018-06-25 20:59 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2018-06-25 16:47 - 2018-06-25 16:47 - 000181061 _____ C:\Users\Home\Downloads\RLMovingAverageColored.zip
2018-06-25 16:47 - 2018-06-25 16:47 - 000027785 _____ C:\Users\Home\Downloads\RLTMovingAverageColored.zip
2018-06-24 13:38 - 2018-06-24 13:38 - 538859006 _____ C:\Users\Home\Downloads\Trading MarketProfile (1).zip
2018-06-23 19:47 - 2018-06-23 19:48 - 021342732 _____ C:\Users\Home\Downloads\DayTrading_with_Price_Action_-
 
_Course___NinjaTrader_7_Indicators_2.rar
2018-06-22 13:18 - 2018-06-22 13:18 - 000003076 _____ C:\Users\Home\Downloads\Fractal_MikeV2_1.zip
2018-06-21 18:11 - 2018-06-21 18:14 - 000208972 _____ C:\TDSSKiller.3.1.0.17_21.06.2018_18.11.35_log.txt
2018-06-21 18:02 - 2018-07-16 21:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-06-21 18:02 - 2018-07-16 21:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-21 18:02 - 2018-07-16 17:36 - 000001107 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-06-21 18:02 - 2018-06-21 18:02 - 000000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-21 17:16 - 2018-06-21 17:16 - 000382261 _____ C:\unp306732162544469087i-manual.mdmp
2018-06-20 23:50 - 2018-06-20 23:50 - 010015056 _____ (AVAST Software) C:\Users\Home\Downloads\avastclear.exe
2018-06-20 23:37 - 2018-06-20 23:37 - 000000000 ___SD C:\ComboFix
2018-06-20 23:31 - 2018-06-20 23:37 - 000000000 ____D C:\Qoobox
2018-06-20 23:31 - 2018-06-20 23:31 - 000000000 ____D C:\Windows\erdnt
2018-06-20 23:29 - 2018-06-20 23:37 - 000000000 ___SD C:\32788R22FWJFW
2018-06-20 16:22 - 2018-06-20 16:22 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\3422B2DB.sys
2018-06-20 01:05 - 2018-06-20 01:06 - 043077751 _____ C:\Users\Home\Downloads\[Alan_Chapman]_Advanced_Magick_for_Beginners(b-
 
ok.xyz).pdf
2018-06-19 19:13 - 2018-06-19 19:13 - 000138714 _____ C:\Users\Home\Downloads\RelativeVolume (2).zip
2018-06-18 18:55 - 2018-06-18 18:55 - 001681077 _____ C:\Users\Home\Downloads\[Ophiel]
 
_Art_and_Practice_of_Getting_Material_Thin(b-ok.xyz).pdf
2018-06-18 18:45 - 2018-06-18 18:45 - 000207405 _____ C:\Users\Home\Downloads\[Huston_Charlie]
 
_The_Mystic_Arts_of_Erasing_All_Si(b-ok.xyz).fb2
2018-06-18 15:44 - 2018-06-18 15:44 - 014386648 _____ C:\Users\Home\Downloads\2013-breakthrough-strategies-for-predicting-
 
any-market-charting-elliott-wave-lucas-fibonacci-gann-and-time-for-profitmarked.pdf
2018-06-18 15:39 - 2018-06-18 15:39 - 006530027 _____ C:\Users\Home\Downloads
 
\A_Complete_Guide_to_Technical_Trading_Tactics___How_to_Profit_Using_Pivot_Points__Candlesticks.pdf
2018-06-18 15:31 - 2018-06-18 15:31 - 040068881 _____ C:\Users\Home\Downloads\Breakthrough Strategies for Predicting a - Jeff 
 
Greenblatt.pdf
2018-06-17 19:54 - 2018-06-17 19:54 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\1143D6AC.sys
2018-06-17 19:47 - 2018-06-20 16:26 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-17 18:48 - 2016-12-27 20:13 - 000000000 ____D C:\Temp
2018-07-17 18:39 - 2016-11-29 16:12 - 000000000 ____D C:\Users\Home\AppData\LocalLow\Mozilla
2018-07-17 18:08 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-
 
A289-439d-8115-601632D005A0
2018-07-17 18:08 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-
 
A289-439d-8115-601632D005A0
2018-07-17 18:00 - 2018-06-10 12:11 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-07-17 17:59 - 2009-07-14 13:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-17 17:58 - 2018-06-11 17:15 - 000000000 ____D C:\Security
2018-07-17 17:52 - 2016-12-29 22:19 - 000000000 ____D C:\Users\Home\AppData\Roaming\SharkIndicators
2018-07-17 17:39 - 2017-03-15 00:32 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2018-07-17 17:33 - 2017-08-05 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM
2018-07-17 17:33 - 2017-08-05 20:51 - 000000000 ____D C:\Program Files (x86)\GRETECH
2018-07-17 17:28 - 2016-06-05 18:03 - 000000000 ____D C:\Users\Home\AppData\Roaming\IObit
2018-07-17 17:28 - 2016-06-05 18:03 - 000000000 ____D C:\ProgramData\IObit
2018-07-17 17:28 - 2016-06-05 18:03 - 000000000 ____D C:\Program Files (x86)\IObit
2018-07-17 17:11 - 2017-09-11 21:01 - 000001415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit 
 
Uninstaller.lnk
2018-07-16 18:46 - 2017-12-11 15:02 - 006074156 _____ C:\Windows\ntbtlog.txt
2018-07-16 18:16 - 2017-12-23 20:39 - 000000000 ____D C:\Windows\System32\Tasks\MEGA
2018-07-16 18:16 - 2016-03-08 22:27 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-07-16 18:15 - 2016-06-02 13:39 - 191336811 _____ C:\Windows\system32\Drivers\whitelist2.sa
2018-07-16 17:23 - 2009-07-14 12:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media 
 
Player.lnk
2018-07-15 13:41 - 2018-03-13 18:50 - 000004460 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-15 13:41 - 2017-06-22 18:30 - 000003310 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2018-07-15 13:41 - 2017-06-19 21:36 - 000002980 _____ C:\Windows\System32\Tasks\{CEBE9F60-2E2E-4BF0-AEAE-325E6ADDDF40}
2018-07-15 13:41 - 2017-06-19 21:36 - 000002980 _____ C:\Windows\System32\Tasks\{C8711FB9-019D-4C47-838B-F12CC1688B8F}
2018-07-15 13:41 - 2017-03-18 08:32 - 000004174 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-07-15 13:41 - 2016-01-12 04:30 - 000004314 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-07-15 13:41 - 2016-01-12 04:24 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-15 13:41 - 2016-01-12 00:08 - 000003334 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-15 13:41 - 2016-01-12 00:08 - 000003206 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-15 00:40 - 2016-06-10 20:19 - 000000000 ____D C:\Program Files (x86)\AnVir Task Manager Free
2018-07-14 18:36 - 2009-07-14 13:13 - 000917584 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-14 18:36 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\inf
2018-07-14 17:23 - 2016-01-12 02:54 - 000909706 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-07-14 15:44 - 2016-06-05 18:03 - 000000000 ____D C:\ProgramData\ProductData
2018-07-13 17:28 - 2016-01-12 04:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 
 
DC.lnk
2018-07-13 16:59 - 2016-11-23 13:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-07-12 10:41 - 2016-03-12 18:31 - 000409520 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-12 10:36 - 2016-01-11 22:58 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-12 10:35 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-07-12 03:12 - 2016-01-11 22:50 - 000000000 ____D C:\Windows\system32\MRT
2018-07-12 03:03 - 2016-01-11 22:50 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-07-11 22:22 - 2016-03-31 22:15 - 000000000 ____D C:\Users\Home\AppData\Roaming\.oit
2018-07-11 00:50 - 2016-01-12 04:30 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-11 00:50 - 2016-01-12 04:30 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-09 14:05 - 2017-01-20 15:07 - 000000222 _____ C:\Windows\SysWOW64\_WKERNEL.SYL
2018-07-09 14:02 - 2016-11-05 03:28 - 000000000 ____D C:\Users\Public\Documents\PT Photo Editor
2018-07-07 15:30 - 2016-03-14 00:28 - 000000000 ____D C:\XP
2018-07-06 23:51 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\system32\NDF
2018-07-05 22:09 - 2016-04-18 16:51 - 000000000 ____D C:\Newnew4
2018-07-05 17:35 - 2016-04-20 15:06 - 000000000 ____D C:\Movies
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\TypeData445.lt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\RemoteReach2.dta
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\mockdata.db
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\funnel2db.arc
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\ffile2_.dat
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\dat6_.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\type2.fnt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\productcode.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\kernalcode.gtd
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Windows\system32\tdt.dds
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Users\Home\AppData\Local\dat51_.dat
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\ProgramData\takesys.dat
2018-07-04 16:59 - 2016-01-12 04:23 - 000000000 ____D C:\Users\Home\AppData\Local\Adobe
2018-07-04 16:55 - 2017-09-23 18:21 - 000000000 ____D C:\Users\Home\Documents\NinjaTrader 7
2018-07-01 19:01 - 2016-03-09 01:51 - 000109208 _____ C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-30 19:34 - 2017-07-19 21:54 - 000000000 ____D C:\Program Files\WinSysClean X7 PRO
2018-06-30 19:31 - 2017-07-19 23:50 - 000000000 ____D C:\Program Files (x86)\Wise
2018-06-28 20:43 - 2016-03-31 21:39 - 000000000 ____D C:\Users\Home\Documents\My Digital Editions
2018-06-27 03:53 - 2016-01-12 00:09 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-27 03:53 - 2016-01-12 00:09 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-23 22:01 - 2018-06-11 19:02 - 000000000 ____D C:\New Futures.io downloads
2018-06-22 13:53 - 2018-06-10 12:15 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-06-21 17:21 - 2016-03-08 22:24 - 000000000 ____D C:\ProgramData\AVAST Software
2018-06-19 19:46 - 2016-04-13 19:02 - 000000000 ____D C:\NEW
2018-06-17 19:54 - 2016-04-02 22:29 - 000000000 ____D C:\ProgramData\Malwarebytes
 
==================== Files in the root of some directories =======
 
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\ProgramData\enginesys.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\ProgramData\takesys.dat
2017-02-03 21:18 - 2017-02-16 19:21 - 000001728 _____ () C:\Users\Home\AppData\Roaming\.starmoon_kst.cfg
2016-12-16 19:35 - 2017-10-04 15:34 - 000000126 _____ () C:\Users\Home\AppData\Roaming\default.rss
2017-07-04 20:59 - 2017-07-04 21:00 - 000000010 _____ () C:\Users\Home\AppData\Roaming\pdfdrawcodec.dll
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\Users\Home\AppData\Local\dat48_.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\Users\Home\AppData\Local\dat51_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\dat6_.xml
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\ffile2_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\funnel2db.arc
2008-02-05 13:28 - 2008-02-05 13:28 - 000000051 _____ () C:\Users\Home\AppData\Local\setup.txt
2017-12-08 19:08 - 2017-12-30 21:05 - 000005780 _____ () C:\Users\Home\AppData\Local\supFix.dtt
 
Some files in TEMP:
====================
2018-01-12 12:24 - 2018-01-12 12:24 - 011397488 _____ (AnVir Software) C:\Users\Home\AppData\Local\Temp\anvir.exe
2018-06-13 18:50 - 2018-06-13 18:50 - 000625816 ____T (Auslogics) C:\Users\Home\AppData\Local\Temp
 
\boost_speed_stub_installer.exe
2018-06-13 21:27 - 2017-09-13 23:31 - 001732864 _____ (Microsoft Corporation) C:\Users\Home\AppData\Local\Temp\dllnt_dump.dll
2018-06-13 18:50 - 2018-06-13 18:50 - 000384664 ____T (Auslogics) C:\Users\Home\AppData\Local\Temp
 
\driver_updater_stub_installer.exe
2018-06-27 21:19 - 2018-06-27 21:19 - 000012800 _____ () C:\Users\Home\AppData\Local\Temp\rrlb0owb.dll
2018-06-13 18:50 - 2018-06-13 18:50 - 001292400 ____T (Novnify) C:\Users\Home\AppData\Local\Temp\StopAd Installer.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-01-08 04:09
 
==================== End of FRST.txt ============================
 
---------------------------------------------------------------------------------------------------------------------------
 
Here is Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Home (17-07-2018 19:24:55)
Running from C:\Users\Home\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-10 06:16:41)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2713607381-13602913-39778406-500 - Administrator - Disabled)
Guest (S-1-5-21-2713607381-13602913-39778406-501 - Limited - Disabled)
Home (S-1-5-21-2713607381-13602913-39778406-1000 - Administrator - Enabled) => C:\Users\Home
HomeGroupUser$ (S-1-5-21-2713607381-13602913-39778406-1002 - Limited - Enabled)
HomeTester (S-1-5-21-2713607381-13602913-39778406-1003 - Administrator - Enabled) => C:\Users\HomeTester
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be 
 
uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems 
 
Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.7 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden
AnVir Task Manager Free (HKLM-x32\...\AnVir Task Manager Free) (Version: 9.2.3 - AnVir Software)
BurnAware Premium 11.0 GAOTD (HKLM-x32\...\BurnAware Premium_is1) (Version:  - Burnaware)
calibre 64bit (HKLM\...\{0224350E-9A3E-4932-8FC8-5D0590F1AF8A}) (Version: 2.55.0 - Kovid Goyal)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
DocX Reader 2.0 (HKLM-x32\...\DocX Reader 2.0) (Version:  - )
DolbyFiles (HKLM-x32\...\{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}) (Version: 0.1 - Nero AG) Hidden
Download Accelerator Manager (HKLM-x32\...\Download Accelerator Manager) (Version: 5.2.5 - )
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.2.0 - IObit)
Duplicate Photo Finder Plus 7.0 (HKLM-x32\...\Duplicate Photo Finder Plus_is1) (Version:  - TriSun Software Limited)
EditPad Lite 7.4.1 (HKLM\...\EditPad Lite) (Version: 7.4.1 - Just Great Software)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.8.1129 - Epubor Inc.)
EpuborVitalSourceDownloader 1.0.6 (only current user) (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\0d87c151-55a2-503a-
 
ba5c-83eaa9103f25) (Version: 1.0.6 - epubor)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron 
 
Technology)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fibozachi Elite Trader Package (www.forex-warez.com) version 7.31 (HKLM-x32\...\Fibozachi Elite Trader Package (www.forex-
 
warez.com)_is1) (Version: 7.31 - [email protected])
Filedrop version 1.1.5 (HKLM-x32\...\{3A309583-1B4A-4C90-85EA-124EB8DB331A}_is1) (Version: 1.1.5 - Filedrop)
Forex EA Generator 6.x (HKLM-x32\...\Forex EA Generator 6.x_is1) (Version:  - )
FXDD - MetaTrader (HKLM-x32\...\FXDD - MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
GoldenZone BarCloseMarker (HKLM-x32\...\{7B8F38FE-8CDF-4B26-A119-5388CAFEE98E}) (Version: 36.9.260.16 - GoldenZone Trading)
GoldenZone FullRangeBar (HKLM-x32\...\{3CE11A64-02C5-4B95-B0C0-C0CF94A82883}) (Version: 36.6.260.16 - GoldenZone Trading)
GoldenZone Leaders and Laggers (HKLM-x32\...\{40C302EF-A5A4-4EC3-A513-A0E2D441E93D}) (Version: 36.5.50.16 - GoldenZone 
 
Trading)
GoldenZone RolloversGuide (HKLM-x32\...\{991F9121-83AE-4309-8E54-95924F756A03}) (Version: 36.6.260.16 - GoldenZone Trading)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
IDTA Indicators (HKLM-x32\...\IDTA Indicators 2.1.4) (Version: 2.1.4 - The International Day Trading Academy)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Inpaint 7.1 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version:  - Teorex)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel 
 
Corporation)
Intel® Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel 
 
Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Lucky Days 2.3 (HKLM-x32\...\{3EAC2150-F274-4568-A03C-F52E549589EB}_is1) (Version:  - www.luckydays.tv)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft 
 
Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-
 
48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - 
 
Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - 
 
Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 
 
9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 
 
9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 
 
9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 
 
9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 
 
10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 
 
10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 
 
11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 
 
12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 
 
12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 
 
12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 
 
12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 
 
14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 
 
14.13.26020.0 - Microsoft Corporation)
MicroTrends DoubleShot Foundation 7.2018.03.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{EFDE0166-797F-
 
4CDF-82C2-4F5CAA827B28}) (Version: 7.2018.03.20 - MicroTrends)
MicroTrends NinjaTrader Framework 7 7.0.1.68 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{6B84A934-9323-4998-
 
B4AC-22D2B0905215}) (Version: 7.0.1.68 - MicroTrends)
MicroTrends Ultimate 7 Pro ATS 7.2018.3.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{E20EB602-68D1-4EA6-
 
860A-48535E867650}) (Version: 7.2018.3.20 - MicroTrends)
Mozilla Firefox 61.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.1 (x64 en-US)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 en-US)) (Version: 52.9.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiView Inpaint 1.2 (HKLM\...\{8188F7D9-812D-417D-B502-BE0D34ABFD81}_is1) (Version:  - Teorex)
Nero 9 Essentials (HKLM-x32\...\{61e0bd34-02fb-46f2-97c9-5813e346768c}) (Version:  - Nero AG)
NinjaTrader 8 (HKLM-x32\...\{2DAF98A0-9C96-4362-8AEB-5C548C01351E}) (Version: 8.0.13.1 - NinjaTrader, LLC)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
pCloud Drive (HKLM-x32\...\{5824F8F8-E59E-42CB-98FA-B1F329A58BB9}) (Version: 3.5.7 - pCloud AG) Hidden
PDFdu PDF Password Remover version 2.3 (HKLM-x32\...\{4412D3E1-E5ED-4EEA-B631-427FB9F31F48}_is1) (Version: 2.3 - PDFdu.com)
PhotoScissors 4.0 (HKLM\...\{664FCCAE-8187-4EC5-B191-758C040C999C}_is1) (Version:  - teorex)
PT Photo Editor - Pro Edition 3.7 (HKLM\...\{5C65692A-A64B-4B54-8E1E-429A56979DB0}_is1) (Version: 3.7 - PHOTO-TOOLBOX.COM)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek 
 
Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - 
 
Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) 
 
(Version: 2.0.20.0 - Renesas Electronics Corporation)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RogueKiller version 12.12.21.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.21.0 - Adlice Software)
Security Task Manager 2.1k (HKLM-x32\...\Security Task Manager) (Version: 2.1k - Neuber Software)
Sketch Drawer 4.2 (HKLM-x32\...\Sketch Drawer_is1) (Version: 4.2 - SoftOrbits)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
StartEd Lite (HKLM-x32\...\StartEd Lite) (Version: 5.60 - Outertech)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1258 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TOM Products version 3.7.0.1 (HKLM-x32\...\{BDD96956-F4E4-4498-B82A-C9E143C3ACA3}_is1) (Version: 3.7.0.1 - TheOilMoney)
TopDogTrading Indicators (HKLM-x32\...\{7A8B0366-82AB-4711-A99C-66E32B62CBAF}) (Version: 1.00.0000 - TopDogTrading)
Trading123AutoTraderV5j (HKLM-x32\...\{2BBB7785-61E5-4FD1-807E-9046FEC6AA63}) (Version: 1.0.5.10 - Trading123.Net)
UltraSearch V2.1.2 (64 bit) (HKLM\...\UltraSearch_is1) (Version: 2.1.2 - JAM Software)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-
 
5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Video to GIF 5.3 (HKLM-x32\...\Video to GIF) (Version: 5.3 - AoaoPhoto Digital Studio.)
WinPDFEditor V3.4 (HKLM-x32\...\WinPDFEditor_is1) (Version:  - hxxp://www.WinPDFEditor.com)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinSysClean X7 PRO (HKLM\...\{1A4E6757-4428-4422-80A3-9B5D28B1AD43}) (Version: 17.20 - Ultimate Systems, Inc.) Hidden
WinSysClean X7 PRO (HKLM-x32\...\WinSysClean X7 PRO) (Version: 17.20 - Ultimate Systems, Inc.)
WinUtilities Professional Edition 13.23 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043009}_is1) (Version: 13.23 - YL 
 
Computing, Inc)
WowTron PDF Restriction Remover (HKLM-x32\...\{7D68F994-CCD6-4C09-8127-E3E1A0333DA0}) (Version: 1.1.1 - WowTron Software Co. 
 
Ltd.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
CustomCLSID: HKU\S-1-5-21-2713607381-13602913-39778406-1000_Classes\CLSID\{F09690BD-582D-4439-B6ED-
 
5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    pCloudINPROGRESS] -> {D8BFAFBD-B670-4252-9C17-9CF1C64C2BAF} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudINSYNC] -> {8D0C0582-552A-4A6B-9455-DA63E1F329C0} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudNOSYNC] -> {3858ED1B-8F1C-42ED-A8A9-FDBF591E3C6B} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {CB7E9D62-75C5-4121-BBD4-C6DF0AD8C262} => C:\Windows
 
\system32\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {CB7E9D62-75C5-4121-BBD4-C6DF0AD8C262} => C:\Windows
 
\system32\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
ContextMenuHandlers1: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll 
 
[2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 
 
9\Nero CoverDesigner\CoverEdExtension.dll [2009-10-15] (Nero AG)
ContextMenuHandlers1-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows
 
\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll 
 
[2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll 
 
[2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware
 
\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll 
 
[2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-10-08] 
 
(Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware
 
\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows
 
\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-
 
08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll 
 
[2017-08-11] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
Task: {0A39D710-ED40-41DA-AE01-9A7EDD149DD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google
 
\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {1C906D8C-89DC-4569-BD1C-52E30CFB919E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google
 
\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {2797DECE-4DB4-4663-85F6-38093DB6480A} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 
 
5\Initialize.exe
Task: {2CEFA448-F019-4939-829F-AD682569DB18} - \FreeDownloadManagerNetworkMonitor -> No File <==== ATTENTION
Task: {3D92964E-8641-4995-AC35-96D4FD794603} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common 
 
Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {6B5CE91C-079C-4CD4-BFE1-468927BD81C2} - System32\Tasks\{C8711FB9-019D-4C47-838B-F12CC1688B8F} => C:\Program Files 
 
(x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {70ADD8E1-75DA-4DCC-A4AA-858CB64A701D} - \Driver Booster Scheduler -> No File <==== ATTENTION
Task: {7360257D-DC15-41CD-8018-4500BA372DC1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast
 
\AvEmUpdate.exe
Task: {78412DB2-009F-4B33-82D7-B3C8A65606C9} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled 
 
Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {8E6F9859-DAFB-4979-AB3B-FDF49DEAD6A5} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files
 
\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {ADF1FDAD-D7F8-461D-8B32-9B7EE15C03C7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows
 
\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe
Task: {B37ACB3C-BA1A-4627-9F9F-3DEA763FA5AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed
 
\Flash\FlashPlayerUpdateService.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {EE7A4FEB-9E17-4400-B1FA-E1F313272337} - System32\Tasks\{CEBE9F60-2E2E-4BF0-AEAE-325E6ADDDF40} => C:\Program Files 
 
(x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {F03B2B28-03E5-418A-9206-93E4B862CB69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows
 
\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-10] (Adobe Systems Incorporated)
Task: {F2655F5D-64E3-48A9-AFCF-96C15C415576} - \Driver Booster SkipUAC (Home) -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be 
 
moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash
 
\FlashUtil32_30_0_0_113_pepper.exe
Task: C:\Windows\Tasks\AnVir Task Manager.job => C:\Program Files (x86)\AnVir Task Manager Free\AnVir.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MicroTrends 
 
Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Blog.lnk 
 
-> hxxp://blog.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Forum.lnk 
 
-> hxxp://forum.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Help 
 
Desk.lnk -> hxxp://microtrends.zendesk.com
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Squawk 
 
Box.lnk -> hxxp://downloads.microtrends.co/squawkbox/install.ht
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MicroTrends 
 
Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MT Help 
 
Desk.lnk -> hxxp://microtrends.zendesk.com
 
ShortcutWithArgument: C:\Users\Home\Desktop\Online File Converter.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-
 
Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3G2.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-3G2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3GP.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-3GP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 7z.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-7Z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AAC.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AC3.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AC3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AIFF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AVI.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AVI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AZW3.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AZW3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to BMP.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-BMP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPS.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-EPS
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPUB.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ePub
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Excel.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Xls
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FB2.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FB2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLAC.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FLAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Flash.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Flash
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FLV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to GIF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-GIF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Html.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-HTML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to iPhone.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-iPhone
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to JPG.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-JPG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to LRF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-LRF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to M4A.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M4A
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MKV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MKV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MOBI.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MOBI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Mov.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MOV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP2.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP3.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP4.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP4
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ODF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OGG.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-OGG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OpenOffice.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-ODT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDB.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PDB
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PDF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PhotoShop.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-PSD
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PNG.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PNG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PowerPoint.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-PPT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to RM.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-RM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Rtf.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.bz2.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Tar-bz2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.gz.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Tar-gz
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.z.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Tar-z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TCR.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TCR
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TIFF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Txt.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TXT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W1V.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M1V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W2V.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M2V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WAV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WAV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WebM.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WebM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMA.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WMA
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WMV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Word.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Doc
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xbox 360.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Xbox360
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xml.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-XML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to YouTube.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-YouTube
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ZIP.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ZIP
ShortcutWithArgument: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Online File Converter.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-06-10 12:10 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-12-29 14:42 - 2015-10-08 19:47 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-07-12 10:53 - 2018-07-12 10:53 - 000169984 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop
 
\db655ae9e4ab7d7e5204db26e314ea39\IsdiInterop.ni.dll
2016-01-10 14:30 - 2010-11-05 23:50 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology
 
\IsdiInterop.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sascansvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2018-07-17 17:59 - 000001314 _____ C:\Windows\system32\Drivers\etc\hosts
 
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft
 
\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 64.145.73.5 - 209.107.219.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 
 
3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E0F10DD9-5871-40A5-8C94-CBBBA5118DA0}] => (Allow) LPort=80
FirewallRules: [TCP Query User{26303190-3DA5-4505-82FE-FA4C8E64E6DB}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [UDP Query User{0835F49C-2F7A-4578-8AF1-4C2FC1C6F50A}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [{979902AF-DFE2-49CB-B3D3-22E0138C3E3C}] => (Allow) C:\Program Files (x86)\pCloud Drive\pCloud.exe
FirewallRules: [TCP Query User{3A0A0771-7500-48C2-B773-5D3D6ECC8544}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{6CC3C934-9C22-4507-859C-9D9B09B201A1}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{66781602-1EEF-4160-A7F9-28A5422FDD62}C:\program files (x86)\ninjatrader 
 
8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{C2756435-D0AE-467C-9907-834F2AAE75B6}C:\program files (x86)\ninjatrader 
 
8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{8C300CD9-195C-4FB7-BA39-B2981DBAC6F4}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [UDP Query User{240E47F2-B98E-4409-9433-A2753201F861}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [{BB25DF2E-E071-4E74-89FE-EFF71BB46E05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FCF3E1A5-3B13-4082-ABF3-2CE340C9F017}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{76EEFDB5-90CB-494D-B277-1D699744AF9C}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{D3F505DC-CF8C-462A-8AB8-6D2E062CF20C}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [{5C618650-B412-47C0-84A2-FC32B61999E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{88049983-F4CE-4EB1-BBD2-4F0BAF0A9FA7}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) 
 
C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [UDP Query User{F82D738E-1254-4EEE-97EF-E09D70001824}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) 
 
C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [TCP Query User{11A84D1D-09E8-45A8-A01E-C075142339B3}C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
FirewallRules: [UDP Query User{A2C5E8EF-6E22-4E1F-9FD0-7B8A5988EEA8}C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
 
==================== Restore Points =========================
 
14-07-2018 17:12:16 Windows Update
14-07-2018 17:51:31 Windows Update
14-07-2018 18:14:54 Windows Update
17-07-2018 17:15:31 Revo Uninstaller's restore point - IObit Uninstaller
17-07-2018 17:32:48 Revo Uninstaller's restore point - GOM Player
17-07-2018 17:39:11 Revo Uninstaller's restore point - Absolute Uninstaller 5.3.1.21
17-07-2018 17:40:43 Revo Uninstaller's restore point - 7-Zip 18.05 (x64)
17-07-2018 17:44:40 Revo Uninstaller's restore point - SharkIndicators Software
17-07-2018 17:45:24 Removed Installer
17-07-2018 17:53:12 Revo Uninstaller's restore point - ScanMyReg 3.0
 
==================== Faulty Device Manager Devices =============
 
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow 
 
the instructions.
 
Name: EldoS PnP virtual bus
Description: EldoS PnP virtual bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: EldoS Corporation
Service: vpnpbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or 
 
damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if 
 
the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/17/2018 06:34:22 PM) (Source: COM) (EventID: 10035) (User: )
Description: The COM standard marshaler was unable to fix a mismatch between the IID {618736E0-3C3D-11CF-810C-00AA00389B71} 
 
provided by the server and the IID {00020400-0000-0000-C000-000000000046} requested by the client, with handler CLSID 
 
{0032EC7C-0002-0000-0000-0000F0000000}. The error code was 0x80004002.
 
Error: (07/17/2018 04:29:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/16/2018 09:31:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/16/2018 07:02:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/16/2018 07:02:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/16/2018 06:47:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/16/2018 06:46:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (07/16/2018 06:46:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe".Error in manifest or 
 
policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-
 
controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
 
System errors:
=============
Error: (07/17/2018 05:59:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (07/16/2018 07:01:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (07/16/2018 06:46:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start 
 
because of the following error: 
The dependency service or group failed to start.
 
Error: (07/16/2018 06:46:57 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (07/16/2018 06:46:57 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (07/16/2018 06:46:49 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (07/16/2018 06:46:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 21
 
Error: (07/16/2018 06:46:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cbfs6
discache
HWiNFO32
MpFilter
spldr
Wanarpv6
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 40%
Total physical RAM: 4012.97 MB
Available physical RAM: 2372.32 MB
Total Virtual: 8024.11 MB
Available Virtual: 6328.12 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:220.7 GB) (Free:9.47 GB) NTFS
Drive d: () (Fixed) (Total:244.96 GB) (Free:45.02 GB) NTFS
Drive e: () (CDROM) (Total:4.38 GB) (Free:0.01 GB) UDF
 
\\?\Volume{192deb17-b7e7-11e5-8856-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AACEA11C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=245 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220.7 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
-------------------------------------------------------------------------------------------------------------------------
 
And as you suggested RKinner, I uninstalled GOM Player, IObit Uninstaller and ScanMyReg 3.0 programs. Do you think I should 
uninstall the Secureage program too?
I understand your office is being repainted. Hope everything is going well for you!
Btw,the executable files,including my Thunderbird email client and the Firefox browser are working fine still.
Many thanks RKinner  :yes:  :spoton:
 
 

  • 0

#8
RKinner
Posted 17 July 2018 - 06:59 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Still just have this old laptop.  Hopr to get the office back this evening.

 

You can uninstall Secureage if you want to but it doesn't seem to be in your uninstall list.  Also get rid of Driver Booster 5 & AnVir Task Manager Free

 

Start up FRST but don't hit SCAN.  Instead put

Rtlihvs.dll

in its Search Box and then hit Search Files.  If it finds the file then post the log.

Alternatively you can download a new copy of your WiFi driver from your PC maker's support website.


  • 0

#9
MagickMage
Posted 18 July 2018 - 05:31 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Greetings RKinner. How did your office painting go? Good and up to your satisfaction I hope. Also hopefully you are able to work in your office again.
Keeping with your suggestions, I have tried to find the SecureAge dedicated Uninstallation proram in the program's directory,but unfortunately I couldn't find the program!
Now that made me go hmmm. So what I did next was to just delete the entire SecureAge directory.
Also,I uninstalled Driver Booster 5 and AnVir Task Manager.
You also asked me to search for the dll file Rtlihvs.dll,using FRST and to post the log if it was found.
 
Here is the Search log.txt
 
Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Home (18-07-2018 14:41:05)
Running from C:\Users\Home\Desktop
Boot Mode: Normal
 
================== Search Files: "Rtlihvs.dll
" =============
 
C:\XP\New Backups\D-Link\DWA-123\Rtlihvs.dll
[2016-03-14 00:31][2012-02-14 19:37] 000535040 _____ (Realtek Semiconductor Corp. ) DA41AAEF2BEA443567EB64845247BEDB [File not signed]
 
 
====== End of Search ======
 
Many thanks RKinner.

  • 0

#10
RKinner
Posted 18 July 2018 - 08:08 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Painting is over finally and wife is happy with it so I'm happy.

 

The search showed that there is no file where it should be.  The only backup copy is in an odd place so I doubt it will work.

 

The best thing would be to download a new copy of the Wireless adapter driver from your PC support Website.  If you can't find it then

Right click on Computer and select Manage and then Device Manager then View, Show Hidden Devices.  (Open Network Adapters) Right click on the wireless adapter and select properties then click on the Details tab.  Change Property to Hardware IDs.  Click on the top one then right click and copy.  Paste that into a reply. 

 

Also give me the make and model number (and service tag if it has one)

 

I'm not happy with the SFC results.  Get SFCFix from

 

http://www.majorgeek...ils/sfcfix.html

 

Download, Save and right click on it and Run As Admin.

 

If it doesn't find any sfc results then you just need to run SFC first.  (The log gets purged periodically).

Once done, a file will appear on your Desktop, called SFCFix.txt;
Open the file, then copy and paste its content in your next reply;

 

Name: EldoS PnP virtual bus
Description: EldoS PnP virtual bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: EldoS Corporation
Service: vpnpbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or
 
damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if
 
the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 

 

 

Supposedly this is part of something called: Callback File System

I don't see it in the install list but I can see traces of it in the FRST logs. 

 

Also:

 

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow
 the instructions.

 

 

Probably this thing:

TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )

Is that something you use?


  • 0

Advertisements

#11
MagickMage
Posted 19 July 2018 - 08:05 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Greetings RKinner! Glad to hear your office painting is over and that your wife is happy with it.
Thanks so much for your continued help.
 
You have mentioned "The best thing would be to download a new copy of the Wireless adapter driver from your PC support 
Website."
Does that mean you want me to delete the .dll file Rtlihvs.dll?
 
I have checked Device Manager, and obtained the following information. 
 
Wireless adapter:D-Link DWA-123 Wireless N 150 USB Adapter(rev.D)
Providor:Realtek Semiconductor Corp.
Manufacturer:D-Link Corporation
Model No: DWA-123
 
Btw, you asked about the Hardware ID.
This is the topmost one.
USB\VID_2001&PID_3310&REV_0000
 
But I don't seem to be able to find the service tag. Where do I find that please?
 
 
I have downloaded the file SFCFix and ran it as Admin in Windows Regular mode.It produced the file SFCFix.txt. 
Here is SFCFix txt.
 
========================================================================================================================
 
SFCFix version 3.0.0.0 by niemiro.
Start time: 2018-07-19 19:19:36.401
Microsoft Windows 7 Service Pack 1 - amd64
Not using a script file.
 
 
 
 
AutoAnalysis::
CORRUPT: C:\Windows\winsxs\amd64_microsoft-windows-s..on-wizard-
 
framework_31bf3856ad364e35_6.1.7601.17514_none_1478eaa56818c3c0\spwizimg.dll
CORRUPT: C:\Windows\winsxs\amd64_microsoft-windows-setup-
 
component_31bf3856ad364e35_6.1.7601.17514_none_905283bdc3e1d2d8\W32UIRes.dll
 
 
SUMMARY: Some corruptions could not be fixed automatically. Seek advice from helper or sysnative.com.
   CBS & SFC total detected corruption count:     2
   CBS & SFC total unimportant corruption count:  0
   CBS & SFC total fixed corruption count:        0
   SURT total detected corruption count:          0
   SURT total unimportant corruption count:       0
   SURT total fixed corruption count:             0
AutoAnalysis:: directive completed successfully.
 
 
 
 
Successfully processed all directives.
 
 
 
Failed to generate a complete zip file. Upload aborted.
 
 
SFCFix version 3.0.0.0 by niemiro has completed.
Currently storing 0 datablocks.
Finish time: 2018-07-19 19:47:29.104
----------------------EOF-----------------------
 
 
======================================================================================================
 
 
Regarding the EldoS PnP virtual bus and "Callback File System",I really don't remember installing any device, program or app 
like that at all. So it's a mystery to me.
 
As for the avast! SecureLine TAP Adapter v3. I do remember that, but I hardly use it and have disabled it.In answer to your 
question, no it's something I don't use.
 
Again,many many thanks to you RKinner. Take care!  :D 

  • 0

#12
RKinner
Posted 19 July 2018 - 03:39 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

I guess I wasn't clear.  I was asking for the PC's Make and part number.   This is on a label on the bottom or back of the PC.  Often there will also be a Service Tag.  This depends on the make.  Not all have them but if present it identifies the configuration of the PC when it left the factory.  However, since the Wireless is an add-on we don't really need that info as the factory would know nothing of it.

 

Apparently your D-link came with a CD so I suppose that's how we got the XP folder so we will try to replace the missing file with that one and at the same time clean up some deadwood including the ELDOS and Avast stuff.

 

Download the attached fixlist.txt to the same location as FRST
Attached File  fixlist.txt   10.06KB   297 downloads

Before you run FRST, double click on the fixlist.txt file and then click on Format and UNCHECK Word Wrap.  FRST is supposed to do that automatically but it doesn't seem to have worked in your case.  Close and Save.

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.

 


  • 0

#13
MagickMage
Posted 20 July 2018 - 05:02 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Greetings RKinner.
Ahh I see. You want the PC's make and model number.The manufacturer is Acer and the model is Veriton S4610G.The only label I could find on the bottom/back of the PC,other than the usual Genuine Microsoft sticker Labels is a label sticker with the words and numbers PSPL/DEC11/80500000597(1/5) on them,on the front top.
 
I ran FRST as Admin in Windows Regular mode and using your Fixlist.txt,after having unchecked the word wrap option,I pressed on Fix.
 
Here is the contents of Fixlog.txt
 
==========================================================================================================================================================
Fix result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Home (20-07-2018 18:15:47) Run:2
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
COPY: C:\XP\New Backups\D-Link\DWA-123\Rtlihvs.dll C:\Windows\system32\Rtlihvs.dll
SSODL: EldosMountNotificator-cbfs6 - {7CFD46AF-7E92-43EC-951E-0C6DA2E9F3B2} - C:\Windows\system32\cbfsMntNtf6.dll (/n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {7CFD46AF-7E92-43EC-951E-0C6DA2E9F3B2} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (/n software, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {CB7E9D62-75C5-4121-BBD4-C6DF0AD8C262} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {CB7E9D62-75C5-4121-BBD4-C6DF0AD8C262} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
Task: {2CEFA448-F019-4939-829F-AD682569DB18} - \FreeDownloadManagerNetworkMonitor -> No File <==== ATTENTION
Task: {70ADD8E1-75DA-4DCC-A4AA-858CB64A701D} - \Driver Booster Scheduler -> No File <==== ATTENTION
Task: {F2655F5D-64E3-48A9-AFCF-96C15C415576} - \Driver Booster SkipUAC (Home) -> No File <==== ATTENTION
Task: C:\Windows\Tasks\AnVir Task Manager.job => C:\Program Files (x86)\AnVir Task Manager Free\AnVir.exe
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
Task: {7360257D-DC15-41CD-8018-4500BA372DC1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
2018-07-16 18:16 - 2016-03-08 22:27 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-07-15 00:40 - 2016-06-10 20:19 - 000000000 ____D C:\Program Files (x86)\AnVir Task Manager Free
2018-06-21 17:21 - 2016-03-08 22:24 - 000000000 ____D C:\ProgramData\AVAST Software
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2017-03-29] (The OpenVPN Project)
S1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-09-09] (/n software, Inc.)
R2 !SASCORE; C:\Security\SAS\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
S2 Everything; C:\Program Files\SecureAge\Everything\Everything.exe [2197608 2017-06-07] ()
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit)
U1 aswbdisk; no ImagePath
S3 clwvd6; system32\DRIVERS\clwvd6.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
S3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-06] (IObit.com)
S3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [22416 2018-01-11] (IObit.com)
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\AnVir Task Manager Free\OpenHardwareMonitor\OpenHardwareMonitorLib.sys [X]
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
2018-07-15 00:40 - 2018-07-15 00:48 - 000000286 _____ C:\Windows\Tasks\AnVir Task Manager.job
2018-07-15 00:40 - 2018-07-15 00:41 - 000000000 ____D C:\Users\Home\AppData\Local\AnVir
2018-07-15 00:40 - 2018-07-15 00:40 - 000001148 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager Free.lnk
2018-07-15 00:40 - 2018-07-15 00:40 - 000001124 _____ C:\Users\Home\Desktop\AnVir Task Manager Free.lnk
2018-07-15 00:40 - 2018-07-15 00:40 - 000000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Free [2018-07-17 17:28 - 2016-06-05 18:03 - 00000000 ____D C:\Users\Home\AppData\Roaming\IObit
2018-07-17 17:28 - 2016-06-05 18:03 - 000000000 ____D C:\ProgramData\IObit
2018-07-17 17:28 - 2016-06-05 18:03 - 000000000 ____D C:\Program Files (x86)\IObit
2018-07-17 17:11 - 2017-09-11 21:01 - 000001415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2018-07-17 17:33 - 2017-08-05 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM
2018-07-17 17:33 - 2017-08-05 20:51 - 000000000 ____D C:\Program Files (x86)\GRETECH
2018-01-12 12:24 - 2018-01-12 12:24 - 011397488 _____ (AnVir Software) C:\Users\Home\AppData\Local\Temp\anvir.exe
2018-06-13 18:50 - 2018-06-13 18:50 - 000625816 ____T (Auslogics) C:\Users\Home\AppData\Local\Temp\boost_speed_stub_installer.exe
2018-06-13 21:27 - 2017-09-13 23:31 - 001732864 _____ (Microsoft Corporation) C:\Users\Home\AppData\Local\Temp\dllnt_dump.dll
2018-06-13 18:50 - 2018-06-13 18:50 - 000384664 ____T (Auslogics) C:\Users\Home\AppData\Local\Temp\driver_updater_stub_installer.exe
2018-06-27 21:19 - 2018-06-27 21:19 - 000012800 _____ () C:\Users\Home\AppData\Local\Temp\rrlb0owb.dll
2018-06-13 18:50 - 2018-06-13 18:50 - 001292400 ____T (Novnify) C:\Users\Home\AppData\Local\Temp\StopAd Installer.exe
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
 
 
 
 
 
 
 
 
 
 
 
 
 
*****************
 
Restore point was successfully created.
================== "COPY: C:\XP\New Backups\D-Link\DWA-123\Rtlihvs.dll C:\Windows\system32\Rtlihvs.dll" ===================
 
"C:\XP\New Backups\D-Link\DWA-123\Rtlihvs.dll" copied successfully
 
=== End of Copy: ===
"HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\EldosMountNotificator-cbfs6" => removed successfully
"HKLM\Software\Classes\CLSID\{7CFD46AF-7E92-43EC-951E-0C6DA2E9F3B2}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\EldosMountNotificator-cbfs6" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{7CFD46AF-7E92-43EC-951E-0C6DA2E9F3B2}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EldosIconOverlay-cbfs6" => removed successfully
"HKLM\Software\Classes\CLSID\{CB7E9D62-75C5-4121-BBD4-C6DF0AD8C262}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EldosIconOverlay-cbfs6" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{CB7E9D62-75C5-4121-BBD4-C6DF0AD8C262}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2CEFA448-F019-4939-829F-AD682569DB18}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CEFA448-F019-4939-829F-AD682569DB18}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FreeDownloadManagerNetworkMonitor => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70ADD8E1-75DA-4DCC-A4AA-858CB64A701D} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2655F5D-64E3-48A9-AFCF-96C15C415576} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Home)" => removed successfully
"C:\Windows\Tasks\AnVir Task Manager.job" => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension" => removed successfully
"HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{7360257D-DC15-41CD-8018-4500BA372DC1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7360257D-DC15-41CD-8018-4500BA372DC1}" => removed successfully
C:\Windows\System32\Tasks\Avast Emergency Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Emergency Update" => removed successfully
C:\Windows\System32\Tasks\AVAST Software => moved successfully
"C:\Program Files (x86)\AnVir Task Manager Free" => not found
C:\ProgramData\AVAST Software => moved successfully
aswTap => service not found.
cbfs6 => Unable to stop service.
"HKLM\System\CurrentControlSet\Services\cbfs6" => removed successfully
cbfs6 => service removed successfully
!SASCORE => service not found.
Everything => service not found.
IObitUnSvr => service not found.
aswbdisk => service not found.
clwvd6 => service not found.
Partizan => service not found.
ZAM => service not found.
ZAM_Guard => service not found.
IUFileFilter => service not found.
IURegProcessFilter => service not found.
WinRing0_1_2_0 => service not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => not found
HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => not found
"C:\Windows\Tasks\AnVir Task Manager.job" => not found
"C:\Users\Home\AppData\Local\AnVir" => not found
"C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager Free.lnk" => not found
"C:\Users\Home\Desktop\AnVir Task Manager Free.lnk" => not found
C:\Users\Home\AppData\Roaming\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
C:\Program Files (x86)\IObit => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM => moved successfully
C:\Program Files (x86)\GRETECH => moved successfully
"C:\Users\Home\AppData\Local\Temp\anvir.exe" => not found
C:\Users\Home\AppData\Local\Temp\boost_speed_stub_installer.exe => moved successfully
C:\Users\Home\AppData\Local\Temp\dllnt_dump.dll => moved successfully
C:\Users\Home\AppData\Local\Temp\driver_updater_stub_installer.exe => moved successfully
C:\Users\Home\AppData\Local\Temp\rrlb0owb.dll => moved successfully
C:\Users\Home\AppData\Local\Temp\StopAd Installer.exe => moved successfully
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 18:18:03 ====
 
 
I then rebooted back into Regular mode and as Admin,ran FRST again.
============================================================================================================================================================
FRST.txt
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by Home (administrator) on HOME-PC (20-07-2018 18:33:47)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-07-18] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 2010-11-17] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.17.5.36 172.17.5.68
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [NameServer] 64.145.73.5,209.107.219.5
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [DhcpNameServer] 172.17.5.36 172.17.5.68
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2713607381-13602913-39778406-1000 -> {C4D576CF-D6A4-4EC3-8536-B0E5AEFF4ABE} URL = hxxps://sg.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_172\bin\ssv.dll [2018-07-18] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-07-18] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
 
FireFox:
========
FF DefaultProfile: anbxvldd.default-1529575451185
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 [2018-07-18]
FF Homepage: Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 -> hxxps://www.google.com/
FF Extension: (Adblock Plus) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-06-21]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\[email protected] [2018-07-16] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
FF Plugin: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-07-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-07-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-07-20]
CHR Extension: (Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2018-06-29]
CHR Extension: (Pixlr Editor) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2016-09-11]
CHR Extension: (AliDropship) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnhdnbbikjkdejminhdpmejldiapdgn [2018-06-13]
CHR Extension: (Video DownloadHelper) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2018-07-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-07-19]
CHR Extension: (Scribd Downloader Free) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\picjckiempkofneplcbdijedckiollfd [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2018-02-12] (Digiarty Software, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-11-19] (REALiX™)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2017-05-16] (Highresolution Enterprises [www.highrez.co.uk])
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-06-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-20] (Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [47104 2016-05-20] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7673200 2017-11-16] (Realtek Semiconductor Corporation )
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [424384 2018-07-18] (Realsil Semiconductor Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [54840 2017-12-20] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-07-31] (Spotflux, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-06-14] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-20 18:33 - 2018-07-20 18:35 - 000012538 _____ C:\Users\Home\Desktop\FRST.txt
2018-07-20 18:15 - 2018-07-20 18:18 - 000010725 _____ C:\Users\Home\Desktop\Fixlog.txt
2018-07-20 18:15 - 2018-07-20 18:15 - 000000000 ____D C:\Windows\system32\Rtlihvs.dll
2018-07-20 17:50 - 2018-07-20 17:53 - 000000000 ____D C:\Users\Home\AppData\Roaming\vlc
2018-07-20 17:46 - 2018-07-20 17:46 - 000000906 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-07-20 17:46 - 2018-07-20 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-07-20 17:45 - 2018-07-20 17:45 - 000000000 ____D C:\Program Files\VideoLAN
2018-07-20 17:25 - 2018-07-20 17:28 - 682693719 _____ C:\Users\Home\Downloads\Watch Kickboxer Online Free 1989 Putlocker - Putlocker - Wat.mp4
2018-07-19 19:47 - 2018-07-19 19:47 - 000002408 _____ C:\Users\Home\Desktop\SFCFix.txt
2018-07-19 19:47 - 2018-07-19 19:47 - 000000000 ____D C:\SFCFix
2018-07-19 19:19 - 2018-07-19 19:47 - 000000000 ____D C:\Users\Home\AppData\Local\niemiro
2018-07-19 15:45 - 2018-07-19 15:45 - 000028699 _____ C:\Users\Home\Downloads\tprenko-edu.rar
2018-07-19 15:01 - 2018-07-20 18:23 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-07-18 22:20 - 2018-07-18 22:21 - 002884096 _____ (niemiro) C:\Users\Home\Downloads\SFCFix.exe
2018-07-18 21:01 - 2018-07-20 13:27 - 000000980 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-07-18 21:01 - 2018-07-18 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-07-18 21:01 - 2018-07-18 21:01 - 000000000 ____D C:\Program Files\Speccy
2018-07-18 19:06 - 2018-07-20 18:10 - 000002183 _____ C:\Users\Home\AppData\Local\restore.vbs
2018-07-18 19:00 - 2018-07-18 19:00 - 000000000 ____D C:\QRM
2018-07-18 18:52 - 2018-07-18 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-07-18 18:52 - 2018-07-18 18:52 - 000000000 ____D C:\Program Files\7-Zip
2018-07-18 18:46 - 2018-07-18 18:47 - 000000000 _____ C:\end
2018-07-18 16:47 - 2018-07-18 16:47 - 000002890 _____ C:\Windows\System32\Tasks\WinSysCleanUAC
2018-07-18 15:15 - 2018-07-18 15:15 - 000424384 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2018-07-18 15:04 - 2018-07-18 15:04 - 072520672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2018-07-18 15:04 - 2018-07-18 15:04 - 013687502 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2018-07-18 15:04 - 2018-07-18 15:04 - 007178432 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 007101704 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 006270160 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 006173640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2018-07-18 15:04 - 2018-07-18 15:04 - 005346960 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003677120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2018-07-18 15:04 - 2018-07-18 15:04 - 003632464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003452120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003417968 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003306776 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003214672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003198528 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003128768 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 002939728 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 002444648 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 002197944 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001971328 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001965120 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001787920 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001598352 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001544216 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001516232 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001448736 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOv251gm.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001435104 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001382192 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001372352 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001353280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001337608 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001328360 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001266352 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001259696 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001178240 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001164584 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOvlldpgm.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001159152 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001133560 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001027608 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000999008 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000994648 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000964992 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000873424 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000852104 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000751264 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000734736 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000715608 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000714432 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000692128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000604760 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000541072 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000511608 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000467120 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000453240 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000452696 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000448568 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000447144 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000416472 _____ (Harman) C:\Windows\system32\HMUI.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000406416 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000392840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000381368 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000378352 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000367576 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000366080 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000360312 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000341112 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000341112 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000332968 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000327240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000327232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000315944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000278240 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000266512 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000261200 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000261160 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000260176 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000231880 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000230664 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000220352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000218232 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000203808 _____ (Harman) C:\Windows\system32\HMHVS.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000192944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000179560 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000174904 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000158664 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000157312 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000154328 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000139720 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000122280 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000118552 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000116504 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000105272 _____ C:\Windows\system32\audioLibVc.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000093872 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000090880 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000090136 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000088288 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000083592 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000075496 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000023656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2018-07-17 20:35 - 2018-07-17 20:35 - 002050596 _____ C:\Users\Home\Downloads\System Tweaker - Portable.zip
2018-07-15 21:09 - 2018-07-15 21:10 - 038186512 _____ (Tweaking.com) C:\Users\Home\Desktop\tweaking.com_windows_repair_aio_setup.exe
2018-07-14 19:20 - 2018-07-20 18:33 - 000000000 ____D C:\FRST
2018-07-14 18:38 - 2018-07-16 18:14 - 002412544 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe
2018-07-14 18:01 - 2018-07-14 18:19 - 000002155 _____ C:\Windows\epplauncher.mif
2018-07-14 17:53 - 2018-07-14 18:19 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2018-07-14 17:53 - 2018-07-14 18:19 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-07-14 17:53 - 2018-07-14 18:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2018-07-14 17:27 - 2018-07-14 17:27 - 000054141 _____ C:\Users\Home\Downloads\turningpoints-edu (1).rar
2018-07-14 14:34 - 2018-07-14 14:34 - 000000000 ____D C:\Users\Home\Downloads\turningpoints-edu
2018-07-13 18:43 - 2018-07-13 18:44 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators (1).zip
2018-07-13 18:29 - 2018-07-13 18:29 - 000072963 _____ C:\Users\Home\Downloads\TPRenko.zip
2018-07-13 17:06 - 2018-07-13 17:06 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7 (1).pdf
2018-07-13 17:06 - 2018-07-13 17:06 - 000041388 _____ C:\Users\Home\Downloads\CoachingRoomTestimonialsV2.pdf
2018-07-13 17:04 - 2018-07-13 17:04 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7.pdf
2018-07-11 20:07 - 2018-07-11 20:08 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators.zip
2018-07-11 17:20 - 2018-06-14 00:23 - 000140992 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-11 17:20 - 2018-06-14 00:18 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-11 17:20 - 2018-06-08 21:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-11 17:19 - 2018-06-21 08:58 - 000398376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-07-11 17:19 - 2018-06-21 08:00 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-07-11 17:19 - 2018-06-17 00:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:46 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 17:19 - 2018-06-17 00:36 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-07-11 17:19 - 2018-06-17 00:33 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-07-11 17:19 - 2018-06-17 00:23 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-07-11 17:19 - 2018-06-17 00:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:19 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-07-11 17:19 - 2018-06-17 00:19 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-07-11 17:19 - 2018-06-17 00:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 17:19 - 2018-06-17 00:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-07-11 17:19 - 2018-06-17 00:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-07-11 17:19 - 2018-06-17 00:02 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-17 00:01 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-07-11 17:19 - 2018-06-16 23:57 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-07-11 17:19 - 2018-06-16 23:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-07-11 17:19 - 2018-06-16 23:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-07-11 17:19 - 2018-06-16 23:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-07-11 17:19 - 2018-06-16 23:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-07-11 17:19 - 2018-06-16 23:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-16 23:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:39 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-07-11 17:19 - 2018-06-16 23:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-07-11 17:19 - 2018-06-16 23:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-07-11 17:19 - 2018-06-16 23:34 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-07-11 17:19 - 2018-06-16 23:32 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-11 17:19 - 2018-06-16 23:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-07-11 17:19 - 2018-06-16 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:28 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-07-11 17:19 - 2018-06-16 23:16 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-07-11 17:19 - 2018-06-16 23:05 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-07-11 17:19 - 2018-06-14 00:20 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-11 17:19 - 2018-06-14 00:19 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-13 23:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-11 17:19 - 2018-06-13 23:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-07-11 17:19 - 2018-06-09 00:22 - 001665344 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:02 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-07-11 17:19 - 2018-06-09 00:02 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-07-11 17:19 - 2018-06-08 23:57 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:44 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 17:19 - 2018-06-08 23:44 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-07-11 17:19 - 2018-06-08 23:44 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 17:19 - 2018-06-08 23:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-07-11 17:19 - 2018-06-08 23:33 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-07-11 17:19 - 2018-06-08 23:33 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-07-11 17:19 - 2018-06-08 23:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-07-11 17:19 - 2018-06-08 23:27 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-07-11 17:19 - 2018-06-08 23:21 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-07-11 17:19 - 2018-06-08 23:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 00:19 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:49 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-11 17:19 - 2018-06-07 23:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-07-11 17:19 - 2018-06-01 00:28 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-07-11 17:19 - 2018-06-01 00:28 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-07-11 17:19 - 2018-05-15 11:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-07-11 17:19 - 2018-05-15 11:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-07-11 17:19 - 2018-05-15 11:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-07-11 17:19 - 2018-05-15 11:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-07-11 17:19 - 2018-05-12 10:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-07-11 17:19 - 2018-05-12 05:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-07-11 17:19 - 2018-05-12 05:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 00:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-07-11 17:19 - 2018-04-25 23:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-07-11 17:19 - 2018-04-23 07:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-07-11 17:19 - 2018-04-19 00:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-07-11 17:19 - 2018-04-19 00:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-07-11 17:19 - 2018-04-18 23:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
2018-07-11 17:19 - 2018-04-18 23:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2018-07-11 17:19 - 2018-04-12 00:38 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-07-11 17:19 - 2018-04-12 00:36 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-07-11 17:19 - 2018-04-11 00:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-07-11 17:19 - 2018-04-11 00:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-07-11 17:19 - 2018-04-10 23:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-07-11 17:19 - 2018-04-08 00:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-07-11 17:19 - 2018-03-15 01:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-07-11 17:19 - 2018-03-15 01:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-07-11 17:19 - 2018-03-15 00:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-07-11 17:19 - 2018-03-10 02:18 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-07-11 17:19 - 2018-03-10 01:31 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-07-11 17:19 - 2018-03-07 02:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-07-11 17:19 - 2018-03-07 02:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-07-11 17:19 - 2018-02-22 11:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-07-11 17:19 - 2018-02-22 11:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-07-11 17:19 - 2018-02-11 02:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-07-11 17:19 - 2018-02-11 02:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 02:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 01:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-11 01:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-03 02:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-07-11 17:19 - 2018-02-03 02:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-07-11 17:19 - 2018-02-03 01:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-07-11 17:19 - 2018-02-03 01:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-07-11 17:19 - 2018-01-13 00:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-13 00:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-12 00:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-07-11 17:19 - 2018-01-12 00:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-07-11 17:19 - 2018-01-01 10:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-07-11 17:19 - 2018-01-01 10:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-07-11 17:19 - 2018-01-01 10:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-07-11 17:19 - 2018-01-01 10:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-07-11 17:19 - 2018-01-01 10:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 09:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 09:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-07-11 17:19 - 2018-01-01 09:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-07-11 17:19 - 2018-01-01 09:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2018-07-11 17:19 - 2018-01-01 09:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 09:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-07-11 17:19 - 2018-01-01 09:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-07-11 17:19 - 2017-12-06 01:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 00:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2018-07-11 17:19 - 2017-12-05 23:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-07-11 17:18 - 2018-06-17 01:07 - 025743872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-07-11 17:18 - 2018-06-17 00:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-07-11 17:18 - 2018-06-17 00:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-07-11 17:18 - 2018-06-17 00:27 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-07-11 17:18 - 2018-06-17 00:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-07-11 17:18 - 2018-06-17 00:20 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-07-11 17:18 - 2018-06-17 00:08 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-07-11 17:18 - 2018-06-17 00:05 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-07-11 17:18 - 2018-06-16 23:58 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-07-11 17:18 - 2018-06-16 23:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-07-11 17:18 - 2018-06-16 23:46 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-11 17:18 - 2018-06-16 23:44 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-07-11 17:18 - 2018-06-16 23:40 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-07-11 17:18 - 2018-06-16 23:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-07-11 17:18 - 2018-06-13 23:40 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-07-11 17:18 - 2018-06-09 00:27 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-11 17:18 - 2018-06-09 00:27 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-11 17:18 - 2018-06-09 00:27 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-07-11 17:18 - 2018-06-09 00:23 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-07-11 17:18 - 2018-06-09 00:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-11 17:18 - 2018-06-08 23:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 23:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 00:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-07-11 17:18 - 2018-06-01 00:28 - 001893568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-07-11 17:18 - 2018-05-30 21:05 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-07-11 17:18 - 2018-05-15 12:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-07-11 17:18 - 2018-05-15 11:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-07-11 17:18 - 2018-05-15 11:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-07-11 17:18 - 2018-05-15 11:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-07-11 17:18 - 2018-05-15 11:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-07-11 17:18 - 2018-05-12 05:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-07-11 17:18 - 2018-05-02 23:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-07-11 17:18 - 2018-04-23 08:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-07-11 17:18 - 2018-04-12 00:38 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-07-11 17:18 - 2018-04-12 00:36 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-07-11 17:18 - 2018-04-11 00:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-07-11 17:18 - 2018-04-07 00:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-07-11 17:18 - 2018-04-07 00:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-07-11 17:18 - 2018-03-15 00:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-07-11 17:18 - 2018-03-11 01:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-07-11 17:18 - 2018-03-07 02:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-07-11 17:18 - 2018-03-07 02:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-07-11 17:18 - 2018-02-11 01:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-07-11 17:18 - 2018-02-11 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-07-11 17:18 - 2018-02-03 02:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-07-11 17:18 - 2018-01-01 10:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-07-11 17:18 - 2018-01-01 10:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 09:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-07-10 19:07 - 2018-07-10 19:07 - 000602112 _____ (OldTimer Tools) C:\Users\Home\Downloads\OTL.exe
2018-07-09 20:36 - 2018-07-09 20:36 - 000031816 _____ (Microsoft Corporation) C:\Users\Home\Downloads\pciclearstalecache_fdc5fc21af7572c604f50e0e7f9f7a6c465835b4.exe
2018-07-09 17:53 - 2018-07-09 17:54 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-07-09 17:53 - 2018-07-09 17:53 - 000001205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001178 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2018-07-09 17:42 - 2018-07-09 17:42 - 002997200 _____ C:\Users\Home\Downloads\SecurityTaskManager_Setup.exe
2018-07-08 00:43 - 2018-07-08 00:44 - 000000000 ____D C:\Reg Utilities
2018-07-05 00:52 - 2018-07-05 00:52 - 000012522 _____ C:\Users\Home\Downloads\Sim22_MacdbbGaplessNT7_1_1.zip
2018-07-05 00:46 - 2018-07-05 00:50 - 168722676 _____ C:\Users\Home\Downloads\6kr
2018-07-05 00:39 - 2018-07-05 00:40 - 008488264 _____ C:\Users\Home\Downloads\6ks
2018-07-04 17:38 - 2018-07-04 17:38 - 000000000 ____D C:\Users\Home\AppData\Local\NinjaTrader_LLC,_http___w
2018-07-04 17:17 - 2018-07-04 17:17 - 000000000 ____D C:\Users\Home\Documents\Epubor VitalSource Downloader
2018-07-04 17:09 - 2018-07-04 18:27 - 000002721 _____ C:\Users\Home\Desktop\EpuborVitalSourceDownloader.lnk
2018-07-04 17:09 - 2018-07-04 17:09 - 000002729 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EpuborVitalSourceDownloader.lnk
2018-07-04 17:07 - 2018-07-04 17:21 - 000000000 ____D C:\Users\Home\AppData\Roaming\EpuborVitalSourceDownloader
2018-07-04 17:02 - 2018-07-04 17:02 - 000000000 ____D C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr
2018-07-04 17:00 - 2018-07-04 17:00 - 000000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-07-04 14:06 - 2018-07-04 14:07 - 045503432 _____ C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000042727 _____ C:\Users\Home\Downloads\SHARKBAND2.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000005879 _____ C:\Users\Home\Downloads\Sharkband.zip
2018-07-04 01:12 - 2018-07-04 01:12 - 000014678 _____ C:\Users\Home\Downloads\fisherT.xml
2018-07-04 01:12 - 2018-07-04 01:12 - 000008071 _____ C:\Users\Home\Downloads\FisherT.cs
2018-07-04 01:12 - 2018-07-04 01:12 - 000004593 _____ C:\Users\Home\Downloads\TRIX_cory.zip
2018-07-04 01:09 - 2018-07-04 01:09 - 000017136 _____ C:\Users\Home\Downloads\_Lin_Reg_Color_Paint_v01.cs
2018-07-03 21:53 - 2018-07-03 21:53 - 000032071 _____ C:\Users\Home\Downloads\MASlopeBoxMulti.zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope (1).zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000001852 _____ C:\Users\Home\Downloads\TheAboxforRange.zip
2018-07-03 21:26 - 2018-07-03 21:26 - 000031306 _____ C:\Users\Home\Downloads\BasicTemplate Perry.xml
2018-07-03 21:26 - 2018-07-03 21:26 - 000021732 _____ C:\Users\Home\Downloads\AaMA_7_5.zip
2018-07-03 21:22 - 2018-07-03 21:22 - 000063825 _____ C:\Users\Home\Downloads\PERRY_AFFLICTION.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000062969 _____ C:\Users\Home\Downloads\PERRY_ZSHARK_3.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000004555 _____ C:\Users\Home\Downloads\DMPlus_v3aBC.zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003827 _____ C:\Users\Home\Downloads\DMPlus_v3a (1).zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1 (1).zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000068608 _____ C:\Users\Home\Downloads\Perry.dll
2018-07-03 21:20 - 2018-07-03 21:20 - 000010918 _____ C:\Users\Home\Downloads\Force_Index_v02FastBC.zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000004021 _____ C:\Users\Home\Downloads\Perry.cpp
2018-07-03 21:20 - 2018-07-03 21:20 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1.zip
2018-07-03 21:17 - 2018-07-03 21:17 - 000002259 _____ C:\Users\Home\Downloads\PriceLineWH.zip
2018-07-03 21:13 - 2018-07-03 21:13 - 000013617 _____ C:\Users\Home\Downloads\ForceIndex.zip
2018-07-03 21:12 - 2018-07-03 21:12 - 000022004 _____ C:\Users\Home\Downloads\DMPlusSignals_v8_nt7.zip
2018-07-03 21:08 - 2018-07-03 21:08 - 002498706 _____ C:\Users\Home\Downloads\vipul gold 4 range.bmp
2018-07-03 21:06 - 2018-07-03 21:06 - 000021045 _____ C:\Users\Home\Downloads\DMPlusSignals_nt7.zip
2018-07-03 21:06 - 2018-07-03 21:06 - 000019756 _____ C:\Users\Home\Downloads\DM3PlusSignals_nt65.zip
2018-07-03 21:02 - 2018-07-03 21:02 - 000005180 _____ C:\Users\Home\Downloads\DonchianRectangle.zip
2018-07-03 20:55 - 2018-07-03 20:55 - 000029362 _____ C:\Users\Home\Downloads\jhlPerryM1v1.zip
2018-07-03 20:51 - 2018-07-03 20:51 - 000003673 _____ C:\Users\Home\Downloads\DMplus_v3a.zip
2018-07-03 20:50 - 2018-07-03 20:50 - 000036945 _____ C:\Users\Home\Downloads\Perry-04.xml
2018-07-03 20:50 - 2018-07-03 20:50 - 000003020 _____ C:\Users\Home\Downloads\jtrangmaker_nj6_5.zip
2018-07-03 20:48 - 2018-07-03 20:48 - 000007813 _____ C:\Users\Home\Downloads\ECO2PAINTBARSONLY.zip
2018-07-03 20:46 - 2018-07-03 20:46 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3 (1).zip
2018-07-03 20:44 - 2018-07-03 20:44 - 000009645 _____ C:\Users\Home\Downloads\Force_Index_v02.zip
2018-07-03 20:43 - 2018-07-03 20:43 - 000036657 _____ C:\Users\Home\Downloads\Perry-01.xml
2018-07-03 20:43 - 2018-07-03 20:43 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope.zip
2018-07-03 20:40 - 2018-07-03 20:40 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3.zip
2018-07-03 20:38 - 2018-07-03 20:38 - 000034256 _____ C:\Users\Home\Downloads\Perry-02v2.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030586 _____ C:\Users\Home\Downloads\Perry-02.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1 (1).xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000002872 _____ C:\Users\Home\Downloads\DMplus_v2.zip
2018-07-02 17:46 - 2018-07-02 17:46 - 000001531 _____ C:\Users\Home\Downloads\VolumeRiseFallNT8.zip
2018-07-01 19:29 - 2018-07-01 19:29 - 002716964 _____ C:\Users\Home\Downloads\DAMsetup.exe
2018-07-01 15:57 - 2018-07-01 15:57 - 000000207 _____ C:\Windows\tweaking.com-regbackup-HOME-PC-Windows-7-Professional-(64-bit).dat
2018-07-01 15:57 - 2018-07-01 15:57 - 000000000 ____D C:\RegBackup
2018-07-01 15:47 - 2018-07-01 15:48 - 000000000 ____D C:\Tweaking
2018-07-01 14:30 - 2018-07-01 14:30 - 000002079 _____ C:\Users\Home\Downloads\PriceLineWH-NT8.zip
2018-07-01 14:25 - 2018-07-01 14:25 - 000009848 _____ C:\Users\Home\Downloads\ama_Current_Day_VWAP_v20.zip
2018-07-01 14:19 - 2018-07-01 14:19 - 000049438 _____ C:\Users\Home\Downloads\Download (1).rar
2018-07-01 14:15 - 2018-07-01 14:15 - 000124767 _____ C:\Users\Home\Downloads\Traderretail.rar
2018-07-01 13:53 - 2018-07-01 13:53 - 000091075 _____ C:\Users\Home\Downloads\ama_Super_Trend_U11_v21.zip
2018-07-01 01:00 - 2018-07-01 01:00 - 000009390 _____ C:\Users\Home\Downloads\IndoDemoStrategy.cs
2018-06-29 18:23 - 2018-06-29 18:23 - 000001003 _____ C:\Users\Public\Desktop\Filedrop.lnk
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Users\Home\AppData\Roaming\com.filedropme.FiledropDesktop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filedrop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Program Files (x86)\Filedrop
2018-06-29 17:39 - 2018-06-29 17:40 - 019130837 _____ (Filedrop ) C:\Users\Home\Downloads\Filedrop.exe
2018-06-29 17:22 - 2018-06-29 17:22 - 000006039 _____ C:\Users\Home\Downloads\April2018SCNT7.zip
2018-06-29 17:22 - 2018-06-29 17:22 - 000004819 _____ C:\Users\Home\Downloads\April2018SCNT8.zip
2018-06-29 17:20 - 2018-06-29 17:20 - 000007242 _____ C:\Users\Home\Downloads\July2012SC.zip
2018-06-28 21:41 - 2018-06-28 21:41 - 025942048 _____ (Samsung Electronics Co., Ltd.) C:\Users\Home\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_1.5.63.0.exe
2018-06-28 18:01 - 2018-06-28 18:01 - 000036760 _____ C:\Users\Home\Downloads\DS.rar
2018-06-28 18:00 - 2018-06-28 18:00 - 000022576 _____ C:\Users\Home\Downloads\DeltaScalper2.cs
2018-06-28 13:25 - 2018-06-28 13:25 - 000395709 _____ C:\Users\Home\Downloads\iScalper - Incubator ( iscalper - iRenko - iBands - iBars ).zip
2018-06-26 19:09 - 2018-06-26 19:09 - 000013664 _____ C:\Users\Home\Downloads\CciBBLinesV4.zip
2018-06-26 19:03 - 2018-07-01 13:57 - 001884785 _____ C:\Users\Home\Downloads\6k7
2018-06-26 18:57 - 2018-06-26 18:57 - 043540480 _____ C:\Users\Home\Downloads\NinjaTrader.Install.msi
2018-06-26 18:28 - 2018-06-26 18:28 - 000437107 _____ C:\Users\Home\Downloads\BrainTrading71.0.zip
2018-06-26 14:52 - 2018-06-26 14:52 - 000000000 ____D C:\Users\Home\AppData\Local\MTPredictor
2018-06-26 12:07 - 2018-06-26 12:07 - 002554515 _____ C:\Users\Home\Downloads\2017_IC3Report.pdf
2018-06-25 20:59 - 2018-06-25 20:59 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2018-06-25 16:47 - 2018-06-25 16:47 - 000181061 _____ C:\Users\Home\Downloads\RLMovingAverageColored.zip
2018-06-25 16:47 - 2018-06-25 16:47 - 000027785 _____ C:\Users\Home\Downloads\RLTMovingAverageColored.zip
2018-06-24 13:38 - 2018-06-24 13:38 - 538859006 _____ C:\Users\Home\Downloads\Trading MarketProfile (1).zip
2018-06-23 19:47 - 2018-06-23 19:48 - 021342732 _____ C:\Users\Home\Downloads\DayTrading_with_Price_Action_-_Course___NinjaTrader_7_Indicators_2.rar
2018-06-22 13:18 - 2018-06-22 13:18 - 000003076 _____ C:\Users\Home\Downloads\Fractal_MikeV2_1.zip
2018-06-21 18:11 - 2018-06-21 18:14 - 000208972 _____ C:\TDSSKiller.3.1.0.17_21.06.2018_18.11.35_log.txt
2018-06-21 18:02 - 2018-07-16 21:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-06-21 18:02 - 2018-07-16 21:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-21 18:02 - 2018-07-16 17:36 - 000001107 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-06-21 18:02 - 2018-06-21 18:02 - 000000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-21 17:16 - 2018-06-21 17:16 - 000382261 _____ C:\unp306732162544469087i-manual.mdmp
2018-06-20 23:50 - 2018-06-20 23:50 - 010015056 _____ (AVAST Software) C:\Users\Home\Downloads\avastclear.exe
2018-06-20 23:37 - 2018-06-20 23:37 - 000000000 ___SD C:\ComboFix
2018-06-20 23:31 - 2018-06-20 23:37 - 000000000 ____D C:\Qoobox
2018-06-20 23:31 - 2018-06-20 23:31 - 000000000 ____D C:\Windows\erdnt
2018-06-20 23:29 - 2018-06-20 23:37 - 000000000 ___SD C:\32788R22FWJFW
2018-06-20 16:22 - 2018-06-20 16:22 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\3422B2DB.sys
2018-06-20 01:05 - 2018-06-20 01:06 - 043077751 _____ C:\Users\Home\Downloads\[Alan_Chapman]_Advanced_Magick_for_Beginners(b-ok.xyz).pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-20 18:30 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-20 18:30 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-20 18:21 - 2009-07-14 13:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-20 17:15 - 2016-11-29 16:12 - 000000000 ____D C:\Users\Home\AppData\LocalLow\Mozilla
2018-07-20 15:19 - 2016-12-27 20:13 - 000000000 ____D C:\Temp
2018-07-19 15:00 - 2018-06-10 12:10 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-07-18 21:01 - 2016-04-01 22:13 - 000000000 ____D C:\ProgramData\Unchecky
2018-07-18 16:43 - 2017-01-20 15:07 - 000000222 _____ C:\Windows\SysWOW64\_WKERNEL.SYL
2018-07-18 16:13 - 2016-06-05 18:03 - 000000000 ____D C:\ProgramData\ProductData
2018-07-18 15:48 - 2017-06-20 16:24 - 000001195 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-07-18 15:18 - 2017-09-07 18:23 - 000111048 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2018-07-18 15:18 - 2017-09-07 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-07-18 15:17 - 2017-09-07 18:22 - 000000000 ____D C:\Program Files\Java
2018-07-18 15:15 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\inf
2018-07-18 15:06 - 2018-01-20 14:06 - 000000000 ____D C:\Windows\system32\DAX3
2018-07-18 15:06 - 2018-01-20 14:06 - 000000000 ____D C:\Windows\system32\DAX2
2018-07-18 15:05 - 2018-01-22 15:26 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-07-17 17:58 - 2018-06-11 17:15 - 000000000 ____D C:\Security
2018-07-17 17:52 - 2016-12-29 22:19 - 000000000 ____D C:\Users\Home\AppData\Roaming\SharkIndicators
2018-07-17 17:39 - 2017-03-15 00:32 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2018-07-17 06:02 - 2016-01-11 22:28 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-07-16 18:46 - 2017-12-11 15:02 - 006074156 _____ C:\Windows\ntbtlog.txt
2018-07-16 18:16 - 2017-12-23 20:39 - 000000000 ____D C:\Windows\System32\Tasks\MEGA
2018-07-16 18:15 - 2016-06-02 13:39 - 191336811 _____ C:\Windows\system32\Drivers\whitelist2.sa
2018-07-16 17:23 - 2009-07-14 12:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-07-15 13:41 - 2018-03-13 18:50 - 000004460 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-15 13:41 - 2017-06-22 18:30 - 000003310 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2018-07-15 13:41 - 2017-06-19 21:36 - 000002980 _____ C:\Windows\System32\Tasks\{CEBE9F60-2E2E-4BF0-AEAE-325E6ADDDF40}
2018-07-15 13:41 - 2017-06-19 21:36 - 000002980 _____ C:\Windows\System32\Tasks\{C8711FB9-019D-4C47-838B-F12CC1688B8F}
2018-07-15 13:41 - 2016-01-12 04:30 - 000004314 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-07-15 13:41 - 2016-01-12 04:24 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-15 13:41 - 2016-01-12 00:08 - 000003334 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-15 13:41 - 2016-01-12 00:08 - 000003206 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-14 18:36 - 2009-07-14 13:13 - 000917584 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-14 17:23 - 2016-01-12 02:54 - 000909706 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-07-13 17:28 - 2016-01-12 04:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-07-13 16:59 - 2016-11-23 13:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-07-12 10:41 - 2016-03-12 18:31 - 000409520 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-12 10:36 - 2016-01-11 22:58 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-12 10:35 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-07-12 03:12 - 2016-01-11 22:50 - 000000000 ____D C:\Windows\system32\MRT
2018-07-12 03:03 - 2016-01-11 22:50 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-07-11 22:22 - 2016-03-31 22:15 - 000000000 ____D C:\Users\Home\AppData\Roaming\.oit
2018-07-11 00:50 - 2016-01-12 04:30 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-11 00:50 - 2016-01-12 04:30 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-09 14:02 - 2016-11-05 03:28 - 000000000 ____D C:\Users\Public\Documents\PT Photo Editor
2018-07-07 15:30 - 2016-03-14 00:28 - 000000000 ____D C:\XP
2018-07-06 23:51 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\system32\NDF
2018-07-05 22:09 - 2016-04-18 16:51 - 000000000 ____D C:\Newnew4
2018-07-05 17:35 - 2016-04-20 15:06 - 000000000 ____D C:\Movies
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\TypeData445.lt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\RemoteReach2.dta
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\mockdata.db
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\funnel2db.arc
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\ffile2_.dat
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\dat6_.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\type2.fnt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\productcode.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\kernalcode.gtd
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Windows\system32\tdt.dds
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Users\Home\AppData\Local\dat51_.dat
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\ProgramData\takesys.dat
2018-07-04 16:59 - 2016-01-12 04:23 - 000000000 ____D C:\Users\Home\AppData\Local\Adobe
2018-07-04 16:55 - 2017-09-23 18:21 - 000000000 ____D C:\Users\Home\Documents\NinjaTrader 7
2018-07-01 19:01 - 2016-03-09 01:51 - 000109208 _____ C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-30 19:31 - 2017-07-19 23:50 - 000000000 ____D C:\Program Files (x86)\Wise
2018-06-28 20:43 - 2016-03-31 21:39 - 000000000 ____D C:\Users\Home\Documents\My Digital Editions
2018-06-27 03:53 - 2016-01-12 00:09 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-27 03:53 - 2016-01-12 00:09 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-23 22:01 - 2018-06-11 19:02 - 000000000 ____D C:\New Futures.io downloads
2018-06-22 13:53 - 2018-06-10 12:15 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-06-20 16:26 - 2018-06-17 19:47 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
 
==================== Files in the root of some directories =======
 
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\ProgramData\enginesys.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\ProgramData\takesys.dat
2017-02-03 21:18 - 2017-02-16 19:21 - 000001728 _____ () C:\Users\Home\AppData\Roaming\.starmoon_kst.cfg
2016-12-16 19:35 - 2017-10-04 15:34 - 000000126 _____ () C:\Users\Home\AppData\Roaming\default.rss
2017-07-04 20:59 - 2017-07-04 21:00 - 000000010 _____ () C:\Users\Home\AppData\Roaming\pdfdrawcodec.dll
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\Users\Home\AppData\Local\dat48_.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\Users\Home\AppData\Local\dat51_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\dat6_.xml
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\ffile2_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\funnel2db.arc
2018-07-18 19:06 - 2018-07-20 18:10 - 000002183 _____ () C:\Users\Home\AppData\Local\restore.vbs
2008-02-05 13:28 - 2008-02-05 13:28 - 000000051 _____ () C:\Users\Home\AppData\Local\setup.txt
2017-12-08 19:08 - 2017-12-30 21:05 - 000005780 _____ () C:\Users\Home\AppData\Local\supFix.dtt
 
Some zero byte size files/folders:
==========================
C:\Windows\System32\Rtlihvs.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-01-08 04:09
 
==================== End of FRST.txt ============================
 
===========================================================================================================================================================
And here is Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Home (20-07-2018 18:36:25)
Running from C:\Users\Home\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-10 06:16:41)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2713607381-13602913-39778406-500 - Administrator - Disabled)
Guest (S-1-5-21-2713607381-13602913-39778406-501 - Limited - Disabled)
Home (S-1-5-21-2713607381-13602913-39778406-1000 - Administrator - Enabled) => C:\Users\Home
HomeGroupUser$ (S-1-5-21-2713607381-13602913-39778406-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.7 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden
BurnAware Premium 11.0 GAOTD (HKLM-x32\...\BurnAware Premium_is1) (Version:  - Burnaware)
calibre 64bit (HKLM\...\{0224350E-9A3E-4932-8FC8-5D0590F1AF8A}) (Version: 2.55.0 - Kovid Goyal)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
DocX Reader 2.0 (HKLM-x32\...\DocX Reader 2.0) (Version:  - )
DolbyFiles (HKLM-x32\...\{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}) (Version: 0.1 - Nero AG) Hidden
Download Accelerator Manager (HKLM-x32\...\Download Accelerator Manager) (Version: 5.2.5 - )
Duplicate Photo Finder Plus 7.0 (HKLM-x32\...\Duplicate Photo Finder Plus_is1) (Version:  - TriSun Software Limited)
EditPad Lite 7.4.1 (HKLM\...\EditPad Lite) (Version: 7.4.1 - Just Great Software)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.8.1129 - Epubor Inc.)
EpuborVitalSourceDownloader 1.0.6 (only current user) (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\0d87c151-55a2-503a-ba5c-83eaa9103f25) (Version: 1.0.6 - epubor)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron Technology)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fibozachi Elite Trader Package (www.forex-warez.com) version 7.31 (HKLM-x32\...\Fibozachi Elite Trader Package (www.forex-warez.com)_is1) (Version: 7.31 - [email protected])
Filedrop version 1.1.5 (HKLM-x32\...\{3A309583-1B4A-4C90-85EA-124EB8DB331A}_is1) (Version: 1.1.5 - Filedrop)
Forex EA Generator 6.x (HKLM-x32\...\Forex EA Generator 6.x_is1) (Version:  - )
FXDD - MetaTrader (HKLM-x32\...\FXDD - MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
GoldenZone BarCloseMarker (HKLM-x32\...\{7B8F38FE-8CDF-4B26-A119-5388CAFEE98E}) (Version: 36.9.260.16 - GoldenZone Trading)
GoldenZone FullRangeBar (HKLM-x32\...\{3CE11A64-02C5-4B95-B0C0-C0CF94A82883}) (Version: 36.6.260.16 - GoldenZone Trading)
GoldenZone Leaders and Laggers (HKLM-x32\...\{40C302EF-A5A4-4EC3-A513-A0E2D441E93D}) (Version: 36.5.50.16 - GoldenZone Trading)
GoldenZone RolloversGuide (HKLM-x32\...\{991F9121-83AE-4309-8E54-95924F756A03}) (Version: 36.6.260.16 - GoldenZone Trading)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
IDTA Indicators (HKLM-x32\...\IDTA Indicators 2.1.4) (Version: 2.1.4 - The International Day Trading Academy)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Inpaint 7.1 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version:  - Teorex)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 172 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Lucky Days 2.3 (HKLM-x32\...\{3EAC2150-F274-4568-A03C-F52E549589EB}_is1) (Version:  - www.luckydays.tv)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
MicroTrends DoubleShot Foundation 7.2018.03.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{EFDE0166-797F-4CDF-82C2-4F5CAA827B28}) (Version: 7.2018.03.20 - MicroTrends)
MicroTrends NinjaTrader Framework 7 7.0.1.68 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{6B84A934-9323-4998-B4AC-22D2B0905215}) (Version: 7.0.1.68 - MicroTrends)
MicroTrends Ultimate 7 Pro ATS 7.2018.3.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{E20EB602-68D1-4EA6-860A-48535E867650}) (Version: 7.2018.3.20 - MicroTrends)
Mozilla Firefox 61.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.1 (x64 en-US)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 en-US)) (Version: 52.9.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiView Inpaint 1.2 (HKLM\...\{8188F7D9-812D-417D-B502-BE0D34ABFD81}_is1) (Version:  - Teorex)
Nero 9 Essentials (HKLM-x32\...\{61e0bd34-02fb-46f2-97c9-5813e346768c}) (Version:  - Nero AG)
NinjaTrader 8 (HKLM-x32\...\{2DAF98A0-9C96-4362-8AEB-5C548C01351E}) (Version: 8.0.13.1 - NinjaTrader, LLC)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
pCloud Drive (HKLM-x32\...\{5824F8F8-E59E-42CB-98FA-B1F329A58BB9}) (Version: 3.5.7 - pCloud AG) Hidden
PDFdu PDF Password Remover version 2.3 (HKLM-x32\...\{4412D3E1-E5ED-4EEA-B631-427FB9F31F48}_is1) (Version: 2.3 - PDFdu.com)
PhotoScissors 4.0 (HKLM\...\{664FCCAE-8187-4EC5-B191-758C040C999C}_is1) (Version:  - teorex)
PT Photo Editor - Pro Edition 3.7 (HKLM\...\{5C65692A-A64B-4B54-8E1E-429A56979DB0}_is1) (Version: 3.7 - PHOTO-TOOLBOX.COM)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8382 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - Renesas Electronics Corporation)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Security Task Manager 2.1k (HKLM-x32\...\Security Task Manager) (Version: 2.1k - Neuber Software)
Sketch Drawer 4.2 (HKLM-x32\...\Sketch Drawer_is1) (Version: 4.2 - SoftOrbits)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
StartEd Lite (HKLM-x32\...\StartEd Lite) (Version: 5.60 - Outertech)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1258 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TOM Products version 3.7.0.1 (HKLM-x32\...\{BDD96956-F4E4-4498-B82A-C9E143C3ACA3}_is1) (Version: 3.7.0.1 - TheOilMoney)
TopDogTrading Indicators (HKLM-x32\...\{7A8B0366-82AB-4711-A99C-66E32B62CBAF}) (Version: 1.00.0000 - TopDogTrading)
Trading123AutoTraderV5j (HKLM-x32\...\{2BBB7785-61E5-4FD1-807E-9046FEC6AA63}) (Version: 1.0.5.10 - Trading123.Net)
UltraSearch V2.1.2 (64 bit) (HKLM\...\UltraSearch_is1) (Version: 2.1.2 - JAM Software)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Video to GIF 5.3 (HKLM-x32\...\Video to GIF) (Version: 5.3 - AoaoPhoto Digital Studio.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinPDFEditor V3.4 (HKLM-x32\...\WinPDFEditor_is1) (Version:  - hxxp://www.WinPDFEditor.com)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinUtilities Professional Edition 13.23 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043009}_is1) (Version: 13.23 - YL Computing, Inc)
WowTron PDF Restriction Remover (HKLM-x32\...\{7D68F994-CCD6-4C09-8127-E3E1A0333DA0}) (Version: 1.1.1 - WowTron Software Co. Ltd.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2713607381-13602913-39778406-1000_Classes\CLSID\{F09690BD-582D-4439-B6ED-5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    pCloudINPROGRESS] -> {D8BFAFBD-B670-4252-9C17-9CF1C64C2BAF} => C:\Program Files (x86)\pCloud Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudINSYNC] -> {8D0C0582-552A-4A6B-9455-DA63E1F329C0} => C:\Program Files (x86)\pCloud Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudNOSYNC] -> {3858ED1B-8F1C-42ED-A8A9-FDBF591E3C6B} => C:\Program Files (x86)\pCloud Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2009-10-15] (Nero AG)
ContextMenuHandlers1-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-10-08] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0A39D710-ED40-41DA-AE01-9A7EDD149DD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {1C906D8C-89DC-4569-BD1C-52E30CFB919E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {2173E21E-250B-48AB-B6F5-820BA6FD3874} - System32\Tasks\WinSysCleanUAC => C:\Program Files\WinSysClean X7 PRO\WinSysClean.exe
Task: {2797DECE-4DB4-4663-85F6-38093DB6480A} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: {3D92964E-8641-4995-AC35-96D4FD794603} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {47D73C60-CEDF-4B90-9045-677505996CC4} - \Driver Booster SkipUAC (Home) -> No File <==== ATTENTION
Task: {6B5CE91C-079C-4CD4-BFE1-468927BD81C2} - System32\Tasks\{C8711FB9-019D-4C47-838B-F12CC1688B8F} => C:\Program Files (x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {83FE3EC5-3816-4F10-BFB0-3D7204CB6063} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {ADF1FDAD-D7F8-461D-8B32-9B7EE15C03C7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe
Task: {B37ACB3C-BA1A-4627-9F9F-3DEA763FA5AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {CD8D1308-7759-4D81-9A3C-1AE51E7D334E} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {EE7A4FEB-9E17-4400-B1FA-E1F313272337} - System32\Tasks\{CEBE9F60-2E2E-4BF0-AEAE-325E6ADDDF40} => C:\Program Files (x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {F03B2B28-03E5-418A-9206-93E4B862CB69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-10] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MicroTrends Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Blog.lnk -> hxxp://blog.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Forum.lnk -> hxxp://forum.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Help Desk.lnk -> hxxp://microtrends.zendesk.com
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Squawk Box.lnk -> hxxp://downloads.microtrends.co/squawkbox/install.ht
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MicroTrends Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MT Help Desk.lnk -> hxxp://microtrends.zendesk.com
 
ShortcutWithArgument: C:\Users\Home\Desktop\Online File Converter.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3G2.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-3G2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3GP.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-3GP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 7z.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-7Z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AAC.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AC3.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AC3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AIFF.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AVI.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AVI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AZW3.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AZW3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to BMP.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-BMP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPS.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-EPS
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPUB.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ePub
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Excel.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Xls
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FB2.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FB2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLAC.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FLAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Flash.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Flash
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLV.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FLV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to GIF.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-GIF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Html.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-HTML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to iPhone.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-iPhone
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to JPG.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-JPG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to LRF.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-LRF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to M4A.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M4A
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MKV.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MKV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MOBI.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MOBI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Mov.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MOV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP2.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP3.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP4.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP4
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ODF.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OGG.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-OGG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OpenOffice.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDB.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PDB
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDF.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PDF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PhotoShop.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PSD
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PNG.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PNG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PowerPoint.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PPT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to RM.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-RM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Rtf.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.bz2.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Tar-bz2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.gz.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Tar-gz
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.z.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Tar-z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TCR.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TCR
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TIFF.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Txt.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TXT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W1V.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M1V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W2V.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M2V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WAV.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WAV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WebM.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WebM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMA.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WMA
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMV.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WMV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Word.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Doc
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xbox 360.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Xbox360
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xml.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-XML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to YouTube.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-YouTube
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ZIP.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ZIP
ShortcutWithArgument: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Online File Converter.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-06-10 12:10 - 2018-07-19 15:00 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-12-29 14:42 - 2015-10-08 19:47 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-07-12 10:53 - 2018-07-12 10:53 - 000169984 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\db655ae9e4ab7d7e5204db26e314ea39\IsdiInterop.ni.dll
2016-01-10 14:30 - 2010-11-05 23:50 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sascansvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2018-07-20 18:21 - 000001314 _____ C:\Windows\system32\Drivers\etc\hosts
 
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 64.145.73.5 - 209.107.219.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E0F10DD9-5871-40A5-8C94-CBBBA5118DA0}] => (Allow) LPort=80
FirewallRules: [TCP Query User{26303190-3DA5-4505-82FE-FA4C8E64E6DB}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [UDP Query User{0835F49C-2F7A-4578-8AF1-4C2FC1C6F50A}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [{979902AF-DFE2-49CB-B3D3-22E0138C3E3C}] => (Allow) C:\Program Files (x86)\pCloud Drive\pCloud.exe
FirewallRules: [TCP Query User{3A0A0771-7500-48C2-B773-5D3D6ECC8544}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{6CC3C934-9C22-4507-859C-9D9B09B201A1}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{66781602-1EEF-4160-A7F9-28A5422FDD62}C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{C2756435-D0AE-467C-9907-834F2AAE75B6}C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{8C300CD9-195C-4FB7-BA39-B2981DBAC6F4}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [UDP Query User{240E47F2-B98E-4409-9433-A2753201F861}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [{BB25DF2E-E071-4E74-89FE-EFF71BB46E05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FCF3E1A5-3B13-4082-ABF3-2CE340C9F017}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{76EEFDB5-90CB-494D-B277-1D699744AF9C}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{D3F505DC-CF8C-462A-8AB8-6D2E062CF20C}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [{5C618650-B412-47C0-84A2-FC32B61999E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{88049983-F4CE-4EB1-BBD2-4F0BAF0A9FA7}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [UDP Query User{F82D738E-1254-4EEE-97EF-E09D70001824}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [TCP Query User{11A84D1D-09E8-45A8-A01E-C075142339B3}C:\users\home\appdata\local\programs\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
FirewallRules: [UDP Query User{A2C5E8EF-6E22-4E1F-9FD0-7B8A5988EEA8}C:\users\home\appdata\local\programs\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
 
==================== Restore Points =========================
 
18-07-2018 16:21:27 Revo Uninstaller's restore point - AnVir Task Manager Free
18-07-2018 16:48:11 WinSysClean Restore Point
18-07-2018 16:52:43 Revo Uninstaller's restore point - WinSysClean X7 PRO
18-07-2018 16:56:16 Revo Uninstaller's restore point - Rithmic Trader 15.16.0.0
18-07-2018 16:57:44 Revo Uninstaller's restore point - Rithmic Trader 15.16.0.0
18-07-2018 16:58:45 Revo Uninstaller's restore point - RogueKiller version 12.12.21.0
18-07-2018 17:03:49 Revo Uninstaller's restore point - Speccy
18-07-2018 19:06:08 QRM Restore Point
20-07-2018 14:35:32 Revo Uninstaller's restore point - GOM Player
20-07-2018 15:26:44 QRM Restore Point
20-07-2018 18:11:03 QRM Restore Point
20-07-2018 18:15:47 Restore Point Created by FRST
 
==================== Faulty Device Manager Devices =============
 
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
Name: EldoS PnP virtual bus
Description: EldoS PnP virtual bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: EldoS Corporation
Service: vpnpbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (07/20/2018 06:21:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 5
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 38%
Total physical RAM: 4012.97 MB
Available physical RAM: 2470.77 MB
Total Virtual: 8024.11 MB
Available Virtual: 6499.44 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:220.7 GB) (Free:11.92 GB) NTFS
Drive d: () (Fixed) (Total:244.96 GB) (Free:38.19 GB) NTFS
Drive e: () (CDROM) (Total:4.38 GB) (Free:0.01 GB) UDF
 
\\?\Volume{192deb17-b7e7-11e5-8856-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AACEA11C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=245 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220.7 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
Hope all is going well with you RKinner. Have a great upcoming weekend!
Thank you!

Edited by MagickMage, 20 July 2018 - 05:02 AM.

  • 0

#14
RKinner
Posted 20 July 2018 - 03:21 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Sorry it took so long to get back to you.  Had to put my Win 7 64 PC back together and get it to boot.  I'm going to try fix sfc by giving it the files it wants.  Doesn't work on Win 10 but I think it works on Win 7.

 

Before we do that tho please try to uninstall

TAP-Windows 9.9.2

 

Then

 

Download the fix.zip file and save it somewhere. 

Attached File  fix.zip   1.44MB   242 downloads

Right click and Extract All (to your desktop) extract.  That should give you two files on your desktop.  If you instead get a folder, go into the folder and move the two files onto your desktop.

 

Then

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   644bytes   254 downloads
Before you run FRST, double click on the fixlist.txt file and then click on Format and UNCHECK Word Wrap.  FRST is supposed to do that automatically but it doesn't seem to have worked in your case.  Close and Save.

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.

 

Also rerun sfc /scannow.

 


  • 0

#15
MagickMage
Posted 21 July 2018 - 02:47 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Greetings RKinner! No worries mate. Hope your Win 7 64 PC is working fine.Thanks for the files to fix sfc.
 
I have uninstalled TAP-Windows 9.9.2.
I downloaded the fix.zip file and saved it to the desktop.
I then extracted the file and found a folder called fix.
I then moved the two files in it onto the desktop.The files were called spwizimg.dll and W32UIRes.dll
 
I then downloaded the attached fixlist.txt to the desktop (where FRST also resides), and Unchecked the word wrap option.
I then as Admin, in Windows Regular mode,ran FRST, and then pressed on Fix.
It generated a file called fixlog
After the fix ran, I rebooted the PC back into Regular mode.
 
Here is fixlog
 
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Home (21-07-2018 13:05:27) Run:3
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Unlock: C:\XP\New Backups\D-Link\DWA-123\Rtlihvs.dll
Copy: C:\XP\New Backups\D-Link\DWA-123\Rtlihvs.dll C:\Windows\System32\Rtlihvs.dll
CMD: Dir /a C:\Windows\System32\Rtlihvs.dll
Unlock: C:\Users\Home\Desktop\spwizimg.dll
Copy: C:\Users\Home\Desktop\spwizimg.dll  C:\Windows\System32\spwizimg.dll
CMD: dir /a C:\Users\Home\Desktop\spwizimg.dll
Unlock: C:\Users\Home\Desktop\W32UIRes.dll
Copy: C:\Users\Home\Desktop\W32UIRes.dll  C:\Windows\System32\oobe\W32UIRes.dll
CMD: dir /a C:\Users\Home\Desktop\W32UIRes.dll
CMD: sc delete aswTap
CMD: sc delete vpnpbus
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
*****************
 
"C:\XP\New Backups\D-Link\DWA-123\Rtlihvs.dll" => was unlocked
================== "Copy: C:\XP\New Backups\D-Link\DWA-123\Rtlihvs.dll C:\Windows\System32\Rtlihvs.dll" ===================
 
"C:\XP\New Backups\D-Link\DWA-123\Rtlihvs.dll" copied successfully
 
=== End of Copy: ===
 
========= Dir /a C:\Windows\System32\Rtlihvs.dll =========
 
 Volume in drive C has no label.
 Volume Serial Number is 5ACE-774D
 
 Directory of C:\Windows\System32\Rtlihvs.dll
 
20-Jul-18  06:15 PM    <DIR>          .
20-Jul-18  06:15 PM    <DIR>          ..
14-Feb-12  07:37 PM           535,040 Rtlihvs.dll
               1 File(s)        535,040 bytes
               2 Dir(s)  17,828,290,560 bytes free
 
========= End of CMD: =========
 
"C:\Users\Home\Desktop\spwizimg.dll" => was unlocked
================== "Copy: C:\Users\Home\Desktop\spwizimg.dll  C:\Windows\System32\spwizimg.dll" ===================
 
"C:\Users\Home\Desktop\spwizimg.dll " => Could not copy (Error:2)
 
=== End of Copy: ===
 
========= dir /a C:\Users\Home\Desktop\spwizimg.dll =========
 
 Volume in drive C has no label.
 Volume Serial Number is 5ACE-774D
 
 Directory of C:\Users\Home\Desktop
 
21-Jul-18  01:00 PM         8,338,432 spwizimg.dll
               1 File(s)      8,338,432 bytes
               0 Dir(s)  17,828,225,024 bytes free
 
========= End of CMD: =========
 
"C:\Users\Home\Desktop\W32UIRes.dll" => was unlocked
================== "Copy: C:\Users\Home\Desktop\W32UIRes.dll  C:\Windows\System32\oobe\W32UIRes.dll" ===================
 
"C:\Users\Home\Desktop\W32UIRes.dll " => Could not copy (Error:2)
 
=== End of Copy: ===
 
========= dir /a C:\Users\Home\Desktop\W32UIRes.dll =========
 
 Volume in drive C has no label.
 Volume Serial Number is 5ACE-774D
 
 Directory of C:\Users\Home\Desktop
 
21-Jul-18  01:00 PM           260,608 W32UIRes.dll
               1 File(s)        260,608 bytes
               0 Dir(s)  17,828,159,488 bytes free
 
========= End of CMD: =========
 
 
========= sc delete aswTap =========
 
[SC] OpenService FAILED 1060:
 
The specified service does not exist as an installed service.
 
 
========= End of CMD: =========
 
 
========= sc delete vpnpbus =========
 
[SC] OpenService FAILED 1060:
 
The specified service does not exist as an installed service.
 
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
========= End of CMD: =========
 
 
==== End of Fixlog 13:06:37 ====
 
Now following your instructions,you told me to run a FRST Scan.
Here is the FRST 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by Home (administrator) on HOME-PC (21-07-2018 13:16:22)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-07-18] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 2010-11-17] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.17.5.36 172.17.5.68
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [NameServer] 64.145.73.5,209.107.219.5
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [DhcpNameServer] 172.17.5.36 172.17.5.68
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2713607381-13602913-39778406-1000 -> {C4D576CF-D6A4-4EC3-8536-B0E5AEFF4ABE} URL = hxxps://sg.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_172\bin\ssv.dll [2018-07-18] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-07-18] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
 
FireFox:
========
FF DefaultProfile: anbxvldd.default-1529575451185
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 [2018-07-21]
FF Homepage: Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 -> hxxps://www.google.com/
FF Extension: (Adblock Plus) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-06-21]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\[email protected] [2018-07-16] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
FF Plugin: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-07-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-07-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-07-21]
CHR Extension: (Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2018-06-29]
CHR Extension: (Pixlr Editor) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2016-09-11]
CHR Extension: (AliDropship) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnhdnbbikjkdejminhdpmejldiapdgn [2018-06-13]
CHR Extension: (Video DownloadHelper) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2018-07-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-07-19]
CHR Extension: (Scribd Downloader Free) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\picjckiempkofneplcbdijedckiollfd [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2018-02-12] (Digiarty Software, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-11-19] (REALiX™)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2017-05-16] (Highresolution Enterprises [www.highrez.co.uk])
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-06-22] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-20] (Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [47104 2016-05-20] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7673200 2017-11-16] (Realtek Semiconductor Corporation )
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [424384 2018-07-18] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Security\SAS\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Security\SAS\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [54840 2017-12-20] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-07-31] (Spotflux, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-06-14] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-21 13:16 - 2018-07-21 13:18 - 000012758 _____ C:\Users\Home\Desktop\FRST.txt
2018-07-21 13:05 - 2018-07-21 13:06 - 000003490 _____ C:\Users\Home\Desktop\Fixlog.txt
2018-07-21 13:02 - 2018-07-21 13:00 - 008338432 _____ (Microsoft Corporation) C:\Users\Home\Desktop\spwizimg.dll
2018-07-21 13:02 - 2018-07-21 13:00 - 000260608 _____ (Microsoft Corporation) C:\Users\Home\Desktop\W32UIRes.dll
2018-07-21 13:00 - 2018-07-21 13:00 - 000000000 ____D C:\Users\Home\Desktop\fix
2018-07-21 12:26 - 2018-07-21 12:27 - 001510099 _____ C:\Users\Home\Desktop\fix.zip
2018-07-20 20:55 - 2018-07-20 20:55 - 028598984 _____ (SUPERAdBlocker.com and SUPERAntiSpyware.com) C:\Users\Home\Downloads\SASDEFINITIONS.EXE
2018-07-20 20:54 - 2018-07-21 09:18 - 000000436 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 38d80c74-dc6b-4170-8f26-ec3cb9765d82.job
2018-07-20 20:54 - 2018-07-21 02:00 - 000000436 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9c9e56e1-19a1-4b5c-8e24-af95c4bf47e2.job
2018-07-20 20:54 - 2018-07-20 20:54 - 000003510 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 9c9e56e1-19a1-4b5c-8e24-af95c4bf47e2
2018-07-20 20:54 - 2018-07-20 20:54 - 000003436 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 38d80c74-dc6b-4170-8f26-ec3cb9765d82
2018-07-20 18:15 - 2018-07-20 18:15 - 000000000 ____D C:\Windows\system32\Rtlihvs.dll
2018-07-20 17:50 - 2018-07-21 13:01 - 000000000 ____D C:\Users\Home\AppData\Roaming\vlc
2018-07-20 17:46 - 2018-07-20 17:46 - 000000906 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-07-20 17:46 - 2018-07-20 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-07-20 17:45 - 2018-07-20 17:45 - 000000000 ____D C:\Program Files\VideoLAN
2018-07-19 19:47 - 2018-07-19 19:47 - 000000000 ____D C:\SFCFix
2018-07-19 19:19 - 2018-07-19 19:47 - 000000000 ____D C:\Users\Home\AppData\Local\niemiro
2018-07-19 15:45 - 2018-07-19 15:45 - 000028699 _____ C:\Users\Home\Downloads\tprenko-edu.rar
2018-07-19 15:01 - 2018-07-20 22:33 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-07-18 22:20 - 2018-07-18 22:21 - 002884096 _____ (niemiro) C:\Users\Home\Downloads\SFCFix.exe
2018-07-18 21:01 - 2018-07-20 13:27 - 000000980 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-07-18 21:01 - 2018-07-18 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-07-18 21:01 - 2018-07-18 21:01 - 000000000 ____D C:\Program Files\Speccy
2018-07-18 19:06 - 2018-07-20 22:07 - 000002183 _____ C:\Users\Home\AppData\Local\restore.vbs
2018-07-18 19:00 - 2018-07-18 19:00 - 000000000 ____D C:\QRM
2018-07-18 18:52 - 2018-07-18 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-07-18 18:52 - 2018-07-18 18:52 - 000000000 ____D C:\Program Files\7-Zip
2018-07-18 18:46 - 2018-07-18 18:47 - 000000000 _____ C:\end
2018-07-18 16:47 - 2018-07-18 16:47 - 000002890 _____ C:\Windows\System32\Tasks\WinSysCleanUAC
2018-07-18 15:15 - 2018-07-18 15:15 - 000424384 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2018-07-18 15:04 - 2018-07-18 15:04 - 072520672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2018-07-18 15:04 - 2018-07-18 15:04 - 013687502 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2018-07-18 15:04 - 2018-07-18 15:04 - 007178432 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 007101704 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 006270160 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 006173640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2018-07-18 15:04 - 2018-07-18 15:04 - 005346960 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003677120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2018-07-18 15:04 - 2018-07-18 15:04 - 003632464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003452120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003417968 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003306776 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003214672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003198528 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003128768 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 002939728 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 002444648 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 002197944 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001971328 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001965120 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001787920 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001598352 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001544216 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001516232 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001448736 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOv251gm.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001435104 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001382192 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001372352 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001353280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001337608 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001328360 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001266352 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001259696 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001178240 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001164584 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOvlldpgm.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001159152 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001133560 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001027608 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000999008 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000994648 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000964992 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000873424 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000852104 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000751264 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000734736 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000715608 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000714432 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000692128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000604760 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000541072 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000511608 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000467120 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000453240 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000452696 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000448568 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000447144 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000416472 _____ (Harman) C:\Windows\system32\HMUI.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000406416 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000392840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000381368 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000378352 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000367576 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000366080 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000360312 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000341112 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000341112 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000332968 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000327240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000327232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000315944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000278240 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000266512 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000261200 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000261160 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000260176 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000231880 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000230664 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000220352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000218232 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000203808 _____ (Harman) C:\Windows\system32\HMHVS.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000192944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000179560 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000174904 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000158664 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000157312 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000154328 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000139720 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000122280 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000118552 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000116504 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000105272 _____ C:\Windows\system32\audioLibVc.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000093872 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000090880 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000090136 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000088288 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000083592 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000075496 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000023656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2018-07-17 20:35 - 2018-07-17 20:35 - 002050596 _____ C:\Users\Home\Downloads\System Tweaker - Portable.zip
2018-07-15 21:09 - 2018-07-15 21:10 - 038186512 _____ (Tweaking.com) C:\Users\Home\Desktop\tweaking.com_windows_repair_aio_setup.exe
2018-07-14 19:20 - 2018-07-21 13:16 - 000000000 ____D C:\FRST
2018-07-14 18:38 - 2018-07-16 18:14 - 002412544 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe
2018-07-14 18:01 - 2018-07-14 18:19 - 000002155 _____ C:\Windows\epplauncher.mif
2018-07-14 17:53 - 2018-07-14 18:19 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2018-07-14 17:53 - 2018-07-14 18:19 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-07-14 17:53 - 2018-07-14 18:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2018-07-14 17:27 - 2018-07-14 17:27 - 000054141 _____ C:\Users\Home\Downloads\turningpoints-edu (1).rar
2018-07-14 14:34 - 2018-07-14 14:34 - 000000000 ____D C:\Users\Home\Downloads\turningpoints-edu
2018-07-13 18:43 - 2018-07-13 18:44 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators (1).zip
2018-07-13 18:29 - 2018-07-13 18:29 - 000072963 _____ C:\Users\Home\Downloads\TPRenko.zip
2018-07-13 17:06 - 2018-07-13 17:06 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7 (1).pdf
2018-07-13 17:06 - 2018-07-13 17:06 - 000041388 _____ C:\Users\Home\Downloads\CoachingRoomTestimonialsV2.pdf
2018-07-13 17:04 - 2018-07-13 17:04 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7.pdf
2018-07-11 20:07 - 2018-07-11 20:08 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators.zip
2018-07-11 17:20 - 2018-06-14 00:23 - 000140992 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-11 17:20 - 2018-06-14 00:18 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-11 17:20 - 2018-06-08 21:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-11 17:19 - 2018-06-21 08:58 - 000398376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-07-11 17:19 - 2018-06-21 08:00 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-07-11 17:19 - 2018-06-17 00:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:46 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 17:19 - 2018-06-17 00:36 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-07-11 17:19 - 2018-06-17 00:33 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-07-11 17:19 - 2018-06-17 00:23 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-07-11 17:19 - 2018-06-17 00:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:19 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-07-11 17:19 - 2018-06-17 00:19 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-07-11 17:19 - 2018-06-17 00:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 17:19 - 2018-06-17 00:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-07-11 17:19 - 2018-06-17 00:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-07-11 17:19 - 2018-06-17 00:02 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-17 00:01 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-07-11 17:19 - 2018-06-16 23:57 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-07-11 17:19 - 2018-06-16 23:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-07-11 17:19 - 2018-06-16 23:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-07-11 17:19 - 2018-06-16 23:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-07-11 17:19 - 2018-06-16 23:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-07-11 17:19 - 2018-06-16 23:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-16 23:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:39 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-07-11 17:19 - 2018-06-16 23:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-07-11 17:19 - 2018-06-16 23:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-07-11 17:19 - 2018-06-16 23:34 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-07-11 17:19 - 2018-06-16 23:32 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-11 17:19 - 2018-06-16 23:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-07-11 17:19 - 2018-06-16 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:28 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-07-11 17:19 - 2018-06-16 23:16 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-07-11 17:19 - 2018-06-16 23:05 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-07-11 17:19 - 2018-06-14 00:20 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-11 17:19 - 2018-06-14 00:19 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-13 23:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-11 17:19 - 2018-06-13 23:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-07-11 17:19 - 2018-06-09 00:22 - 001665344 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:02 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-07-11 17:19 - 2018-06-09 00:02 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-07-11 17:19 - 2018-06-08 23:57 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:44 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 17:19 - 2018-06-08 23:44 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-07-11 17:19 - 2018-06-08 23:44 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 17:19 - 2018-06-08 23:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-07-11 17:19 - 2018-06-08 23:33 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-07-11 17:19 - 2018-06-08 23:33 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-07-11 17:19 - 2018-06-08 23:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-07-11 17:19 - 2018-06-08 23:27 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-07-11 17:19 - 2018-06-08 23:21 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-07-11 17:19 - 2018-06-08 23:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 00:19 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:49 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-11 17:19 - 2018-06-07 23:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-07-11 17:19 - 2018-06-01 00:28 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-07-11 17:19 - 2018-06-01 00:28 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-07-11 17:19 - 2018-05-15 11:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-07-11 17:19 - 2018-05-15 11:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-07-11 17:19 - 2018-05-15 11:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-07-11 17:19 - 2018-05-15 11:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-07-11 17:19 - 2018-05-12 10:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-07-11 17:19 - 2018-05-12 05:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-07-11 17:19 - 2018-05-12 05:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 00:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-07-11 17:19 - 2018-04-25 23:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-07-11 17:19 - 2018-04-23 07:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-07-11 17:19 - 2018-04-19 00:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-07-11 17:19 - 2018-04-19 00:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-07-11 17:19 - 2018-04-18 23:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
2018-07-11 17:19 - 2018-04-18 23:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2018-07-11 17:19 - 2018-04-12 00:38 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-07-11 17:19 - 2018-04-12 00:36 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-07-11 17:19 - 2018-04-11 00:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-07-11 17:19 - 2018-04-11 00:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-07-11 17:19 - 2018-04-10 23:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-07-11 17:19 - 2018-04-08 00:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-07-11 17:19 - 2018-03-15 01:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-07-11 17:19 - 2018-03-15 01:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-07-11 17:19 - 2018-03-15 00:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-07-11 17:19 - 2018-03-10 02:18 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-07-11 17:19 - 2018-03-10 01:31 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-07-11 17:19 - 2018-03-07 02:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-07-11 17:19 - 2018-03-07 02:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-07-11 17:19 - 2018-02-22 11:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-07-11 17:19 - 2018-02-22 11:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-07-11 17:19 - 2018-02-11 02:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-07-11 17:19 - 2018-02-11 02:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 02:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 01:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-11 01:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-03 02:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-07-11 17:19 - 2018-02-03 02:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-07-11 17:19 - 2018-02-03 01:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-07-11 17:19 - 2018-02-03 01:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-07-11 17:19 - 2018-01-13 00:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-13 00:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-12 00:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-07-11 17:19 - 2018-01-12 00:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-07-11 17:19 - 2018-01-01 10:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-07-11 17:19 - 2018-01-01 10:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-07-11 17:19 - 2018-01-01 10:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-07-11 17:19 - 2018-01-01 10:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-07-11 17:19 - 2018-01-01 10:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 09:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 09:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-07-11 17:19 - 2018-01-01 09:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-07-11 17:19 - 2018-01-01 09:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2018-07-11 17:19 - 2018-01-01 09:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 09:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-07-11 17:19 - 2018-01-01 09:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-07-11 17:19 - 2017-12-06 01:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 00:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2018-07-11 17:19 - 2017-12-05 23:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-07-11 17:18 - 2018-06-17 01:07 - 025743872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-07-11 17:18 - 2018-06-17 00:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-07-11 17:18 - 2018-06-17 00:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-07-11 17:18 - 2018-06-17 00:27 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-07-11 17:18 - 2018-06-17 00:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-07-11 17:18 - 2018-06-17 00:20 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-07-11 17:18 - 2018-06-17 00:08 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-07-11 17:18 - 2018-06-17 00:05 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-07-11 17:18 - 2018-06-16 23:58 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-07-11 17:18 - 2018-06-16 23:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-07-11 17:18 - 2018-06-16 23:46 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-11 17:18 - 2018-06-16 23:44 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-07-11 17:18 - 2018-06-16 23:40 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-07-11 17:18 - 2018-06-16 23:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-07-11 17:18 - 2018-06-13 23:40 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-07-11 17:18 - 2018-06-09 00:27 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-11 17:18 - 2018-06-09 00:27 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-11 17:18 - 2018-06-09 00:27 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-07-11 17:18 - 2018-06-09 00:23 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-07-11 17:18 - 2018-06-09 00:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-11 17:18 - 2018-06-08 23:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 23:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 00:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-07-11 17:18 - 2018-06-01 00:28 - 001893568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-07-11 17:18 - 2018-05-30 21:05 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-07-11 17:18 - 2018-05-15 12:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-07-11 17:18 - 2018-05-15 11:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-07-11 17:18 - 2018-05-15 11:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-07-11 17:18 - 2018-05-15 11:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-07-11 17:18 - 2018-05-15 11:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-07-11 17:18 - 2018-05-12 05:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-07-11 17:18 - 2018-05-02 23:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-07-11 17:18 - 2018-04-23 08:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-07-11 17:18 - 2018-04-12 00:38 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-07-11 17:18 - 2018-04-12 00:36 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-07-11 17:18 - 2018-04-11 00:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-07-11 17:18 - 2018-04-07 00:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-07-11 17:18 - 2018-04-07 00:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-07-11 17:18 - 2018-03-15 00:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-07-11 17:18 - 2018-03-11 01:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-07-11 17:18 - 2018-03-07 02:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-07-11 17:18 - 2018-03-07 02:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-07-11 17:18 - 2018-02-11 01:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-07-11 17:18 - 2018-02-11 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-07-11 17:18 - 2018-02-03 02:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-07-11 17:18 - 2018-01-01 10:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-07-11 17:18 - 2018-01-01 10:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 09:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-07-10 19:07 - 2018-07-10 19:07 - 000602112 _____ (OldTimer Tools) C:\Users\Home\Downloads\OTL.exe
2018-07-09 20:36 - 2018-07-09 20:36 - 000031816 _____ (Microsoft Corporation) C:\Users\Home\Downloads\pciclearstalecache_fdc5fc21af7572c604f50e0e7f9f7a6c465835b4.exe
2018-07-09 17:53 - 2018-07-09 17:54 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-07-09 17:53 - 2018-07-09 17:53 - 000001205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001178 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2018-07-09 17:42 - 2018-07-09 17:42 - 002997200 _____ C:\Users\Home\Downloads\SecurityTaskManager_Setup.exe
2018-07-08 00:43 - 2018-07-08 00:44 - 000000000 ____D C:\Reg Utilities
2018-07-05 00:52 - 2018-07-05 00:52 - 000012522 _____ C:\Users\Home\Downloads\Sim22_MacdbbGaplessNT7_1_1.zip
2018-07-05 00:46 - 2018-07-05 00:50 - 168722676 _____ C:\Users\Home\Downloads\6kr
2018-07-05 00:39 - 2018-07-05 00:40 - 008488264 _____ C:\Users\Home\Downloads\6ks
2018-07-04 17:38 - 2018-07-04 17:38 - 000000000 ____D C:\Users\Home\AppData\Local\NinjaTrader_LLC,_http___w
2018-07-04 17:17 - 2018-07-04 17:17 - 000000000 ____D C:\Users\Home\Documents\Epubor VitalSource Downloader
2018-07-04 17:09 - 2018-07-04 18:27 - 000002721 _____ C:\Users\Home\Desktop\EpuborVitalSourceDownloader.lnk
2018-07-04 17:09 - 2018-07-04 17:09 - 000002729 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EpuborVitalSourceDownloader.lnk
2018-07-04 17:07 - 2018-07-04 17:21 - 000000000 ____D C:\Users\Home\AppData\Roaming\EpuborVitalSourceDownloader
2018-07-04 17:02 - 2018-07-04 17:02 - 000000000 ____D C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr
2018-07-04 17:00 - 2018-07-04 17:00 - 000000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-07-04 14:06 - 2018-07-04 14:07 - 045503432 _____ C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000042727 _____ C:\Users\Home\Downloads\SHARKBAND2.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000005879 _____ C:\Users\Home\Downloads\Sharkband.zip
2018-07-04 01:12 - 2018-07-04 01:12 - 000014678 _____ C:\Users\Home\Downloads\fisherT.xml
2018-07-04 01:12 - 2018-07-04 01:12 - 000008071 _____ C:\Users\Home\Downloads\FisherT.cs
2018-07-04 01:12 - 2018-07-04 01:12 - 000004593 _____ C:\Users\Home\Downloads\TRIX_cory.zip
2018-07-04 01:09 - 2018-07-04 01:09 - 000017136 _____ C:\Users\Home\Downloads\_Lin_Reg_Color_Paint_v01.cs
2018-07-03 21:53 - 2018-07-03 21:53 - 000032071 _____ C:\Users\Home\Downloads\MASlopeBoxMulti.zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope (1).zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000001852 _____ C:\Users\Home\Downloads\TheAboxforRange.zip
2018-07-03 21:26 - 2018-07-03 21:26 - 000031306 _____ C:\Users\Home\Downloads\BasicTemplate Perry.xml
2018-07-03 21:26 - 2018-07-03 21:26 - 000021732 _____ C:\Users\Home\Downloads\AaMA_7_5.zip
2018-07-03 21:22 - 2018-07-03 21:22 - 000063825 _____ C:\Users\Home\Downloads\PERRY_AFFLICTION.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000062969 _____ C:\Users\Home\Downloads\PERRY_ZSHARK_3.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000004555 _____ C:\Users\Home\Downloads\DMPlus_v3aBC.zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003827 _____ C:\Users\Home\Downloads\DMPlus_v3a (1).zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1 (1).zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000068608 _____ C:\Users\Home\Downloads\Perry.dll
2018-07-03 21:20 - 2018-07-03 21:20 - 000010918 _____ C:\Users\Home\Downloads\Force_Index_v02FastBC.zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000004021 _____ C:\Users\Home\Downloads\Perry.cpp
2018-07-03 21:20 - 2018-07-03 21:20 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1.zip
2018-07-03 21:17 - 2018-07-03 21:17 - 000002259 _____ C:\Users\Home\Downloads\PriceLineWH.zip
2018-07-03 21:13 - 2018-07-03 21:13 - 000013617 _____ C:\Users\Home\Downloads\ForceIndex.zip
2018-07-03 21:12 - 2018-07-03 21:12 - 000022004 _____ C:\Users\Home\Downloads\DMPlusSignals_v8_nt7.zip
2018-07-03 21:08 - 2018-07-03 21:08 - 002498706 _____ C:\Users\Home\Downloads\vipul gold 4 range.bmp
2018-07-03 21:06 - 2018-07-03 21:06 - 000021045 _____ C:\Users\Home\Downloads\DMPlusSignals_nt7.zip
2018-07-03 21:06 - 2018-07-03 21:06 - 000019756 _____ C:\Users\Home\Downloads\DM3PlusSignals_nt65.zip
2018-07-03 21:02 - 2018-07-03 21:02 - 000005180 _____ C:\Users\Home\Downloads\DonchianRectangle.zip
2018-07-03 20:55 - 2018-07-03 20:55 - 000029362 _____ C:\Users\Home\Downloads\jhlPerryM1v1.zip
2018-07-03 20:51 - 2018-07-03 20:51 - 000003673 _____ C:\Users\Home\Downloads\DMplus_v3a.zip
2018-07-03 20:50 - 2018-07-03 20:50 - 000036945 _____ C:\Users\Home\Downloads\Perry-04.xml
2018-07-03 20:50 - 2018-07-03 20:50 - 000003020 _____ C:\Users\Home\Downloads\jtrangmaker_nj6_5.zip
2018-07-03 20:48 - 2018-07-03 20:48 - 000007813 _____ C:\Users\Home\Downloads\ECO2PAINTBARSONLY.zip
2018-07-03 20:46 - 2018-07-03 20:46 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3 (1).zip
2018-07-03 20:44 - 2018-07-03 20:44 - 000009645 _____ C:\Users\Home\Downloads\Force_Index_v02.zip
2018-07-03 20:43 - 2018-07-03 20:43 - 000036657 _____ C:\Users\Home\Downloads\Perry-01.xml
2018-07-03 20:43 - 2018-07-03 20:43 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope.zip
2018-07-03 20:40 - 2018-07-03 20:40 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3.zip
2018-07-03 20:38 - 2018-07-03 20:38 - 000034256 _____ C:\Users\Home\Downloads\Perry-02v2.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030586 _____ C:\Users\Home\Downloads\Perry-02.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1 (1).xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000002872 _____ C:\Users\Home\Downloads\DMplus_v2.zip
2018-07-02 17:46 - 2018-07-02 17:46 - 000001531 _____ C:\Users\Home\Downloads\VolumeRiseFallNT8.zip
2018-07-01 19:29 - 2018-07-01 19:29 - 002716964 _____ C:\Users\Home\Downloads\DAMsetup.exe
2018-07-01 15:57 - 2018-07-01 15:57 - 000000207 _____ C:\Windows\tweaking.com-regbackup-HOME-PC-Windows-7-Professional-(64-bit).dat
2018-07-01 15:57 - 2018-07-01 15:57 - 000000000 ____D C:\RegBackup
2018-07-01 15:47 - 2018-07-01 15:48 - 000000000 ____D C:\Tweaking
2018-07-01 14:30 - 2018-07-01 14:30 - 000002079 _____ C:\Users\Home\Downloads\PriceLineWH-NT8.zip
2018-07-01 14:25 - 2018-07-01 14:25 - 000009848 _____ C:\Users\Home\Downloads\ama_Current_Day_VWAP_v20.zip
2018-07-01 14:19 - 2018-07-01 14:19 - 000049438 _____ C:\Users\Home\Downloads\Download (1).rar
2018-07-01 14:15 - 2018-07-01 14:15 - 000124767 _____ C:\Users\Home\Downloads\Traderretail.rar
2018-07-01 13:53 - 2018-07-01 13:53 - 000091075 _____ C:\Users\Home\Downloads\ama_Super_Trend_U11_v21.zip
2018-07-01 01:00 - 2018-07-01 01:00 - 000009390 _____ C:\Users\Home\Downloads\IndoDemoStrategy.cs
2018-06-29 18:23 - 2018-06-29 18:23 - 000001003 _____ C:\Users\Public\Desktop\Filedrop.lnk
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Users\Home\AppData\Roaming\com.filedropme.FiledropDesktop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filedrop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Program Files (x86)\Filedrop
2018-06-29 17:39 - 2018-06-29 17:40 - 019130837 _____ (Filedrop ) C:\Users\Home\Downloads\Filedrop.exe
2018-06-29 17:22 - 2018-06-29 17:22 - 000006039 _____ C:\Users\Home\Downloads\April2018SCNT7.zip
2018-06-29 17:22 - 2018-06-29 17:22 - 000004819 _____ C:\Users\Home\Downloads\April2018SCNT8.zip
2018-06-29 17:20 - 2018-06-29 17:20 - 000007242 _____ C:\Users\Home\Downloads\July2012SC.zip
2018-06-28 21:41 - 2018-06-28 21:41 - 025942048 _____ (Samsung Electronics Co., Ltd.) C:\Users\Home\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_1.5.63.0.exe
2018-06-28 18:01 - 2018-06-28 18:01 - 000036760 _____ C:\Users\Home\Downloads\DS.rar
2018-06-28 18:00 - 2018-06-28 18:00 - 000022576 _____ C:\Users\Home\Downloads\DeltaScalper2.cs
2018-06-28 13:25 - 2018-06-28 13:25 - 000395709 _____ C:\Users\Home\Downloads\iScalper - Incubator ( iscalper - iRenko - iBands - iBars ).zip
2018-06-26 19:09 - 2018-06-26 19:09 - 000013664 _____ C:\Users\Home\Downloads\CciBBLinesV4.zip
2018-06-26 19:03 - 2018-07-01 13:57 - 001884785 _____ C:\Users\Home\Downloads\6k7
2018-06-26 18:57 - 2018-06-26 18:57 - 043540480 _____ C:\Users\Home\Downloads\NinjaTrader.Install.msi
2018-06-26 18:28 - 2018-06-26 18:28 - 000437107 _____ C:\Users\Home\Downloads\BrainTrading71.0.zip
2018-06-26 14:52 - 2018-06-26 14:52 - 000000000 ____D C:\Users\Home\AppData\Local\MTPredictor
2018-06-26 12:07 - 2018-06-26 12:07 - 002554515 _____ C:\Users\Home\Downloads\2017_IC3Report.pdf
2018-06-25 20:59 - 2018-06-25 20:59 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2018-06-25 16:47 - 2018-06-25 16:47 - 000181061 _____ C:\Users\Home\Downloads\RLMovingAverageColored.zip
2018-06-25 16:47 - 2018-06-25 16:47 - 000027785 _____ C:\Users\Home\Downloads\RLTMovingAverageColored.zip
2018-06-24 13:38 - 2018-06-24 13:38 - 538859006 _____ C:\Users\Home\Downloads\Trading MarketProfile (1).zip
2018-06-23 19:47 - 2018-06-23 19:48 - 021342732 _____ C:\Users\Home\Downloads\DayTrading_with_Price_Action_-_Course___NinjaTrader_7_Indicators_2.rar
2018-06-22 13:18 - 2018-06-22 13:18 - 000003076 _____ C:\Users\Home\Downloads\Fractal_MikeV2_1.zip
2018-06-21 18:11 - 2018-06-21 18:14 - 000208972 _____ C:\TDSSKiller.3.1.0.17_21.06.2018_18.11.35_log.txt
2018-06-21 18:02 - 2018-07-16 21:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-06-21 18:02 - 2018-07-16 21:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-21 18:02 - 2018-07-16 17:36 - 000001107 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-06-21 18:02 - 2018-06-21 18:02 - 000000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-21 17:16 - 2018-06-21 17:16 - 000382261 _____ C:\unp306732162544469087i-manual.mdmp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-21 13:13 - 2009-07-14 13:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-21 12:45 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-21 12:45 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-21 01:03 - 2016-11-29 16:12 - 000000000 ____D C:\Users\Home\AppData\LocalLow\Mozilla
2018-07-20 22:06 - 2016-12-27 20:13 - 000000000 ____D C:\Temp
2018-07-19 15:00 - 2018-06-10 12:10 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-07-18 21:01 - 2016-04-01 22:13 - 000000000 ____D C:\ProgramData\Unchecky
2018-07-18 16:43 - 2017-01-20 15:07 - 000000222 _____ C:\Windows\SysWOW64\_WKERNEL.SYL
2018-07-18 16:13 - 2016-06-05 18:03 - 000000000 ____D C:\ProgramData\ProductData
2018-07-18 15:48 - 2017-06-20 16:24 - 000001195 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-07-18 15:18 - 2017-09-07 18:23 - 000111048 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2018-07-18 15:18 - 2017-09-07 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-07-18 15:17 - 2017-09-07 18:22 - 000000000 ____D C:\Program Files\Java
2018-07-18 15:15 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\inf
2018-07-18 15:06 - 2018-01-20 14:06 - 000000000 ____D C:\Windows\system32\DAX3
2018-07-18 15:06 - 2018-01-20 14:06 - 000000000 ____D C:\Windows\system32\DAX2
2018-07-18 15:05 - 2018-01-22 15:26 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-07-17 17:58 - 2018-06-11 17:15 - 000000000 ____D C:\Security
2018-07-17 17:52 - 2016-12-29 22:19 - 000000000 ____D C:\Users\Home\AppData\Roaming\SharkIndicators
2018-07-17 17:39 - 2017-03-15 00:32 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2018-07-17 06:02 - 2016-01-11 22:28 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-07-16 18:46 - 2017-12-11 15:02 - 006074156 _____ C:\Windows\ntbtlog.txt
2018-07-16 18:16 - 2017-12-23 20:39 - 000000000 ____D C:\Windows\System32\Tasks\MEGA
2018-07-16 18:15 - 2016-06-02 13:39 - 191336811 _____ C:\Windows\system32\Drivers\whitelist2.sa
2018-07-16 17:23 - 2009-07-14 12:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-07-15 13:41 - 2018-03-13 18:50 - 000004460 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-15 13:41 - 2017-06-22 18:30 - 000003310 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2018-07-15 13:41 - 2017-06-19 21:36 - 000002980 _____ C:\Windows\System32\Tasks\{CEBE9F60-2E2E-4BF0-AEAE-325E6ADDDF40}
2018-07-15 13:41 - 2017-06-19 21:36 - 000002980 _____ C:\Windows\System32\Tasks\{C8711FB9-019D-4C47-838B-F12CC1688B8F}
2018-07-15 13:41 - 2016-01-12 04:30 - 000004314 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-07-15 13:41 - 2016-01-12 04:24 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-15 13:41 - 2016-01-12 00:08 - 000003334 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-15 13:41 - 2016-01-12 00:08 - 000003206 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-14 18:36 - 2009-07-14 13:13 - 000917584 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-14 17:23 - 2016-01-12 02:54 - 000909706 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-07-13 17:28 - 2016-01-12 04:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-07-13 16:59 - 2016-11-23 13:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-07-12 10:41 - 2016-03-12 18:31 - 000409520 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-12 10:36 - 2016-01-11 22:58 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-12 10:35 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-07-12 03:12 - 2016-01-11 22:50 - 000000000 ____D C:\Windows\system32\MRT
2018-07-12 03:03 - 2016-01-11 22:50 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-07-11 22:22 - 2016-03-31 22:15 - 000000000 ____D C:\Users\Home\AppData\Roaming\.oit
2018-07-11 00:50 - 2016-01-12 04:30 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-11 00:50 - 2016-01-12 04:30 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-09 14:02 - 2016-11-05 03:28 - 000000000 ____D C:\Users\Public\Documents\PT Photo Editor
2018-07-07 15:30 - 2016-03-14 00:28 - 000000000 ____D C:\XP
2018-07-06 23:51 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\system32\NDF
2018-07-05 22:09 - 2016-04-18 16:51 - 000000000 ____D C:\Newnew4
2018-07-05 17:35 - 2016-04-20 15:06 - 000000000 ____D C:\Movies
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\TypeData445.lt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\RemoteReach2.dta
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\mockdata.db
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\funnel2db.arc
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\ffile2_.dat
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\dat6_.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\type2.fnt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\productcode.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\kernalcode.gtd
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Windows\system32\tdt.dds
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Users\Home\AppData\Local\dat51_.dat
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\ProgramData\takesys.dat
2018-07-04 16:59 - 2016-01-12 04:23 - 000000000 ____D C:\Users\Home\AppData\Local\Adobe
2018-07-04 16:55 - 2017-09-23 18:21 - 000000000 ____D C:\Users\Home\Documents\NinjaTrader 7
2018-07-01 19:01 - 2016-03-09 01:51 - 000109208 _____ C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-30 19:31 - 2017-07-19 23:50 - 000000000 ____D C:\Program Files (x86)\Wise
2018-06-28 20:43 - 2016-03-31 21:39 - 000000000 ____D C:\Users\Home\Documents\My Digital Editions
2018-06-27 03:53 - 2016-01-12 00:09 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-27 03:53 - 2016-01-12 00:09 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-23 22:01 - 2018-06-11 19:02 - 000000000 ____D C:\New Futures.io downloads
2018-06-22 13:53 - 2018-06-10 12:15 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
 
==================== Files in the root of some directories =======
 
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\ProgramData\enginesys.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\ProgramData\takesys.dat
2017-02-03 21:18 - 2017-02-16 19:21 - 000001728 _____ () C:\Users\Home\AppData\Roaming\.starmoon_kst.cfg
2016-12-16 19:35 - 2017-10-04 15:34 - 000000126 _____ () C:\Users\Home\AppData\Roaming\default.rss
2017-07-04 20:59 - 2017-07-04 21:00 - 000000010 _____ () C:\Users\Home\AppData\Roaming\pdfdrawcodec.dll
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\Users\Home\AppData\Local\dat48_.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\Users\Home\AppData\Local\dat51_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\dat6_.xml
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\ffile2_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\funnel2db.arc
2018-07-18 19:06 - 2018-07-20 22:07 - 000002183 _____ () C:\Users\Home\AppData\Local\restore.vbs
2008-02-05 13:28 - 2008-02-05 13:28 - 000000051 _____ () C:\Users\Home\AppData\Local\setup.txt
2017-12-08 19:08 - 2017-12-30 21:05 - 000005780 _____ () C:\Users\Home\AppData\Local\supFix.dtt
 
Some zero byte size files/folders:
==========================
C:\Windows\System32\Rtlihvs.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-01-08 04:09
 
==================== End of FRST.txt ============================
 
 
 
 
and here is Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Home (21-07-2018 13:20:53)
Running from C:\Users\Home\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-10 06:16:41)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2713607381-13602913-39778406-500 - Administrator - Disabled)
Guest (S-1-5-21-2713607381-13602913-39778406-501 - Limited - Disabled)
Home (S-1-5-21-2713607381-13602913-39778406-1000 - Administrator - Enabled) => C:\Users\Home
HomeGroupUser$ (S-1-5-21-2713607381-13602913-39778406-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.7 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden
BurnAware Premium 11.0 GAOTD (HKLM-x32\...\BurnAware Premium_is1) (Version:  - Burnaware)
calibre 64bit (HKLM\...\{0224350E-9A3E-4932-8FC8-5D0590F1AF8A}) (Version: 2.55.0 - Kovid Goyal)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
DocX Reader 2.0 (HKLM-x32\...\DocX Reader 2.0) (Version:  - )
DolbyFiles (HKLM-x32\...\{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}) (Version: 0.1 - Nero AG) Hidden
Download Accelerator Manager (HKLM-x32\...\Download Accelerator Manager) (Version: 5.2.5 - )
Duplicate Photo Finder Plus 7.0 (HKLM-x32\...\Duplicate Photo Finder Plus_is1) (Version:  - TriSun Software Limited)
EditPad Lite 7.4.1 (HKLM\...\EditPad Lite) (Version: 7.4.1 - Just Great Software)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.8.1129 - Epubor Inc.)
EpuborVitalSourceDownloader 1.0.6 (only current user) (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\0d87c151-55a2-503a-ba5c-83eaa9103f25) (Version: 1.0.6 - epubor)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron Technology)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fibozachi Elite Trader Package (www.forex-warez.com) version 7.31 (HKLM-x32\...\Fibozachi Elite Trader Package (www.forex-warez.com)_is1) (Version: 7.31 - [email protected])
Filedrop version 1.1.5 (HKLM-x32\...\{3A309583-1B4A-4C90-85EA-124EB8DB331A}_is1) (Version: 1.1.5 - Filedrop)
Forex EA Generator 6.x (HKLM-x32\...\Forex EA Generator 6.x_is1) (Version:  - )
FXDD - MetaTrader (HKLM-x32\...\FXDD - MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
GoldenZone BarCloseMarker (HKLM-x32\...\{7B8F38FE-8CDF-4B26-A119-5388CAFEE98E}) (Version: 36.9.260.16 - GoldenZone Trading)
GoldenZone FullRangeBar (HKLM-x32\...\{3CE11A64-02C5-4B95-B0C0-C0CF94A82883}) (Version: 36.6.260.16 - GoldenZone Trading)
GoldenZone Leaders and Laggers (HKLM-x32\...\{40C302EF-A5A4-4EC3-A513-A0E2D441E93D}) (Version: 36.5.50.16 - GoldenZone Trading)
GoldenZone RolloversGuide (HKLM-x32\...\{991F9121-83AE-4309-8E54-95924F756A03}) (Version: 36.6.260.16 - GoldenZone Trading)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
IDTA Indicators (HKLM-x32\...\IDTA Indicators 2.1.4) (Version: 2.1.4 - The International Day Trading Academy)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Inpaint 7.1 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version:  - Teorex)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 172 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Lucky Days 2.3 (HKLM-x32\...\{3EAC2150-F274-4568-A03C-F52E549589EB}_is1) (Version:  - www.luckydays.tv)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
MicroTrends DoubleShot Foundation 7.2018.03.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{EFDE0166-797F-4CDF-82C2-4F5CAA827B28}) (Version: 7.2018.03.20 - MicroTrends)
MicroTrends NinjaTrader Framework 7 7.0.1.68 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{6B84A934-9323-4998-B4AC-22D2B0905215}) (Version: 7.0.1.68 - MicroTrends)
MicroTrends Ultimate 7 Pro ATS 7.2018.3.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{E20EB602-68D1-4EA6-860A-48535E867650}) (Version: 7.2018.3.20 - MicroTrends)
Mozilla Firefox 61.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.1 (x64 en-US)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 en-US)) (Version: 52.9.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiView Inpaint 1.2 (HKLM\...\{8188F7D9-812D-417D-B502-BE0D34ABFD81}_is1) (Version:  - Teorex)
Nero 9 Essentials (HKLM-x32\...\{61e0bd34-02fb-46f2-97c9-5813e346768c}) (Version:  - Nero AG)
NinjaTrader 8 (HKLM-x32\...\{2DAF98A0-9C96-4362-8AEB-5C548C01351E}) (Version: 8.0.13.1 - NinjaTrader, LLC)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
pCloud Drive (HKLM-x32\...\{5824F8F8-E59E-42CB-98FA-B1F329A58BB9}) (Version: 3.5.7 - pCloud AG) Hidden
PDFdu PDF Password Remover version 2.3 (HKLM-x32\...\{4412D3E1-E5ED-4EEA-B631-427FB9F31F48}_is1) (Version: 2.3 - PDFdu.com)
PhotoScissors 4.0 (HKLM\...\{664FCCAE-8187-4EC5-B191-758C040C999C}_is1) (Version:  - teorex)
PT Photo Editor - Pro Edition 3.7 (HKLM\...\{5C65692A-A64B-4B54-8E1E-429A56979DB0}_is1) (Version: 3.7 - PHOTO-TOOLBOX.COM)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8382 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - Renesas Electronics Corporation)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Security Task Manager 2.1k (HKLM-x32\...\Security Task Manager) (Version: 2.1k - Neuber Software)
Sketch Drawer 4.2 (HKLM-x32\...\Sketch Drawer_is1) (Version: 4.2 - SoftOrbits)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
StartEd Lite (HKLM-x32\...\StartEd Lite) (Version: 5.60 - Outertech)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1258 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TOM Products version 3.7.0.1 (HKLM-x32\...\{BDD96956-F4E4-4498-B82A-C9E143C3ACA3}_is1) (Version: 3.7.0.1 - TheOilMoney)
TopDogTrading Indicators (HKLM-x32\...\{7A8B0366-82AB-4711-A99C-66E32B62CBAF}) (Version: 1.00.0000 - TopDogTrading)
Trading123AutoTraderV5j (HKLM-x32\...\{2BBB7785-61E5-4FD1-807E-9046FEC6AA63}) (Version: 1.0.5.10 - Trading123.Net)
UltraSearch V2.1.2 (64 bit) (HKLM\...\UltraSearch_is1) (Version: 2.1.2 - JAM Software)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Video to GIF 5.3 (HKLM-x32\...\Video to GIF) (Version: 5.3 - AoaoPhoto Digital Studio.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinPDFEditor V3.4 (HKLM-x32\...\WinPDFEditor_is1) (Version:  - hxxp://www.WinPDFEditor.com)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinUtilities Professional Edition 13.23 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043009}_is1) (Version: 13.23 - YL Computing, Inc)
WowTron PDF Restriction Remover (HKLM-x32\...\{7D68F994-CCD6-4C09-8127-E3E1A0333DA0}) (Version: 1.1.1 - WowTron Software Co. Ltd.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2713607381-13602913-39778406-1000_Classes\CLSID\{F09690BD-582D-4439-B6ED-5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    pCloudINPROGRESS] -> {D8BFAFBD-B670-4252-9C17-9CF1C64C2BAF} => C:\Program Files (x86)\pCloud Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudINSYNC] -> {8D0C0582-552A-4A6B-9455-DA63E1F329C0} => C:\Program Files (x86)\pCloud Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudNOSYNC] -> {3858ED1B-8F1C-42ED-A8A9-FDBF591E3C6B} => C:\Program Files (x86)\pCloud Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2009-10-15] (Nero AG)
ContextMenuHandlers1-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-10-08] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0A39D710-ED40-41DA-AE01-9A7EDD149DD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {1C906D8C-89DC-4569-BD1C-52E30CFB919E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {2173E21E-250B-48AB-B6F5-820BA6FD3874} - System32\Tasks\WinSysCleanUAC => C:\Program Files\WinSysClean X7 PRO\WinSysClean.exe
Task: {2797DECE-4DB4-4663-85F6-38093DB6480A} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: {3D92964E-8641-4995-AC35-96D4FD794603} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {47D73C60-CEDF-4B90-9045-677505996CC4} - \Driver Booster SkipUAC (Home) -> No File <==== ATTENTION
Task: {5CC0FD30-5511-4B46-8446-71046876A8A4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {6B5CE91C-079C-4CD4-BFE1-468927BD81C2} - System32\Tasks\{C8711FB9-019D-4C47-838B-F12CC1688B8F} => C:\Program Files (x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {76944FFE-A90E-4D2B-8CB8-7E1A2311CBD6} - System32\Tasks\SUPERAntiSpyware Scheduled Task 38d80c74-dc6b-4170-8f26-ec3cb9765d82 => C:\Security\SAS\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {ADF1FDAD-D7F8-461D-8B32-9B7EE15C03C7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe
Task: {B18C387B-79A4-4525-9EE1-F2489D22161F} - System32\Tasks\SUPERAntiSpyware Scheduled Task 9c9e56e1-19a1-4b5c-8e24-af95c4bf47e2 => C:\Security\SAS\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {B37ACB3C-BA1A-4627-9F9F-3DEA763FA5AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {D182F5F0-555B-4961-B95E-BC4C8BE67F86} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {EE7A4FEB-9E17-4400-B1FA-E1F313272337} - System32\Tasks\{CEBE9F60-2E2E-4BF0-AEAE-325E6ADDDF40} => C:\Program Files (x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {F03B2B28-03E5-418A-9206-93E4B862CB69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-10] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 38d80c74-dc6b-4170-8f26-ec3cb9765d82.job => C:\Security\SAS\SASTask.exe C:\Security\SAS\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9c9e56e1-19a1-4b5c-8e24-af95c4bf47e2.job => C:\Security\SAS\SASTask.exe C:\Security\SAS\SUPERAntiSpyware.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MicroTrends Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Blog.lnk -> hxxp://blog.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Forum.lnk -> hxxp://forum.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Help Desk.lnk -> hxxp://microtrends.zendesk.com
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Squawk Box.lnk -> hxxp://downloads.microtrends.co/squawkbox/install.ht
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MicroTrends Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MT Help Desk.lnk -> hxxp://microtrends.zendesk.com
 
ShortcutWithArgument: C:\Users\Home\Desktop\Online File Converter.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3G2.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-3G2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3GP.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-3GP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 7z.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-7Z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AAC.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AC3.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AC3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AIFF.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AVI.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AVI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AZW3.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AZW3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to BMP.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-BMP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPS.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-EPS
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPUB.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ePub
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Excel.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Xls
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FB2.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FB2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLAC.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FLAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Flash.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Flash
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLV.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FLV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to GIF.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-GIF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Html.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-HTML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to iPhone.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-iPhone
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to JPG.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-JPG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to LRF.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-LRF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to M4A.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M4A
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MKV.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MKV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MOBI.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MOBI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Mov.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MOV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP2.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP3.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP4.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP4
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ODF.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OGG.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-OGG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OpenOffice.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDB.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PDB
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDF.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PDF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PhotoShop.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PSD
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PNG.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PNG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PowerPoint.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PPT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to RM.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-RM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Rtf.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.bz2.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Tar-bz2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.gz.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Tar-gz
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.z.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Tar-z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TCR.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TCR
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TIFF.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Txt.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TXT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W1V.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M1V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W2V.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M2V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WAV.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WAV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WebM.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WebM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMA.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WMA
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMV.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WMV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Word.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Doc
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xbox 360.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Xbox360
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xml.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-XML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to YouTube.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-YouTube
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ZIP.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ZIP
ShortcutWithArgument: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Online File Converter.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-12-29 14:42 - 2015-10-08 19:47 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-06-10 12:10 - 2018-07-19 15:00 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-07-12 10:53 - 2018-07-12 10:53 - 000169984 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\db655ae9e4ab7d7e5204db26e314ea39\IsdiInterop.ni.dll
2016-01-10 14:30 - 2010-11-05 23:50 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sascansvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2018-07-21 13:13 - 000001314 _____ C:\Windows\system32\Drivers\etc\hosts
 
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 64.145.73.5 - 209.107.219.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E0F10DD9-5871-40A5-8C94-CBBBA5118DA0}] => (Allow) LPort=80
FirewallRules: [TCP Query User{26303190-3DA5-4505-82FE-FA4C8E64E6DB}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [UDP Query User{0835F49C-2F7A-4578-8AF1-4C2FC1C6F50A}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [{979902AF-DFE2-49CB-B3D3-22E0138C3E3C}] => (Allow) C:\Program Files (x86)\pCloud Drive\pCloud.exe
FirewallRules: [TCP Query User{3A0A0771-7500-48C2-B773-5D3D6ECC8544}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{6CC3C934-9C22-4507-859C-9D9B09B201A1}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{66781602-1EEF-4160-A7F9-28A5422FDD62}C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{C2756435-D0AE-467C-9907-834F2AAE75B6}C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{8C300CD9-195C-4FB7-BA39-B2981DBAC6F4}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [UDP Query User{240E47F2-B98E-4409-9433-A2753201F861}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [{BB25DF2E-E071-4E74-89FE-EFF71BB46E05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FCF3E1A5-3B13-4082-ABF3-2CE340C9F017}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{76EEFDB5-90CB-494D-B277-1D699744AF9C}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{D3F505DC-CF8C-462A-8AB8-6D2E062CF20C}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [{5C618650-B412-47C0-84A2-FC32B61999E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{88049983-F4CE-4EB1-BBD2-4F0BAF0A9FA7}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [UDP Query User{F82D738E-1254-4EEE-97EF-E09D70001824}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [TCP Query User{11A84D1D-09E8-45A8-A01E-C075142339B3}C:\users\home\appdata\local\programs\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
FirewallRules: [UDP Query User{A2C5E8EF-6E22-4E1F-9FD0-7B8A5988EEA8}C:\users\home\appdata\local\programs\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
 
==================== Restore Points =========================
 
20-07-2018 14:35:32 Revo Uninstaller's restore point - GOM Player
20-07-2018 15:26:44 QRM Restore Point
20-07-2018 18:11:03 QRM Restore Point
20-07-2018 18:15:47 Restore Point Created by FRST
20-07-2018 22:07:22 QRM Restore Point
21-07-2018 07:42:32 Windows Update
21-07-2018 12:54:51 Revo Uninstaller's restore point - TAP-Windows 9.9.2
 
==================== Faulty Device Manager Devices =============
 
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
Name: EldoS PnP virtual bus
Description: EldoS PnP virtual bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: EldoS Corporation
Service: vpnpbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (07/21/2018 01:13:21 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 5
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 43%
Total physical RAM: 4012.97 MB
Available physical RAM: 2263.22 MB
Total Virtual: 8024.11 MB
Available Virtual: 6106.38 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:220.7 GB) (Free:16.61 GB) NTFS
Drive d: () (Fixed) (Total:244.96 GB) (Free:37.72 GB) NTFS
Drive e: () (CDROM) (Total:4.38 GB) (Free:0.01 GB) UDF
 
\\?\Volume{192deb17-b7e7-11e5-8856-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AACEA11C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=245 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220.7 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 
 
And RKinner,you told me to rerun sfc /scannow.
 
It gave the following output
Verification 100% complete.
Windows Resource Protection found corrupt files but was unable to fix some of them.
Details are included in the CBS log. Log windir\Logs\CBS\CBS.log.For example C:\Windows\Logs\CBS\CBS.log
 
 
Thank you very much RKinner for sticking with me throughout the extensive troubleshooting process.I appreciate it. Have a great and safe weekend.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP