Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cannot run or open any .exe (executable) file in Windows normal mode.

Started by MagickMage , Jul 14 2018 06:46 AM

  • Please log in to reply

#16
RKinner
Posted 21 July 2018 - 04:29 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Something funny going on.

 

The fixlog says the files are on the desktop but when I tell it to copy them it tells me it can't find them.  Also the D-link file was copied correctly and seemed to be OK but the FRST scan says it is 0 bytes.  The two broken devices are still showing so nothing improved.

 

Please uninstall SUPERAntiSpyware.  It's a pretty worthless program and it sometimes plays games with permissions.

 

Start up FRST but do not hit SCAN.  Put

vpnpbus;aswTap

in the Search Box then hit Search Registry.  You should get one log file.  Please post it.

 

Copy the next lines:

 

copy \Users\Home\Desktop\W32UIRes.dll  \Windows\System32\oobe\W32UIRes.dll

copy \Users\Home\Desktop\spwizimg.dll  \Windows\System32\spwizimg.dll

 

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste (or Edit then Paste) and the copied lines should appear.  Hit Enter if the prompt does not return.

Do you get errors?  What exactly does it say?

 


  • 0

Advertisements

#17
MagickMage
Posted 21 July 2018 - 07:44 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Greetings RKinner.
As instructed I have uninstalled SUPERAntiSpyware.
Opened FRST in Regular mode and as Admin.
Searched for vpnpbus;aswTap in Registry.
Received the file SearchReg.
Here is SearchReg
 
Farbar Recovery Scan Tool (x64) Version: 21.07.2018
Ran by Home (21-07-2018 20:33:57)
Running from C:\Users\Home\Desktop
Boot Mode: Normal
 
================== Search Registry: "vpnpbus;aswTap" ===========
 
 
===================== Search result for "vpnpbus" ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles]
"%SystemPath%\system32\DRIVERS\vpnpbus.sys"="5"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles]
"%SystemPath%\system32\DRIVERS\vpnpbus.sys"="5"
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\root#eldos_virtual_pnp_bus]
"Service"="vpnpbus"
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SYSTEM\0001]
"Service"="vpnpbus"
 
 
===================== Search result for "aswTap" ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles]
"%SystemPath%\system32\DRIVERS\aswTap.sys"="5"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles]
"%SystemPath%\system32\DRIVERS\aswTap.sys"="5"
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011]
"ComponentId"="aswtap"
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011]
"InfSection"="aswTap.ndi"
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011]
"MatchingDeviceId"="aswtap"
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi]
"Service"="aswTap"
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\NET\0001]
"HardwareID"="aswTap"
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\NET\0001]
"Service"="aswTap"
 
====== End of Search ======
 
 
 
 
 
In the Command Prompt, as Admin,I copy and pasted the following commands
 
copy \Users\Home\Desktop\W32UIRes.dll  \Windows\System32\oobe\W32UIRes.dll
 
copy \Users\Home\Desktop\spwizimg.dll  \Windows\System32\spwizimg.dll"
 
The reply for
copy \Users\Home\Desktop\W32UIRes.dll  \Windows\System32\oobe\W32UIRes.dll
It asks if I want to "Overwrite\Windows\System32\oobe\W32UIRes.dll? (Yes/No/All):"
 
copy \Users\Home\Desktop\spwizimg.dll  \Windows\System32\spwizimg.dll
It asks if I want to "Overwrite\Windows\System32\spwizimg.dll? (Yes/No/All):"
 
 
Btw, RKinner,speaking of "something funny going on" I do have a a query for you regarding the sfc problems with the sfc /scannow command line and SFCFix.exe results.
 
I opened an elevated Command Prompt as Admin and ran sfc  /scannow with the results
It starts with "Beginning system scan.This process will take some time.
Beginning verification phase of system scan.
Verification 100% complete.
Windows Resource Protection found corrupt files but was unable to fix some of them.
Details are included in the CBS.Log windir\Logs\CBS\CBS.Log. For example C:\Windows\Logs\CBS\CBS.log "
 
And right after,I immediately right clicked on SFCFix.exe and ran it as Admin.
It opened another Dosbox and After pressing all the keys to continue....produced the SFCFix.txt
SFCFix txt
 
SFCFix version 3.0.0.0 by niemiro.
Start time: 2018-07-21 21:26:31.570
Microsoft Windows 7 Service Pack 1 - amd64
Not using a script file.
 
 
 
 
AutoAnalysis::
SUMMARY: No corruptions were detected.
AutoAnalysis:: directive completed successfully.
 
 
 
 
Successfully processed all directives.
SFCFix version 3.0.0.0 by niemiro has completed.
Currently storing 2 datablocks.
Finish time: 2018-07-21 21:27:04.951
----------------------EOF-----------------------
 
 
In the analysis it says no corruptions were detected.Yet sfc  /scannow say it has found corrupt files So you see my confusion.
Hope you can shed some light on that.
In any case RKinner,I hope you are not too busy at the moment.
Many thanks to you.

Edited by MagickMage, 21 July 2018 - 08:05 AM.

  • 0

#18
RKinner
Posted 21 July 2018 - 09:23 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Appears that the two files do exist where they are supposed to be but that their permissions are messed up or windows is blocking them somehow. 

 

Please download GrantPerms.zip http://download.blee.../GrantPerms.zipand save it to your desktop.
Unzip the file and run GrantPerms.exe by right clicking and Run As Admin.
Copy and paste the following in the edit box:

   

C:\Windows\System32\oobe\W32UIRes.dll
C:\Windows\System32\spwizimg.dll
 

Click Unlock. When it is done click "OK".
Click List Permissions and post the result (Perms.txt) that pops up. A copy of Perms.txt will be saved in the same directory the tool is run.

 

 


  • 0

#19
MagickMage
Posted 21 July 2018 - 09:56 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Greetings RKinner.
Have downloaded GrantPerms.zip to the desktop.Unzipped and ran the exe as Admin
Resultant txt of Perms.txt.
Here is Perms.txt
 
GrantPerms by Farbar 
Ran by Home (administrator) at 2018-07-21 23:46:22
 
===============================================
ERROR: Parsing the SD of <\\?\C:\Windows\System32\oobe\W32UIRes.dll> failed with: The system cannot find the file specified.
 
 
Operating system error message: The system cannot find the file specified.
\\?\C:\Windows\System32\spwizimg.dll
 
   Owner: BUILTIN\Administrators
 
   DACL(P)(AI):
   BUILTIN\Administrators   FULL   ALLOW   (NI)
   NT AUTHORITY\SYSTEM   FULL   ALLOW   (NI)
   BUILTIN\Users   READ/EXECUTE   ALLOW   (NI)
 
 
Thanks again RKinner.

  • 0

#20
RKinner
Posted 21 July 2018 - 12:33 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

In answer to your earlier question about sfc:  When you right click on sfc.exe and run as admin you do not tell it what to look at so you get an all is clear message.   If you open an elevated (admin) Command Prompt and type:

 

sfc /?

 

It will show you the different options available.  If you don't give it an option it doesn't know what to check.

 

If I understand the output of the GrantPerms we now should have one of the files present.

 

You can test it without running the whole sfc /scannow.  Instead ask it to look at the file:

 

sfc /scanfile=C:\Windows\System32\spwizimg.dll

 

It should say:

 

Windows Resource Protection did not find any integrity violations.
 

 

The other file is located in the  oobe folder which stands for Out Of the Box Experience so presumably it only gets used when you first setup Windows.

 

See if GrantPerms will work on:

 

C:\Windows\system32\Rtlihvs.dll

 

 

 

For the two drivers that don't want to go away:

 

right click on Computer and select Manage then Device Manager.

 

View, Show Hidden Devices

 

There should be an entry for Non Plug and Play devices or something like that.

Click on the arrow in front to open it.

See if you can find either of these:

 

aswTap

vpnpbus

 

If you find one then right click on it and Delete or Uninstall

 

If that doesn't work for aswTap then try the Avast Uninstall tool:

 

https://www.avast.co...install-utility


  • 0

#21
MagickMage
Posted 22 July 2018 - 04:55 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Well thanks very much RKinner for your competent explanation on the various options and workings of the sfc.exe 
command.Initially I hadn't known all that so thanks for that.
 
"You can test it without running the whole sfc /scannow.  Instead ask it to look at the file:
sfc /scanfile=C:\Windows\System32\spwizimg.dll
 
It should say:
Windows Resource Protection did not find any integrity violations."
 
Well I did just that. I ran sfc /scanfile=C:\Windows\System32\spwizimg.dll
It replied with 
Windows Resource Protection found corrupt files but was unable to fix some of them.
Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example C:\windows\Logs\CBS\CBS.Log
 
I also ran GrantPerms on C:\Windows\system32\Rtlihvs.dll
Here is the Perms.txt
 
GrantPerms by Farbar 
Ran by Home (administrator) at 2018-07-22 15:06:45
 
===============================================
ERROR: Parsing the SD of <\\?\C:\Windows\system32\Rtlihvs.dll> failed with: The system cannot find the file specified.
 
 
Operating system error message: The system cannot find the file specified.
 
 
For the two drivers that don't want to go away I did as instructed and right clicked on Computer and select Manage then Device 
Manager,then View, Show Hidden Devices and Non Plug and Play Devices.I specifically tried to find aswTap and vpnpbus.I could 
not find them at all.However just to get more clarity on these, i did a Google search on them and came up with these answers
Regarding aswTap, it's either a TAP-Windows Virtual Network Driver,or belongs to the AVAST Secureline VPN AND I believe I 
uninstalled both already.As for vpnpbus, it belongs to EldoS Corporation as their Virtual PnP Bus Driver.
Next I ran the AVASTclear Uninstall tool. When I ran it it kept forcing me to run it in Safe mode and asked if I wanted to 
boot to Safe mode. I clicked on Yes and it booted me to safe mode.Did it's thing and says some files will be uninstalled until 
after I reboot back to Normal mode.It then rebooted me to back to Windows normal mode
 
Just to see if there were significant changes on my PC,I rebooted and ran FRST as Admin in Windows Normal mode. Clicked on 
 
Scan.
 
 
FRST
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2018
Ran by Home (administrator) on HOME-PC (22-07-2018 17:43:13)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...arbar-recovery-
 
scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be 
 
moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-07-18] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-
 
11-05] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 
 
2010-11-17] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] 
 
(Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 
 
/errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.17.5.36 172.17.5.68
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [NameServer] 64.145.73.5,209.107.219.5
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [DhcpNameServer] 172.17.5.36 172.17.5.68
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2713607381-13602913-39778406-1000 -> {C4D576CF-D6A4-4EC3-8536-B0E5AEFF4ABE} URL = 
 
hxxps://sg.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_172\bin\ssv.dll 
 
[2018-07-18] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_172\bin
 
\jp2ssv.dll [2018-07-18] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office
 
\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft 
 
Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
 
FireFox:
========
FF DefaultProfile: anbxvldd.default-1529575451185
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 [2018-07-21]
FF Homepage: Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 -> hxxps://www.google.com/
FF Extension: (Adblock Plus) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-
 
1529575451185\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-06-21]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\[email protected] 
 
[2018-07-16] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
FF Plugin: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-07-
 
18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-07-18] 
 
(Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe 
 
Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017
 
-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll 
 
[2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll 
 
[2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe 
 
Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-07-22]
CHR Extension: (Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2018-06-29]
CHR Extension: (Pixlr Editor) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\icmaknaampgiegkcjlimdiidlhopknpk [2016-09-11]
CHR Extension: (AliDropship) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\jlnhdnbbikjkdejminhdpmejldiapdgn [2018-06-13]
CHR Extension: (Video DownloadHelper) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\lmjnegcaeklhafolokijcfjliaokphfk [2018-07-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-07-19]
CHR Extension: (Scribd Downloader Free) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\picjckiempkofneplcbdijedckiollfd [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2018-02-12] (Digiarty Software, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-11-19] (REALiX™)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2017-05-16] (Highresolution Enterprises [www.highrez.co.uk])
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-06-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-22] (Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [47104 2016-05-20] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7673200 2017-11-16] (Realtek Semiconductor Corporation )
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [424384 2018-07-18] (Realsil Semiconductor Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [54840 2017-12-20] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-07-31] (Spotflux, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-06-14] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-22 17:43 - 2018-07-22 17:46 - 000012538 _____ C:\Users\Home\Desktop\FRST.txt
2018-07-22 17:41 - 2018-07-18 19:00 - 000215040 _____ () C:\Users\Home\Desktop\Quick Restore Maker 4.exe
2018-07-22 15:22 - 2018-07-22 15:22 - 010015056 _____ (AVAST Software) C:\Users\Home\Desktop\avastclear.exe
2018-07-22 13:07 - 2018-07-22 13:07 - 000001583 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2018-07-21 23:46 - 2018-07-22 15:06 - 000000326 _____ C:\Users\Home\Desktop\Perms.txt
2018-07-21 23:42 - 2018-07-21 23:42 - 000000000 ____D C:\Users\Home\Downloads\GrantPerms
2018-07-21 23:31 - 2018-07-21 23:31 - 000453083 _____ C:\Users\Home\Downloads\GrantPerms.zip
2018-07-21 21:27 - 2018-07-21 21:27 - 000000950 _____ C:\Users\Home\Desktop\SFCFix.txt
2018-07-21 20:42 - 2018-07-21 13:00 - 008338432 _____ (Microsoft Corporation) C:\Users\Home\Desktop\spwizimg.dll
2018-07-21 20:42 - 2018-07-21 13:00 - 000260608 _____ (Microsoft Corporation) C:\Users\Home\Desktop\W32UIRes.dll
2018-07-21 20:33 - 2018-07-21 20:33 - 000001876 _____ C:\Users\Home\Desktop\SearchReg.txt
2018-07-21 14:50 - 2018-07-21 14:50 - 000231224 _____ C:\Users\Home\Downloads\UppDnnComFreeIndicators8.zip
2018-07-20 20:55 - 2018-07-20 20:55 - 028598984 _____ (SUPERAdBlocker.com and SUPERAntiSpyware.com) C:\Users\Home\Downloads
 
\SASDEFINITIONS.EXE
2018-07-20 18:15 - 2018-07-20 18:15 - 000000000 ____D C:\Windows\system32\Rtlihvs.dll
2018-07-20 17:50 - 2018-07-21 23:42 - 000000000 ____D C:\Users\Home\AppData\Roaming\vlc
2018-07-20 17:46 - 2018-07-20 17:46 - 000000906 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-07-20 17:46 - 2018-07-20 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-07-20 17:45 - 2018-07-20 17:45 - 000000000 ____D C:\Program Files\VideoLAN
2018-07-19 19:47 - 2018-07-21 21:27 - 000000000 ____D C:\SFCFix
2018-07-19 19:19 - 2018-07-21 21:27 - 000000000 ____D C:\Users\Home\AppData\Local\niemiro
2018-07-19 15:45 - 2018-07-19 15:45 - 000028699 _____ C:\Users\Home\Downloads\tprenko-edu.rar
2018-07-19 15:01 - 2018-07-22 17:39 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-07-18 22:20 - 2018-07-18 22:21 - 002884096 _____ (niemiro) C:\Users\Home\Desktop\SFCFix.exe
2018-07-18 21:01 - 2018-07-20 13:27 - 000000980 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-07-18 21:01 - 2018-07-18 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-07-18 21:01 - 2018-07-18 21:01 - 000000000 ____D C:\Program Files\Speccy
2018-07-18 19:06 - 2018-07-22 17:42 - 000002183 _____ C:\Users\Home\AppData\Local\restore.vbs
2018-07-18 19:00 - 2018-07-18 19:00 - 000000000 ____D C:\QRM
2018-07-18 18:52 - 2018-07-18 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-07-18 18:52 - 2018-07-18 18:52 - 000000000 ____D C:\Program Files\7-Zip
2018-07-18 18:46 - 2018-07-18 18:47 - 000000000 _____ C:\end
2018-07-18 16:47 - 2018-07-18 16:47 - 000002890 _____ C:\Windows\System32\Tasks\WinSysCleanUAC
2018-07-18 15:15 - 2018-07-18 15:15 - 000424384 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers
 
\RtsUer.sys
2018-07-18 15:04 - 2018-07-18 15:04 - 072520672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2018-07-18 15:04 - 2018-07-18 15:04 - 013687502 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2018-07-18 15:04 - 2018-07-18 15:04 - 007178432 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 007101704 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 006270160 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 006173640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2018-07-18 15:04 - 2018-07-18 15:04 - 005346960 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003677120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2018-07-18 15:04 - 2018-07-18 15:04 - 003632464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003452120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003417968 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003306776 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003214672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003198528 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003128768 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 002939728 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 002444648 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 002197944 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001971328 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001965120 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001787920 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001598352 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001544216 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001516232 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001448736 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOv251gm.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001435104 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001382192 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001372352 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001353280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001337608 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001328360 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001266352 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001259696 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001178240 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001164584 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOvlldpgm.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001159152 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001133560 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001027608 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000999008 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000994648 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000964992 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000873424 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000852104 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000751264 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000734736 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000715608 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000714432 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000692128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000604760 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows
 
\system32\tossaemaxapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000541072 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000511608 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000467120 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000453240 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000452696 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000448568 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000447144 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000416472 _____ (Harman) C:\Windows\system32\HMUI.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000406416 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000392840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000381368 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000378352 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000367576 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000366080 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000360312 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000341112 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000341112 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000332968 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000327240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000327232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000315944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000278240 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000266512 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000261200 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000261160 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000260176 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000231880 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000230664 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000220352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000218232 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000203808 _____ (Harman) C:\Windows\system32\HMHVS.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000192944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000179560 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000174904 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000158664 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000157312 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000154328 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000139720 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000122280 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000118552 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000116504 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000105272 _____ C:\Windows\system32\audioLibVc.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000093872 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000090880 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000090136 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000088288 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000083592 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000075496 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000023656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2018-07-17 20:35 - 2018-07-17 20:35 - 002050596 _____ C:\Users\Home\Downloads\System Tweaker - Portable.zip
2018-07-15 21:09 - 2018-07-15 21:10 - 038186512 _____ (Tweaking.com) C:\Users\Home\Downloads
 
\tweaking.com_windows_repair_aio_setup (2).exe
2018-07-14 19:20 - 2018-07-22 17:43 - 000000000 ____D C:\FRST
2018-07-14 18:38 - 2018-07-21 20:30 - 002412544 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe
2018-07-14 18:01 - 2018-07-14 18:19 - 000002155 _____ C:\Windows\epplauncher.mif
2018-07-14 17:53 - 2018-07-14 18:19 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security 
 
Essentials.lnk
2018-07-14 17:53 - 2018-07-14 18:19 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-07-14 17:53 - 2018-07-14 18:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2018-07-14 17:27 - 2018-07-14 17:27 - 000054141 _____ C:\Users\Home\Downloads\turningpoints-edu (1).rar
2018-07-14 14:34 - 2018-07-14 14:34 - 000000000 ____D C:\Users\Home\Downloads\turningpoints-edu
2018-07-13 18:43 - 2018-07-13 18:44 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators (1).zip
2018-07-13 18:29 - 2018-07-13 18:29 - 000072963 _____ C:\Users\Home\Downloads\TPRenko.zip
2018-07-13 17:06 - 2018-07-13 17:06 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7 (1).pdf
2018-07-13 17:06 - 2018-07-13 17:06 - 000041388 _____ C:\Users\Home\Downloads\CoachingRoomTestimonialsV2.pdf
2018-07-13 17:04 - 2018-07-13 17:04 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7.pdf
2018-07-11 20:07 - 2018-07-11 20:08 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators.zip
2018-07-11 17:20 - 2018-06-14 00:23 - 000140992 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-11 17:20 - 2018-06-14 00:18 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-11 17:20 - 2018-06-08 21:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-11 17:19 - 2018-06-21 08:58 - 000398376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-07-11 17:19 - 2018-06-21 08:00 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-07-11 17:19 - 2018-06-17 00:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:46 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 17:19 - 2018-06-17 00:36 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-07-11 17:19 - 2018-06-17 00:33 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-07-11 17:19 - 2018-06-17 00:23 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-07-11 17:19 - 2018-06-17 00:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:19 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-07-11 17:19 - 2018-06-17 00:19 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-07-11 17:19 - 2018-06-17 00:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 17:19 - 2018-06-17 00:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-07-11 17:19 - 2018-06-17 00:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-07-11 17:19 - 2018-06-17 00:02 - 000077824 _____ (Microsoft Corporation) C:\Windows
 
\system32\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-17 00:01 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-07-11 17:19 - 2018-06-16 23:57 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-07-11 17:19 - 2018-06-16 23:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-07-11 17:19 - 2018-06-16 23:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-07-11 17:19 - 2018-06-16 23:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-07-11 17:19 - 2018-06-16 23:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-07-11 17:19 - 2018-06-16 23:42 - 000060416 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-16 23:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:39 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-07-11 17:19 - 2018-06-16 23:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-07-11 17:19 - 2018-06-16 23:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-07-11 17:19 - 2018-06-16 23:34 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-07-11 17:19 - 2018-06-16 23:32 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-11 17:19 - 2018-06-16 23:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-07-11 17:19 - 2018-06-16 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:28 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-07-11 17:19 - 2018-06-16 23:16 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-07-11 17:19 - 2018-06-16 23:05 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-07-11 17:19 - 2018-06-14 00:20 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-11 17:19 - 2018-06-14 00:19 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-13 23:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-11 17:19 - 2018-06-13 23:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-07-11 17:19 - 2018-06-09 00:22 - 001665344 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:02 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-07-11 17:19 - 2018-06-09 00:02 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-07-11 17:19 - 2018-06-08 23:57 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:44 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 17:19 - 2018-06-08 23:44 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-07-11 17:19 - 2018-06-08 23:44 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 17:19 - 2018-06-08 23:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-07-11 17:19 - 2018-06-08 23:33 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-07-11 17:19 - 2018-06-08 23:33 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-07-11 17:19 - 2018-06-08 23:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-07-11 17:19 - 2018-06-08 23:27 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-07-11 17:19 - 2018-06-08 23:21 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-07-11 17:19 - 2018-06-08 23:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 00:19 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:49 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-11 17:19 - 2018-06-07 23:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-07-11 17:19 - 2018-06-01 00:28 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-07-11 17:19 - 2018-06-01 00:28 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-07-11 17:19 - 2018-05-15 11:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-07-11 17:19 - 2018-05-15 11:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-07-11 17:19 - 2018-05-15 11:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-07-11 17:19 - 2018-05-15 11:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-07-11 17:19 - 2018-05-12 10:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-07-11 17:19 - 2018-05-12 05:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-07-11 17:19 - 2018-05-12 05:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 00:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-07-11 17:19 - 2018-04-25 23:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-07-11 17:19 - 2018-04-23 07:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-07-11 17:19 - 2018-04-19 00:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-07-11 17:19 - 2018-04-19 00:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-07-11 17:19 - 2018-04-18 23:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
2018-07-11 17:19 - 2018-04-18 23:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2018-07-11 17:19 - 2018-04-12 00:38 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-07-11 17:19 - 2018-04-12 00:36 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-07-11 17:19 - 2018-04-11 00:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-07-11 17:19 - 2018-04-11 00:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-07-11 17:19 - 2018-04-10 23:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-07-11 17:19 - 2018-04-08 00:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-07-11 17:19 - 2018-03-15 01:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-07-11 17:19 - 2018-03-15 01:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-07-11 17:19 - 2018-03-15 00:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-07-11 17:19 - 2018-03-10 02:18 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-07-11 17:19 - 2018-03-10 01:31 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-07-11 17:19 - 2018-03-07 02:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-07-11 17:19 - 2018-03-07 02:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-07-11 17:19 - 2018-02-22 11:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-07-11 17:19 - 2018-02-22 11:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-07-11 17:19 - 2018-02-11 02:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-07-11 17:19 - 2018-02-11 02:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 02:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 01:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-11 01:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-03 02:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-07-11 17:19 - 2018-02-03 02:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-07-11 17:19 - 2018-02-03 01:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-07-11 17:19 - 2018-02-03 01:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-07-11 17:19 - 2018-01-13 00:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-13 00:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-12 00:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-07-11 17:19 - 2018-01-12 00:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-07-11 17:19 - 2018-01-01 10:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-07-11 17:19 - 2018-01-01 10:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-07-11 17:19 - 2018-01-01 10:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-07-11 17:19 - 2018-01-01 10:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-07-11 17:19 - 2018-01-01 10:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 09:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 09:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-07-11 17:19 - 2018-01-01 09:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-07-11 17:19 - 2018-01-01 09:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2018-07-11 17:19 - 2018-01-01 09:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 09:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-07-11 17:19 - 2018-01-01 09:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-07-11 17:19 - 2017-12-06 01:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 00:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2018-07-11 17:19 - 2017-12-05 23:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-07-11 17:18 - 2018-06-17 01:07 - 025743872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-07-11 17:18 - 2018-06-17 00:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-07-11 17:18 - 2018-06-17 00:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-07-11 17:18 - 2018-06-17 00:27 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-07-11 17:18 - 2018-06-17 00:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-07-11 17:18 - 2018-06-17 00:20 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-07-11 17:18 - 2018-06-17 00:08 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-07-11 17:18 - 2018-06-17 00:05 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-07-11 17:18 - 2018-06-16 23:58 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-07-11 17:18 - 2018-06-16 23:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-07-11 17:18 - 2018-06-16 23:46 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-11 17:18 - 2018-06-16 23:44 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-07-11 17:18 - 2018-06-16 23:40 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-07-11 17:18 - 2018-06-16 23:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-07-11 17:18 - 2018-06-13 23:40 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-07-11 17:18 - 2018-06-09 00:27 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-11 17:18 - 2018-06-09 00:27 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-11 17:18 - 2018-06-09 00:27 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-07-11 17:18 - 2018-06-09 00:23 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-07-11 17:18 - 2018-06-09 00:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-11 17:18 - 2018-06-08 23:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 23:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 00:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-07-11 17:18 - 2018-06-01 00:28 - 001893568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-07-11 17:18 - 2018-05-30 21:05 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-07-11 17:18 - 2018-05-15 12:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-07-11 17:18 - 2018-05-15 11:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-07-11 17:18 - 2018-05-15 11:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-07-11 17:18 - 2018-05-15 11:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-07-11 17:18 - 2018-05-15 11:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-07-11 17:18 - 2018-05-12 05:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-07-11 17:18 - 2018-05-02 23:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-07-11 17:18 - 2018-04-23 08:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-07-11 17:18 - 2018-04-12 00:38 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-07-11 17:18 - 2018-04-12 00:36 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-07-11 17:18 - 2018-04-11 00:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-07-11 17:18 - 2018-04-07 00:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-07-11 17:18 - 2018-04-07 00:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-07-11 17:18 - 2018-03-15 00:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-07-11 17:18 - 2018-03-11 01:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-07-11 17:18 - 2018-03-07 02:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-07-11 17:18 - 2018-03-07 02:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-07-11 17:18 - 2018-02-11 01:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-07-11 17:18 - 2018-02-11 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-07-11 17:18 - 2018-02-03 02:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-07-11 17:18 - 2018-01-01 10:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-07-11 17:18 - 2018-01-01 10:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 09:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-07-10 19:07 - 2018-07-10 19:07 - 000602112 _____ (OldTimer Tools) C:\Users\Home\Downloads\OTL.exe
2018-07-09 20:36 - 2018-07-09 20:36 - 000031816 _____ (Microsoft Corporation) C:\Users\Home\Downloads
 
\pciclearstalecache_fdc5fc21af7572c604f50e0e7f9f7a6c465835b4.exe
2018-07-09 17:53 - 2018-07-09 17:54 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-07-09 17:53 - 2018-07-09 17:53 - 000001205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task 
 
Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001178 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2018-07-09 17:42 - 2018-07-09 17:42 - 002997200 _____ C:\Users\Home\Downloads\SecurityTaskManager_Setup.exe
2018-07-08 00:43 - 2018-07-08 00:44 - 000000000 ____D C:\Reg Utilities
2018-07-05 00:52 - 2018-07-05 00:52 - 000012522 _____ C:\Users\Home\Downloads\Sim22_MacdbbGaplessNT7_1_1.zip
2018-07-05 00:46 - 2018-07-05 00:50 - 168722676 _____ C:\Users\Home\Downloads\6kr
2018-07-05 00:39 - 2018-07-05 00:40 - 008488264 _____ C:\Users\Home\Downloads\6ks
2018-07-04 17:38 - 2018-07-04 17:38 - 000000000 ____D C:\Users\Home\AppData\Local\NinjaTrader_LLC,_http___w
2018-07-04 17:17 - 2018-07-04 17:17 - 000000000 ____D C:\Users\Home\Documents\Epubor VitalSource Downloader
2018-07-04 17:09 - 2018-07-04 18:27 - 000002721 _____ C:\Users\Home\Desktop\EpuborVitalSourceDownloader.lnk
2018-07-04 17:09 - 2018-07-04 17:09 - 000002729 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
 
\EpuborVitalSourceDownloader.lnk
2018-07-04 17:07 - 2018-07-04 17:21 - 000000000 ____D C:\Users\Home\AppData\Roaming\EpuborVitalSourceDownloader
2018-07-04 17:02 - 2018-07-04 17:02 - 000000000 ____D C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr
2018-07-04 17:00 - 2018-07-04 17:00 - 000000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-07-04 14:06 - 2018-07-04 14:07 - 045503432 _____ C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000042727 _____ C:\Users\Home\Downloads\SHARKBAND2.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000005879 _____ C:\Users\Home\Downloads\Sharkband.zip
2018-07-04 01:12 - 2018-07-04 01:12 - 000014678 _____ C:\Users\Home\Downloads\fisherT.xml
2018-07-04 01:12 - 2018-07-04 01:12 - 000008071 _____ C:\Users\Home\Downloads\FisherT.cs
2018-07-04 01:12 - 2018-07-04 01:12 - 000004593 _____ C:\Users\Home\Downloads\TRIX_cory.zip
2018-07-04 01:09 - 2018-07-04 01:09 - 000017136 _____ C:\Users\Home\Downloads\_Lin_Reg_Color_Paint_v01.cs
2018-07-03 21:53 - 2018-07-03 21:53 - 000032071 _____ C:\Users\Home\Downloads\MASlopeBoxMulti.zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope (1).zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000001852 _____ C:\Users\Home\Downloads\TheAboxforRange.zip
2018-07-03 21:26 - 2018-07-03 21:26 - 000031306 _____ C:\Users\Home\Downloads\BasicTemplate Perry.xml
2018-07-03 21:26 - 2018-07-03 21:26 - 000021732 _____ C:\Users\Home\Downloads\AaMA_7_5.zip
2018-07-03 21:22 - 2018-07-03 21:22 - 000063825 _____ C:\Users\Home\Downloads\PERRY_AFFLICTION.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000062969 _____ C:\Users\Home\Downloads\PERRY_ZSHARK_3.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000004555 _____ C:\Users\Home\Downloads\DMPlus_v3aBC.zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003827 _____ C:\Users\Home\Downloads\DMPlus_v3a (1).zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1 (1).zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000068608 _____ C:\Users\Home\Downloads\Perry.dll
2018-07-03 21:20 - 2018-07-03 21:20 - 000010918 _____ C:\Users\Home\Downloads\Force_Index_v02FastBC.zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000004021 _____ C:\Users\Home\Downloads\Perry.cpp
2018-07-03 21:20 - 2018-07-03 21:20 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1.zip
2018-07-03 21:17 - 2018-07-03 21:17 - 000002259 _____ C:\Users\Home\Downloads\PriceLineWH.zip
2018-07-03 21:13 - 2018-07-03 21:13 - 000013617 _____ C:\Users\Home\Downloads\ForceIndex.zip
2018-07-03 21:12 - 2018-07-03 21:12 - 000022004 _____ C:\Users\Home\Downloads\DMPlusSignals_v8_nt7.zip
2018-07-03 21:08 - 2018-07-03 21:08 - 002498706 _____ C:\Users\Home\Downloads\vipul gold 4 range.bmp
2018-07-03 21:06 - 2018-07-03 21:06 - 000021045 _____ C:\Users\Home\Downloads\DMPlusSignals_nt7.zip
2018-07-03 21:06 - 2018-07-03 21:06 - 000019756 _____ C:\Users\Home\Downloads\DM3PlusSignals_nt65.zip
2018-07-03 21:02 - 2018-07-03 21:02 - 000005180 _____ C:\Users\Home\Downloads\DonchianRectangle.zip
2018-07-03 20:55 - 2018-07-03 20:55 - 000029362 _____ C:\Users\Home\Downloads\jhlPerryM1v1.zip
2018-07-03 20:51 - 2018-07-03 20:51 - 000003673 _____ C:\Users\Home\Downloads\DMplus_v3a.zip
2018-07-03 20:50 - 2018-07-03 20:50 - 000036945 _____ C:\Users\Home\Downloads\Perry-04.xml
2018-07-03 20:50 - 2018-07-03 20:50 - 000003020 _____ C:\Users\Home\Downloads\jtrangmaker_nj6_5.zip
2018-07-03 20:48 - 2018-07-03 20:48 - 000007813 _____ C:\Users\Home\Downloads\ECO2PAINTBARSONLY.zip
2018-07-03 20:46 - 2018-07-03 20:46 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3 (1).zip
2018-07-03 20:44 - 2018-07-03 20:44 - 000009645 _____ C:\Users\Home\Downloads\Force_Index_v02.zip
2018-07-03 20:43 - 2018-07-03 20:43 - 000036657 _____ C:\Users\Home\Downloads\Perry-01.xml
2018-07-03 20:43 - 2018-07-03 20:43 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope.zip
2018-07-03 20:40 - 2018-07-03 20:40 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3.zip
2018-07-03 20:38 - 2018-07-03 20:38 - 000034256 _____ C:\Users\Home\Downloads\Perry-02v2.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030586 _____ C:\Users\Home\Downloads\Perry-02.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1 (1).xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000002872 _____ C:\Users\Home\Downloads\DMplus_v2.zip
2018-07-02 17:46 - 2018-07-02 17:46 - 000001531 _____ C:\Users\Home\Downloads\VolumeRiseFallNT8.zip
2018-07-01 19:29 - 2018-07-01 19:29 - 002716964 _____ C:\Users\Home\Downloads\DAMsetup.exe
2018-07-01 15:57 - 2018-07-01 15:57 - 000000207 _____ C:\Windows\tweaking.com-regbackup-HOME-PC-Windows-7-Professional-(64-
 
bit).dat
2018-07-01 15:57 - 2018-07-01 15:57 - 000000000 ____D C:\RegBackup
2018-07-01 15:47 - 2018-07-01 15:48 - 000000000 ____D C:\Tweaking
2018-07-01 14:30 - 2018-07-01 14:30 - 000002079 _____ C:\Users\Home\Downloads\PriceLineWH-NT8.zip
2018-07-01 14:25 - 2018-07-01 14:25 - 000009848 _____ C:\Users\Home\Downloads\ama_Current_Day_VWAP_v20.zip
2018-07-01 14:19 - 2018-07-01 14:19 - 000049438 _____ C:\Users\Home\Downloads\Download (1).rar
2018-07-01 14:15 - 2018-07-01 14:15 - 000124767 _____ C:\Users\Home\Downloads\Traderretail.rar
2018-07-01 13:53 - 2018-07-01 13:53 - 000091075 _____ C:\Users\Home\Downloads\ama_Super_Trend_U11_v21.zip
2018-07-01 01:00 - 2018-07-01 01:00 - 000009390 _____ C:\Users\Home\Downloads\IndoDemoStrategy.cs
2018-06-29 18:23 - 2018-06-29 18:23 - 000001003 _____ C:\Users\Public\Desktop\Filedrop.lnk
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Users\Home\AppData\Roaming\com.filedropme.FiledropDesktop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filedrop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Program Files (x86)\Filedrop
2018-06-29 17:39 - 2018-06-29 17:40 - 019130837 _____ (Filedrop ) C:\Users\Home\Downloads\Filedrop.exe
2018-06-29 17:22 - 2018-06-29 17:22 - 000006039 _____ C:\Users\Home\Downloads\April2018SCNT7.zip
2018-06-29 17:22 - 2018-06-29 17:22 - 000004819 _____ C:\Users\Home\Downloads\April2018SCNT8.zip
2018-06-29 17:20 - 2018-06-29 17:20 - 000007242 _____ C:\Users\Home\Downloads\July2012SC.zip
2018-06-28 21:41 - 2018-06-28 21:41 - 025942048 _____ (Samsung Electronics Co., Ltd.) C:\Users\Home\Downloads
 
\SAMSUNG_USB_Driver_for_Mobile_Phones_1.5.63.0.exe
2018-06-28 18:01 - 2018-06-28 18:01 - 000036760 _____ C:\Users\Home\Downloads\DS.rar
2018-06-28 18:00 - 2018-06-28 18:00 - 000022576 _____ C:\Users\Home\Downloads\DeltaScalper2.cs
2018-06-28 13:25 - 2018-06-28 13:25 - 000395709 _____ C:\Users\Home\Downloads\iScalper - Incubator ( iscalper - iRenko - 
 
iBands - iBars ).zip
2018-06-26 19:09 - 2018-06-26 19:09 - 000013664 _____ C:\Users\Home\Downloads\CciBBLinesV4.zip
2018-06-26 19:03 - 2018-07-01 13:57 - 001884785 _____ C:\Users\Home\Downloads\6k7
2018-06-26 18:57 - 2018-06-26 18:57 - 043540480 _____ C:\Users\Home\Downloads\NinjaTrader.Install.msi
2018-06-26 18:28 - 2018-06-26 18:28 - 000437107 _____ C:\Users\Home\Downloads\BrainTrading71.0.zip
2018-06-26 14:52 - 2018-06-26 14:52 - 000000000 ____D C:\Users\Home\AppData\Local\MTPredictor
2018-06-26 12:07 - 2018-06-26 12:07 - 002554515 _____ C:\Users\Home\Downloads\2017_IC3Report.pdf
2018-06-25 20:59 - 2018-06-25 20:59 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2018-06-25 16:47 - 2018-06-25 16:47 - 000181061 _____ C:\Users\Home\Downloads\RLMovingAverageColored.zip
2018-06-25 16:47 - 2018-06-25 16:47 - 000027785 _____ C:\Users\Home\Downloads\RLTMovingAverageColored.zip
2018-06-24 13:38 - 2018-06-24 13:38 - 538859006 _____ C:\Users\Home\Downloads\Trading MarketProfile (1).zip
2018-06-23 19:47 - 2018-06-23 19:48 - 021342732 _____ C:\Users\Home\Downloads\DayTrading_with_Price_Action_-
 
_Course___NinjaTrader_7_Indicators_2.rar
2018-06-22 13:18 - 2018-06-22 13:18 - 000003076 _____ C:\Users\Home\Downloads\Fractal_MikeV2_1.zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-22 17:46 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-
 
A289-439d-8115-601632D005A0
2018-07-22 17:46 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-
 
A289-439d-8115-601632D005A0
2018-07-22 17:37 - 2009-07-14 13:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-22 16:26 - 2016-12-27 20:13 - 000000000 ____D C:\Temp
2018-07-22 16:00 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\inf
2018-07-22 13:34 - 2017-01-20 15:07 - 000000223 _____ C:\Windows\SysWOW64\_WKERNEL.SYL
2018-07-22 00:32 - 2016-11-29 16:12 - 000000000 ____D C:\Users\Home\AppData\LocalLow\Mozilla
2018-07-21 23:44 - 2013-05-02 07:56 - 000459114 _____ C:\Users\Home\Desktop\GrantPerms.exe
2018-07-21 20:25 - 2018-06-11 17:15 - 000000000 ____D C:\Security
2018-07-21 13:00 - 2009-07-14 07:29 - 008338432 _____ (Microsoft Corporation) C:\Windows\system32\spwizimg.dll
2018-07-19 15:00 - 2018-06-10 12:10 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-07-18 21:01 - 2016-04-01 22:13 - 000000000 ____D C:\ProgramData\Unchecky
2018-07-18 16:13 - 2016-06-05 18:03 - 000000000 ____D C:\ProgramData\ProductData
2018-07-18 15:48 - 2017-06-20 16:24 - 000001195 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-07-18 15:18 - 2017-09-07 18:23 - 000111048 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2018-07-18 15:18 - 2017-09-07 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-07-18 15:17 - 2017-09-07 18:22 - 000000000 ____D C:\Program Files\Java
2018-07-18 15:06 - 2018-01-20 14:06 - 000000000 ____D C:\Windows\system32\DAX3
2018-07-18 15:06 - 2018-01-20 14:06 - 000000000 ____D C:\Windows\system32\DAX2
2018-07-18 15:05 - 2018-01-22 15:26 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-07-17 17:52 - 2016-12-29 22:19 - 000000000 ____D C:\Users\Home\AppData\Roaming\SharkIndicators
2018-07-17 17:39 - 2017-03-15 00:32 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2018-07-17 06:02 - 2016-01-11 22:28 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-07-16 21:31 - 2018-06-21 18:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-07-16 21:31 - 2018-06-21 18:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-16 18:46 - 2017-12-11 15:02 - 006074156 _____ C:\Windows\ntbtlog.txt
2018-07-16 18:16 - 2017-12-23 20:39 - 000000000 ____D C:\Windows\System32\Tasks\MEGA
2018-07-16 18:15 - 2016-06-02 13:39 - 191336811 _____ C:\Windows\system32\Drivers\whitelist2.sa
2018-07-16 17:36 - 2018-06-21 18:02 - 000001107 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-07-16 17:23 - 2009-07-14 12:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media 
 
Player.lnk
2018-07-15 13:41 - 2018-03-13 18:50 - 000004460 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-15 13:41 - 2017-06-22 18:30 - 000003310 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2018-07-15 13:41 - 2017-06-19 21:36 - 000002980 _____ C:\Windows\System32\Tasks\{CEBE9F60-2E2E-4BF0-AEAE-325E6ADDDF40}
2018-07-15 13:41 - 2017-06-19 21:36 - 000002980 _____ C:\Windows\System32\Tasks\{C8711FB9-019D-4C47-838B-F12CC1688B8F}
2018-07-15 13:41 - 2016-01-12 04:30 - 000004314 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-07-15 13:41 - 2016-01-12 04:24 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-15 13:41 - 2016-01-12 00:08 - 000003334 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-15 13:41 - 2016-01-12 00:08 - 000003206 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-14 18:36 - 2009-07-14 13:13 - 000917584 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-14 17:23 - 2016-01-12 02:54 - 000909706 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-07-13 17:28 - 2016-01-12 04:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 
 
DC.lnk
2018-07-13 16:59 - 2016-11-23 13:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-07-12 10:41 - 2016-03-12 18:31 - 000409520 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-12 10:36 - 2016-01-11 22:58 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-12 10:35 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-07-12 03:12 - 2016-01-11 22:50 - 000000000 ____D C:\Windows\system32\MRT
2018-07-12 03:03 - 2016-01-11 22:50 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-07-11 22:22 - 2016-03-31 22:15 - 000000000 ____D C:\Users\Home\AppData\Roaming\.oit
2018-07-11 00:50 - 2016-01-12 04:30 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-11 00:50 - 2016-01-12 04:30 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-09 14:02 - 2016-11-05 03:28 - 000000000 ____D C:\Users\Public\Documents\PT Photo Editor
2018-07-07 15:30 - 2016-03-14 00:28 - 000000000 ____D C:\XP
2018-07-06 23:51 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\system32\NDF
2018-07-05 22:09 - 2016-04-18 16:51 - 000000000 ____D C:\Newnew4
2018-07-05 17:35 - 2016-04-20 15:06 - 000000000 ____D C:\Movies
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\TypeData445.lt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\RemoteReach2.dta
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\mockdata.db
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\funnel2db.arc
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\ffile2_.dat
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\dat6_.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\type2.fnt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\productcode.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\kernalcode.gtd
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Windows\system32\tdt.dds
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Users\Home\AppData\Local\dat51_.dat
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\ProgramData\takesys.dat
2018-07-04 16:59 - 2016-01-12 04:23 - 000000000 ____D C:\Users\Home\AppData\Local\Adobe
2018-07-04 16:55 - 2017-09-23 18:21 - 000000000 ____D C:\Users\Home\Documents\NinjaTrader 7
2018-07-01 19:01 - 2016-03-09 01:51 - 000109208 _____ C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-30 19:31 - 2017-07-19 23:50 - 000000000 ____D C:\Program Files (x86)\Wise
2018-06-28 20:43 - 2016-03-31 21:39 - 000000000 ____D C:\Users\Home\Documents\My Digital Editions
2018-06-27 03:53 - 2016-01-12 00:09 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-27 03:53 - 2016-01-12 00:09 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-23 22:01 - 2018-06-11 19:02 - 000000000 ____D C:\New Futures.io downloads
2018-06-22 13:53 - 2018-06-10 12:15 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
 
==================== Files in the root of some directories =======
 
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\ProgramData\enginesys.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\ProgramData\takesys.dat
2017-02-03 21:18 - 2017-02-16 19:21 - 000001728 _____ () C:\Users\Home\AppData\Roaming\.starmoon_kst.cfg
2016-12-16 19:35 - 2017-10-04 15:34 - 000000126 _____ () C:\Users\Home\AppData\Roaming\default.rss
2017-07-04 20:59 - 2017-07-04 21:00 - 000000010 _____ () C:\Users\Home\AppData\Roaming\pdfdrawcodec.dll
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\Users\Home\AppData\Local\dat48_.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\Users\Home\AppData\Local\dat51_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\dat6_.xml
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\ffile2_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\funnel2db.arc
2018-07-18 19:06 - 2018-07-22 17:42 - 000002183 _____ () C:\Users\Home\AppData\Local\restore.vbs
2008-02-05 13:28 - 2008-02-05 13:28 - 000000051 _____ () C:\Users\Home\AppData\Local\setup.txt
2017-12-08 19:08 - 2017-12-30 21:05 - 000005780 _____ () C:\Users\Home\AppData\Local\supFix.dtt
 
Some zero byte size files/folders:
==========================
C:\Windows\System32\Rtlihvs.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-01-08 04:09
 
==================== End of FRST.txt ============================
 
 
and here is Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.07.2018
Ran by Home (22-07-2018 17:48:24)
Running from C:\Users\Home\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-10 06:16:41)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2713607381-13602913-39778406-500 - Administrator - Disabled)
Guest (S-1-5-21-2713607381-13602913-39778406-501 - Limited - Disabled)
Home (S-1-5-21-2713607381-13602913-39778406-1000 - Administrator - Enabled) => C:\Users\Home
HomeGroupUser$ (S-1-5-21-2713607381-13602913-39778406-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be 
 
uninstalled manually.)
 
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems 
 
Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.7 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden
BurnAware Premium 11.0 GAOTD (HKLM-x32\...\BurnAware Premium_is1) (Version:  - Burnaware)
calibre 64bit (HKLM\...\{0224350E-9A3E-4932-8FC8-5D0590F1AF8A}) (Version: 2.55.0 - Kovid Goyal)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
DocX Reader 2.0 (HKLM-x32\...\DocX Reader 2.0) (Version:  - )
DolbyFiles (HKLM-x32\...\{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}) (Version: 0.1 - Nero AG) Hidden
Download Accelerator Manager (HKLM-x32\...\Download Accelerator Manager) (Version: 5.2.5 - )
Duplicate Photo Finder Plus 7.0 (HKLM-x32\...\Duplicate Photo Finder Plus_is1) (Version:  - TriSun Software Limited)
EditPad Lite 7.4.1 (HKLM\...\EditPad Lite) (Version: 7.4.1 - Just Great Software)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.8.1129 - Epubor Inc.)
EpuborVitalSourceDownloader 1.0.6 (only current user) (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\0d87c151-55a2-503a-
 
ba5c-83eaa9103f25) (Version: 1.0.6 - epubor)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron 
 
Technology)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fibozachi Elite Trader Package (www.forex-warez.com) version 7.31 (HKLM-x32\...\Fibozachi Elite Trader Package (www.forex-
 
warez.com)_is1) (Version: 7.31 - [email protected])
Filedrop version 1.1.5 (HKLM-x32\...\{3A309583-1B4A-4C90-85EA-124EB8DB331A}_is1) (Version: 1.1.5 - Filedrop)
Forex EA Generator 6.x (HKLM-x32\...\Forex EA Generator 6.x_is1) (Version:  - )
FXDD - MetaTrader (HKLM-x32\...\FXDD - MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
GoldenZone BarCloseMarker (HKLM-x32\...\{7B8F38FE-8CDF-4B26-A119-5388CAFEE98E}) (Version: 36.9.260.16 - GoldenZone Trading)
GoldenZone FullRangeBar (HKLM-x32\...\{3CE11A64-02C5-4B95-B0C0-C0CF94A82883}) (Version: 36.6.260.16 - GoldenZone Trading)
GoldenZone Leaders and Laggers (HKLM-x32\...\{40C302EF-A5A4-4EC3-A513-A0E2D441E93D}) (Version: 36.5.50.16 - GoldenZone 
 
Trading)
GoldenZone RolloversGuide (HKLM-x32\...\{991F9121-83AE-4309-8E54-95924F756A03}) (Version: 36.6.260.16 - GoldenZone Trading)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
IDTA Indicators (HKLM-x32\...\IDTA Indicators 2.1.4) (Version: 2.1.4 - The International Day Trading Academy)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Inpaint 7.1 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version:  - Teorex)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel 
 
Corporation)
Intel® Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel 
 
Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 172 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Lucky Days 2.3 (HKLM-x32\...\{3EAC2150-F274-4568-A03C-F52E549589EB}_is1) (Version:  - www.luckydays.tv)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft 
 
Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-
 
48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - 
 
Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - 
 
Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 
 
9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 
 
9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 
 
9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 
 
9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 
 
10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 
 
10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 
 
11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 
 
12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 
 
12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 
 
12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 
 
12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 
 
14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 
 
14.13.26020.0 - Microsoft Corporation)
MicroTrends DoubleShot Foundation 7.2018.03.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{EFDE0166-797F-
 
4CDF-82C2-4F5CAA827B28}) (Version: 7.2018.03.20 - MicroTrends)
MicroTrends NinjaTrader Framework 7 7.0.1.68 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{6B84A934-9323-4998-
 
B4AC-22D2B0905215}) (Version: 7.0.1.68 - MicroTrends)
MicroTrends Ultimate 7 Pro ATS 7.2018.3.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{E20EB602-68D1-4EA6-
 
860A-48535E867650}) (Version: 7.2018.3.20 - MicroTrends)
Mozilla Firefox 61.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.1 (x64 en-US)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 en-US)) (Version: 52.9.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiView Inpaint 1.2 (HKLM\...\{8188F7D9-812D-417D-B502-BE0D34ABFD81}_is1) (Version:  - Teorex)
Nero 9 Essentials (HKLM-x32\...\{61e0bd34-02fb-46f2-97c9-5813e346768c}) (Version:  - Nero AG)
NinjaTrader 8 (HKLM-x32\...\{2DAF98A0-9C96-4362-8AEB-5C548C01351E}) (Version: 8.0.13.1 - NinjaTrader, LLC)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
pCloud Drive (HKLM-x32\...\{5824F8F8-E59E-42CB-98FA-B1F329A58BB9}) (Version: 3.5.7 - pCloud AG) Hidden
PDFdu PDF Password Remover version 2.3 (HKLM-x32\...\{4412D3E1-E5ED-4EEA-B631-427FB9F31F48}_is1) (Version: 2.3 - PDFdu.com)
PhotoScissors 4.0 (HKLM\...\{664FCCAE-8187-4EC5-B191-758C040C999C}_is1) (Version:  - teorex)
PT Photo Editor - Pro Edition 3.7 (HKLM\...\{5C65692A-A64B-4B54-8E1E-429A56979DB0}_is1) (Version: 3.7 - PHOTO-TOOLBOX.COM)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8382 - Realtek 
 
Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - 
 
Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) 
 
(Version: 2.0.20.0 - Renesas Electronics Corporation)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Security Task Manager 2.1k (HKLM-x32\...\Security Task Manager) (Version: 2.1k - Neuber Software)
Sketch Drawer 4.2 (HKLM-x32\...\Sketch Drawer_is1) (Version: 4.2 - SoftOrbits)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
StartEd Lite (HKLM-x32\...\StartEd Lite) (Version: 5.60 - Outertech)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TOM Products version 3.7.0.1 (HKLM-x32\...\{BDD96956-F4E4-4498-B82A-C9E143C3ACA3}_is1) (Version: 3.7.0.1 - TheOilMoney)
TopDogTrading Indicators (HKLM-x32\...\{7A8B0366-82AB-4711-A99C-66E32B62CBAF}) (Version: 1.00.0000 - TopDogTrading)
Trading123AutoTraderV5j (HKLM-x32\...\{2BBB7785-61E5-4FD1-807E-9046FEC6AA63}) (Version: 1.0.5.10 - Trading123.Net)
UltraSearch V2.1.2 (64 bit) (HKLM\...\UltraSearch_is1) (Version: 2.1.2 - JAM Software)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-
 
5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Video to GIF 5.3 (HKLM-x32\...\Video to GIF) (Version: 5.3 - AoaoPhoto Digital Studio.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinPDFEditor V3.4 (HKLM-x32\...\WinPDFEditor_is1) (Version:  - hxxp://www.WinPDFEditor.com)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinUtilities Professional Edition 13.23 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043009}_is1) (Version: 13.23 - YL 
 
Computing, Inc)
WowTron PDF Restriction Remover (HKLM-x32\...\{7D68F994-CCD6-4C09-8127-E3E1A0333DA0}) (Version: 1.1.1 - WowTron Software Co. 
 
Ltd.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
CustomCLSID: HKU\S-1-5-21-2713607381-13602913-39778406-1000_Classes\CLSID\{F09690BD-582D-4439-B6ED-
 
5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    pCloudINPROGRESS] -> {D8BFAFBD-B670-4252-9C17-9CF1C64C2BAF} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudINSYNC] -> {8D0C0582-552A-4A6B-9455-DA63E1F329C0} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudNOSYNC] -> {3858ED1B-8F1C-42ED-A8A9-FDBF591E3C6B} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor 
 
Pavlov)
ContextMenuHandlers1: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll 
 
[2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 
 
9\Nero CoverDesigner\CoverEdExtension.dll [2009-10-15] (Nero AG)
ContextMenuHandlers1-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll 
 
[2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll 
 
[2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware
 
\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor 
 
Pavlov)
ContextMenuHandlers4: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll 
 
[2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-10-08] 
 
(Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor 
 
Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware
 
\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-
 
08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll 
 
[2017-08-11] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
Task: {0A39D710-ED40-41DA-AE01-9A7EDD149DD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google
 
\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {1C906D8C-89DC-4569-BD1C-52E30CFB919E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google
 
\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {2173E21E-250B-48AB-B6F5-820BA6FD3874} - System32\Tasks\WinSysCleanUAC => C:\Program Files\WinSysClean X7 PRO
 
\WinSysClean.exe
Task: {2797DECE-4DB4-4663-85F6-38093DB6480A} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 
 
5\Initialize.exe
Task: {3D92964E-8641-4995-AC35-96D4FD794603} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common 
 
Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {47D73C60-CEDF-4B90-9045-677505996CC4} - \Driver Booster SkipUAC (Home) -> No File <==== ATTENTION
Task: {6B5CE91C-079C-4CD4-BFE1-468927BD81C2} - System32\Tasks\{C8711FB9-019D-4C47-838B-F12CC1688B8F} => C:\Program Files 
 
(x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {7103F99F-699A-42C5-8188-E47018742A8E} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled 
 
Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {ADF1FDAD-D7F8-461D-8B32-9B7EE15C03C7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows
 
\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe
Task: {B37ACB3C-BA1A-4627-9F9F-3DEA763FA5AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed
 
\Flash\FlashPlayerUpdateService.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {DF3CF865-DE27-4745-8431-3BA9296F7686} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files
 
\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {EE7A4FEB-9E17-4400-B1FA-E1F313272337} - System32\Tasks\{CEBE9F60-2E2E-4BF0-AEAE-325E6ADDDF40} => C:\Program Files 
 
(x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {F03B2B28-03E5-418A-9206-93E4B862CB69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows
 
\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-10] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be 
 
moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash
 
\FlashUtil32_30_0_0_113_pepper.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MicroTrends 
 
Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Blog.lnk 
 
-> hxxp://blog.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Forum.lnk 
 
-> hxxp://forum.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Help 
 
Desk.lnk -> hxxp://microtrends.zendesk.com
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Squawk 
 
Box.lnk -> hxxp://downloads.microtrends.co/squawkbox/install.ht
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MicroTrends 
 
Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MT Help 
 
Desk.lnk -> hxxp://microtrends.zendesk.com
 
ShortcutWithArgument: C:\Users\Home\Desktop\Online File Converter.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-
 
Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3G2.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-3G2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3GP.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-3GP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 7z.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-7Z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AAC.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AC3.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AC3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AIFF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AVI.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AVI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AZW3.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AZW3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to BMP.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-BMP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPS.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-EPS
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPUB.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ePub
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Excel.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Xls
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FB2.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FB2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLAC.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FLAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Flash.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Flash
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FLV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to GIF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-GIF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Html.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-HTML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to iPhone.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-iPhone
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to JPG.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-JPG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to LRF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-LRF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to M4A.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M4A
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MKV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MKV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MOBI.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MOBI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Mov.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MOV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP2.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP3.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP4.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP4
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ODF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OGG.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-OGG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OpenOffice.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-ODT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDB.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PDB
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PDF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PhotoShop.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-PSD
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PNG.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PNG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PowerPoint.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-PPT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to RM.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-RM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Rtf.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.bz2.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Tar-bz2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.gz.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Tar-gz
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.z.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Tar-z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TCR.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TCR
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TIFF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Txt.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TXT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W1V.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M1V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W2V.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M2V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WAV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WAV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WebM.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WebM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMA.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WMA
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WMV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Word.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Doc
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xbox 360.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Xbox360
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xml.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-XML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to YouTube.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-YouTube
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ZIP.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ZIP
ShortcutWithArgument: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Online File Converter.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-06-10 12:10 - 2018-07-19 15:00 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-12-29 14:42 - 2015-10-08 19:47 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-07-12 10:53 - 2018-07-12 10:53 - 000169984 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop
 
\db655ae9e4ab7d7e5204db26e314ea39\IsdiInterop.ni.dll
2016-01-10 14:30 - 2010-11-05 23:50 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology
 
\IsdiInterop.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sascansvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2018-07-22 17:38 - 000001314 _____ C:\Windows\system32\Drivers\etc\hosts
 
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft
 
\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 64.145.73.5 - 209.107.219.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 
 
3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E0F10DD9-5871-40A5-8C94-CBBBA5118DA0}] => (Allow) LPort=80
FirewallRules: [TCP Query User{26303190-3DA5-4505-82FE-FA4C8E64E6DB}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [UDP Query User{0835F49C-2F7A-4578-8AF1-4C2FC1C6F50A}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [{979902AF-DFE2-49CB-B3D3-22E0138C3E3C}] => (Allow) C:\Program Files (x86)\pCloud Drive\pCloud.exe
FirewallRules: [TCP Query User{3A0A0771-7500-48C2-B773-5D3D6ECC8544}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{6CC3C934-9C22-4507-859C-9D9B09B201A1}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{66781602-1EEF-4160-A7F9-28A5422FDD62}C:\program files (x86)\ninjatrader 
 
8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{C2756435-D0AE-467C-9907-834F2AAE75B6}C:\program files (x86)\ninjatrader 
 
8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{8C300CD9-195C-4FB7-BA39-B2981DBAC6F4}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [UDP Query User{240E47F2-B98E-4409-9433-A2753201F861}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [{BB25DF2E-E071-4E74-89FE-EFF71BB46E05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FCF3E1A5-3B13-4082-ABF3-2CE340C9F017}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{76EEFDB5-90CB-494D-B277-1D699744AF9C}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{D3F505DC-CF8C-462A-8AB8-6D2E062CF20C}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [{5C618650-B412-47C0-84A2-FC32B61999E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{88049983-F4CE-4EB1-BBD2-4F0BAF0A9FA7}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) 
 
C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [UDP Query User{F82D738E-1254-4EEE-97EF-E09D70001824}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) 
 
C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [TCP Query User{11A84D1D-09E8-45A8-A01E-C075142339B3}C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
FirewallRules: [UDP Query User{A2C5E8EF-6E22-4E1F-9FD0-7B8A5988EEA8}C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
 
==================== Restore Points =========================
 
20-07-2018 14:35:32 Revo Uninstaller's restore point - GOM Player
20-07-2018 15:26:44 QRM Restore Point
20-07-2018 18:11:03 QRM Restore Point
20-07-2018 18:15:47 Restore Point Created by FRST
20-07-2018 22:07:22 QRM Restore Point
21-07-2018 07:42:32 Windows Update
21-07-2018 12:54:51 Revo Uninstaller's restore point - TAP-Windows 9.9.2
21-07-2018 18:00:03 QRM Restore Point
21-07-2018 20:24:12 Revo Uninstaller's restore point - SUPERAntiSpyware
22-07-2018 17:42:22 QRM Restore Point
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/21/2018 06:02:42 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: System.IO.FileNotFoundException: Could not find file 'C:\Users\Home\Desktop\spwizimg.dll'.
File name: 'C:\Users\Home\Desktop\spwizimg.dll'
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.File.GetAttributes(String path)
   at ContextMenuHandler.ContextMenuExtension.CreateMenu()
   at System.Lazy`1.CreateValue()
   at System.Lazy`1.LazyInitValue()
   at SharpShell.SharpContextMenu.SharpContextMenu.SharpShell.Interop.IContextMenu.QueryContextMenu(IntPtr hMenu, UInt32 
 
indexMenu, Int32 idCmdFirst, Int32 idCmdLast, CMF uFlags)
 
Error: (07/21/2018 06:02:42 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: ContextMenuExtension: An exception occured building the context menu.
 
Error: (07/21/2018 06:02:17 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: System.IO.FileNotFoundException: Could not find file 'C:\Users\Home\Desktop\spwizimg.dll'.
File name: 'C:\Users\Home\Desktop\spwizimg.dll'
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.File.GetAttributes(String path)
   at ContextMenuHandler.ContextMenuExtension.CreateMenu()
   at System.Lazy`1.CreateValue()
   at System.Lazy`1.LazyInitValue()
   at SharpShell.SharpContextMenu.SharpContextMenu.SharpShell.Interop.IContextMenu.QueryContextMenu(IntPtr hMenu, UInt32 
 
indexMenu, Int32 idCmdFirst, Int32 idCmdLast, CMF uFlags)
 
Error: (07/21/2018 06:02:17 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: ContextMenuExtension: An exception occured building the context menu.
 
Error: (07/21/2018 06:01:50 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: System.IO.FileNotFoundException: Could not find file 'C:\Users\Home\Desktop\W32UIRes.dll'.
File name: 'C:\Users\Home\Desktop\W32UIRes.dll'
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.File.GetAttributes(String path)
   at ContextMenuHandler.ContextMenuExtension.CreateMenu()
   at System.Lazy`1.CreateValue()
   at System.Lazy`1.LazyInitValue()
   at SharpShell.SharpContextMenu.SharpContextMenu.SharpShell.Interop.IContextMenu.QueryContextMenu(IntPtr hMenu, UInt32 
 
indexMenu, Int32 idCmdFirst, Int32 idCmdLast, CMF uFlags)
 
Error: (07/21/2018 06:01:50 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: ContextMenuExtension: An exception occured building the context menu.
 
Error: (07/21/2018 06:01:40 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: System.IO.FileNotFoundException: Could not find file 'C:\Users\Home\Desktop\spwizimg.dll'.
File name: 'C:\Users\Home\Desktop\spwizimg.dll'
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.File.GetAttributes(String path)
   at ContextMenuHandler.ContextMenuExtension.CreateMenu()
   at System.Lazy`1.CreateValue()
   at System.Lazy`1.LazyInitValue()
   at SharpShell.SharpContextMenu.SharpContextMenu.SharpShell.Interop.IContextMenu.QueryContextMenu(IntPtr hMenu, UInt32 
 
indexMenu, Int32 idCmdFirst, Int32 idCmdLast, CMF uFlags)
 
Error: (07/21/2018 06:01:40 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: ContextMenuExtension: An exception occured building the context menu.
 
 
System errors:
=============
Error: (07/22/2018 05:37:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 5
 
Error: (07/22/2018 04:19:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 5
 
Error: (07/22/2018 04:17:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 21
 
Error: (07/22/2018 04:16:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
discache
HWiNFO32
MpFilter
spldr
Wanarpv6
 
Error: (07/22/2018 04:16:42 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.
 
Feature: On Access
 
Error Code: 0x8007043c
 
Error description: This service cannot be started in Safe Mode 
 
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the 
 
service may resolve the problem.
 
Error: (07/22/2018 12:59:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 5
 
Error: (07/22/2018 12:19:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 5
 
Error: (07/22/2018 12:18:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 39%
Total physical RAM: 4012.97 MB
Available physical RAM: 2408.75 MB
Total Virtual: 8024.11 MB
Available Virtual: 6397.74 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:220.7 GB) (Free:12.73 GB) NTFS
Drive d: () (Fixed) (Total:244.96 GB) (Free:32.26 GB) NTFS
Drive e: () (CDROM) (Total:4.38 GB) (Free:0.01 GB) UDF
 
\\?\Volume{192deb17-b7e7-11e5-8856-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AACEA11C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=245 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220.7 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
Thank you RKinner. Hope you are having a not too stressful weekend.

  • 0

#22
RKinner
Posted 22 July 2018 - 09:57 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Interesting.  We seems to have gotten rid of the two drivers.  Guess the Avast removal tool took care of it.

018-07-20 18:15 - 2018-07-20 18:15 - 000000000 ____D C:\Windows\system32\Rtlihvs.dll

 

 

It appears that the problem with Rtlihvs.dll is that there is a directory of the same name where the file should go. Apparently it misunderstood what I wanted when I moved the file and it made a folder of the same name.  Open an elevated Command Prompt

 

Type (with an Enter after each line):

Prompt should say:  C:\Windows\System32>  If not do:

cd  \windows\system32

Once you have the correct prompt:

dir  /a  Rtlihvs.dll

If it shows something like:
 

 

07/10/2018  09:14 PM    <DIR>          Rtlihvs.dll

(with different dates and time)

then we have a directory and not a file.  Let's try to see what is inside:

cd  Rtlihvs.dll

dir  /a  *.*

You will get something like:

 

 

 
 Directory of C:\Windows\System32\Rtlihvs.dll
 
20-Jul-18  06:15 PM    <DIR>          .
20-Jul-18  06:15 PM    <DIR>          ..
14-Feb-12  07:37 PM           535,040 Rtlihvs.dll
               1 File(s)        535,040 bytes
               2 Dir(s)  17,828,290,560 bytes free
 

 

Ignore the first two entries with <DIR> and any other <DIR> lines.

If the file Rtlihvs.dll is listed then move it to a temp file:

move Rtlihvs.dll  %temp%

might as well move any other files to %temp% using the same command just use the file name after move.

 

then verify that the directory is empty:

dir /a

move back to \windows\system32

 

cd  ..

 

(That's cd SPACE dot dot.  Prompt should now say C:\Windows\System32)

rmdir  /s  /q   Rtlihvs.dll

(That's RMDIR /S /Q)

 

If the command is successful then we can try moving the Rtlihvs.dll file again.

copy  %temp%\Rtlihvs.dll  .

(That's COPY SPACE %TEMP%\Rtlihvs.dll SPACE dot)

 

I'm not sure where the SharpShell errors came from.  Perhaps from running the Avast tool. Let's clear the events, reboot and look at the errors now:

 

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.
 

Now either run FRST scan again or VEW and post both logs.


  • 0

#23
MagickMage
Posted 22 July 2018 - 10:51 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

Hello RKinner.I have finished all the Command Prompt work up till copy  %temp%\Rtlihvs.dll  . with the resultant reply of 1 file(s) copied.But before I reboot, can you please tell me where I can download VEW? Thank you.

 

PS: Headed to bed now. It's 1.02AM here in Singapore.


Edited by MagickMage, 22 July 2018 - 11:05 AM.

  • 0

#24
RKinner
Posted 22 July 2018 - 12:41 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Sorry thought we had used it before:

 

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 


  • 0

#25
MagickMage
Posted 23 July 2018 - 04:09 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Greetings RKinner. Many thanks for providing me with download location of VEW.
Continuing from the previous post.
I did all the Command Prompt work that you asked and to continue,you mentioned "Right click on (My) Computer and select Manage 
 
(Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on 
 
System and Clear Log, Clear. Repeat for Application.
 
Reboot."
 
I rebooted back to Windows Regular mode and ran FRST
 
FRST
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2018
Ran by Home (administrator) on HOME-PC (23-07-2018 17:16:18)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...arbar-recovery-
 
scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be 
 
moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-07-18] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-
 
11-05] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 
 
2010-11-17] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] 
 
(Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 
 
/errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.17.5.36 172.17.5.68
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [NameServer] 64.145.73.5,209.107.219.5
Tcpip\..\Interfaces\{9D8ACA75-78FD-4797-A9E9-305BE71B52AB}: [DhcpNameServer] 172.17.5.36 172.17.5.68
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2713607381-13602913-39778406-1000 -> {C4D576CF-D6A4-4EC3-8536-B0E5AEFF4ABE} URL = 
 
hxxps://sg.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_172\bin\ssv.dll 
 
[2018-07-18] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_172\bin
 
\jp2ssv.dll [2018-07-18] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office
 
\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft 
 
Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
 
FireFox:
========
FF DefaultProfile: anbxvldd.default-1529575451185
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 [2018-07-21]
FF Homepage: Mozilla\Firefox\Profiles\anbxvldd.default-1529575451185 -> hxxps://www.google.com/
FF Extension: (Adblock Plus) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\anbxvldd.default-
 
1529575451185\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-06-21]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\[email protected] 
 
[2018-07-16] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
FF Plugin: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-07-
 
18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-07-18] 
 
(Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe 
 
Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017
 
-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll 
 
[2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll 
 
[2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe 
 
Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-07-23]
CHR Extension: (Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2018-06-29]
CHR Extension: (Pixlr Editor) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\icmaknaampgiegkcjlimdiidlhopknpk [2016-09-11]
CHR Extension: (AliDropship) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\jlnhdnbbikjkdejminhdpmejldiapdgn [2018-06-13]
CHR Extension: (Video DownloadHelper) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\lmjnegcaeklhafolokijcfjliaokphfk [2018-07-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-07-19]
CHR Extension: (Scribd Downloader Free) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\picjckiempkofneplcbdijedckiollfd [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2018-02-12] (Digiarty Software, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-11-19] (REALiX™)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2017-05-16] (Highresolution Enterprises [www.highrez.co.uk])
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-06-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-23] (Malwarebytes)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [47104 2016-05-20] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7673200 2017-11-16] (Realtek Semiconductor Corporation )
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [424384 2018-07-18] (Realsil Semiconductor Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [54840 2017-12-20] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-07-31] (Spotflux, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-06-14] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-23 17:16 - 2018-07-23 17:17 - 000012538 _____ C:\Users\Home\Desktop\FRST.txt
2018-07-23 15:45 - 2018-07-23 15:45 - 000221662 _____ C:\Users\Home\Desktop
 
\MicrosoftProgram_Install_and_Uninstall.meta.diagcab
2018-07-23 15:10 - 2018-07-23 15:10 - 000226090 _____ C:\Users\Home\Downloads\Temple.zip
2018-07-23 15:05 - 2018-07-23 15:05 - 006503740 _____ C:\Users\Home\Downloads\disksavvy_setup_v10.9.16_x64.exe
2018-07-23 12:00 - 2018-07-23 12:00 - 000061440 _____ ( ) C:\Users\Home\Desktop\VEW.exe
2018-07-23 00:44 - 2012-02-14 19:37 - 000535040 _____ (Realtek Semiconductor Corp. ) C:\Users\Home\Rtlihvs.dll
2018-07-23 00:33 - 2012-02-14 19:37 - 000535040 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2018-07-22 19:40 - 2018-07-22 19:40 - 000010300 _____ C:\Users\Home\Downloads\fixlist.txt
2018-07-22 17:41 - 2018-07-18 19:00 - 000215040 _____ () C:\Users\Home\Desktop\Quick Restore Maker 4.exe
2018-07-22 15:22 - 2018-07-22 15:22 - 010015056 _____ (AVAST Software) C:\Users\Home\Desktop\avastclear.exe
2018-07-22 13:07 - 2018-07-22 13:07 - 000001583 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2018-07-21 23:46 - 2018-07-22 15:06 - 000000326 _____ C:\Users\Home\Desktop\Perms.txt
2018-07-21 23:42 - 2018-07-21 23:42 - 000000000 ____D C:\Users\Home\Downloads\GrantPerms
2018-07-21 23:31 - 2018-07-21 23:31 - 000453083 _____ C:\Users\Home\Downloads\GrantPerms.zip
2018-07-21 21:27 - 2018-07-22 20:18 - 000002004 _____ C:\Users\Home\Desktop\SFCFix.txt
2018-07-21 20:42 - 2018-07-21 13:00 - 008338432 _____ (Microsoft Corporation) C:\Users\Home\Desktop\spwizimg.dll
2018-07-21 20:42 - 2018-07-21 13:00 - 000260608 _____ (Microsoft Corporation) C:\Users\Home\Desktop\W32UIRes.dll
2018-07-21 20:33 - 2018-07-21 20:33 - 000001876 _____ C:\Users\Home\Desktop\SearchReg.txt
2018-07-21 14:50 - 2018-07-21 14:50 - 000231224 _____ C:\Users\Home\Downloads\UppDnnComFreeIndicators8.zip
2018-07-20 17:50 - 2018-07-22 20:34 - 000000000 ____D C:\Users\Home\AppData\Roaming\vlc
2018-07-20 17:46 - 2018-07-20 17:46 - 000000906 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-07-20 17:46 - 2018-07-20 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-07-20 17:45 - 2018-07-20 17:45 - 000000000 ____D C:\Program Files\VideoLAN
2018-07-19 19:47 - 2018-07-22 20:18 - 000000000 ____D C:\SFCFix
2018-07-19 19:19 - 2018-07-22 20:18 - 000000000 ____D C:\Users\Home\AppData\Local\niemiro
2018-07-19 15:45 - 2018-07-19 15:45 - 000028699 _____ C:\Users\Home\Downloads\tprenko-edu.rar
2018-07-19 15:01 - 2018-07-23 17:13 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-07-18 22:20 - 2018-07-18 22:21 - 002884096 _____ (niemiro) C:\Users\Home\Desktop\SFCFix.exe
2018-07-18 21:01 - 2018-07-20 13:27 - 000000980 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-07-18 21:01 - 2018-07-18 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-07-18 21:01 - 2018-07-18 21:01 - 000000000 ____D C:\Program Files\Speccy
2018-07-18 19:06 - 2018-07-22 17:42 - 000002183 _____ C:\Users\Home\AppData\Local\restore.vbs
2018-07-18 19:00 - 2018-07-18 19:00 - 000000000 ____D C:\QRM
2018-07-18 18:52 - 2018-07-18 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-07-18 18:52 - 2018-07-18 18:52 - 000000000 ____D C:\Program Files\7-Zip
2018-07-18 18:46 - 2018-07-18 18:47 - 000000000 _____ C:\end
2018-07-18 16:47 - 2018-07-18 16:47 - 000002890 _____ C:\Windows\System32\Tasks\WinSysCleanUAC
2018-07-18 15:15 - 2018-07-18 15:15 - 000424384 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers
 
\RtsUer.sys
2018-07-18 15:04 - 2018-07-18 15:04 - 072520672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2018-07-18 15:04 - 2018-07-18 15:04 - 013687502 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2018-07-18 15:04 - 2018-07-18 15:04 - 007178432 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 007101704 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 006270160 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 006173640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2018-07-18 15:04 - 2018-07-18 15:04 - 005346960 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003677120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2018-07-18 15:04 - 2018-07-18 15:04 - 003632464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003452120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003417968 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003306776 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003214672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003198528 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 003128768 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 002939728 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 002444648 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 002197944 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001971328 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001965120 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001787920 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001598352 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001544216 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001516232 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001448736 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOv251gm.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001435104 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001382192 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001372352 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001353280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001337608 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001328360 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001266352 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001259696 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001178240 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001164584 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOvlldpgm.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001159152 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001133560 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 001027608 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000999008 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000994648 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000964992 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000873424 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000852104 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000751264 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000734736 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000715608 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000714432 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000692128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000604760 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows
 
\system32\tossaemaxapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000541072 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000511608 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000467120 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000453240 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000452696 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000448568 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000447144 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000416472 _____ (Harman) C:\Windows\system32\HMUI.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000406416 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000392840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000381368 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000378352 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000367576 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000366080 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000360312 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000341112 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000341112 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000332968 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000327240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000327232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000315944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000278240 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000266512 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000261200 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000261160 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000260176 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000231880 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000230664 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000220352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000218232 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000203808 _____ (Harman) C:\Windows\system32\HMHVS.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000192944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000179560 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000174904 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000158664 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000157312 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000154328 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000139720 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000122280 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000118552 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000116504 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000105272 _____ C:\Windows\system32\audioLibVc.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000093872 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000090880 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000090136 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000088288 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000083592 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000075496 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2018-07-18 15:04 - 2018-07-18 15:04 - 000023656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2018-07-17 20:35 - 2018-07-17 20:35 - 002050596 _____ C:\Users\Home\Downloads\System Tweaker - Portable.zip
2018-07-15 21:09 - 2018-07-15 21:10 - 038186512 _____ (Tweaking.com) C:\Users\Home\Downloads
 
\tweaking.com_windows_repair_aio_setup (2).exe
2018-07-14 19:20 - 2018-07-23 17:16 - 000000000 ____D C:\FRST
2018-07-14 18:38 - 2018-07-21 20:30 - 002412544 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe
2018-07-14 18:01 - 2018-07-14 18:19 - 000002155 _____ C:\Windows\epplauncher.mif
2018-07-14 17:53 - 2018-07-14 18:19 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security 
 
Essentials.lnk
2018-07-14 17:53 - 2018-07-14 18:19 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-07-14 17:53 - 2018-07-14 18:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2018-07-14 17:27 - 2018-07-14 17:27 - 000054141 _____ C:\Users\Home\Downloads\turningpoints-edu (1).rar
2018-07-14 14:34 - 2018-07-14 14:34 - 000000000 ____D C:\Users\Home\Downloads\turningpoints-edu
2018-07-13 18:43 - 2018-07-13 18:44 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators (1).zip
2018-07-13 18:29 - 2018-07-13 18:29 - 000072963 _____ C:\Users\Home\Downloads\TPRenko.zip
2018-07-13 17:06 - 2018-07-13 17:06 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7 (1).pdf
2018-07-13 17:06 - 2018-07-13 17:06 - 000041388 _____ C:\Users\Home\Downloads\CoachingRoomTestimonialsV2.pdf
2018-07-13 17:04 - 2018-07-13 17:04 - 000663194 _____ C:\Users\Home\Downloads\Master Trader Coaching Program V7.pdf
2018-07-11 20:07 - 2018-07-11 20:08 - 003213632 _____ C:\Users\Home\Downloads\NinjaTrader-Open-Source-Free-Indicators.zip
2018-07-11 17:20 - 2018-06-14 00:23 - 000140992 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-11 17:20 - 2018-06-14 00:18 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-11 17:20 - 2018-06-08 21:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-11 17:20 - 2018-06-08 21:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-11 17:19 - 2018-06-21 08:58 - 000398376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-07-11 17:19 - 2018-06-21 08:00 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-07-11 17:19 - 2018-06-17 00:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:46 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 17:19 - 2018-06-17 00:36 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-07-11 17:19 - 2018-06-17 00:33 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-07-11 17:19 - 2018-06-17 00:23 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-07-11 17:19 - 2018-06-17 00:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-07-11 17:19 - 2018-06-17 00:19 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-07-11 17:19 - 2018-06-17 00:19 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-07-11 17:19 - 2018-06-17 00:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 17:19 - 2018-06-17 00:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-07-11 17:19 - 2018-06-17 00:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-07-11 17:19 - 2018-06-17 00:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-07-11 17:19 - 2018-06-17 00:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-07-11 17:19 - 2018-06-17 00:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-07-11 17:19 - 2018-06-17 00:02 - 000077824 _____ (Microsoft Corporation) C:\Windows
 
\system32\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-17 00:01 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-07-11 17:19 - 2018-06-16 23:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-07-11 17:19 - 2018-06-16 23:57 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-07-11 17:19 - 2018-06-16 23:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-07-11 17:19 - 2018-06-16 23:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-07-11 17:19 - 2018-06-16 23:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-07-11 17:19 - 2018-06-16 23:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:42 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-07-11 17:19 - 2018-06-16 23:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-07-11 17:19 - 2018-06-16 23:42 - 000060416 _____ (Microsoft Corporation) C:\Windows
 
\SysWOW64\JavaScriptCollectionAgent.dll
2018-07-11 17:19 - 2018-06-16 23:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-07-11 17:19 - 2018-06-16 23:39 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-07-11 17:19 - 2018-06-16 23:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-07-11 17:19 - 2018-06-16 23:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-07-11 17:19 - 2018-06-16 23:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-07-11 17:19 - 2018-06-16 23:34 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-07-11 17:19 - 2018-06-16 23:32 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-11 17:19 - 2018-06-16 23:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-07-11 17:19 - 2018-06-16 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-07-11 17:19 - 2018-06-16 23:28 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-07-11 17:19 - 2018-06-16 23:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-07-11 17:19 - 2018-06-16 23:16 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-07-11 17:19 - 2018-06-16 23:05 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-07-11 17:19 - 2018-06-16 23:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-07-11 17:19 - 2018-06-14 00:20 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-11 17:19 - 2018-06-14 00:19 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-13 23:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-11 17:19 - 2018-06-13 23:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-07-11 17:19 - 2018-06-09 00:27 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-07-11 17:19 - 2018-06-09 00:22 - 001665344 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-07-11 17:19 - 2018-06-09 00:21 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-07-11 17:19 - 2018-06-09 00:20 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-07-11 17:19 - 2018-06-09 00:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-09 00:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-09 00:02 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-07-11 17:19 - 2018-06-09 00:02 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-07-11 17:19 - 2018-06-08 23:57 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-07-11 17:19 - 2018-06-08 23:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processthreads-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localregistry-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localization-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processenvironment-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
libraryloader-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
interlocked-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
errorhandling-l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-
 
1-0.dll
2018-07-11 17:19 - 2018-06-08 23:44 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 17:19 - 2018-06-08 23:44 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-07-11 17:19 - 2018-06-08 23:44 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 17:19 - 2018-06-08 23:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-07-11 17:19 - 2018-06-08 23:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-07-11 17:19 - 2018-06-08 23:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-07-11 17:19 - 2018-06-08 23:33 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-07-11 17:19 - 2018-06-08 23:33 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-07-11 17:19 - 2018-06-08 23:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-07-11 17:19 - 2018-06-08 23:27 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-07-11 17:19 - 2018-06-08 23:21 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-07-11 17:19 - 2018-06-08 23:21 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-07-11 17:19 - 2018-06-08 23:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-06-08 23:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-06-08 00:19 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-07-11 17:19 - 2018-06-07 23:49 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-11 17:19 - 2018-06-07 23:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-07-11 17:19 - 2018-06-01 00:28 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-07-11 17:19 - 2018-06-01 00:28 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-07-11 17:19 - 2018-05-15 11:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-07-11 17:19 - 2018-05-15 11:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-07-11 17:19 - 2018-05-15 11:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-07-11 17:19 - 2018-05-15 11:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-07-11 17:19 - 2018-05-15 11:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-07-11 17:19 - 2018-05-12 10:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-07-11 17:19 - 2018-05-12 10:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-07-11 17:19 - 2018-05-12 05:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-07-11 17:19 - 2018-05-12 05:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-07-11 17:19 - 2018-05-11 08:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-07-11 17:19 - 2018-05-11 08:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
localization-l1-2-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-
 
processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-
 
l1-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-
 
processthreads-l1-1-1.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1
 
-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1
 
-1-0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-
 
0.dll
2018-07-11 17:19 - 2018-04-26 21:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-
 
0.dll
2018-07-11 17:19 - 2018-04-26 00:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-07-11 17:19 - 2018-04-25 23:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-07-11 17:19 - 2018-04-23 07:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-07-11 17:19 - 2018-04-19 00:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-07-11 17:19 - 2018-04-19 00:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-07-11 17:19 - 2018-04-18 23:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
2018-07-11 17:19 - 2018-04-18 23:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
2018-07-11 17:19 - 2018-04-18 23:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2018-07-11 17:19 - 2018-04-12 00:38 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-07-11 17:19 - 2018-04-12 00:36 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-07-11 17:19 - 2018-04-11 00:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-07-11 17:19 - 2018-04-11 00:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-07-11 17:19 - 2018-04-11 00:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-07-11 17:19 - 2018-04-11 00:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-07-11 17:19 - 2018-04-10 23:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-07-11 17:19 - 2018-04-10 23:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-07-11 17:19 - 2018-04-08 00:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-07-11 17:19 - 2018-03-15 01:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-07-11 17:19 - 2018-03-15 01:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-07-11 17:19 - 2018-03-15 01:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-07-11 17:19 - 2018-03-15 00:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-07-11 17:19 - 2018-03-15 00:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-07-11 17:19 - 2018-03-15 00:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-07-11 17:19 - 2018-03-15 00:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-07-11 17:19 - 2018-03-10 02:18 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-07-11 17:19 - 2018-03-10 02:12 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-07-11 17:19 - 2018-03-10 02:07 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-07-11 17:19 - 2018-03-10 02:06 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-07-11 17:19 - 2018-03-10 01:31 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-07-11 17:19 - 2018-03-07 02:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-07-11 17:19 - 2018-03-07 02:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-07-11 17:19 - 2018-02-22 11:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-07-11 17:19 - 2018-02-22 11:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-07-11 17:19 - 2018-02-11 02:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-07-11 17:19 - 2018-02-11 02:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-07-11 17:19 - 2018-02-11 02:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-07-11 17:19 - 2018-02-11 02:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-07-11 17:19 - 2018-02-11 02:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 02:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-07-11 17:19 - 2018-02-11 01:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-11 01:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-07-11 17:19 - 2018-02-11 01:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-07-11 17:19 - 2018-02-03 02:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-07-11 17:19 - 2018-02-03 02:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-07-11 17:19 - 2018-02-03 02:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-07-11 17:19 - 2018-02-03 02:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-07-11 17:19 - 2018-02-03 01:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-07-11 17:19 - 2018-02-03 01:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-07-11 17:19 - 2018-01-13 00:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-13 00:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-07-11 17:19 - 2018-01-13 00:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-07-11 17:19 - 2018-01-13 00:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-07-11 17:19 - 2018-01-12 00:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-07-11 17:19 - 2018-01-12 00:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-07-11 17:19 - 2018-01-01 10:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-07-11 17:19 - 2018-01-01 10:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-07-11 17:19 - 2018-01-01 10:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 10:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-07-11 17:19 - 2018-01-01 10:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-07-11 17:19 - 2018-01-01 10:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-07-11 17:19 - 2018-01-01 10:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-07-11 17:19 - 2018-01-01 10:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-07-11 17:19 - 2018-01-01 10:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-07-11 17:19 - 2018-01-01 09:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-07-11 17:19 - 2018-01-01 09:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-07-11 17:19 - 2018-01-01 09:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-07-11 17:19 - 2018-01-01 09:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-07-11 17:19 - 2018-01-01 09:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2018-07-11 17:19 - 2018-01-01 09:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-07-11 17:19 - 2018-01-01 09:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-07-11 17:19 - 2018-01-01 09:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-07-11 17:19 - 2018-01-01 09:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-07-11 17:19 - 2017-12-06 01:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-07-11 17:19 - 2017-12-06 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2018-07-11 17:19 - 2017-12-06 01:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-07-11 17:19 - 2017-12-06 00:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2018-07-11 17:19 - 2017-12-05 23:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-07-11 17:18 - 2018-06-17 01:07 - 025743872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-07-11 17:18 - 2018-06-17 00:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-07-11 17:18 - 2018-06-17 00:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-07-11 17:18 - 2018-06-17 00:27 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-07-11 17:18 - 2018-06-17 00:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-07-11 17:18 - 2018-06-17 00:20 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-07-11 17:18 - 2018-06-17 00:19 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-07-11 17:18 - 2018-06-17 00:08 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-07-11 17:18 - 2018-06-17 00:05 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-07-11 17:18 - 2018-06-16 23:58 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-07-11 17:18 - 2018-06-16 23:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-07-11 17:18 - 2018-06-16 23:46 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-11 17:18 - 2018-06-16 23:44 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-07-11 17:18 - 2018-06-16 23:40 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-07-11 17:18 - 2018-06-16 23:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-07-11 17:18 - 2018-06-13 23:40 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-07-11 17:18 - 2018-06-09 00:27 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-11 17:18 - 2018-06-09 00:27 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-11 17:18 - 2018-06-09 00:27 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-07-11 17:18 - 2018-06-09 00:23 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-07-11 17:18 - 2018-06-09 00:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-07-11 17:18 - 2018-06-09 00:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-11 17:18 - 2018-06-09 00:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-07-11 17:18 - 2018-06-09 00:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-07-11 17:18 - 2018-06-08 23:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-07-11 17:18 - 2018-06-08 23:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-11 17:18 - 2018-06-08 23:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 23:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-07-11 17:18 - 2018-06-08 00:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-07-11 17:18 - 2018-06-08 00:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-07-11 17:18 - 2018-06-01 00:28 - 001893568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-07-11 17:18 - 2018-05-30 21:05 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-07-11 17:18 - 2018-05-30 21:05 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-07-11 17:18 - 2018-05-15 12:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-07-11 17:18 - 2018-05-15 11:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-07-11 17:18 - 2018-05-15 11:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-07-11 17:18 - 2018-05-15 11:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-07-11 17:18 - 2018-05-15 11:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-07-11 17:18 - 2018-05-15 11:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-07-11 17:18 - 2018-05-12 05:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-07-11 17:18 - 2018-05-02 23:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-07-11 17:18 - 2018-05-02 23:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-07-11 17:18 - 2018-04-23 08:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-07-11 17:18 - 2018-04-12 00:38 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-07-11 17:18 - 2018-04-12 00:36 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-07-11 17:18 - 2018-04-11 00:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-07-11 17:18 - 2018-04-07 00:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-07-11 17:18 - 2018-04-07 00:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-07-11 17:18 - 2018-03-15 00:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-07-11 17:18 - 2018-03-11 01:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-07-11 17:18 - 2018-03-10 02:12 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-07-11 17:18 - 2018-03-07 02:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-07-11 17:18 - 2018-03-07 02:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-07-11 17:18 - 2018-03-07 02:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-07-11 17:18 - 2018-02-11 02:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-07-11 17:18 - 2018-02-11 01:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-07-11 17:18 - 2018-02-11 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-07-11 17:18 - 2018-02-11 01:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-07-11 17:18 - 2018-02-03 02:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-07-11 17:18 - 2018-01-01 10:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-07-11 17:18 - 2018-01-01 10:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-07-11 17:18 - 2018-01-01 10:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-07-11 17:18 - 2018-01-01 10:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-07-11 17:18 - 2018-01-01 10:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-07-11 17:18 - 2018-01-01 09:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-07-11 17:18 - 2017-12-06 01:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-07-10 19:07 - 2018-07-10 19:07 - 000602112 _____ (OldTimer Tools) C:\Users\Home\Downloads\OTL.exe
2018-07-09 20:36 - 2018-07-09 20:36 - 000031816 _____ (Microsoft Corporation) C:\Users\Home\Downloads
 
\pciclearstalecache_fdc5fc21af7572c604f50e0e7f9f7a6c465835b4.exe
2018-07-09 17:53 - 2018-07-09 17:54 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-07-09 17:53 - 2018-07-09 17:53 - 000001205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task 
 
Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000001178 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2018-07-09 17:53 - 2018-07-09 17:53 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2018-07-09 17:42 - 2018-07-09 17:42 - 002997200 _____ C:\Users\Home\Downloads\SecurityTaskManager_Setup.exe
2018-07-08 00:43 - 2018-07-08 00:44 - 000000000 ____D C:\Reg Utilities
2018-07-05 00:52 - 2018-07-05 00:52 - 000012522 _____ C:\Users\Home\Downloads\Sim22_MacdbbGaplessNT7_1_1.zip
2018-07-05 00:46 - 2018-07-05 00:50 - 168722676 _____ C:\Users\Home\Downloads\6kr
2018-07-05 00:39 - 2018-07-05 00:40 - 008488264 _____ C:\Users\Home\Downloads\6ks
2018-07-04 17:38 - 2018-07-04 17:38 - 000000000 ____D C:\Users\Home\AppData\Local\NinjaTrader_LLC,_http___w
2018-07-04 17:17 - 2018-07-04 17:17 - 000000000 ____D C:\Users\Home\Documents\Epubor VitalSource Downloader
2018-07-04 17:09 - 2018-07-04 18:27 - 000002721 _____ C:\Users\Home\Desktop\EpuborVitalSourceDownloader.lnk
2018-07-04 17:09 - 2018-07-04 17:09 - 000002729 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
 
\EpuborVitalSourceDownloader.lnk
2018-07-04 17:07 - 2018-07-04 17:21 - 000000000 ____D C:\Users\Home\AppData\Roaming\EpuborVitalSourceDownloader
2018-07-04 17:02 - 2018-07-04 17:02 - 000000000 ____D C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr
2018-07-04 17:00 - 2018-07-04 17:00 - 000000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-07-04 14:06 - 2018-07-04 14:07 - 045503432 _____ C:\Users\Home\Downloads\EpuborVitalSourceDownloader106-uf53tr.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000042727 _____ C:\Users\Home\Downloads\SHARKBAND2.zip
2018-07-04 01:13 - 2018-07-04 01:13 - 000005879 _____ C:\Users\Home\Downloads\Sharkband.zip
2018-07-04 01:12 - 2018-07-04 01:12 - 000014678 _____ C:\Users\Home\Downloads\fisherT.xml
2018-07-04 01:12 - 2018-07-04 01:12 - 000008071 _____ C:\Users\Home\Downloads\FisherT.cs
2018-07-04 01:12 - 2018-07-04 01:12 - 000004593 _____ C:\Users\Home\Downloads\TRIX_cory.zip
2018-07-04 01:09 - 2018-07-04 01:09 - 000017136 _____ C:\Users\Home\Downloads\_Lin_Reg_Color_Paint_v01.cs
2018-07-03 21:53 - 2018-07-03 21:53 - 000032071 _____ C:\Users\Home\Downloads\MASlopeBoxMulti.zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope (1).zip
2018-07-03 21:53 - 2018-07-03 21:53 - 000001852 _____ C:\Users\Home\Downloads\TheAboxforRange.zip
2018-07-03 21:26 - 2018-07-03 21:26 - 000031306 _____ C:\Users\Home\Downloads\BasicTemplate Perry.xml
2018-07-03 21:26 - 2018-07-03 21:26 - 000021732 _____ C:\Users\Home\Downloads\AaMA_7_5.zip
2018-07-03 21:22 - 2018-07-03 21:22 - 000063825 _____ C:\Users\Home\Downloads\PERRY_AFFLICTION.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000062969 _____ C:\Users\Home\Downloads\PERRY_ZSHARK_3.xml
2018-07-03 21:21 - 2018-07-03 21:21 - 000004555 _____ C:\Users\Home\Downloads\DMPlus_v3aBC.zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003827 _____ C:\Users\Home\Downloads\DMPlus_v3a (1).zip
2018-07-03 21:21 - 2018-07-03 21:21 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1 (1).zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000068608 _____ C:\Users\Home\Downloads\Perry.dll
2018-07-03 21:20 - 2018-07-03 21:20 - 000010918 _____ C:\Users\Home\Downloads\Force_Index_v02FastBC.zip
2018-07-03 21:20 - 2018-07-03 21:20 - 000004021 _____ C:\Users\Home\Downloads\Perry.cpp
2018-07-03 21:20 - 2018-07-03 21:20 - 000003363 _____ C:\Users\Home\Downloads\DMPlusBCV1.zip
2018-07-03 21:17 - 2018-07-03 21:17 - 000002259 _____ C:\Users\Home\Downloads\PriceLineWH.zip
2018-07-03 21:13 - 2018-07-03 21:13 - 000013617 _____ C:\Users\Home\Downloads\ForceIndex.zip
2018-07-03 21:12 - 2018-07-03 21:12 - 000022004 _____ C:\Users\Home\Downloads\DMPlusSignals_v8_nt7.zip
2018-07-03 21:08 - 2018-07-03 21:08 - 002498706 _____ C:\Users\Home\Downloads\vipul gold 4 range.bmp
2018-07-03 21:06 - 2018-07-03 21:06 - 000021045 _____ C:\Users\Home\Downloads\DMPlusSignals_nt7.zip
2018-07-03 21:06 - 2018-07-03 21:06 - 000019756 _____ C:\Users\Home\Downloads\DM3PlusSignals_nt65.zip
2018-07-03 21:02 - 2018-07-03 21:02 - 000005180 _____ C:\Users\Home\Downloads\DonchianRectangle.zip
2018-07-03 20:55 - 2018-07-03 20:55 - 000029362 _____ C:\Users\Home\Downloads\jhlPerryM1v1.zip
2018-07-03 20:51 - 2018-07-03 20:51 - 000003673 _____ C:\Users\Home\Downloads\DMplus_v3a.zip
2018-07-03 20:50 - 2018-07-03 20:50 - 000036945 _____ C:\Users\Home\Downloads\Perry-04.xml
2018-07-03 20:50 - 2018-07-03 20:50 - 000003020 _____ C:\Users\Home\Downloads\jtrangmaker_nj6_5.zip
2018-07-03 20:48 - 2018-07-03 20:48 - 000007813 _____ C:\Users\Home\Downloads\ECO2PAINTBARSONLY.zip
2018-07-03 20:46 - 2018-07-03 20:46 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3 (1).zip
2018-07-03 20:44 - 2018-07-03 20:44 - 000009645 _____ C:\Users\Home\Downloads\Force_Index_v02.zip
2018-07-03 20:43 - 2018-07-03 20:43 - 000036657 _____ C:\Users\Home\Downloads\Perry-01.xml
2018-07-03 20:43 - 2018-07-03 20:43 - 000011941 _____ C:\Users\Home\Downloads\Colored_MAs_by_slope.zip
2018-07-03 20:40 - 2018-07-03 20:40 - 000003588 _____ C:\Users\Home\Downloads\DMplus_v3.zip
2018-07-03 20:38 - 2018-07-03 20:38 - 000034256 _____ C:\Users\Home\Downloads\Perry-02v2.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030586 _____ C:\Users\Home\Downloads\Perry-02.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1.xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000030580 _____ C:\Users\Home\Downloads\Perry-02v1 (1).xml
2018-07-03 20:38 - 2018-07-03 20:38 - 000002872 _____ C:\Users\Home\Downloads\DMplus_v2.zip
2018-07-02 17:46 - 2018-07-02 17:46 - 000001531 _____ C:\Users\Home\Downloads\VolumeRiseFallNT8.zip
2018-07-01 19:29 - 2018-07-01 19:29 - 002716964 _____ C:\Users\Home\Downloads\DAMsetup.exe
2018-07-01 15:57 - 2018-07-01 15:57 - 000000207 _____ C:\Windows\tweaking.com-regbackup-HOME-PC-Windows-7-Professional-(64-
 
bit).dat
2018-07-01 15:57 - 2018-07-01 15:57 - 000000000 ____D C:\RegBackup
2018-07-01 15:47 - 2018-07-01 15:48 - 000000000 ____D C:\Tweaking
2018-07-01 14:30 - 2018-07-01 14:30 - 000002079 _____ C:\Users\Home\Downloads\PriceLineWH-NT8.zip
2018-07-01 14:25 - 2018-07-01 14:25 - 000009848 _____ C:\Users\Home\Downloads\ama_Current_Day_VWAP_v20.zip
2018-07-01 14:19 - 2018-07-01 14:19 - 000049438 _____ C:\Users\Home\Downloads\Download (1).rar
2018-07-01 14:15 - 2018-07-01 14:15 - 000124767 _____ C:\Users\Home\Downloads\Traderretail.rar
2018-07-01 13:53 - 2018-07-01 13:53 - 000091075 _____ C:\Users\Home\Downloads\ama_Super_Trend_U11_v21.zip
2018-07-01 01:00 - 2018-07-01 01:00 - 000009390 _____ C:\Users\Home\Downloads\IndoDemoStrategy.cs
2018-06-29 18:23 - 2018-06-29 18:23 - 000001003 _____ C:\Users\Public\Desktop\Filedrop.lnk
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Users\Home\AppData\Roaming\com.filedropme.FiledropDesktop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filedrop
2018-06-29 18:23 - 2018-06-29 18:23 - 000000000 ____D C:\Program Files (x86)\Filedrop
2018-06-29 17:39 - 2018-06-29 17:40 - 019130837 _____ (Filedrop ) C:\Users\Home\Downloads\Filedrop.exe
2018-06-29 17:22 - 2018-06-29 17:22 - 000006039 _____ C:\Users\Home\Downloads\April2018SCNT7.zip
2018-06-29 17:22 - 2018-06-29 17:22 - 000004819 _____ C:\Users\Home\Downloads\April2018SCNT8.zip
2018-06-29 17:20 - 2018-06-29 17:20 - 000007242 _____ C:\Users\Home\Downloads\July2012SC.zip
2018-06-28 21:41 - 2018-06-28 21:41 - 025942048 _____ (Samsung Electronics Co., Ltd.) C:\Users\Home\Downloads
 
\SAMSUNG_USB_Driver_for_Mobile_Phones_1.5.63.0.exe
2018-06-28 18:01 - 2018-06-28 18:01 - 000036760 _____ C:\Users\Home\Downloads\DS.rar
2018-06-28 18:00 - 2018-06-28 18:00 - 000022576 _____ C:\Users\Home\Downloads\DeltaScalper2.cs
2018-06-28 13:25 - 2018-06-28 13:25 - 000395709 _____ C:\Users\Home\Downloads\iScalper - Incubator ( iscalper - iRenko - 
 
iBands - iBars ).zip
2018-06-26 19:09 - 2018-06-26 19:09 - 000013664 _____ C:\Users\Home\Downloads\CciBBLinesV4.zip
2018-06-26 19:03 - 2018-07-01 13:57 - 001884785 _____ C:\Users\Home\Downloads\6k7
2018-06-26 18:57 - 2018-06-26 18:57 - 043540480 _____ C:\Users\Home\Downloads\NinjaTrader.Install.msi
2018-06-26 18:28 - 2018-06-26 18:28 - 000437107 _____ C:\Users\Home\Downloads\BrainTrading71.0.zip
2018-06-26 14:52 - 2018-06-26 14:52 - 000000000 ____D C:\Users\Home\AppData\Local\MTPredictor
2018-06-26 12:07 - 2018-06-26 12:07 - 002554515 _____ C:\Users\Home\Downloads\2017_IC3Report.pdf
2018-06-25 20:59 - 2018-06-25 20:59 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2018-06-25 16:47 - 2018-06-25 16:47 - 000181061 _____ C:\Users\Home\Downloads\RLMovingAverageColored.zip
2018-06-25 16:47 - 2018-06-25 16:47 - 000027785 _____ C:\Users\Home\Downloads\RLTMovingAverageColored.zip
2018-06-24 13:38 - 2018-06-24 13:38 - 538859006 _____ C:\Users\Home\Downloads\Trading MarketProfile (1).zip
2018-06-23 19:47 - 2018-06-23 19:48 - 021342732 _____ C:\Users\Home\Downloads\DayTrading_with_Price_Action_-
 
_Course___NinjaTrader_7_Indicators_2.rar
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-23 17:13 - 2009-07-14 13:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-23 17:09 - 2017-09-23 18:21 - 000000000 ____D C:\Users\Home\Documents\NinjaTrader 7
2018-07-23 17:09 - 2017-08-15 21:07 - 000000000 ____D C:\Program Files (x86)\NinjaTrader 7
2018-07-23 17:09 - 2017-01-12 12:40 - 000000000 ____D C:\Users\Home\AppData\Local\ElevatedDiagnostics
2018-07-23 17:00 - 2016-11-29 16:12 - 000000000 ____D C:\Users\Home\AppData\LocalLow\Mozilla
2018-07-23 15:50 - 2016-12-27 20:13 - 000000000 ____D C:\Temp
2018-07-23 13:13 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-
 
A289-439d-8115-601632D005A0
2018-07-23 13:13 - 2009-07-14 12:45 - 000025616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-
 
A289-439d-8115-601632D005A0
2018-07-23 00:44 - 2016-01-10 14:16 - 000000000 ____D C:\Users\Home
2018-07-22 16:00 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\inf
2018-07-22 13:34 - 2017-01-20 15:07 - 000000223 _____ C:\Windows\SysWOW64\_WKERNEL.SYL
2018-07-21 23:44 - 2013-05-02 07:56 - 000459114 _____ C:\Users\Home\Desktop\GrantPerms.exe
2018-07-21 20:25 - 2018-06-11 17:15 - 000000000 ____D C:\Security
2018-07-21 13:00 - 2009-07-14 07:29 - 008338432 _____ (Microsoft Corporation) C:\Windows\system32\spwizimg.dll
2018-07-19 15:00 - 2018-06-10 12:10 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-07-18 21:01 - 2016-04-01 22:13 - 000000000 ____D C:\ProgramData\Unchecky
2018-07-18 16:13 - 2016-06-05 18:03 - 000000000 ____D C:\ProgramData\ProductData
2018-07-18 15:48 - 2017-06-20 16:24 - 000001195 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-07-18 15:18 - 2017-09-07 18:23 - 000111048 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2018-07-18 15:18 - 2017-09-07 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-07-18 15:17 - 2017-09-07 18:22 - 000000000 ____D C:\Program Files\Java
2018-07-18 15:06 - 2018-01-20 14:06 - 000000000 ____D C:\Windows\system32\DAX3
2018-07-18 15:06 - 2018-01-20 14:06 - 000000000 ____D C:\Windows\system32\DAX2
2018-07-18 15:05 - 2018-01-22 15:26 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-07-17 17:52 - 2016-12-29 22:19 - 000000000 ____D C:\Users\Home\AppData\Roaming\SharkIndicators
2018-07-17 17:39 - 2017-03-15 00:32 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2018-07-17 06:02 - 2016-01-11 22:28 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-07-16 21:31 - 2018-06-21 18:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-07-16 21:31 - 2018-06-21 18:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-16 18:46 - 2017-12-11 15:02 - 006074156 _____ C:\Windows\ntbtlog.txt
2018-07-16 18:16 - 2017-12-23 20:39 - 000000000 ____D C:\Windows\System32\Tasks\MEGA
2018-07-16 18:15 - 2016-06-02 13:39 - 191336811 _____ C:\Windows\system32\Drivers\whitelist2.sa
2018-07-16 17:36 - 2018-06-21 18:02 - 000001107 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-07-16 17:23 - 2009-07-14 12:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media 
 
Player.lnk
2018-07-15 13:41 - 2018-03-13 18:50 - 000004460 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-15 13:41 - 2017-06-22 18:30 - 000003310 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2018-07-15 13:41 - 2017-06-19 21:36 - 000002980 _____ C:\Windows\System32\Tasks\{CEBE9F60-2E2E-4BF0-AEAE-325E6ADDDF40}
2018-07-15 13:41 - 2017-06-19 21:36 - 000002980 _____ C:\Windows\System32\Tasks\{C8711FB9-019D-4C47-838B-F12CC1688B8F}
2018-07-15 13:41 - 2016-01-12 04:30 - 000004314 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-07-15 13:41 - 2016-01-12 04:24 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-15 13:41 - 2016-01-12 00:08 - 000003334 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-15 13:41 - 2016-01-12 00:08 - 000003206 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-14 18:36 - 2009-07-14 13:13 - 000917584 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-14 17:23 - 2016-01-12 02:54 - 000909706 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-07-13 17:28 - 2016-01-12 04:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 
 
DC.lnk
2018-07-13 16:59 - 2016-11-23 13:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-07-12 10:41 - 2016-03-12 18:31 - 000409520 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-12 10:36 - 2016-01-11 22:58 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-12 10:35 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-07-12 03:12 - 2016-01-11 22:50 - 000000000 ____D C:\Windows\system32\MRT
2018-07-12 03:03 - 2016-01-11 22:50 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-07-11 22:22 - 2016-03-31 22:15 - 000000000 ____D C:\Users\Home\AppData\Roaming\.oit
2018-07-11 00:50 - 2016-01-12 04:30 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-11 00:50 - 2016-01-12 04:30 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-11 00:50 - 2016-01-12 04:30 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-09 14:02 - 2016-11-05 03:28 - 000000000 ____D C:\Users\Public\Documents\PT Photo Editor
2018-07-07 15:30 - 2016-03-14 00:28 - 000000000 ____D C:\XP
2018-07-06 23:51 - 2009-07-14 11:20 - 000000000 ____D C:\Windows\system32\NDF
2018-07-05 22:09 - 2016-04-18 16:51 - 000000000 ____D C:\Newnew4
2018-07-05 17:35 - 2016-04-20 15:06 - 000000000 ____D C:\Movies
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\TypeData445.lt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\RemoteReach2.dta
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Windows\system32\mockdata.db
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\funnel2db.arc
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\ffile2_.dat
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\Users\Home\AppData\Local\dat6_.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\type2.fnt
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\productcode.xml
2018-07-04 21:04 - 2017-12-05 18:13 - 000005780 _____ C:\ProgramData\kernalcode.gtd
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Windows\system32\tdt.dds
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\Users\Home\AppData\Local\dat51_.dat
2018-07-04 21:02 - 2017-12-07 15:08 - 000005780 _____ C:\ProgramData\takesys.dat
2018-07-04 16:59 - 2016-01-12 04:23 - 000000000 ____D C:\Users\Home\AppData\Local\Adobe
2018-07-01 19:01 - 2016-03-09 01:51 - 000109208 _____ C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-30 19:31 - 2017-07-19 23:50 - 000000000 ____D C:\Program Files (x86)\Wise
2018-06-28 20:43 - 2016-03-31 21:39 - 000000000 ____D C:\Users\Home\Documents\My Digital Editions
2018-06-27 03:53 - 2016-01-12 00:09 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-27 03:53 - 2016-01-12 00:09 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-23 22:01 - 2018-06-11 19:02 - 000000000 ____D C:\New Futures.io downloads
 
==================== Files in the root of some directories =======
 
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\ProgramData\enginesys.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\ProgramData\takesys.dat
2018-07-23 00:44 - 2012-02-14 19:37 - 000535040 _____ (Realtek Semiconductor Corp. ) C:\Users\Home\Rtlihvs.dll
2017-02-03 21:18 - 2017-02-16 19:21 - 000001728 _____ () C:\Users\Home\AppData\Roaming\.starmoon_kst.cfg
2016-12-16 19:35 - 2017-10-04 15:34 - 000000126 _____ () C:\Users\Home\AppData\Roaming\default.rss
2017-07-04 20:59 - 2017-07-04 21:00 - 000000010 _____ () C:\Users\Home\AppData\Roaming\pdfdrawcodec.dll
2017-12-07 01:10 - 2018-03-08 17:05 - 000005780 _____ () C:\Users\Home\AppData\Local\dat48_.dat
2017-12-07 15:08 - 2018-07-04 21:02 - 000005780 _____ () C:\Users\Home\AppData\Local\dat51_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\dat6_.xml
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\ffile2_.dat
2017-12-05 18:13 - 2018-07-04 21:04 - 000005780 _____ () C:\Users\Home\AppData\Local\funnel2db.arc
2018-07-18 19:06 - 2018-07-22 17:42 - 000002183 _____ () C:\Users\Home\AppData\Local\restore.vbs
2008-02-05 13:28 - 2008-02-05 13:28 - 000000051 _____ () C:\Users\Home\AppData\Local\setup.txt
2017-12-08 19:08 - 2017-12-30 21:05 - 000005780 _____ () C:\Users\Home\AppData\Local\supFix.dtt
 
Some files in TEMP:
====================
2018-07-20 18:15 - 2012-02-14 19:37 - 000535040 _____ (Realtek Semiconductor Corp. ) C:\Users\Home\AppData\Local\Temp
 
\Rtlihvs.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-01-08 04:09
 
==================== End of FRST.txt ============================
 
 
ADDITION
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.07.2018
Ran by Home (23-07-2018 17:19:25)
Running from C:\Users\Home\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-10 06:16:41)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2713607381-13602913-39778406-500 - Administrator - Disabled)
Guest (S-1-5-21-2713607381-13602913-39778406-501 - Limited - Disabled)
Home (S-1-5-21-2713607381-13602913-39778406-1000 - Administrator - Enabled) => C:\Users\Home
HomeGroupUser$ (S-1-5-21-2713607381-13602913-39778406-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be 
 
uninstalled manually.)
 
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems 
 
Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.7 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden
BurnAware Premium 11.0 GAOTD (HKLM-x32\...\BurnAware Premium_is1) (Version:  - Burnaware)
calibre 64bit (HKLM\...\{0224350E-9A3E-4932-8FC8-5D0590F1AF8A}) (Version: 2.55.0 - Kovid Goyal)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
DocX Reader 2.0 (HKLM-x32\...\DocX Reader 2.0) (Version:  - )
DolbyFiles (HKLM-x32\...\{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}) (Version: 0.1 - Nero AG) Hidden
Download Accelerator Manager (HKLM-x32\...\Download Accelerator Manager) (Version: 5.2.5 - )
Duplicate Photo Finder Plus 7.0 (HKLM-x32\...\Duplicate Photo Finder Plus_is1) (Version:  - TriSun Software Limited)
EditPad Lite 7.4.1 (HKLM\...\EditPad Lite) (Version: 7.4.1 - Just Great Software)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.8.1129 - Epubor Inc.)
EpuborVitalSourceDownloader 1.0.6 (only current user) (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\0d87c151-55a2-503a-
 
ba5c-83eaa9103f25) (Version: 1.0.6 - epubor)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron 
 
Technology)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fibozachi Elite Trader Package (www.forex-warez.com) version 7.31 (HKLM-x32\...\Fibozachi Elite Trader Package (www.forex-
 
warez.com)_is1) (Version: 7.31 - [email protected])
Filedrop version 1.1.5 (HKLM-x32\...\{3A309583-1B4A-4C90-85EA-124EB8DB331A}_is1) (Version: 1.1.5 - Filedrop)
Forex EA Generator 6.x (HKLM-x32\...\Forex EA Generator 6.x_is1) (Version:  - )
FXDD - MetaTrader (HKLM-x32\...\FXDD - MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
GoldenZone BarCloseMarker (HKLM-x32\...\{7B8F38FE-8CDF-4B26-A119-5388CAFEE98E}) (Version: 36.9.260.16 - GoldenZone Trading)
GoldenZone FullRangeBar (HKLM-x32\...\{3CE11A64-02C5-4B95-B0C0-C0CF94A82883}) (Version: 36.6.260.16 - GoldenZone Trading)
GoldenZone Leaders and Laggers (HKLM-x32\...\{40C302EF-A5A4-4EC3-A513-A0E2D441E93D}) (Version: 36.5.50.16 - GoldenZone 
 
Trading)
GoldenZone RolloversGuide (HKLM-x32\...\{991F9121-83AE-4309-8E54-95924F756A03}) (Version: 36.6.260.16 - GoldenZone Trading)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
IDTA Indicators (HKLM-x32\...\IDTA Indicators 2.1.4) (Version: 2.1.4 - The International Day Trading Academy)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Inpaint 7.1 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version:  - Teorex)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel 
 
Corporation)
Intel® Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel 
 
Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 172 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Lucky Days 2.3 (HKLM-x32\...\{3EAC2150-F274-4568-A03C-F52E549589EB}_is1) (Version:  - www.luckydays.tv)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft 
 
Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-
 
48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - 
 
Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - 
 
Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - 
 
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 
 
9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 
 
9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 
 
9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 
 
9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 
 
10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 
 
10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 
 
11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 
 
12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 
 
12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 
 
12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 
 
12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 
 
14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 
 
14.13.26020.0 - Microsoft Corporation)
MicroTrends DoubleShot Foundation 7.2018.03.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{EFDE0166-797F-
 
4CDF-82C2-4F5CAA827B28}) (Version: 7.2018.03.20 - MicroTrends)
MicroTrends NinjaTrader Framework 7 7.0.1.68 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{6B84A934-9323-4998-
 
B4AC-22D2B0905215}) (Version: 7.0.1.68 - MicroTrends)
MicroTrends Ultimate 7 Pro ATS 7.2018.3.20 [Home] (HKU\S-1-5-21-2713607381-13602913-39778406-1000\...\{E20EB602-68D1-4EA6-
 
860A-48535E867650}) (Version: 7.2018.3.20 - MicroTrends)
Mozilla Firefox 61.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.1 (x64 en-US)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 en-US)) (Version: 52.9.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiView Inpaint 1.2 (HKLM\...\{8188F7D9-812D-417D-B502-BE0D34ABFD81}_is1) (Version:  - Teorex)
Nero 9 Essentials (HKLM-x32\...\{61e0bd34-02fb-46f2-97c9-5813e346768c}) (Version:  - Nero AG)
NinjaTrader 8 (HKLM-x32\...\{2DAF98A0-9C96-4362-8AEB-5C548C01351E}) (Version: 8.0.13.1 - NinjaTrader, LLC)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
pCloud Drive (HKLM-x32\...\{5824F8F8-E59E-42CB-98FA-B1F329A58BB9}) (Version: 3.5.7 - pCloud AG) Hidden
PDFdu PDF Password Remover version 2.3 (HKLM-x32\...\{4412D3E1-E5ED-4EEA-B631-427FB9F31F48}_is1) (Version: 2.3 - PDFdu.com)
PhotoScissors 4.0 (HKLM\...\{664FCCAE-8187-4EC5-B191-758C040C999C}_is1) (Version:  - teorex)
PT Photo Editor - Pro Edition 3.7 (HKLM\...\{5C65692A-A64B-4B54-8E1E-429A56979DB0}_is1) (Version: 3.7 - PHOTO-TOOLBOX.COM)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8382 - Realtek 
 
Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - 
 
Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) 
 
(Version: 2.0.20.0 - Renesas Electronics Corporation)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Security Task Manager 2.1k (HKLM-x32\...\Security Task Manager) (Version: 2.1k - Neuber Software)
Sketch Drawer 4.2 (HKLM-x32\...\Sketch Drawer_is1) (Version: 4.2 - SoftOrbits)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
StartEd Lite (HKLM-x32\...\StartEd Lite) (Version: 5.60 - Outertech)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TOM Products version 3.7.0.1 (HKLM-x32\...\{BDD96956-F4E4-4498-B82A-C9E143C3ACA3}_is1) (Version: 3.7.0.1 - TheOilMoney)
TopDogTrading Indicators (HKLM-x32\...\{7A8B0366-82AB-4711-A99C-66E32B62CBAF}) (Version: 1.00.0000 - TopDogTrading)
Trading123AutoTraderV5j (HKLM-x32\...\{2BBB7785-61E5-4FD1-807E-9046FEC6AA63}) (Version: 1.0.5.10 - Trading123.Net)
UltraSearch V2.1.2 (64 bit) (HKLM\...\UltraSearch_is1) (Version: 2.1.2 - JAM Software)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-
 
5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Video to GIF 5.3 (HKLM-x32\...\Video to GIF) (Version: 5.3 - AoaoPhoto Digital Studio.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinPDFEditor V3.4 (HKLM-x32\...\WinPDFEditor_is1) (Version:  - hxxp://www.WinPDFEditor.com)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinUtilities Professional Edition 13.23 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043009}_is1) (Version: 13.23 - YL 
 
Computing, Inc)
WowTron PDF Restriction Remover (HKLM-x32\...\{7D68F994-CCD6-4C09-8127-E3E1A0333DA0}) (Version: 1.1.1 - WowTron Software Co. 
 
Ltd.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
CustomCLSID: HKU\S-1-5-21-2713607381-13602913-39778406-1000_Classes\CLSID\{F09690BD-582D-4439-B6ED-
 
5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    pCloudINPROGRESS] -> {D8BFAFBD-B670-4252-9C17-9CF1C64C2BAF} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudINSYNC] -> {8D0C0582-552A-4A6B-9455-DA63E1F329C0} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [    pCloudNOSYNC] -> {3858ED1B-8F1C-42ED-A8A9-FDBF591E3C6B} => C:\Program Files (x86)\pCloud 
 
Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor 
 
Pavlov)
ContextMenuHandlers1: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll 
 
[2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 
 
9\Nero CoverDesigner\CoverEdExtension.dll [2009-10-15] (Nero AG)
ContextMenuHandlers1-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll 
 
[2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll 
 
[2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware
 
\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor 
 
Pavlov)
ContextMenuHandlers4: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll 
 
[2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client
 
\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-10-08] 
 
(Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor 
 
Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware
 
\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-
 
08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll 
 
[2017-08-11] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
Task: {0A39D710-ED40-41DA-AE01-9A7EDD149DD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google
 
\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {1C906D8C-89DC-4569-BD1C-52E30CFB919E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google
 
\Update\GoogleUpdate.exe [2016-01-12] (Google Inc.)
Task: {2173E21E-250B-48AB-B6F5-820BA6FD3874} - System32\Tasks\WinSysCleanUAC => C:\Program Files\WinSysClean X7 PRO
 
\WinSysClean.exe
Task: {2797DECE-4DB4-4663-85F6-38093DB6480A} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 
 
5\Initialize.exe
Task: {2D9E079B-94D5-4EBE-817A-5B74A08020F8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled 
 
Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {3D92964E-8641-4995-AC35-96D4FD794603} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common 
 
Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {47D73C60-CEDF-4B90-9045-677505996CC4} - \Driver Booster SkipUAC (Home) -> No File <==== ATTENTION
Task: {6B5CE91C-079C-4CD4-BFE1-468927BD81C2} - System32\Tasks\{C8711FB9-019D-4C47-838B-F12CC1688B8F} => C:\Program Files 
 
(x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {91553C1D-8362-4631-A55C-4917D11F817F} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files
 
\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {ADF1FDAD-D7F8-461D-8B32-9B7EE15C03C7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows
 
\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe
Task: {B37ACB3C-BA1A-4627-9F9F-3DEA763FA5AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed
 
\Flash\FlashPlayerUpdateService.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {EE7A4FEB-9E17-4400-B1FA-E1F313272337} - System32\Tasks\{CEBE9F60-2E2E-4BF0-AEAE-325E6ADDDF40} => C:\Program Files 
 
(x86)\NinjaTrader 7\bin64\NinjaTrader.exe [2017-12-19] (NinjaTrader LLC, hxxp://www.ninjatrader.com)
Task: {F03B2B28-03E5-418A-9206-93E4B862CB69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows
 
\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-10] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be 
 
moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash
 
\FlashUtil32_30_0_0_113_pepper.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MicroTrends 
 
Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Blog.lnk 
 
-> hxxp://blog.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Forum.lnk 
 
-> hxxp://forum.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Help 
 
Desk.lnk -> hxxp://microtrends.zendesk.com
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends NinjaTrader Framework 7\MT Squawk 
 
Box.lnk -> hxxp://downloads.microtrends.co/squawkbox/install.ht
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MicroTrends 
 
Online.lnk -> hxxp://www.microtrends.co
Shortcut: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroTrends DoubleShot Foundation\MT Help 
 
Desk.lnk -> hxxp://microtrends.zendesk.com
 
ShortcutWithArgument: C:\Users\Home\Desktop\Online File Converter.lnk -> C:\Program Files (x86)\Office-Converter.com\Office-
 
Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3G2.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-3G2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 3GP.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-3GP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to 7z.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-7Z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AAC.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AC3.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AC3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AIFF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AVI.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AVI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to AZW3.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-AZW3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to BMP.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-BMP
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPS.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-EPS
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to EPUB.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ePub
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Excel.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Xls
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FB2.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FB2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLAC.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FLAC
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Flash.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Flash
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to FLV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-FLV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to GIF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-GIF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Html.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-HTML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to iPhone.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-iPhone
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to JPG.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-JPG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to LRF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-LRF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to M4A.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M4A
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MKV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MKV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MOBI.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MOBI
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Mov.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MOV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP2.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP3.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP3
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to MP4.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-MP4
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ODF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OGG.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-OGG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to OpenOffice.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-ODT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDB.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PDB
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PDF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PDF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PhotoShop.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-PSD
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PNG.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-PNG
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to PowerPoint.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-PPT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to RM.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-RM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Rtf.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ODF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.bz2.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Tar-bz2
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.gz.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Tar-gz
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Tar.z.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Tar-z
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TCR.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TCR
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to TIFF.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TIFF
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Txt.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-TXT
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W1V.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M1V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to W2V.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-M2V
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WAV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WAV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WebM.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WebM
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMA.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WMA
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to WMV.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-WMV
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Word.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-Doc
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xbox 360.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-Xbox360
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to Xml.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-XML
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to YouTube.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-
 
to-YouTube
ShortcutWithArgument: C:\Users\Home\Desktop\Free Online File Converter[Office-Converter.com]\Convert to ZIP.lnk -> C:\Program 
 
Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/Convert-to-ZIP
ShortcutWithArgument: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Online File Converter.lnk -> C:
 
\Program Files (x86)\Office-Converter.com\Office-Converter.com\OfficeLink.exe () -> hxxp://www.office-converter.com/
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-12-29 14:42 - 2015-10-08 19:47 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-06-10 12:10 - 2018-07-19 15:00 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-07-12 10:53 - 2018-07-12 10:53 - 000169984 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop
 
\db655ae9e4ab7d7e5204db26e314ea39\IsdiInterop.ni.dll
2016-01-10 14:30 - 2010-11-05 23:50 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology
 
\IsdiInterop.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\saappsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sascansvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2018-07-23 17:13 - 000001314 _____ C:\Windows\system32\Drivers\etc\hosts
 
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2713607381-13602913-39778406-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft
 
\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 64.145.73.5 - 209.107.219.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 
 
3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed 
 
separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E0F10DD9-5871-40A5-8C94-CBBBA5118DA0}] => (Allow) LPort=80
FirewallRules: [TCP Query User{26303190-3DA5-4505-82FE-FA4C8E64E6DB}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [UDP Query User{0835F49C-2F7A-4578-8AF1-4C2FC1C6F50A}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [{979902AF-DFE2-49CB-B3D3-22E0138C3E3C}] => (Allow) C:\Program Files (x86)\pCloud Drive\pCloud.exe
FirewallRules: [TCP Query User{3A0A0771-7500-48C2-B773-5D3D6ECC8544}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{6CC3C934-9C22-4507-859C-9D9B09B201A1}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{66781602-1EEF-4160-A7F9-28A5422FDD62}C:\program files (x86)\ninjatrader 
 
8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{C2756435-D0AE-467C-9907-834F2AAE75B6}C:\program files (x86)\ninjatrader 
 
8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{8C300CD9-195C-4FB7-BA39-B2981DBAC6F4}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [UDP Query User{240E47F2-B98E-4409-9433-A2753201F861}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] 
 
=> (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe
FirewallRules: [{BB25DF2E-E071-4E74-89FE-EFF71BB46E05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FCF3E1A5-3B13-4082-ABF3-2CE340C9F017}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{76EEFDB5-90CB-494D-B277-1D699744AF9C}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{D3F505DC-CF8C-462A-8AB8-6D2E062CF20C}C:\program files (x86)\ninjatrader 
 
7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [{5C618650-B412-47C0-84A2-FC32B61999E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{88049983-F4CE-4EB1-BBD2-4F0BAF0A9FA7}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) 
 
C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [UDP Query User{F82D738E-1254-4EEE-97EF-E09D70001824}C:\program files (x86)\filedrop\filedrop.exe] => (Allow) 
 
C:\program files (x86)\filedrop\filedrop.exe
FirewallRules: [TCP Query User{11A84D1D-09E8-45A8-A01E-C075142339B3}C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
FirewallRules: [UDP Query User{A2C5E8EF-6E22-4E1F-9FD0-7B8A5988EEA8}C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe] => (Allow) C:\users\home\appdata\local\programs
 
\epuborvitalsourcedownloader\epuborvitalsourcedownloader.exe
 
==================== Restore Points =========================
 
20-07-2018 18:11:03 QRM Restore Point
20-07-2018 18:15:47 Restore Point Created by FRST
20-07-2018 22:07:22 QRM Restore Point
21-07-2018 07:42:32 Windows Update
21-07-2018 12:54:51 Revo Uninstaller's restore point - TAP-Windows 9.9.2
21-07-2018 18:00:03 QRM Restore Point
21-07-2018 20:24:12 Revo Uninstaller's restore point - SUPERAntiSpyware
22-07-2018 17:42:22 QRM Restore Point
23-07-2018 15:57:12 Installed Microsoft Solution - B4164D8C-3813-495A-BBBC-BA51D122A226
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/21/2018 06:02:42 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: System.IO.FileNotFoundException: Could not find file 'C:\Users\Home\Desktop\spwizimg.dll'.
File name: 'C:\Users\Home\Desktop\spwizimg.dll'
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.File.GetAttributes(String path)
   at ContextMenuHandler.ContextMenuExtension.CreateMenu()
   at System.Lazy`1.CreateValue()
   at System.Lazy`1.LazyInitValue()
   at SharpShell.SharpContextMenu.SharpContextMenu.SharpShell.Interop.IContextMenu.QueryContextMenu(IntPtr hMenu, UInt32 
 
indexMenu, Int32 idCmdFirst, Int32 idCmdLast, CMF uFlags)
 
Error: (07/21/2018 06:02:42 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: ContextMenuExtension: An exception occured building the context menu.
 
Error: (07/21/2018 06:02:17 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: System.IO.FileNotFoundException: Could not find file 'C:\Users\Home\Desktop\spwizimg.dll'.
File name: 'C:\Users\Home\Desktop\spwizimg.dll'
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.File.GetAttributes(String path)
   at ContextMenuHandler.ContextMenuExtension.CreateMenu()
   at System.Lazy`1.CreateValue()
   at System.Lazy`1.LazyInitValue()
   at SharpShell.SharpContextMenu.SharpContextMenu.SharpShell.Interop.IContextMenu.QueryContextMenu(IntPtr hMenu, UInt32 
 
indexMenu, Int32 idCmdFirst, Int32 idCmdLast, CMF uFlags)
 
Error: (07/21/2018 06:02:17 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: ContextMenuExtension: An exception occured building the context menu.
 
Error: (07/21/2018 06:01:50 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: System.IO.FileNotFoundException: Could not find file 'C:\Users\Home\Desktop\W32UIRes.dll'.
File name: 'C:\Users\Home\Desktop\W32UIRes.dll'
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.File.GetAttributes(String path)
   at ContextMenuHandler.ContextMenuExtension.CreateMenu()
   at System.Lazy`1.CreateValue()
   at System.Lazy`1.LazyInitValue()
   at SharpShell.SharpContextMenu.SharpContextMenu.SharpShell.Interop.IContextMenu.QueryContextMenu(IntPtr hMenu, UInt32 
 
indexMenu, Int32 idCmdFirst, Int32 idCmdLast, CMF uFlags)
 
Error: (07/21/2018 06:01:50 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: ContextMenuExtension: An exception occured building the context menu.
 
Error: (07/21/2018 06:01:40 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: System.IO.FileNotFoundException: Could not find file 'C:\Users\Home\Desktop\spwizimg.dll'.
File name: 'C:\Users\Home\Desktop\spwizimg.dll'
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.File.GetAttributes(String path)
   at ContextMenuHandler.ContextMenuExtension.CreateMenu()
   at System.Lazy`1.CreateValue()
   at System.Lazy`1.LazyInitValue()
   at SharpShell.SharpContextMenu.SharpContextMenu.SharpShell.Interop.IContextMenu.QueryContextMenu(IntPtr hMenu, UInt32 
 
indexMenu, Int32 idCmdFirst, Int32 idCmdLast, CMF uFlags)
 
Error: (07/21/2018 06:01:40 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: ContextMenuExtension: An exception occured building the context menu.
 
 
System errors:
=============
Error: (07/23/2018 05:13:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 193
 
Error: (07/23/2018 01:07:04 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (07/23/2018 01:04:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 193
 
Error: (07/23/2018 06:49:52 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 193
 
Error: (07/22/2018 05:37:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 5
 
Error: (07/22/2018 04:19:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 5
 
Error: (07/22/2018 04:17:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 21
 
Error: (07/22/2018 04:16:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
discache
HWiNFO32
MpFilter
spldr
Wanarpv6
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 37%
Total physical RAM: 4012.97 MB
Available physical RAM: 2500.91 MB
Total Virtual: 8024.11 MB
Available Virtual: 6536.24 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:220.7 GB) (Free:11.46 GB) NTFS
Drive d: () (Fixed) (Total:244.96 GB) (Free:29.61 GB) NTFS
Drive e: () (CDROM) (Total:4.38 GB) (Free:0.01 GB) UDF
 
\\?\Volume{192deb17-b7e7-11e5-8856-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AACEA11C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=245 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220.7 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 
And now when I tried to follow your instructions with VEW.the "funny things" apparently is continuing.
Your instructions:
Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
I did not make any input in Date of events From ? To?
 
After pressing "Run", the VEW box disappeared and NOTHING happened!
Notpad didn't appear and there was no "Output.log on the Desktop!
I even checked my Desktop directory, and there was no "Output.log"
 
 
What the...?!
I don't know RKinner, maybe I was blasting Things that make you go Hmmmm by C+C Factory too much during the weekend.
 
PS:Btw, I downloaded  the sevenforums.com version of VEW, and the same thing happened.
I left Date of events From (blank) To (blank) just like you instructed. Maybe I should input a date perhaps?
I really don't know RKinner.

Edited by MagickMage, 23 July 2018 - 05:04 AM.

  • 0

Advertisements

#26
RKinner
Posted 23 July 2018 - 06:46 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Just downloaded and ran VEW per my original instructions and everything ran as it should.  As for the date you will note it says number or events OR dates.  I suspect your anti-virus doesn't like it so you might try pausing it before running it.

 

The  Rtlihvs.dll file is now where it should be:

2018-07-23 00:33 - 2012-02-14 19:37 - 000535040 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll

and is the same size as the other versions on your PC but Windows says it's not a W32 application. 
 
We will have to try to download a new version. 
 
If you search for:
 
device manager
and Hit Enter
it should bring up the Device Manager window.  Open Network Adapters and right click on the realtek wireless adapter and Update Driver.  See if Windows can find one for you. 
If not this seems to be a legitimate dlink site so you can try downloading the driver from:
 
 
The Download button links to:
 
So you will need to save the file then right click and Extract All, Extract.  There is probably a Setup file to run by right clicking and Run As Admin.
 
The two dll files we put on your desktop are still there but appear to be blocked.  Right click on each and select Properties.  Do it says they are blocked?  Unblock them.
 
If you can't get VEW to work then you can try:
 
Full Event Log View

http://www.nirsoft.n...t_log_view.html

The download is near the bottom of the page.  Choose the one appropriate for your system.

Download FullEventLogView (32-bit version)
Download FullEventLogView (64-bit version)


Right click on the downloaded file and Extract All, Extract.  Doubleclick on FullEventLogView.exe

Once the program starts:  Options, Advanced Options and in the new window uncheck Informational verbose and Undefined.

Show only events from the last 1 Days

OK

Now Edit, Select All

File, Save Selected Items, to your desktop, call it events,  Save.

Close the program.  You should have a file called events.txt on your desktop.  Open it, Edit, Select All, Ctrl + c to copy and then move to a Reply and Ctrl +v to paste it into the reply.







 

  • 0

#27
MagickMage
Posted 24 July 2018 - 02:03 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Greetings RKinner
From Device Manager, I searched Network Adapters, then right clicked on DLink DWA Network Adapter,then Update driver software,then Search automatically for updated driver software,then it said it was searching online, and then this message.
 
“The best driver software for your device is already installed”
"Windows has determined the driver software for your device is up to date"
"DLink DWA-123 Wireless N-150 USB Adapter(rev.D)"
 
So I went to https://www.dlink.co.id/dwa-123-d1/and downloaded their most recent update
DWA-123_D1_FW_4.03,
Publish Date
03/22/2016
 
 
I EXTRACTED ALL,THEN EXTRACT. No setup file.
 
From Device Manager,Browse my computer for driver software.I clicked on the software's location and it showed me the same message as above,
“The best driver software for your device is already installed”
 
-----------------------------------------------------------------------------------------------------------------------
"The two dll files we put on your desktop are still there but appear to be blocked.  Right click on each and select Properties. 
 
 Do it says they are blocked?  Unblock them."
 
I right clicked on them, W32UIRES.dll and spwizimg.dll,then properties. I clicked on UNBLOCK, APPLY, then OK
-----------------------------------------------------------------------------------------------------------------------
 
I downloaded Full Event Log View,the 64-bit version.
Luckily Full Events Log View,unlike VEW,works just like you instructed.I did all as you instructed,"
Once the program starts:  Options, Advanced Options and in the new window uncheck Informational verbose and Undefined.
 
Show only events from the last 1 Days
 
OK
 
Now Edit, Select All
 
File, Save Selected Items, to your desktop, call it events,  Save.
 
Close the program.  You should have a file called events.txt on your desktop.  Open it, Edit, Select All, Ctrl + c to copy and 
 
then move to a Reply and Ctrl +v to paste it into the reply.
 
Here is Events.txt
 
==================================================
Event Time        : 23-Jul-18 4:06:53 PM.798
Record ID         : 16147
Event ID          : 310
Level             : Warning
Channel           : Microsoft-Windows-Bits-Client/Operational
Provider          : Microsoft-Windows-Bits-Client
Description       : The initialization of the peer helper modules failed with the following error:  0x80070032.
Opcode            : 
Task              : 
Keywords          : 0x4000000000000000
Process ID        : 472
Thread ID         : 4688
Computer          : Home-PC
User              : NT AUTHORITY\SYSTEM
==================================================
 
==================================================
Event Time        : 23-Jul-18 5:09:44 PM.688
Record ID         : 1499
Event ID          : 201
Level             : Error
Channel           : Microsoft-Windows-Diagnosis-Scripted/Operational
Provider          : Microsoft-Windows-Diagnosis-Scripted
Description       : The scripted diagnostic engine has encountered an error 0x803C0100.
Opcode            : 
Task              : 
Keywords          : Lifecycle Keyword
Process ID        : 3936
Thread ID         : 4936
Computer          : Home-PC
User              : Home-PC\Home
==================================================
 
==================================================
Event Time        : 23-Jul-18 5:11:27 PM.216
Record ID         : 65107
Event ID          : 1530
Level             : Warning
Channel           : Application
Provider          : Microsoft-Windows-User Profiles Service
Description       : Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.  
 
 DETAIL - 
 1 user registry handles leaked from \Registry\User\S-1-5-21-2713607381-13602913-39778406-1000:
Process 2596 (\Device\HarddiskVolume3\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-2713607381-13602913-39778406-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
 
Opcode            : 
Task              : 
Keywords          : 0x8000000000000000
Process ID        : 472
Thread ID         : 4228
Computer          : Home-PC
User              : NT AUTHORITY\SYSTEM
==================================================
 
==================================================
Event Time        : 23-Jul-18 5:12:28 PM.792
Record ID         : 440
Event ID          : 3
Level             : Error
Channel           : Microsoft-Windows-Kernel-EventTracing/Admin
Provider          : Microsoft-Windows-Kernel-EventTracing
Description       : Session "Microsoft Security Client OOBE" stopped due to the following error: 0xC000000D
Opcode            : Stop (14)
Task              : Session (2)
Keywords          : Session
Process ID        : 4
Thread ID         : 176
Computer          : Home-PC
User              : NT AUTHORITY\SYSTEM
==================================================
 
==================================================
Event Time        : 23-Jul-18 5:12:53 PM.877
Record ID         : 346313
Event ID          : 11
Level             : Warning
Channel           : System
Provider          : Microsoft-Windows-Wininit
Description       : Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Opcode            : 
Task              : 
Keywords          : 0x4000000000000000
Process ID        : 576
Thread ID         : 720
Computer          : Home-PC
User              : NT AUTHORITY\SYSTEM
==================================================
 
==================================================
Event Time        : 23-Jul-18 5:13:02 PM.582
Record ID         : 346340
Event ID          : 10000
Level             : Error
Channel           : System
Provider          : Microsoft-Windows-WLAN-AutoConfig
Description       : WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 193
 
Opcode            : 
Task              : 
Keywords          : 0x4000000000000000
Process ID        : 176
Thread ID         : 1308
Computer          : Home-PC
User              : NT AUTHORITY\SYSTEM
==================================================
 
==================================================
Event Time        : 23-Jul-18 5:15:05 PM.604
Record ID         : 5444
Event ID          : 200
Level             : Warning
Channel           : Microsoft-Windows-Diagnostics-Performance/Operational
Provider          : Microsoft-Windows-Diagnostics-Performance
Description       : Windows has shutdown: 
     Shutdown Duration : 36927ms
     IsDegradation : false
     Incident Time (UTC) : ‎2018‎-‎07‎-‎23T09:11:17.808170200Z
Opcode            : Shutdown Information (40)
Task              : Shutdown Performance Monitoring (4007)
Keywords          : Event Log
Process ID        : 1584
Thread ID         : 2272
Computer          : Home-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================
 
==================================================
Event Time        : 23-Jul-18 5:15:07 PM.133
Record ID         : 5446
Event ID          : 101
Level             : Warning
Channel           : Microsoft-Windows-Diagnostics-Performance/Operational
Provider          : Microsoft-Windows-Diagnostics-Performance
Description       : This application took longer than usual to start up, resulting in a performance degradation in the system startup process: 
     File Name : explorer.exe
     Friendly Name : Windows Explorer
     Version : 6.1.7600.16385 (win7_rtm.090713-1255)
     Total Time : 12185ms
     Degradation Time : 7185ms
     Incident Time (UTC) : ‎2018‎-‎07‎-‎23T09:12:16.624800300Z
Opcode            : Boot Degradation (33)
Task              : Boot Performance Monitoring (4002)
Keywords          : Event Log
Process ID        : 1584
Thread ID         : 1596
Computer          : Home-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================
 
==================================================
Event Time        : 23-Jul-18 5:15:07 PM.133
Record ID         : 5445
Event ID          : 100
Level             : Critical
Channel           : Microsoft-Windows-Diagnostics-Performance/Operational
Provider          : Microsoft-Windows-Diagnostics-Performance
Description       : Windows has started up: 
     Boot Duration : 164151ms
     IsDegradation : false
     Incident Time (UTC) : ‎2018‎-‎07‎-‎23T09:12:16.624800300Z
Opcode            : Boot Information (34)
Task              : Boot Performance Monitoring (4002)
Keywords          : Event Log
Process ID        : 1584
Thread ID         : 1596
Computer          : Home-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================
 
==================================================
Event Time        : 23-Jul-18 5:17:32 PM.719
Record ID         : 13450
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {625B53C3-AB48-4EC1-BA1F-A1EF4146FC19} with path 'C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu'.
Opcode            : 
Task              : 
Keywords          : 0x8000000000000000
Process ID        : 2292
Thread ID         : 2536
Computer          : Home-PC
User              : NT AUTHORITY\SYSTEM
==================================================
 
==================================================
Event Time        : 23-Jul-18 5:17:32 PM.719
Record ID         : 13451
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {FDD39AD0-238F-46AF-ADB4-6C85480369C7} with path 'C:\Windows\system32\config\systemprofile\Documents'.
Opcode            : 
Task              : 
Keywords          : 0x8000000000000000
Process ID        : 2292
Thread ID         : 2536
Computer          : Home-PC
User              : NT AUTHORITY\SYSTEM
==================================================
 
==================================================
Event Time        : 23-Jul-18 5:17:32 PM.719
Record ID         : 13452
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {B4BFCC3A-DB2C-424C-B029-7FE99A87C641} with path 'C:\Windows\system32\config\systemprofile\Desktop'.
Opcode            : 
Task              : 
Keywords          : 0x8000000000000000
Process ID        : 2292
Thread ID         : 2536
Computer          : Home-PC
User              : NT AUTHORITY\SYSTEM
==================================================
 
==================================================
Event Time        : 23-Jul-18 5:17:32 PM.719
Record ID         : 13449
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {1777F761-68AD-4D8A-87BD-30B759FA33DD} with path 'C:\Windows\system32\config\systemprofile\Favorites'.
Opcode            : 
Task              : 
Keywords          : 0x8000000000000000
Process ID        : 2292
Thread ID         : 2536
Computer          : Home-PC
User              : NT AUTHORITY\SYSTEM
==================================================
 
==================================================
Event Time        : 23-Jul-18 11:37:40 PM.008
Record ID         : 13454
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            : 
Task              : 
Keywords          : 0x8000000000000000
Process ID        : 736
Thread ID         : 3016
Computer          : Home-PC
User              : Home-PC\Home
==================================================
 
==================================================
Event Time        : 23-Jul-18 11:37:40 PM.008
Record ID         : 13453
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            : 
Task              : 
Keywords          : 0x8000000000000000
Process ID        : 736
Thread ID         : 3016
Computer          : Home-PC
User              : Home-PC\Home
==================================================
 
==================================================
Event Time        : 23-Jul-18 11:37:56 PM.229
Record ID         : 13455
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            : 
Task              : 
Keywords          : 0x8000000000000000
Process ID        : 2840
Thread ID         : 5728
Computer          : Home-PC
User              : Home-PC\Home
==================================================
 
==================================================
Event Time        : 23-Jul-18 11:37:56 PM.229
Record ID         : 13456
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            : 
Task              : 
Keywords          : 0x8000000000000000
Process ID        : 2840
Thread ID         : 5728
Computer          : Home-PC
User              : Home-PC\Home
==================================================
 
==================================================
Event Time        : 23-Jul-18 11:37:56 PM.892
Record ID         : 13458
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D} with path 'C:\ProgramData\OEM Links'.
Opcode            : 
Task              : 
Keywords          : 0x8000000000000000
Process ID        : 4168
Thread ID         : 4296
Computer          : Home-PC
User              : Home-PC\Home
==================================================
 
==================================================
Event Time        : 23-Jul-18 11:37:56 PM.892
Record ID         : 13457
Event ID          : 1002
Level             : Warning
Channel           : Microsoft-Windows-Known Folders API Service
Provider          : Microsoft-Windows-KnownFolders
Description       : Error 0x80070002 occurred while verifying known folder {2A00375E-224C-49DE-B8D1-440DF7EF3DDC} with path 'C:\Windows\resources\0409'.
Opcode            : 
Task              : 
Keywords          : 0x8000000000000000
Process ID        : 4168
Thread ID         : 4296
Computer          : Home-PC
User              : Home-PC\Home
==================================================
 
==================================================
Event Time        : 23-Jul-18 11:43:32 PM.009
Record ID         : 16153
Event ID          : 310
Level             : Warning
Channel           : Microsoft-Windows-Bits-Client/Operational
Provider          : Microsoft-Windows-Bits-Client
Description       : The initialization of the peer helper modules failed with the following error:  0x80070032.
Opcode            : 
Task              : 
Keywords          : 0x4000000000000000
Process ID        : 500
Thread ID         : 5332
Computer          : Home-PC
User              : NT AUTHORITY\SYSTEM
==================================================
 
==================================================
Event Time        : 24-Jul-18 1:38:03 PM.349
Record ID         : 346518
Event ID          : 4227
Level             : Warning
Channel           : System
Provider          : Tcpip
Description       : TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error typically occurs when outgoing connections are opened and closed at a high rate, causing all available local ports to be used and forcing TCP/IP to reuse a local port for an outgoing connection. To minimize the risk of data corruption, the TCP/IP standard requires a minimum time period to elapse between successive connections from a given local endpoint to a given remote endpoint.
Opcode            : 
Task              : 
Keywords          : Classic
Process ID        : 
Thread ID         : 
Computer          : Home-PC
User              : 
==================================================
 
==================================================
Event Time        : 24-Jul-18 1:42:03 PM.366
Record ID         : 346519
Event ID          : 4227
Level             : Warning
Channel           : System
Provider          : Tcpip
Description       : TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error typically occurs when outgoing connections are opened and closed at a high rate, causing all available local ports to be used and forcing TCP/IP to reuse a local port for an outgoing connection. To minimize the risk of data corruption, the TCP/IP standard requires a minimum time period to elapse between successive connections from a given local endpoint to a given remote endpoint.
Opcode            : 
Task              : 
Keywords          : Classic
Process ID        : 
Thread ID         : 
Computer          : Home-PC
User              : 
==================================================
 
==================================================
Event Time        : 24-Jul-18 1:52:03 PM.344
Record ID         : 346520
Event ID          : 4227
Level             : Warning
Channel           : System
Provider          : Tcpip
Description       : TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error typically occurs when outgoing connections are opened and closed at a high rate, causing all available local ports to be used and forcing TCP/IP to reuse a local port for an outgoing connection. To minimize the risk of data corruption, the TCP/IP standard requires a minimum time period to elapse between successive connections from a given local endpoint to a given remote endpoint.
Opcode            : 
Task              : 
Keywords          : Classic
Process ID        : 
Thread ID         : 
Computer          : Home-PC
User              : 
==================================================
 
==================================================
Event Time        : 24-Jul-18 2:08:03 PM.567
Record ID         : 346524
Event ID          : 4227
Level             : Warning
Channel           : System
Provider          : Tcpip
Description       : TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error typically occurs when outgoing connections are opened and closed at a high rate, causing all available local ports to be used and forcing TCP/IP to reuse a local port for an outgoing connection. To minimize the risk of data corruption, the TCP/IP standard requires a minimum time period to elapse between successive connections from a given local endpoint to a given remote endpoint.
Opcode            : 
Task              : 
Keywords          : Classic
Process ID        : 
Thread ID         : 
Computer          : Home-PC
User              : 
==================================================
 
==================================================
Event Time        : 24-Jul-18 2:40:04 PM.520
Record ID         : 346532
Event ID          : 4227
Level             : Warning
Channel           : System
Provider          : Tcpip
Description       : TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error typically occurs when outgoing connections are opened and closed at a high rate, causing all available local ports to be used and forcing TCP/IP to reuse a local port for an outgoing connection. To minimize the risk of data corruption, the TCP/IP standard requires a minimum time period to elapse between successive connections from a given local endpoint to a given remote endpoint.
Opcode            : 
Task              : 
Keywords          : Classic
Process ID        : 
Thread ID         : 
Computer          : Home-PC
User              : 
==================================================
 
Btw, RKinner,VEW is still not working for me after inputing your options of System,Critical and Warning and 20 number of events. I click Run and the box disappears and there is no output log on the Desktop.Thanks and take care RKinner.

Edited by MagickMage, 24 July 2018 - 02:19 AM.

  • 0

#28
RKinner
Posted 24 July 2018 - 05:59 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

D-Link doesn't offer the DWA-123 in the US.  Instead they have a DWA-125.  When I download that I get a Setup.exe at the first level.  I downloaded the one I gave you the link for it and you are correct there is no Setup.  After you extract the downloaded file;  double click on the folder you get.  Keep double clicking until you get to where it has DWA-123_Driver then double click on it.  Double click on Win7x64.  Right click on netrtwlanu.inf and Install.  Does that do anything?  If not if you click on the Support link there is a Chat window that comes up.  You might ask them how to get a valid Rtlihvs.dll file.

 

The first error:

==================================================
Event Time        : 23-Jul-18 4:06:53 PM.798
Record ID         : 16147
Event ID          : 310
Level             : Warning
Channel           : Microsoft-Windows-Bits-Client/Operational
Provider          : Microsoft-Windows-Bits-Client
Description       : The initialization of the peer helper modules failed with the following error:  0x80070032.
Opcode            : 
Task              : 
Keywords          : 0x4000000000000000
Process ID        : 472
Thread ID         : 4688
Computer          : Home-PC
User              : NT AUTHORITY\SYSTEM
==================================================
 
should be easy.  We simply turn off the service since you don't need it. 
 
Search for:
services.msc
hit Enter
Scroll down in the Services window and right click on BranchCache and select Properties.  Change the Startup Type: to Disabled.  There is no reason for it to run anyway.  It's only used in computers that are on a domain.
 
 
This error:
 
==================================================
Event Time        : 23-Jul-18 5:12:53 PM.877
Record ID         : 346313
Event ID          : 11
Level             : Warning
Channel           : System
Provider          : Microsoft-Windows-Wininit
Description       : Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Opcode            : 
Task              : 
Keywords          : 0x4000000000000000
Process ID        : 576
Thread ID         : 720
Computer          : Home-PC
User              : NT AUTHORITY\SYSTEM
==================================================
 
This one should also be easy.  Download the attached wininit.zip.  Save and right click on it and Extract All Extract.  Then right click on wininit.reg and MERGE.  Ignore the warning.  This is just leftover from a bad uninstall.
 
==================================================
Event Time        : 23-Jul-18 5:15:07 PM.133
Record ID         : 5446
Event ID          : 101
Level             : Warning
Channel           : Microsoft-Windows-Diagnostics-Performance/Operational
Provider          : Microsoft-Windows-Diagnostics-Performance
Description       : This application took longer than usual to start up, resulting in a performance degradation in the system startup process: 
     File Name : explorer.exe
     Friendly Name : Windows Explorer
     Version : 6.1.7600.16385 (win7_rtm.090713-1255)
     Total Time : 12185ms
     Degradation Time : 7185ms
     Incident Time (UTC) : ‎2018‎-‎07‎-‎23T09:12:16.624800300Z
Opcode            : Boot Degradation (33)
Task              : Boot Performance Monitoring (4002)
Keywords          : Event Log
Process ID        : 1584
Thread ID         : 1596
Computer          : Home-PC
User              : NT AUTHORITY\LOCAL SERVICE
==================================================
 
This is usually caused by bad shell extensions. 

download ShellExView.

http://www.nirsoft.n...s/shexview.html

Use this download:
http://www.nirsoft.n...xview_setup.exe

Once you get it installed, run it by right clicking and Run As Admin  and look in the third or fourth column from the RIGHT. It should say MICROSOFT. Click once or twice on MICROSOFT so that items with NO are at the top.
Select all of the NO items and then click on the red led looking icon in the upper left. This should disable all of the non-microsoft additions to Explorer.

 

We can ignore the many Microsoft-Windows-KnownFolders errors.  This appears to be a Windows bug.

 

The TCP errors are odd. 
There is a program called tcpview.  https://live.sysinte...com/Tcpview.exeDownload, Save and then run it by right clicking and Run As Admin.

Then File, Save As (to your desktop), tcp , OK.  This should create a  file tcp.txt on your desktop.  Attach or copy and paste it to a reply.
 

 

Now Reboot and run the nirsoft full events program again and post the log.


  • 1

#29
MagickMage
Posted 24 July 2018 - 07:43 AM

MagickMage

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
If I right click on the downloaded file DWA-123_D1_FW_4.03 and click on Open,you will get to (151105)DWA-123_D1_FW_4.03 and if you right clicked on it then Open,you will find a Setup file deep in it's directory.I was just wondering if I should click on the Setup file?I am worried about this RKinner ,because I have not been having any issues or trouble with Networking or accessing the Internet. Need your opinion here.
 
Btw, in your instructions you mentioned
"This error:
 
==================================================
Event Time        : 23-Jul-18 5:12:53 PM.877
Record ID         : 346313
Event ID          : 11
Level             : Warning
Channel           : System
Provider          : Microsoft-Windows-Wininit
Description       : Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Opcode            : 
Task              : 
Keywords          : 0x4000000000000000
Process ID        : 576
Thread ID         : 720
Computer          : Home-PC
User              : NT AUTHORITY\SYSTEM
==================================================
 
This one should also be easy.  Download the attached wininit.zip.  Save and right click on it and Extract All Extract.  Then right click on wininit.reg and MERGE.  Ignore the warning.  This is just leftover from a bad uninstall.
Where is the download link for wininit.zip please?
 
Thank you RKinner!

Edited by MagickMage, 24 July 2018 - 08:13 AM.

  • 0

#30
RKinner
Posted 24 July 2018 - 08:08 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

There is something wrong with your networking since it's causing an error so I would try the setup file if you have one.  If something goes wrong you can go back into Device Manager and right click on the Wireless adapter and select Properties then Drivers and Rollback the driver.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP